generated from coulomb/repo-seed
131 lines
3.3 KiB
Markdown
131 lines
3.3 KiB
Markdown
---
|
|
id: PMEM-WP-0014
|
|
type: workplan
|
|
title: "Live Credential Execution And Managed Deployment Hardening"
|
|
domain: markitect
|
|
repo: phase-memory
|
|
status: ready
|
|
owner: codex
|
|
topic_slug: phase-memory
|
|
created: "2026-05-19"
|
|
updated: "2026-05-19"
|
|
state_hub_workstream_id: "312a04cb-124d-41b3-9fc0-292281f420ab"
|
|
---
|
|
|
|
# PMEM-WP-0014: Live Credential Execution And Managed Deployment Hardening
|
|
|
|
## Goal
|
|
|
|
Use the credential-gated drill and service packaging created in PMEM-WP-0013 to
|
|
exercise real operator environments, harden deployment packaging, and preserve
|
|
evaluation trend history.
|
|
|
|
## Current Evidence
|
|
|
|
`PMEM-WP-0013` added credential-gated drill helpers, stdlib service packaging,
|
|
operator readiness docs, audit retention apply, evaluation trend artifacts, and
|
|
release-note discipline. The scorecard now rates the repo at **4.3 / 5**.
|
|
|
|
## Non-Goals
|
|
|
|
- Commit credentials, tokens, or live endpoints.
|
|
- Make credentialed tests mandatory in default CI.
|
|
- Take ownership of Markitect or Kontextual service internals.
|
|
|
|
## T01 - Run credentialed adapter drills in operator mode
|
|
|
|
```task
|
|
id: PMEM-WP-0014-T01
|
|
status: todo
|
|
priority: high
|
|
state_hub_task_id: "1d0eb51c-60ce-47ad-bd91-6ce1ee91f0f8"
|
|
```
|
|
|
|
Exercise the credential-gated smoke drill against real operator-provided
|
|
Markitect/Kontextual endpoints.
|
|
|
|
Acceptance:
|
|
|
|
- Default suite still skips without credentials.
|
|
- Operator run records a redacted report with no tokens.
|
|
- Any live incompatibility is captured as explicit diagnostics.
|
|
|
|
## T02 - Add managed deployment packaging
|
|
|
|
```task
|
|
id: PMEM-WP-0014-T02
|
|
status: todo
|
|
priority: high
|
|
state_hub_task_id: "37b03680-fcc4-46c2-9ce2-f6bf1f2ef35b"
|
|
```
|
|
|
|
Add deployment packaging around the stdlib service entrypoint.
|
|
|
|
Acceptance:
|
|
|
|
- Health and readiness probes are documented.
|
|
- Packaging can be validated without live credentials.
|
|
- Rollback and local-store mount expectations are explicit.
|
|
|
|
## T03 - Persist evaluation trend history
|
|
|
|
```task
|
|
id: PMEM-WP-0014-T03
|
|
status: todo
|
|
priority: medium
|
|
state_hub_task_id: "a3260267-bc8f-4f17-abdd-2296ad2c6ed5"
|
|
```
|
|
|
|
Persist evaluation trend artifacts across runs for regression review.
|
|
|
|
Acceptance:
|
|
|
|
- Trend history format is deterministic.
|
|
- Deltas can be compared across commits or run ids.
|
|
- Regression diagnostics remain actionable.
|
|
|
|
## T04 - Add credentialed telemetry retention drill
|
|
|
|
```task
|
|
id: PMEM-WP-0014-T04
|
|
status: todo
|
|
priority: medium
|
|
state_hub_task_id: "b68478ce-90c2-4e21-b621-569cb6925f74"
|
|
```
|
|
|
|
Exercise audit export and retention apply against a credentialed telemetry
|
|
adapter or operator-approved fixture.
|
|
|
|
Acceptance:
|
|
|
|
- Tokens are never written to artifacts.
|
|
- Retention apply records an audit event.
|
|
- Pruned and retained operation ids are reviewable.
|
|
|
|
## T05 - Expand operator troubleshooting matrix
|
|
|
|
```task
|
|
id: PMEM-WP-0014-T05
|
|
status: todo
|
|
priority: medium
|
|
state_hub_task_id: "b0974113-debd-4823-929a-761510132c09"
|
|
```
|
|
|
|
Collect expected operator failures and remediations.
|
|
|
|
Acceptance:
|
|
|
|
- Matrix covers credentials, readiness, migrations, audit retention, and
|
|
adapter manifest failures.
|
|
- Each row includes diagnostic code, likely cause, and operator action.
|
|
|
|
## Acceptance Criteria
|
|
|
|
- Evidence moves the project toward the 4.7+ scorecard gate.
|
|
- Credentialed runs are reproducible but optional.
|
|
- Managed deployment packaging is ready for operator review.
|
|
|
|
## Closure Review
|
|
|
|
Pending implementation.
|