generated from coulomb/repo-seed
57 lines
2.4 KiB
Markdown
57 lines
2.4 KiB
Markdown
# First Rollout
|
|
|
|
The first rollout is represented by the seed declarations under `fabric/`.
|
|
Those files are intentionally centralized in Railiance Fabric for bootstrap;
|
|
the long-term target is for each owning repo to contribute local evidence while
|
|
financial Fabric ownership and boundary decisions come from accountability-root
|
|
discovery.
|
|
|
|
## Seeded Repos
|
|
|
|
| Repo | Seeded Service(s) | First Capability |
|
|
|------|-------------------|------------------|
|
|
| `railiance-platform` | OpenBao, CNPG, Valkey | runtime secrets, PostgreSQL, Redis-compatible cache |
|
|
| `net-kingdom` | IAM Profile contract | IAM Profile issuer |
|
|
| `key-cape` | IAM Profile API | IAM Profile issuer implementation |
|
|
| `flex-auth` | flex-auth API, Topaz | authorization decisions |
|
|
| `artifact-store` | object storage service | object storage, credential vending |
|
|
| `repo-scoping` | scope generator | scope generation |
|
|
| `the-custodian` | State Hub | coordination read model |
|
|
|
|
## Promotion Path
|
|
|
|
For each owning repo:
|
|
|
|
1. Copy the matching seed files from `railiance-fabric/fabric/` into the owning
|
|
repo's own `fabric/` directory.
|
|
2. Replace seed source links with repo-local source links.
|
|
3. Validate the owning repo by itself.
|
|
4. Validate the owning repo together with `railiance-fabric` and other
|
|
providers/consumers it depends on.
|
|
5. Export the multi-repo graph for State Hub ingestion.
|
|
6. Once accountability-root discovery can reproduce the graph, mark the
|
|
central seed declarations as bootstrap evidence and keep only the repo-local
|
|
facts that remain useful self-description.
|
|
|
|
## Suggested Order
|
|
|
|
1. `railiance-platform`: owns OpenBao, CNPG, and Valkey provider declarations.
|
|
2. `key-cape`: owns the first concrete IAM Profile implementation.
|
|
3. `flex-auth`: owns authorization decisions and concrete consumers of OpenBao
|
|
and IAM Profile capabilities.
|
|
4. `the-custodian/state-hub`: owns coordination read-model declarations and is
|
|
the first export consumer.
|
|
5. `repo-scoping`: owns scope-generation provider declarations.
|
|
6. `artifact-store`: can promote planned object-storage declarations when its
|
|
interfaces stabilize.
|
|
|
|
## Completion Signal
|
|
|
|
The rollout is good enough for the next phase when:
|
|
|
|
- each repo can validate its own declarations
|
|
- the combined graph has no unresolved dependencies
|
|
- State Hub can ingest a `FabricGraphExport`
|
|
- dashboard/search views can answer provider, consumer, unresolved, and blast
|
|
radius questions from the ingested graph
|