generated from coulomb/repo-seed
feat: add deployment zone overlays
This commit is contained in:
@@ -0,0 +1,404 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: DeploymentZoneInventory
|
||||
generated_at: "2026-05-24T00:00:00+02:00"
|
||||
source:
|
||||
repo: railiance-fabric
|
||||
workplan: RAIL-FAB-WP-0020
|
||||
method: source-search-and-declared-surfaces
|
||||
scope:
|
||||
note: >
|
||||
This inventory captures deployment-zone overlay evidence. It does not
|
||||
define fabric membership, port ownership, live health, or access policy.
|
||||
deployment_environments:
|
||||
- id: dev
|
||||
scenario: bernd-laptop
|
||||
intended_reachability: private operator workstation
|
||||
- id: test
|
||||
scenario: coulombcore
|
||||
intended_reachability: shared collaborator and early-access test stage
|
||||
- id: prod
|
||||
scenario: railiance01
|
||||
intended_reachability: production stage, currently alpha-accessible to developers
|
||||
surfaces:
|
||||
- id: dev.bernd-laptop.railiance-fabric.registry-api
|
||||
name: Railiance Fabric registry HTTP API
|
||||
repo: railiance-fabric
|
||||
service_id: railiance-fabric.registry
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
access_zone: private-dev
|
||||
exposure_class: local-only
|
||||
routing_authority: local-loopback-binding
|
||||
policy_authority: local-loopback-binding
|
||||
route_evidence:
|
||||
route: http://127.0.0.1:8765
|
||||
host: 127.0.0.1
|
||||
port: 8765
|
||||
protocol: http
|
||||
evidence:
|
||||
- path: fabric/interfaces/railiance-fabric-registry-http-api.yaml
|
||||
kind: fabric-interface-declaration
|
||||
- id: dev.bernd-laptop.railiance-fabric.graph-explorer
|
||||
name: Railiance Fabric graph explorer UI
|
||||
repo: railiance-fabric
|
||||
service_id: railiance-fabric.registry
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
access_zone: private-dev
|
||||
exposure_class: local-only
|
||||
routing_authority: local-loopback-binding
|
||||
policy_authority: local-loopback-binding
|
||||
route_evidence:
|
||||
route: http://127.0.0.1:8765/ui/graph-explorer
|
||||
host: 127.0.0.1
|
||||
port: 8765
|
||||
protocol: http
|
||||
path: /ui/graph-explorer
|
||||
evidence:
|
||||
- path: fabric/interfaces/railiance-fabric-registry-graph-explorer-ui.yaml
|
||||
kind: fabric-interface-declaration
|
||||
- id: dev.bernd-laptop.state-hub.api
|
||||
name: State Hub HTTP API
|
||||
repo: the-custodian
|
||||
service_id: the-custodian.state-hub
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
access_zone: private-dev
|
||||
exposure_class: local-only
|
||||
routing_authority: local-loopback-binding
|
||||
policy_authority: local-loopback-binding
|
||||
route_evidence:
|
||||
route: http://127.0.0.1:8000
|
||||
host: 127.0.0.1
|
||||
port: 8000
|
||||
protocol: http
|
||||
evidence:
|
||||
- path: fabric/interfaces/the-custodian-state-hub-http-api.yaml
|
||||
kind: fabric-interface-declaration
|
||||
- id: dev.bernd-laptop.state-hub.mcp
|
||||
name: State Hub MCP API
|
||||
repo: the-custodian
|
||||
service_id: the-custodian.state-hub
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
access_zone: private-dev
|
||||
exposure_class: local-only
|
||||
routing_authority: local-loopback-binding
|
||||
policy_authority: local-loopback-binding
|
||||
route_evidence:
|
||||
route: http://127.0.0.1:8001
|
||||
host: 127.0.0.1
|
||||
port: 8001
|
||||
protocol: http
|
||||
evidence:
|
||||
- path: fabric/interfaces/the-custodian-state-hub-mcp-api.yaml
|
||||
kind: fabric-interface-declaration
|
||||
- id: dev.bernd-laptop.state-hub.dashboard
