generated from coulomb/repo-seed
feat: define accountability root manifest
This commit is contained in:
51
docs/accountability-root-manifest.md
Normal file
51
docs/accountability-root-manifest.md
Normal file
@@ -0,0 +1,51 @@
|
||||
# Accountability Root Manifest
|
||||
|
||||
The accountability root manifest is the handoff between the financial Fabric
|
||||
model and the discovery/update loop.
|
||||
|
||||
It answers where discovery starts. A manifest names the netkingdom, actors,
|
||||
fabric boundaries, and durable roots that can prove repositories, deployment
|
||||
realities, service configuration, endpoint contracts, backup/recovery evidence,
|
||||
and secret-root metadata. It does not collect live telemetry and it does not
|
||||
make State Hub the authoring surface for topology.
|
||||
|
||||
Schema:
|
||||
|
||||
```text
|
||||
schemas/accountability-root-manifest.schema.yaml
|
||||
```
|
||||
|
||||
Current Railiance manifest:
|
||||
|
||||
```text
|
||||
fabric/discovery/railiance-accountability-roots.yaml
|
||||
```
|
||||
|
||||
Tenant/subfabric example:
|
||||
|
||||
```text
|
||||
examples/discovery/accountability-root-manifest.yaml
|
||||
```
|
||||
|
||||
## Required Sections
|
||||
|
||||
- `netkingdom`: root id, name, and king actor.
|
||||
- `actors`: king, lord, tenant, operator, or steward actors.
|
||||
- `fabrics`: fabric and subfabric boundaries.
|
||||
- `discovery_roots`: durable roots such as State Hub repo inventory, Gitea
|
||||
organizations, registry manifests, host paths, repo checkouts, deployment
|
||||
automation, endpoint contracts, backup/recovery evidence, and secret-root
|
||||
metadata.
|
||||
- `refresh`: cadence and trigger hints for the future update loop.
|
||||
|
||||
## Boundary Rules
|
||||
|
||||
The current Railiance manifest has one active fabric:
|
||||
`fabric.railiance.primary`. Future tenant subfabrics are added under that
|
||||
fabric by adding a tenant actor, a `Subfabric`, and subfabric-scoped discovery
|
||||
roots. This does not change the root fabric criterion: the fabric boundary
|
||||
still rests on financial and operational accountability.
|
||||
|
||||
Discovery roots should state `safe_discovery` explicitly. Secret and backup
|
||||
roots should use `metadata_only` or `explicit_review`; adapters must never read
|
||||
secret values or operational telemetry while building Fabric graph evidence.
|
||||
@@ -42,6 +42,14 @@ Use the legacy JSON export for compatibility with existing `STATE-WP-0050`
|
||||
State Hub behavior. Use the financial export to verify the vNext contract and
|
||||
the ownership/fabric projection.
|
||||
|
||||
For accountability-root discovery, start from the current root manifest:
|
||||
|
||||
```text
|
||||
fabric/discovery/railiance-accountability-roots.yaml
|
||||
```
|
||||
|
||||
The manifest schema is documented in `docs/accountability-root-manifest.md`.
|
||||
|
||||
The financial export must satisfy these invariants:
|
||||
|
||||
- every accepted node has resolvable ownership;
|
||||
|
||||
Reference in New Issue
Block a user