Establish Railiance Fabric graph model

This commit is contained in:
2026-05-17 19:47:37 +02:00
parent 9c1f4d1381
commit 19f9fddc35
89 changed files with 5007 additions and 2 deletions

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: artifact-store.object-storage.credentials
name: Object-storage credential vending
owner: artifact-store
repo: artifact-store
domain: railiance
spec:
lifecycle: planned
environments: [dev, staging, prod]
description: Planned scoped credential vending for object-storage access.
capability_type: object-storage-credential-vending
service_id: artifact-store.storage-service
interface_ids:
- artifact-store.object-storage.sts
criticality: high
data_classification: secret

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: artifact-store.object-storage
name: Object storage
owner: artifact-store
repo: artifact-store
domain: railiance
spec:
lifecycle: planned
environments: [dev, staging, prod]
description: Planned object storage for artifacts and workload data.
capability_type: object-storage
service_id: artifact-store.storage-service
interface_ids:
- artifact-store.object-storage.bucket
criticality: high
data_classification: confidential

View File

@@ -0,0 +1,19 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: flex-auth.api.authorization-decisions
name: flex-auth authorization decisions
owner: flex-auth
repo: flex-auth
domain: railiance
spec:
lifecycle: active
environments: [dev, staging, prod]
description: Evaluates Railiance authorization requests and returns decision envelopes.
capability_type: authorization-decision-service
service_id: flex-auth.api
interface_ids:
- flex-auth.api.http-api
- flex-auth.api.policy-package
criticality: critical
data_classification: restricted

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: flex-auth.topaz.authorization-runtime
name: Topaz authorization runtime
owner: flex-auth
repo: flex-auth
domain: railiance
spec:
lifecycle: active
environments: [dev, staging, prod]
description: Delegated PDP runtime used for authorization policy evaluation.
capability_type: authorization-decision-service
service_id: flex-auth.topaz
interface_ids:
- flex-auth.topaz.http-api
criticality: critical
data_classification: restricted

View File

@@ -0,0 +1,19 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: key-cape.iam-profile.issuer
name: key-cape IAM Profile issuer
owner: key-cape
repo: key-cape
domain: railiance
spec:
lifecycle: active
environments: [dev, staging, prod]
description: Implements IAM Profile claim serving for Railiance workloads.
capability_type: iam-profile-issuer
service_id: key-cape.iam-profile
interface_ids:
- key-cape.iam-profile.http-api
- key-cape.iam-profile.oidc-discovery
criticality: critical
data_classification: restricted

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: net-kingdom.iam-profile.issuer
name: NetKingdom IAM Profile issuer
owner: net-kingdom
repo: net-kingdom
domain: railiance
spec:
lifecycle: active
environments: [all]
description: Defines the IAM Profile identity claims contract for Railiance.
capability_type: iam-profile-issuer
service_id: net-kingdom.iam-profile
interface_ids:
- net-kingdom.iam-profile.oidc-discovery
criticality: critical
data_classification: restricted

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: railiance-platform.cnpg.postgresql
name: CloudNativePG PostgreSQL
owner: railiance-platform
repo: railiance-platform
domain: railiance
spec:
lifecycle: active
environments: [dev, staging, prod]
description: Provides PostgreSQL databases and connection endpoints.
capability_type: postgresql-database-service
service_id: railiance-platform.cnpg
interface_ids:
- railiance-platform.cnpg.database-connection
criticality: high
data_classification: confidential

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: railiance-platform.openbao.runtime-secrets
name: Runtime secrets
owner: railiance-platform
repo: railiance-platform
domain: railiance
spec:
lifecycle: active
environments: [dev, staging, prod]
description: Stores and serves workload runtime secrets through OpenBao.
capability_type: runtime-secrets
service_id: railiance-platform.openbao
interface_ids:
- railiance-platform.openbao.kv-v2
criticality: critical
data_classification: secret

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: railiance-platform.valkey.cache
name: Valkey cache
owner: railiance-platform
repo: railiance-platform
domain: railiance
spec:
lifecycle: active
environments: [dev, staging, prod]
description: Provides Redis-compatible cache storage.
capability_type: redis-compatible-cache
service_id: railiance-platform.valkey
interface_ids:
- railiance-platform.valkey.database-connection
criticality: medium
data_classification: internal

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: repo-scoping.scope-generation
name: Repo scope generation
owner: repo-scoping
repo: repo-scoping
domain: custodian
spec:
lifecycle: active
environments: [all]
description: Generates repo scope, boundary, and usefulness descriptions.
capability_type: scope-generation
service_id: repo-scoping.scope-generator
interface_ids:
- repo-scoping.scope-generator.cli
criticality: medium
data_classification: internal

View File

@@ -0,0 +1,18 @@
apiVersion: railiance.fabric/v1alpha1
kind: CapabilityDeclaration
metadata:
id: the-custodian.state-hub.coordination
name: State Hub coordination read model
owner: the-custodian
repo: the-custodian
domain: custodian
spec:
lifecycle: active
environments: [all]
description: Exposes repo, workstream, task, decision, and progress state for coordination.
capability_type: coordination-read-model
service_id: the-custodian.state-hub
interface_ids:
- the-custodian.state-hub.http-api
criticality: high
data_classification: internal