|
||||
name: State Hub dashboard
|
||||
repo: the-custodian
|
||||
service_id: the-custodian.state-hub
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
access_zone: private-dev
|
||||
exposure_class: local-only
|
||||
routing_authority: local-loopback-binding
|
||||
policy_authority: local-loopback-binding
|
||||
route_evidence:
|
||||
route: http://127.0.0.1:3000
|
||||
host: 127.0.0.1
|
||||
port: 3000
|
||||
protocol: http
|
||||
evidence:
|
||||
- path: fabric/interfaces/the-custodian-state-hub-dashboard.yaml
|
||||
kind: fabric-interface-declaration
|
||||
- id: dev.bernd-laptop.net-kingdom.control-surface
|
||||
name: NetKingdom control surface
|
||||
repo: net-kingdom
|
||||
service_id: net-kingdom.iam-profile
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
access_zone: private-dev
|
||||
exposure_class: local-only
|
||||
routing_authority: local-loopback-binding
|
||||
policy_authority: local-loopback-binding
|
||||
route_evidence:
|
||||
route: http://127.0.0.1:8876
|
||||
host: 127.0.0.1
|
||||
port: 8876
|
||||
protocol: http
|
||||
evidence:
|
||||
- path: fabric/interfaces/net-kingdom-control-surface-ui.yaml
|
||||
kind: fabric-interface-declaration
|
||||
- path: ../net-kingdom/sso-mfa/k8s/keycape/README.md
|
||||
kind: source-search-hit
|
||||
note: local OIDC callback lists localhost port 8876
|
||||
- id: test.coulombcore.state-hub.http-tunnel
|
||||
name: State Hub HTTP API tunnel to coulombcore
|
||||
repo: railiance-infra
|
||||
service_id: the-custodian.state-hub
|
||||
deployment_environment: test
|
||||
deployment_scenario: coulombcore
|
||||
access_zone: collaborator-test
|
||||
exposure_class: collaborator-test
|
||||
routing_authority: ops-bridge
|
||||
policy_authority: ops-bridge-ssh
|
||||
route_evidence:
|
||||
route: http://127.0.0.1:18000
|
||||
host: 127.0.0.1
|
||||
port: 18000
|
||||
protocol: http
|
||||
tunnel_target: coulombcore
|
||||
evidence:
|
||||
- path: ../railiance-infra/docs/deploy-stack.md
|
||||
lines: "127"
|
||||
kind: source-search-hit
|
||||
- id: test.coulombcore.state-hub.mcp-tunnel
|
||||
name: State Hub MCP tunnel to coulombcore
|
||||
repo: railiance-infra
|
||||
service_id: the-custodian.state-hub
|
||||
deployment_environment: test
|
||||
deployment_scenario: coulombcore
|
||||
access_zone: collaborator-test
|
||||
exposure_class: collaborator-test
|
||||
routing_authority: ops-bridge
|
||||
policy_authority: ops-bridge-ssh
|
||||
route_evidence:
|
||||
route: http://127.0.0.1:18001
|
||||
host: 127.0.0.1
|
||||
port: 18001
|
||||
protocol: http
|
||||
tunnel_target: coulombcore
|
||||
evidence:
|
||||
- path: ../railiance-infra/docs/deploy-stack.md
|
||||
lines: "128"
|
||||
kind: source-search-hit
|
||||
- id: test.coulombcore.k3s-api-tunnel
|
||||
name: k3s API tunnel to coulombcore
|
||||
repo: railiance-infra
|
||||
deployment_environment: test
|
||||
deployment_scenario: coulombcore
|
||||
access_zone: collaborator-test
|
||||
exposure_class: collaborator-test
|
||||
routing_authority: ops-bridge
|
||||
policy_authority: ops-bridge-ssh
|
||||
route_evidence:
|
||||
route: https://127.0.0.1:16443
|
||||
host: 127.0.0.1
|
||||
port: 16443
|
||||
protocol: https
|
||||
tunnel_target: coulombcore
|
||||
evidence:
|
||||
- path: ../railiance-infra/docs/deploy-stack.md
|
||||
lines: "129"
|
||||
kind: source-search-hit
|
||||
- path: ../railiance-cluster/SCOPE.md
|
||||
lines: "127"
|
||||
kind: source-search-hit
|
||||
note: cluster scope states it runs on COULOMBCORE
|
||||
- id: prod.railiance01.gitea
|
||||
name: Gitea ingress
|
||||
