coulomb/railiance-platform
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add credential CCR operator handoff

Browse Source
This commit is contained in:
Bernd Worsch
2026-06-28 00:21:02 +02:00
parent a27a114491
commit 248bc58b6a
4 changed files with 104 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/credential-change-approval.md
View File

@@ -155,10 +155,14 @@ scripts/credential-change.py deny CCR-2026-0001 --reviewer <name> --comment "...
scripts/credential-change.py needs-changes CCR-2026-0001 --reviewer <name> --comment "..."
make credential-change-sync-decision CREDENTIAL_CHANGE=CCR-2026-0001
make credential-change-apply-plan CREDENTIAL_CHANGE=CCR-2026-0001
make credential-change-operator-commands CREDENTIAL_CHANGE=CCR-2026-0001
```
`apply-plan` is intentionally guarded: it refuses anything not approved and
refuses unconfirmed auth bindings.
`apply-plan` and `operator-commands` are intentionally guarded: they refuse
anything not approved and refuse unconfirmed auth bindings. `operator-commands`
renders the reviewed non-secret `bao policy write` and `bao write auth/.../role`
commands for a platform operator; the actual secret value is still provisioned
through approved OpenBao/operator custody only.
The same operations can be exposed through chat by having the agent create the
proposal, show the rendered summary, then call the CLI only after the human