Add credential lane readiness proposals

This commit is contained in:
2026-06-27 23:30:29 +02:00
parent 815b124ab1
commit aee0dcefad
13 changed files with 425 additions and 25 deletions

View File

@@ -8,7 +8,7 @@ created: "2026-06-27"
updated: "2026-06-27"
requester:
agent: ops-warden
message_id: "551031d1-335e-4db8-9535-820fea52d0a3"
message_id: "fe5b1696-8956-4bd5-9d6f-dbde1901a076"
reason: "Allow ops-warden to proxy caller-scoped access to whynot-design's npm publish token."
review:
required: true
@@ -43,13 +43,17 @@ openbao:
ttl: 15m
access_frontdoor:
type: ops-warden
catalog_id: whynot-design-npm-token
selector: "npm auth token"
catalog_id: whynot-design-npm-publish
selector: "npm publish token"
command: "warden access whynot-design-npm-publish --exec -- npm publish"
resolvable: false
readiness: template
activation: "draft-until-ccr-verified"
risk:
classification: high
notes:
- "Grants read access to the credential used to publish npm packages."
- "Uses a publish-specific catalog id; a future read-only npm token must use a separate catalog id."
- "The proposed OIDC bound claim must be confirmed before apply."
- "ops-warden must proxy the read as the caller and must not retain the token value."
verification:
@@ -70,3 +74,4 @@ state_hub:
workplan_id: RAILIANCE-WP-0007
related_workplan_id: RAILIANCE-WP-0006
ops_warden_reply_message_id: "b175c561-7858-43f5-a309-949b0dede1b4"
ops_warden_batch_message_id: "fe5b1696-8956-4bd5-9d6f-dbde1901a076"

View File

@@ -0,0 +1,80 @@
id: CCR-2026-0002
kind: credential-change-request
schema_version: 1
request_type: workload-kv-read
title: "issue-core runtime ingestion key lane"
status: proposed
created: "2026-06-27"
updated: "2026-06-27"
requester:
agent: ops-warden
message_id: "fe5b1696-8956-4bd5-9d6f-dbde1901a076"
reason: "Confirm and provision the issue-core workload KV lane requested in the ops-warden batch."
review:
required: true
required_approvers:
- platform-operator
- issue-core-owner
comments: []
target:
domain: financials
tenant: issue-core
workload: issue-core
environment: production
purpose: "issue-core runtime ingestion through OpenBao workload KV and External Secrets"
openbao:
mount: platform
kv_path: platform/workloads/issue-core/issue-core/issue-core-runtime
fields:
- ISSUE_CORE_API_KEY
- GITEA_BACKEND_TOKEN
policy_name: workload-kv-read-issue-core-runtime
policy_file: openbao/policies/workload-kv-read-issue-core-runtime.hcl
auth:
method: kubernetes
mount: kubernetes
role: issue-core-runtime-workload-kv-read
bound_claims:
service_account_names:
- issue-core
service_account_namespaces:
- issue-core
bound_claims_confirmed: false
policies:
- workload-kv-read-issue-core-runtime
ttl: 15m
access_frontdoor:
type: ops-warden
catalog_id: issue-core-ingestion-api-key
selector: "issue-core ingestion API key"
command: "warden access issue-core-ingestion-api-key --fetch ISSUE_CORE_API_KEY"
resolvable: false
readiness: template
activation: "draft-until-ccr-verified"
delivery:
surface: external-secrets
target: "issue-core namespace"
risk:
classification: high
notes:
- "Grants read access to issue-core runtime ingestion credentials."
- "GITEA_BACKEND_TOKEN is included because ops-warden asked to confirm whether it is used; remove it before approval if issue-core does not require it."
- "The Kubernetes service account and namespace binding must be confirmed before apply."
- "ops-warden must proxy reads as the caller and must not retain token values."
verification:
positive:
- "Approved issue-core service account can read the configured fields through OpenBao or External Secrets without printing values."
negative:
- "A service account outside the approved issue-core binding cannot read the path."
activation_conditions:
- "Policy applied with platform-admin/operator authority."
- "Kubernetes auth role bound to the confirmed issue-core service account and namespace."
- "Secret values provisioned directly in OpenBao through approved operator custody."
- "Positive and negative verification recorded with non-secret audit ids or timestamps."
lifecycle:
deactivate: "Disable ops-warden catalog entry and remove or detach auth role policy."
rotate: "Replace issue-core runtime secret values directly in OpenBao and record non-secret rotation evidence."
compromised: "Immediately deactivate access front door, rotate affected values, record blast-radius notes, and open incident follow-up tasks."
state_hub:
workplan_id: RAILIANCE-WP-0007
ops_warden_batch_message_id: "fe5b1696-8956-4bd5-9d6f-dbde1901a076"