repo: railiance-apps
|
||||
deployment_environment: prod
|
||||
deployment_scenario: railiance01
|
||||
access_zone: production-public
|
||||
exposure_class: production-public
|
||||
routing_authority: traefik
|
||||
policy_authority: null
|
||||
tls_authority: cert-manager:letsencrypt-prod
|
||||
route_evidence:
|
||||
route: https://gitea.coulomb.social
|
||||
hostname: gitea.coulomb.social
|
||||
port: 443
|
||||
protocol: https
|
||||
review:
|
||||
status: candidate
|
||||
note: access zone and policy authority require operator review
|
||||
evidence:
|
||||
- path: ../railiance-apps/manifests/gitea-ingress.yaml
|
||||
lines: "2,12,14,16,27"
|
||||
kind: kubernetes-ingress
|
||||
- path: ../railiance-apps/workplans/railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md
|
||||
lines: "612,613"
|
||||
kind: source-search-hit
|
||||
note: places Gitea before vergabe-teilnahme on railiance01
|
||||
- id: prod.railiance01.vergabe-teilnahme
|
||||
name: Vergabe Teilnahme ingress
|
||||
repo: railiance-apps
|
||||
deployment_environment: prod
|
||||
deployment_scenario: railiance01
|
||||
access_zone: production-public
|
||||
exposure_class: production-public
|
||||
routing_authority: traefik
|
||||
policy_authority: null
|
||||
tls_authority: cert-manager:letsencrypt-prod
|
||||
route_evidence:
|
||||
route: https://vergabe-teilnahme.whywhynot.de
|
||||
hostname: vergabe-teilnahme.whywhynot.de
|
||||
port: 443
|
||||
protocol: https
|
||||
review:
|
||||
status: candidate
|
||||
note: production public classification is inferred from ingress host and workplan
|
||||
evidence:
|
||||
- path: ../railiance-apps/manifests/vergabe-teilnahme-ingress.yaml
|
||||
lines: "2,11,13,15,26"
|
||||
kind: kubernetes-ingress
|
||||
- path: ../railiance-apps/workplans/railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md
|
||||
lines: "22,40,68,69,163,612,613"
|
||||
kind: source-search-hit
|
||||
- id: prod.railiance01.authelia
|
||||
name: Authelia ingress
|
||||
repo: net-kingdom
|
||||
deployment_environment: prod
|
||||
deployment_scenario: railiance01
|
||||
access_zone: production-public
|
||||
exposure_class: production-public
|
||||
routing_authority: traefik
|
||||
policy_authority: authelia
|
||||
tls_authority: cert-manager:letsencrypt-prod
|
||||
route_evidence:
|
||||
route: https://auth.coulomb.social
|
||||
hostname: auth.coulomb.social
|
||||
port: 443
|
||||
protocol: https
|
||||
review:
|
||||
status: candidate
|
||||
note: railiance01 attribution comes from NetKingdom deployment workplan
|
||||
evidence:
|
||||
- path: ../net-kingdom/sso-mfa/k8s/authelia/ingress.yaml
|
||||
lines: "13,22,24,26,38"
|
||||
kind: kubernetes-ingress
|
||||
- path: ../net-kingdom/workplans/NK-WP-0003-keycape-privacyidea-cluster-deployment.md
|
||||
lines: "29,47,88,101"
|
||||
kind: source-search-hit
|
||||
- id: prod.railiance01.keycape
|
||||
name: Keycape ingress
|
||||
repo: net-kingdom
|
||||
deployment_environment: prod
|
||||
deployment_scenario: railiance01
|
||||
access_zone: production-public
|
||||
exposure_class: production-public
|
||||
routing_authority: traefik
|
||||
policy_authority: traefik-middleware
|
||||
tls_authority: cert-manager:letsencrypt-prod
|
||||
route_evidence:
|
||||
route: https://kc.coulomb.social
|
||||
hostname: kc.coulomb.social
|
||||
port: 443
|
||||
protocol: https
|
||||
review:
|
||||
status: candidate
|
||||
note: middleware is present, but intended audience still needs operator review
|
||||
evidence:
|
||||
- path: ../net-kingdom/sso-mfa/k8s/keycape/ingress.yaml
|
||||
lines: "13,22,23,27,29,41"
