Document audit-core mock sink handoff

docs/openbao.md

@@ -272,7 +272,8 @@ Before any live application secrets move into OpenBao:
    custody. The drill must prove that a fresh OpenBao instance can restore the
    snapshot, unseal, and read a test secret.
 5. Decide where audit logs are shipped durably. The audit PVC alone is not a
-   durable audit sink.
+   durable audit sink. The interim `audit-core` mock file backend can prove API
+   and setup wiring, but it writes to `/tmp` and is not production retention.
 6. Run:
 
    ```bash
@@ -306,6 +307,12 @@ such as an encrypted platform backup/export path or the future centralized
 logging stack. Do not treat non-secret hashes, screenshots, or State Hub notes
 as substitutes for retained audit log custody.
 
+Interim integration status: `/home/worsch/audit-core` provides a mock
+Audit Core backend that writes JSONL records under
+`/tmp/audit-core/audit-YYYYMMDDTHH.jsonl` and deletes files older than seven
+days. Use it only to wire interfaces and setup validation before the durable
+Audit Core archive exists.
+
 Monitoring baseline:
 
 - pod readiness and liveness from Kubernetes probes

workplans/RAIL-PL-WP-0002-openbao-platform-secrets-service.md

@@ -286,6 +286,14 @@ OpenBao is unsealed on `2.5.4`, `bao audit list` shows `file/`,
 workplan. The cached verifier token was then revoked with
 `bao token revoke -self`.
 
+**2026-06-01:** Durable tenant-aware audit retention is now a separate
+`audit-core` product/repo instead of a Railiance OpenBao bootstrap subtask. The
+initial Audit Core mock backend writes JSONL events under
+`/tmp/audit-core/audit-YYYYMMDDTHH.jsonl` and removes files older than seven
+days; it is suitable for interface wiring and setup validation only. Railiance
+still owns the OpenBao file audit device and PVC, while production retention,
+tenant policy, and tamper-evident archive belong to Audit Core.
+
 ### T07 - Cross-Repo Transition Tasks
 
 ```task