Files
ops-warden/workplans/WARDEN-WP-0018-whynot-design-npm-lane-activation.md
tegwick e8bb469033 feat(WARDEN-WP-0018): activate whynot-design npm publish lane + resolvable flag
railiance-platform finished provisioning the whynot-design npm publish lane
(CCR-2026-0001, commit 8f617fc: active, readiness=ready, resolvable=true, positive
fetch + negative denial verified). First concrete warden access --fetch-resolvable
non-SSH lane — end-to-end proof of the WP-0014 conduit + WP-0017 discoverability.

T1 — catalog entry whynot-design-npm-publish (active, exec_capable) with the
owner-confirmed zero-placeholder handoff: path platform/workloads/coulomb/whynot-design/
npm-publish (the superseded whynot-design/whynot-design/... form is not used), field
NPM_AUTH_TOKEN, OIDC role whynot-design-workload-kv-read, policy + flex-auth ref. Added
wiki/playbooks/whynot-design-npm-publish.md.

T2 — RouteEntry.resolvable (active + exec_capable + no <…> placeholder), surfaced in
route/access --json; Catalog.find resolves an exact catalog-id first so
`warden access whynot-design-npm-publish` is deterministic. Tests added; fixed a
no-match test query that substring-collided (no ⊂ whynot). 213 pass, lint clean.

T3 — notified whynot-design (zero-placeholder command + resolvable gate + path
correction) and confirmed activation to railiance-platform. Sibling lanes stay draft
per their deferral.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-29 00:32:00 +02:00

4.0 KiB

id, type, title, domain, repo, status, owner, topic_slug, planning_priority, planning_order, created, updated
id type title domain repo status owner topic_slug planning_priority planning_order created updated
WARDEN-WP-0018 workplan Activate whynot-design npm publish lane + resolvable readiness flag infotech ops-warden finished claude custodian high 18 2026-06-29 2026-06-29

WARDEN-WP-0018 — whynot-design npm lane activation + resolvable flag

Trigger: railiance-platform completed provisioning the whynot-design npm publish lane (CCR-2026-0001, commit 8f617fc): status=active, access_frontdoor.readiness=ready, resolvable=true, positive fetch passed + negative (non-whynot) login denied. They asked ops-warden to activate the dedicated catalog selector and notify whynot-design. This is the first concrete warden access --fetch-resolvable non-SSH lane — the end-to-end proof of the WP-0014 conduit + WP-0017 discoverability work.

whynot-design's spec (msg 2687dc31) drove the shape: zero-placeholder command keyed by a stable id, owner-confirmed concrete path/field/role, a machine-readable readiness flag, and a publish-vs-read scope split.

Boundary unchanged: ops-warden holds no token; the lane proxies the read as the caller.


Tasks

T1 — Concrete catalog entry + playbook

id: WARDEN-WP-0018-T01
status: done
priority: high
  • Added whynot-design-npm-publish to registry/routing/catalog.yaml (status: active, exec_capable, lane: secret) with the owner-confirmed, zero-placeholder handoff: path platform/workloads/coulomb/whynot-design/npm-publish (the superseded whynot-design/whynot-design/… form is not used), field NPM_AUTH_TOKEN, OIDC bao login -method=oidc -path=netkingdom role=whynot-design-workload-kv-read, policy workload-kv-read-whynot-design-npm-publish, flex-auth secret.read:whynot-design.
  • wiki/playbooks/whynot-design-npm-publish.md — worker checklist, scopes, operator go-ahead note (publish is immutable + outward-facing). Catalog wiki_ref points to it.
  • Passes the _assert_no_secret_material guard (templates/identifiers only, no value).

T2 — resolvable readiness flag + stable-id resolution

id: WARDEN-WP-0018-T02
status: done
priority: high
  • RouteEntry.resolvable — true when a lane is active, exec_capable, and its fetch command/path carry no unresolved <…> placeholder. Surfaced in the route/access --json (_entry_summary). Generic openbao-api-key and the <domain> login lane report false; whynot-design-npm-publish reports true.
  • Catalog.find now resolves an exact catalog-id match first, so warden access whynot-design-npm-publish … is deterministic regardless of keyword collisions (whynot-design's "stable keyed command").
  • Tests: tests/test_routing.py (concrete+resolvable lane, template lanes not resolvable, exact-id wins); fixed a test_access no-match query that incidentally substring-collided (nowhynot). 213 pass, lint clean.

T3 — Close the loop

id: WARDEN-WP-0018-T03
status: done
priority: medium
  • Notified whynot-design (reply 744977ae) with the zero-placeholder command warden access whynot-design-npm-publish --exec -- npm publish, the resolvable gate, the coulomb-tenant path correction, and the operator-go-ahead reminder.
  • Confirmed activation to railiance-platform (reply f76d3a9e). Sibling lanes (issue-core-ingestion-api-key, openrouter-llm-connect) stay draft per their deferral, pending CCR-2026-0002/0003 provisioning.

Acceptance

  • warden access whynot-design-npm-publish resolves to a concrete, owner-confirmed, zero-placeholder lane; --json reports resolvable: true.
  • Template/generic lanes report resolvable: false; exact-id lookup is deterministic.
  • No secret value in catalog, playbook, tests, or logs; ops-warden holds nothing.

See also

  • WARDEN-WP-0014 (proxy lane), WARDEN-WP-0017 (discoverability)
  • railiance-platform CCR-2026-0001, docs/workload-kv-access-lanes.md