|
||||
kind: kubernetes-ingress
|
||||
- path: ../net-kingdom/sso-mfa/k8s/keycape/middleware.yaml
|
||||
lines: "9,24"
|
||||
kind: traefik-middleware
|
||||
- id: prod.railiance01.privacyidea
|
||||
name: privacyIDEA ingress
|
||||
repo: net-kingdom
|
||||
deployment_environment: prod
|
||||
deployment_scenario: railiance01
|
||||
access_zone: production-admin
|
||||
exposure_class: production-admin
|
||||
routing_authority: traefik
|
||||
policy_authority: traefik-middleware
|
||||
tls_authority: cert-manager:letsencrypt-prod
|
||||
route_evidence:
|
||||
route: https://pink.coulomb.social
|
||||
hostname: pink.coulomb.social
|
||||
port: 443
|
||||
protocol: https
|
||||
review:
|
||||
status: candidate
|
||||
note: admin classification inferred from privacyIDEA role and middleware
|
||||
evidence:
|
||||
- path: ../net-kingdom/sso-mfa/k8s/privacyidea/ingress.yaml
|
||||
lines: "25,34,36,38,40,52,60,69,71,75,77,89"
|
||||
kind: kubernetes-ingress
|
||||
- path: ../net-kingdom/sso-mfa/k8s/privacyidea/middleware.yaml
|
||||
lines: "19,41"
|
||||
kind: traefik-middleware
|
||||
- id: prod.railiance01.privacyidea-account
|
||||
name: privacyIDEA account self-service ingress
|
||||
repo: net-kingdom
|
||||
deployment_environment: prod
|
||||
deployment_scenario: railiance01
|
||||
access_zone: production-public
|
||||
exposure_class: production-public
|
||||
routing_authority: traefik
|
||||
policy_authority: traefik-middleware
|
||||
tls_authority: cert-manager:letsencrypt-prod
|
||||
route_evidence:
|
||||
route: https://pink-account.coulomb.social
|
||||
hostname: pink-account.coulomb.social
|
||||
port: 443
|
||||
protocol: https
|
||||
review:
|
||||
status: candidate
|
||||
note: self-service classification inferred from host name and middleware
|
||||
evidence:
|
||||
- path: ../net-kingdom/sso-mfa/k8s/privacyidea/ingress.yaml
|
||||
lines: "94,103,104,106,108,120"
|
||||
kind: kubernetes-ingress
|
||||
- id: prod.railiance01.lldap
|
||||
name: LLDAP ingress
|
||||
repo: net-kingdom
|
||||
deployment_environment: prod
|
||||
deployment_scenario: railiance01
|
||||
access_zone: production-admin
|
||||
exposure_class: production-admin
|
||||
routing_authority: traefik
|
||||
policy_authority: traefik-admin-allowlist
|
||||
tls_authority: cert-manager:letsencrypt-prod
|
||||
route_evidence:
|
||||
route: https://lldap.coulomb.social
|
||||
hostname: lldap.coulomb.social
|
||||
port: 443
|
||||
protocol: https
|
||||
review:
|
||||
status: candidate
|
||||
note: admin allowlist middleware indicates intended restricted access
|
||||
evidence:
|
||||
- path: ../net-kingdom/sso-mfa/k8s/lldap/ingress.yaml
|
||||
lines: "12,21,22,24,26,38"
|
||||
kind: kubernetes-ingress
|
||||
- path: ../net-kingdom/sso-mfa/k8s/lldap/middleware.yaml
|
||||
lines: "11"
|
||||
kind: traefik-middleware
|
||||
ambiguities:
|
||||
- id: railiance01-coulombcore-ip-conflict
|
||||
severity: high
|
||||
summary: Source documents disagree on which host owns 92.205.130.254.
|
||||
evidence:
|
||||
- path: ../railiance-apps/workplans/railiance-apps-WP-0002-vergabe-teilnahme-on-railiance01.md
|
||||
lines: "22,163"
|
||||
note: says railiance01 and Traefik LoadBalancer use 92.205.130.254
|
||||
- path: ../railiance-infra/SCOPE.md
|
||||
lines: "126"
|
||||
note: says COULOMBCORE is 92.205.130.254 and Railiance01 is 92.205.62.239
|
||||
next: reconcile host inventory before treating IP evidence as authoritative
|
||||
- id: prod-access-zone-review
|
||||
severity: medium
|
||||
summary: Production access zones are candidate classifications.
