feat: bootstrap accountability-root fabric snapshot

2026-05-24 10:41:29 +02:00
parent 7956415924
commit 735867392e
13 changed files with 9105 additions and 12 deletions
--- a/docs/accountability-root-manifest.md
+++ b/docs/accountability-root-manifest.md
@@ -70,6 +70,12 @@ fabric by adding a tenant actor, a `Subfabric`, and subfabric-scoped discovery
 roots. This does not change the root fabric criterion: the fabric boundary
 still rests on financial and operational accountability.

+`owner_actor_id` on a discovery root describes the default owner to attach to
+identity candidates discovered through that root. For ordinary repositories,
+deployment files, and host-path evidence this should be the lord who pays for
+the fabric. King authority remains modeled on the netkingdom and on roots that
+represent recovery, secret, backup, or termination authority.
+
 Discovery roots should state `safe_discovery` explicitly. Secret and backup
 roots should use `metadata_only` or `explicit_review`; adapters must never read
 secret values or operational telemetry while building Fabric graph evidence.
--- a/docs/financial-fabric-operator-guide.md
+++ b/docs/financial-fabric-operator-guide.md
@@ -84,6 +84,28 @@ railiance-fabric discover-roots --delta \
  --previous-ownership-review previous-ownership.json
 ```

+The current bootstrap artifacts live at:
+
+```text
+fabric/discovery/snapshots/2026-05-24-railiance-bootstrap-identities.json
+fabric/discovery/snapshots/2026-05-24-railiance-bootstrap-ownership-review.json
+fabric/discovery/snapshots/2026-05-24-railiance-bootstrap-update-delta.json
+exports/state-hub/2026-05-24-railiance-financial-fabric-v1.json
+```
+
+To refresh the same artifact set:
+
+```bash
+railiance-fabric discover-roots --include-remote --max-items-per-root 200 \
+  --identity-projection > fabric/discovery/snapshots/YYYY-MM-DD-railiance-bootstrap-identities.json
+railiance-fabric discover-roots --include-remote --max-items-per-root 200 \
+  --ownership-review > fabric/discovery/snapshots/YYYY-MM-DD-railiance-bootstrap-ownership-review.json
+railiance-fabric discover-roots --include-remote --max-items-per-root 200 \
+  --delta > fabric/discovery/snapshots/YYYY-MM-DD-railiance-bootstrap-update-delta.json
+railiance-fabric export --format financial . \
+  > exports/state-hub/YYYY-MM-DD-railiance-financial-fabric-v1.json
+```
+
 The financial export must satisfy these invariants:

 - every accepted node has resolvable ownership;
@@ -144,6 +166,25 @@ Hub graph import. The importer must preserve netkingdom, actors, fabrics,
 containment, ownership, accounting attribution, cross-boundary utility context,
 and unresolved gaps.

+To import a saved financial export into State Hub:
+
+```bash
+curl -s -X POST \
+  "http://127.0.0.1:8000/fabric/graph-exports?source_repo_slug=railiance-fabric" \
+  -H "Content-Type: application/json" \
+  --data-binary @exports/state-hub/2026-05-24-railiance-financial-fabric-v1.json
+```
+
+If the `/fabric/graph-exports` endpoints return `500` while ordinary State Hub
+routes work, run the State Hub migrations and retry:
+
+```bash
+cd ~/state-hub
+make migrate
+# or, when uv is not on PATH:
+.venv/bin/alembic upgrade head
+```
+
 ## Discovery Work Handoff

 The next discovery/update-loop work should replace the baseline projection with