View File

@@ -0,0 +1,78 @@
id: CCR-2026-0003
kind: credential-change-request
schema_version: 1
request_type: workload-kv-read
title: "llm-connect OpenRouter provider key lane"
status: proposed
created: "2026-06-27"
updated: "2026-06-27"
requester:
agent: ops-warden
message_id: "fe5b1696-8956-4bd5-9d6f-dbde1901a076"
reason: "Confirm and provision the llm-connect OpenRouter workload KV lane requested in the ops-warden batch."
review:
required: true
required_approvers:
- platform-operator
- activity-core-owner
comments: []
target:
domain: financials
tenant: activity-core
workload: llm-connect
environment: production
purpose: "llm-connect provider access through OpenBao workload KV and External Secrets"
openbao:
mount: platform
kv_path: platform/workloads/activity-core/llm-connect/llm-connect-provider-secrets
fields:
- OPENROUTER_API_KEY
policy_name: workload-kv-read-llm-connect-provider-secrets
policy_file: openbao/policies/workload-kv-read-llm-connect-provider-secrets.hcl
auth:
method: kubernetes
mount: kubernetes
role: llm-connect-provider-secrets-read
bound_claims:
service_account_names:
- llm-connect
service_account_namespaces:
- activity-core
bound_claims_confirmed: false
policies:
- workload-kv-read-llm-connect-provider-secrets
ttl: 15m
access_frontdoor:
type: ops-warden
catalog_id: llm-connect-openrouter-api-key
selector: "llm-connect OpenRouter API key"
command: "warden access llm-connect-openrouter-api-key --fetch OPENROUTER_API_KEY"
resolvable: false
readiness: template
activation: "draft-until-ccr-verified"
delivery:
surface: external-secrets
target: "Secret llm-connect-provider-secrets in the activity-core namespace"
risk:
classification: high
notes:
- "Grants read access to the provider key used by llm-connect for OpenRouter requests."
- "The Kubernetes service account and namespace binding must be confirmed before apply."
- "ops-warden must proxy reads as the caller and must not retain token values."
verification:
positive:
- "Approved llm-connect service account can read field OPENROUTER_API_KEY through OpenBao or External Secrets without printing the value."
negative:
- "A service account outside the approved activity-core/llm-connect binding cannot read the path."
activation_conditions:
- "Policy applied with platform-admin/operator authority."
- "Kubernetes auth role bound to the confirmed llm-connect service account and namespace."
- "Secret value provisioned directly in OpenBao through approved operator custody."
- "Positive and negative verification recorded with non-secret audit ids or timestamps."
lifecycle:
deactivate: "Disable ops-warden catalog entry and remove or detach auth role policy."
rotate: "Replace OPENROUTER_API_KEY directly in OpenBao and record non-secret rotation evidence."
compromised: "Immediately deactivate access front door, rotate the provider key, record blast-radius notes, and open incident follow-up tasks."
state_hub:
workplan_id: RAILIANCE-WP-0007
ops_warden_batch_message_id: "fe5b1696-8956-4bd5-9d6f-dbde1901a076"