Implement local runtime persistence and policy gates

This commit is contained in:
2026-05-18 18:21:27 +02:00
parent 7f9913c45a
commit 8089a7c8fa
23 changed files with 2263 additions and 42 deletions

View File

@@ -4,7 +4,7 @@ type: workplan
title: "Policy, Audit, And Review Gates"
domain: markitect
repo: phase-memory
status: proposed
status: finished
owner: phase-memory
topic_slug: policy-audit
planning_priority: P1
@@ -52,11 +52,38 @@ activations, writes, compactions, and phase transitions.
- Do not make `flex-auth` a hard dependency.
- Do not store or expose secrets in test fixtures.
## Implementation Update - 2026-05-18
The policy, audit, and review-gate slice is complete.
Implemented outputs:
- `phase_memory.policy` defines canonical memory operation points, audit event
schema helpers, review-record helpers, activation policy checks, and
deterministic redaction.
- `ReviewRecord` and `ReviewDecision` model structured local approvals and
rejections for review-gated lifecycle actions.
- Runtime audit events now use `phase_memory.audit.event.v1` and carry policy
decisions, source references, dry-run flags, actor labels, and subjects.
- `apply_lifecycle_actions` rejects review-required actions unless the caller
provides a matching approved review record or explicit local approval marker.
- Activation planning can evaluate required labels, denied labels, trust zones,
secret denial, reauthorization, and freshness policy context before package
selection.
- Policy-denied activation nodes are omitted and returned as redacted denial
records with diagnostics.
- `docs/policy-audit.md` documents operation points, review records,
activation policy, audit envelopes, and ownership boundaries.
Validation:
- `python3 -m pytest` -> 36 passed.
## T01 - Define memory operation policy points
```task
id: PMEM-WP-0004-T01
status: todo
status: done
priority: high
state_hub_task_id: "1231b7bf-b23c-498d-a9d6-a6ee307aa3d4"
```
@@ -82,7 +109,7 @@ the right boundary.
```task
id: PMEM-WP-0004-T02
status: todo
status: done
priority: high
state_hub_task_id: "b989d43c-eb25-4663-afd1-a54673ad565a"
```
@@ -107,7 +134,7 @@ Output: review record model and approval checks in the runtime facade.
```task
id: PMEM-WP-0004-T03
status: todo
status: done
priority: high
state_hub_task_id: "6b677c18-7135-4d54-9e46-5116645d2ebe"
```
@@ -122,7 +149,7 @@ and deletion requests cannot be applied silently.
```task
id: PMEM-WP-0004-T04
status: todo
status: done
priority: high
state_hub_task_id: "6f07087b-e6e2-469a-9bce-71bfd21cb633"
```
@@ -143,7 +170,7 @@ for policy-denied records.
```task
id: PMEM-WP-0004-T05
status: todo
status: done
priority: medium
state_hub_task_id: "bb6461a8-9181-4b88-a152-334668b22208"
```
@@ -169,7 +196,7 @@ apply operations.
```task
id: PMEM-WP-0004-T06
status: todo
status: done
priority: medium
state_hub_task_id: "dcdec3af-d20f-43ba-b12e-6febc4347d38"
```
@@ -183,7 +210,7 @@ Output: redaction utility, denied activation examples, and regression tests.
```task
id: PMEM-WP-0004-T07
status: todo
status: done
priority: medium
state_hub_task_id: "c4e0bdff-5047-4fe5-ab86-e422d4b1a17e"
```
@@ -202,3 +229,26 @@ review-required operations.
- Review-required actions fail closed without an explicit review record.
- The policy layer remains adapter-based and does not become an identity
platform.
## Closure Review - 2026-05-18
**Outcome:** All tasks completed.
### Completed
- PMEM-WP-0004-T01 - Define memory operation policy points
- PMEM-WP-0004-T02 - Add review authorization records
- PMEM-WP-0004-T03 - Enforce durable write gates
- PMEM-WP-0004-T04 - Add activation policy checks
- PMEM-WP-0004-T05 - Add audit event schema
- PMEM-WP-0004-T06 - Add redaction and denial diagnostics
- PMEM-WP-0004-T07 - Document policy and audit guarantees
### Cancelled
None.
### Carried Forward
Optional Markitect validation and context-package compiler bridge behavior
remain in PMEM-WP-0005.