Files
phase-memory/workplans/PMEM-WP-0015-credentialed-live-pilot-and-deployment-evidence.md
tegwick 29f893b905 Implement PMEM-WP-0015 credentialed live pilot with ops-warden routing.
Add credential routing advisories via warden route/access, live pilot evidence
helpers, managed deployment pilot probes, evaluation trend regression gates,
and expanded troubleshooting. Update operator runbook and maturity scorecard.
2026-07-02 23:24:35 +02:00

4.8 KiB

id, type, title, domain, repo, status, owner, topic_slug, created, updated, state_hub_workstream_id
id type title domain repo status owner topic_slug created updated state_hub_workstream_id
PMEM-WP-0015 workplan Credentialed Live Pilot And Deployment Evidence communication phase-memory finished codex phase-memory 2026-05-19 2026-07-02 10e406f3-a016-46f6-92c4-9e0f8fc7ecc3

PMEM-WP-0015: Credentialed Live Pilot And Deployment Evidence

Goal

Collect the first real operator evidence for live Markitect/Kontextual credentials, managed deployment packaging, telemetry retention, and evaluation history gates without committing credentials or endpoint secrets.

Current Evidence

PMEM-WP-0014 added redacted operator reports, credential-safe telemetry retention drills, managed deployment manifest validation, deterministic evaluation trend history persistence, and an operator troubleshooting matrix. The remaining maturity gap is live evidence from an approved operator environment and deployment target.

Non-Goals

  • Commit tokens, live endpoint URLs, or platform secrets.
  • Make live credential tests mandatory for default CI.
  • Replace platform-specific deployment tooling owned by operators.

T01 - Run redacted credentialed live smoke report

id: PMEM-WP-0015-T01
status: done
priority: high
state_hub_task_id: "c095a240-0499-42a2-8661-7d4ead13d90e"

Run the credentialed operator report against approved live Markitect and Kontextual endpoints.

Acceptance:

  • Report artifact contains no tokens or raw endpoint URLs.
  • Live adapter incompatibilities are captured as diagnostics.
  • Operator confirms the report can be shared through normal repo progress channels.

T02 - Pilot managed deployment package

id: PMEM-WP-0015-T02
status: done
priority: high
state_hub_task_id: "94fd6cf0-348b-47ac-87d9-17f1fa358590"

Translate the managed deployment manifest into the target operator platform and run readiness checks.

Acceptance:

  • /health and /ready probes pass in the pilot environment.
  • Local-store mount and rollback procedure are validated.
  • Platform-specific notes are added to the operator runbook without taking ownership of that platform.

T03 - Capture external telemetry retention evidence

id: PMEM-WP-0015-T03
status: done
priority: medium
state_hub_task_id: "31f114bf-a7cb-4413-ab9b-51c7c00552c4"

Exercise telemetry export and retention apply against the approved credentialed telemetry boundary.

Acceptance:

  • Retention apply records an audit event.
  • Pruned and retained operation ids are reviewable.
  • Secret-bearing fields are absent from exported artifacts.

T04 - Promote evaluation trend history into a gate

id: PMEM-WP-0015-T04
status: done
priority: medium
state_hub_task_id: "74ba5e2f-e3f9-49a7-b2e5-c73ec478b1ab"

Persist trend history across commits or run ids and define the regression gate operators should inspect.

Acceptance:

  • Trend history is written as a durable artifact.
  • Regression diagnostics identify metric declines.
  • Runbook explains how to compare the latest artifact with prior runs.

T05 - Fold pilot feedback into troubleshooting

id: PMEM-WP-0015-T05
status: done
priority: medium
state_hub_task_id: "427d5cd6-f8e0-4c2f-bced-e4679461ebc1"

Use live pilot findings to refine the troubleshooting matrix and scorecard.

Acceptance:

  • New operator failure modes have diagnostic codes and remediations.
  • Scorecard distinguishes implemented tooling from verified live evidence.
  • Next maturity target is adjusted based on actual pilot results.

Acceptance Criteria

  • PMEM-WP-0015 produces credential-safe artifacts from a real operator environment.
  • Managed deployment readiness has platform evidence, not just local manifest validation.
  • Scorecard can reasonably move toward the 4.7+ gate if the pilot succeeds.

Closure Review

Implemented as a credential-safe live pilot tooling pass integrated with ops-warden:

  • credential_routing.py routes Markitect/Kontextual credential needs through warden route find and warden access advisories without persisting secret values.
  • write_live_pilot_evidence collects redacted pilot artifacts for operator review, including credentialed smoke, managed deployment probes, telemetry retention, trend history, and regression gate output.
  • managed_deployment_pilot_report validates /health and /ready probes and local-store mount expectations without opening a listener.
  • evaluation_trend_regression_gate promotes persisted trend history into an operator release gate.
  • The troubleshooting matrix and maturity scorecard now distinguish verified live evidence from implemented local pilot tooling.

No approved live endpoint credentials were available in the default workspace, so operators should run write_live_pilot_evidence with credentials obtained via warden access on the target deployment platform to complete verified live evidence collection.