|
||||
evidence:
|
||||
- path: ../railiance-apps/manifests
|
||||
note: app ingress manifests show routing and TLS but not business audience
|
||||
- path: ../net-kingdom/sso-mfa/k8s
|
||||
note: middleware and network policy hint at access intent but do not replace operator review
|
||||
next: confirm each production host as public, admin, or early-access
|
||||
- id: test-reachability-is-tunneled
|
||||
severity: medium
|
||||
summary: Current coulombcore routes are ops-bridge tunnel evidence, not public ingress evidence.
|
||||
evidence:
|
||||
- path: ../railiance-infra/docs/deploy-stack.md
|
||||
lines: "127,128,129"
|
||||
note: state-hub and k3s API access are tunnel commands
|
||||
next: add executable test-stage ingress/service discovery when coulombcore manifests exist
|
||||
missing_policy_authority:
|
||||
- surface_id: prod.railiance01.gitea
|
||||
reason: route and TLS are discovered, but access policy authority is not evident in the ingress artifact
|
||||
- surface_id: prod.railiance01.vergabe-teilnahme
|
||||
reason: route and TLS are discovered, but access policy authority is not evident in the ingress artifact
|
||||
35
fabric/interfaces/net-kingdom-control-surface-ui.yaml
Normal file
35
fabric/interfaces/net-kingdom-control-surface-ui.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: net-kingdom.control-surface.ui
|
||||
name: NetKingdom Control Surface
|
||||
owner: net-kingdom
|
||||
repo: net-kingdom
|
||||
domain: railiance
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev]
|
||||
description: Local NetKingdom control surface on the operator workstation.
|
||||
interface_type: web-ui
|
||||
version: v1
|
||||
service_id: net-kingdom.iam-profile
|
||||
capability_ids:
|
||||
- net-kingdom.iam-profile.issuer
|
||||
endpoint:
|
||||
url: http://127.0.0.1:8876
|
||||
notes: Local workstation endpoint after moving away from the Fabric registry port.
|
||||
deployment_overlay:
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
routing_authority: net-kingdom-local-process
|
||||
access_zone: private-dev
|
||||
policy_authority: local-loopback-binding
|
||||
exposure_class: local-only
|
||||
route_evidence:
|
||||
host: 127.0.0.1
|
||||
port: 8876
|
||||
protocol: tcp
|
||||
route: http://127.0.0.1:8876
|
||||
auth:
|
||||
method: none
|
||||
data_classification: internal
|
||||
@@ -23,6 +23,18 @@ spec:
|
||||
endpoint:
|
||||
url: http://127.0.0.1:8765/ui/graph-explorer
|
||||
notes: Local workstation UI when the registry service is running.
|
||||
deployment_overlay:
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
routing_authority: railiance-fabric-registry
|
||||
access_zone: private-dev
|
||||
policy_authority: local-loopback-binding
|
||||
exposure_class: local-only
|
||||
route_evidence:
|
||||
host: 127.0.0.1
|
||||
port: 8765
|
||||
protocol: tcp
|
||||
route: http://127.0.0.1:8765/ui/graph-explorer
|
||||
auth:
|
||||
method: none
|
||||
data_classification: internal
|
||||
|
||||
@@ -23,6 +23,18 @@ spec:
|
||||
endpoint:
|
||||
url: http://127.0.0.1:8765
|
||||
notes: Local workstation endpoint when the registry service is running.
|
||||
deployment_overlay:
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
routing_authority: local-process
|
||||
access_zone: private-dev
|
||||
policy_authority: local-loopback-binding
|
||||
exposure_class: local-only
|
||||
route_evidence:
|
||||
host: 127.0.0.1
|
||||
port: 8765
|
||||
protocol: tcp
|
||||
route: http://127.0.0.1:8765
|
||||
auth:
|
||||
method: none
|
||||
data_classification: internal
|
||||
|
||||
35
fabric/interfaces/the-custodian-state-hub-dashboard.yaml
Normal file
35
fabric/interfaces/the-custodian-state-hub-dashboard.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: the-custodian.state-hub.dashboard
|
||||
name: State Hub Dashboard
|
||||
owner: the-custodian
|
||||
repo: the-custodian
|
||||
domain: custodian
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev]
|
||||
description: Local browser dashboard for State Hub coordination views.
