Mark whynot lane applied pending verification
This commit is contained in:
@@ -7,8 +7,8 @@ This is the next-session handoff for `CCR-2026-0001` and the
|
||||
|
||||
- CCR: `CCR-2026-0001`
|
||||
- Decision: `e6381a56-6b04-4fd5-b2de-f3ef59cde888`
|
||||
- Status: approved; non-secret OpenBao apply checks passed 2026-06-28
|
||||
- Front door: `template`, `resolvable=false`
|
||||
- Status: applied; non-secret OpenBao apply checks passed 2026-06-28
|
||||
- Front door: `applied-pending-verify`, `resolvable=false`
|
||||
- Catalog id: `whynot-design-npm-publish`
|
||||
- Tenant/org: `coulomb`
|
||||
- Workload/project: `whynot-design`
|
||||
@@ -202,6 +202,6 @@ then `CCR-2026-0001` can move toward `active`, and ops-warden can mark
|
||||
Until then, keep the front door as:
|
||||
|
||||
```text
|
||||
readiness = template
|
||||
readiness = applied-pending-verify
|
||||
resolvable = false
|
||||
```
|
||||
|
||||
@@ -30,7 +30,7 @@ Ops-warden batch follow-up:
|
||||
| KV mount | `platform` |
|
||||
| OpenBao CLI path | `platform/workloads/coulomb/whynot-design/npm-publish` |
|
||||
| Secret field | `NPM_AUTH_TOKEN` |
|
||||
| Front-door readiness | `template`, `resolvable=false` until CCR verification |
|
||||
| Front-door readiness | `applied-pending-verify`, `resolvable=false` until caller verification |
|
||||
| Read policy | `workload-kv-read-whynot-design-npm-publish` |
|
||||
| Policy file | `openbao/policies/workload-kv-read-whynot-design-npm-publish.hcl` |
|
||||
| OIDC auth mount | `netkingdom` |
|
||||
@@ -205,6 +205,6 @@ flex-auth ref: secret.read:whynot-design, if tenant policy requires it
|
||||
runbook: docs/workload-kv-access-lanes.md
|
||||
```
|
||||
|
||||
Until live provisioning and verification are complete, ops-warden should keep
|
||||
the catalog entry in `template`/`draft` or equivalent non-active state with
|
||||
Until positive and negative caller verification are complete, ops-warden should
|
||||
keep the catalog entry in `applied-pending-verify`/non-active state with
|
||||
`resolvable=false`.
|
||||
|
||||
Reference in New Issue
Block a user