|
||||
interface_type: web-ui
|
||||
version: v1
|
||||
service_id: the-custodian.state-hub
|
||||
capability_ids:
|
||||
- the-custodian.state-hub.coordination
|
||||
endpoint:
|
||||
url: http://127.0.0.1:3000
|
||||
notes: Local workstation dashboard endpoint when the State Hub frontend is running.
|
||||
deployment_overlay:
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
routing_authority: vite-dev-server
|
||||
access_zone: private-dev
|
||||
policy_authority: local-loopback-binding
|
||||
exposure_class: local-only
|
||||
route_evidence:
|
||||
host: 127.0.0.1
|
||||
port: 3000
|
||||
protocol: tcp
|
||||
route: http://127.0.0.1:3000
|
||||
auth:
|
||||
method: none
|
||||
data_classification: internal
|
||||
@@ -15,6 +15,21 @@ spec:
|
||||
service_id: the-custodian.state-hub
|
||||
capability_ids:
|
||||
- the-custodian.state-hub.coordination
|
||||
endpoint:
|
||||
url: http://127.0.0.1:8000
|
||||
notes: Local workstation State Hub REST API.
|
||||
deployment_overlay:
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
routing_authority: state-hub-local-process
|
||||
access_zone: private-dev
|
||||
policy_authority: local-loopback-binding
|
||||
exposure_class: local-only
|
||||
route_evidence:
|
||||
host: 127.0.0.1
|
||||
port: 8000
|
||||
protocol: tcp
|
||||
route: http://127.0.0.1:8000
|
||||
auth:
|
||||
method: none
|
||||
data_classification: internal
|
||||
|
||||
35
fabric/interfaces/the-custodian-state-hub-mcp-api.yaml
Normal file
35
fabric/interfaces/the-custodian-state-hub-mcp-api.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
apiVersion: railiance.fabric/v1alpha1
|
||||
kind: InterfaceDeclaration
|
||||
metadata:
|
||||
id: the-custodian.state-hub.mcp-api
|
||||
name: State Hub MCP API
|
||||
owner: the-custodian
|
||||
repo: the-custodian
|
||||
domain: custodian
|
||||
spec:
|
||||
lifecycle: active
|
||||
environments: [dev]
|
||||
description: Local MCP surface for State Hub coordination tools.
|
||||
interface_type: mcp-api
|
||||
version: v1
|
||||
service_id: the-custodian.state-hub
|
||||
capability_ids:
|
||||
- the-custodian.state-hub.coordination
|
||||
endpoint:
|
||||
url: http://127.0.0.1:8001
|
||||
notes: Local workstation MCP endpoint when State Hub is running.
|
||||
deployment_overlay:
|
||||
deployment_environment: dev
|
||||
deployment_scenario: bernd-laptop
|
||||
routing_authority: state-hub-local-process
|
||||
access_zone: private-dev
|
||||
policy_authority: local-loopback-binding
|
||||
exposure_class: local-only
|
||||
route_evidence:
|
||||
host: 127.0.0.1
|
||||
port: 8001
|
||||
protocol: tcp
|
||||
route: http://127.0.0.1:8001
|
||||
auth:
|
||||
method: none
|
||||
data_classification: internal
|
||||
@@ -15,3 +15,4 @@ spec:
|
||||
- net-kingdom.iam-profile.issuer
|
||||
exposes_interfaces:
|
||||
- net-kingdom.iam-profile.oidc-discovery
|
||||
- net-kingdom.control-surface.ui
|
||||
|
||||
@@ -15,3 +15,5 @@ spec:
|
||||
- the-custodian.state-hub.coordination
|
||||
exposes_interfaces:
|
||||
- the-custodian.state-hub.http-api
|
||||
- the-custodian.state-hub.mcp-api
|
||||
- the-custodian.state-hub.dashboard
|
||||
|
||||
Reference in New Issue
Block a user