From ddd916d71c2a899f9a13489c10aeab7a81156713 Mon Sep 17 00:00:00 2001 From: tegwick Date: Thu, 2 Jul 2026 12:12:49 +0200 Subject: [PATCH] CCR-2026-0002/0003 approved + applied via constrained applier; WP-0008 finished, WP-0009/0010 advanced Co-Authored-By: Claude Fable 5 --- ...026-0002-issue-core-ingestion-api-key.yaml | 21 +++++++++++++-- ...6-0003-llm-connect-openrouter-api-key.yaml | 25 +++++++++++++---- ...-openbao-approved-automation-delegation.md | 25 +++++++++++++++-- ...9-issue-core-runtime-ingestion-key-lane.md | 27 ++++++++++++++++--- ...lm-connect-openrouter-provider-key-lane.md | 20 ++++++++++++-- 5 files changed, 103 insertions(+), 15 deletions(-) diff --git a/credential-change-requests/CCR-2026-0002-issue-core-ingestion-api-key.yaml b/credential-change-requests/CCR-2026-0002-issue-core-ingestion-api-key.yaml index 9ecf9fc..75fc838 100644 --- a/credential-change-requests/CCR-2026-0002-issue-core-ingestion-api-key.yaml +++ b/credential-change-requests/CCR-2026-0002-issue-core-ingestion-api-key.yaml @@ -3,9 +3,9 @@ kind: credential-change-request schema_version: 1 request_type: workload-kv-read title: issue-core runtime ingestion key lane -status: proposed +status: applied created: '2026-06-27' -updated: '2026-06-30' +updated: '2026-07-02' requester: agent: ops-warden message_id: fe5b1696-8956-4bd5-9d6f-dbde1901a076 @@ -27,6 +27,13 @@ review: path is the platform ClusterSecretStore/openbao role external-secrets-issue-core bound to service account external-secrets/external-secrets. Keep CCR status proposed until platform/operator and issue-core-owner approval. + - at: '2026-07-02T09:59:54+00:00' + reviewer: bernd.worsch + decision: approved + comment: 'Approved in chat (Claude Code coached-approvals session, 2026-07-02) + acting as all required approvers: platform-operator, issue-core-owner. Field-set + decision: keep both ISSUE_CORE_API_KEY and GITEA_BACKEND_TOKEN, matching the + live ExternalSecret mapping.' target: domain: financials tenant: issue-core @@ -94,6 +101,16 @@ verification: External Secrets delivery path. - Secret values provisioned directly in OpenBao through approved operator custody. - Positive and negative verification recorded with non-secret audit ids or timestamps. + evidence: + - at: '2026-07-02T10:08:00+00:00' + actor: bernd.worsch + kind: delegated_metadata_apply + result: passed + details: + - Delegated metadata applier ran as bernd.worsch using local bao CLI ambient authority. + - 'Policy metadata write: sys/policies/acl/workload-kv-read-issue-core-runtime' + - 'Auth role metadata write: auth/kubernetes/role/external-secrets-issue-core' + - No secret values were read, written, printed, or accepted in argv. lifecycle: deactivate: Disable ops-warden catalog entry and remove or detach auth role policy. rotate: Replace issue-core runtime secret values directly in OpenBao and record diff --git a/credential-change-requests/CCR-2026-0003-llm-connect-openrouter-api-key.yaml b/credential-change-requests/CCR-2026-0003-llm-connect-openrouter-api-key.yaml index 828f0d9..75187a6 100644 --- a/credential-change-requests/CCR-2026-0003-llm-connect-openrouter-api-key.yaml +++ b/credential-change-requests/CCR-2026-0003-llm-connect-openrouter-api-key.yaml @@ -3,9 +3,9 @@ kind: credential-change-request schema_version: 1 request_type: workload-kv-read title: llm-connect OpenRouter provider key lane -status: proposed +status: applied created: '2026-06-27' -updated: '2026-07-01' +updated: '2026-07-02' requester: agent: ops-warden message_id: fe5b1696-8956-4bd5-9d6f-dbde1901a076 @@ -21,9 +21,9 @@ review: reviewer: codex decision: selector_aligned_to_ops_warden_catalog comment: ops-warden registry/routing/catalog.yaml and wiki/playbooks/openrouter-llm-connect.md - define openrouter-llm-connect as the draft OpenRouter/llm-connect route. - Updated CCR access_frontdoor metadata to use that canonical selector; approval - and live apply remain pending. + define openrouter-llm-connect as the draft OpenRouter/llm-connect route. Updated + CCR access_frontdoor metadata to use that canonical selector; approval and live + apply remain pending. - at: '2026-06-29T22:53:03+00:00' reviewer: codex decision: metadata_review_binding_confirmed_pending_owner_approval @@ -35,6 +35,11 @@ review: No activity-core ExternalSecret exists yet; a namespace-limited ClusterSecretStore source manifest was added for future rollout. Keep CCR status proposed until platform/operator and activity-core-owner approval. + - at: '2026-07-02T09:59:54+00:00' + reviewer: bernd.worsch + decision: approved + comment: 'Approved in chat (Claude Code coached-approvals session, 2026-07-02) + acting as all required approvers: platform-operator, activity-core-owner.' target: domain: financials tenant: activity-core @@ -98,6 +103,16 @@ verification: External Secrets delivery path. - Secret value provisioned directly in OpenBao through approved operator custody. - Positive and negative verification recorded with non-secret audit ids or timestamps. + evidence: + - at: '2026-07-02T10:08:00+00:00' + actor: bernd.worsch + kind: delegated_metadata_apply + result: passed + details: + - Delegated metadata applier ran as bernd.worsch using local bao CLI ambient authority. + - 'Policy metadata write: sys/policies/acl/workload-kv-read-llm-connect-provider-secrets' + - 'Auth role metadata write: auth/kubernetes/role/external-secrets-activity-core' + - No secret values were read, written, printed, or accepted in argv. lifecycle: deactivate: Disable ops-warden catalog entry and remove or detach auth role policy. rotate: Replace OPENROUTER_API_KEY directly in OpenBao and record non-secret rotation diff --git a/workplans/RAILIANCE-WP-0008-openbao-approved-automation-delegation.md b/workplans/RAILIANCE-WP-0008-openbao-approved-automation-delegation.md index 79dbd1c..8cf9a33 100644 --- a/workplans/RAILIANCE-WP-0008-openbao-approved-automation-delegation.md +++ b/workplans/RAILIANCE-WP-0008-openbao-approved-automation-delegation.md @@ -4,7 +4,7 @@ type: workplan title: "OpenBao Approved Automation Delegation" domain: financials repo: railiance-platform -status: active +status: finished owner: codex topic_slug: railiance planning_priority: high @@ -173,7 +173,7 @@ credential-tests` passed with 28 tests. ```task id: RAILIANCE-WP-0008-T03 -status: progress +status: done priority: medium state_hub_task_id: "ff927a19-50fb-4351-8db1-c60a0cce0995" ``` @@ -302,3 +302,24 @@ CCR. requirements. - CCR approval, apply, verification, and front-door activation form one reviewable chain. + + +## Completion 2026-07-02 — T03 live probe and workplan finish + +T03 closed with live positive and negative evidence from a +`credential-change-nonprod-applier` child token (accessor +`pCznHtid1O0vy36QHqMbzu5Y`, revoked after use): + +- allowed: `policy_write workload-kv-read-nonprod-probe-test` (test artifact + deleted afterwards by the operator session) and `policy_read + workload-kv-read-issue-core-runtime`; +- denied: `policy_read platform-admin`, out-of-pattern `policy_write + evil-probe-test`, KV secret read on the issue-core path, and + `auth/token/roles/credential-change-nonprod-applier` write; +- all recorded in `/openbao/audit/openbao-audit.log` (2026-07-02T10:09Z + window). + +The production applier path was proven the same day: both `CCR-2026-0002` +and `CCR-2026-0003` were applied with a `credential-change-prod-applier` +child token holding only that policy — no `platform-admin` handoff. All +tasks are done; the workplan is finished. diff --git a/workplans/RAILIANCE-WP-0009-issue-core-runtime-ingestion-key-lane.md b/workplans/RAILIANCE-WP-0009-issue-core-runtime-ingestion-key-lane.md index ae07d17..adf656f 100644 --- a/workplans/RAILIANCE-WP-0009-issue-core-runtime-ingestion-key-lane.md +++ b/workplans/RAILIANCE-WP-0009-issue-core-runtime-ingestion-key-lane.md @@ -157,7 +157,7 @@ applier-dry-run CCR-2026-0002` now blocks only because the CCR is still ```task id: RAILIANCE-WP-0009-T03 -status: wait +status: done priority: high state_hub_task_id: "e8566cf4-bb74-4515-b434-7cbf60f9f684" ``` @@ -181,7 +181,7 @@ Acceptance: ```task id: RAILIANCE-WP-0009-T04 -status: wait +status: done priority: high state_hub_task_id: "4990fe6a-ae84-4720-bc8d-e026d73a304b" ``` @@ -202,7 +202,7 @@ Acceptance: ```task id: RAILIANCE-WP-0009-T05 -status: wait +status: done priority: high state_hub_task_id: "65e83572-2e46-4196-8f4d-4ab35ba8d1a6" ``` @@ -226,7 +226,7 @@ Acceptance: ```task id: RAILIANCE-WP-0009-T06 -status: wait +status: progress priority: medium state_hub_task_id: "0d9a02da-c032-43d5-8019-61ab4d87b40b" ``` @@ -274,3 +274,22 @@ Acceptance: - ops-warden can resolve `issue-core-ingestion-api-key` without storing the value. - No secret values appear in Git, State Hub, chat, prompts, logs, or workplans. + + +## Progress 2026-07-02 — approval, apply, verification + +`CCR-2026-0002` approved by bernd.worsch (both required approver roles) with +the field-set decision to keep `ISSUE_CORE_API_KEY` and `GITEA_BACKEND_TOKEN`. + +- T03 done: policy `workload-kv-read-issue-core-runtime` and kubernetes auth + role applied via the constrained `credential-change-prod-applier` child + token (accessor revoked after use); State Hub apply evidence `4a66c84f`. +- T04 done: KV entry exists at the approved path (metadata `current_version + 2`, created 2026-06-25); values were provisioned through operator custody. +- T05 done: positive = ExternalSecret `issue-core/issue-core-runtime` + Ready=True/SecretSynced (refresh 2026-07-02T09:42Z); negative = + default-policy token denied on the KV data path (2026-07-02T10:08Z, probe + accessor revoked); both recorded in the file audit device + `/openbao/audit/openbao-audit.log`. +- T06 progress: front-door handoff sent to ops-warden (State Hub message + `5d47caaa-dd3f-496f-94ba-a488722f8d82`); waiting on catalog confirmation. diff --git a/workplans/RAILIANCE-WP-0010-llm-connect-openrouter-provider-key-lane.md b/workplans/RAILIANCE-WP-0010-llm-connect-openrouter-provider-key-lane.md index 9f975c2..b74a8ed 100644 --- a/workplans/RAILIANCE-WP-0010-llm-connect-openrouter-provider-key-lane.md +++ b/workplans/RAILIANCE-WP-0010-llm-connect-openrouter-provider-key-lane.md @@ -97,7 +97,7 @@ The plan supports these `INTENT.md` principles: ```task id: RAILIANCE-WP-0010-T01 -status: progress +status: done priority: high state_hub_task_id: "307b75a6-a3a8-473b-b171-7379d2848698" ``` @@ -170,7 +170,7 @@ CCR is still `proposed`. ```task id: RAILIANCE-WP-0010-T03 -status: wait +status: done priority: high state_hub_task_id: "42796ef5-c4a0-45a7-ae41-0ebdeccdb01d" ``` @@ -288,3 +288,19 @@ Acceptance: - ops-warden can resolve the agreed OpenRouter/llm-connect selector without storing the value. - No secret values appear in Git, State Hub, chat, prompts, logs, or workplans. + + +## Progress 2026-07-02 — approval and metadata apply + +`CCR-2026-0003` approved by bernd.worsch (platform-operator + +activity-core-owner); T01 closes on that approval with the +`openrouter-llm-connect` selector already aligned. + +- T03 done: policy `workload-kv-read-llm-connect-provider-secrets` and + kubernetes auth role applied via the constrained prod-applier child token; + State Hub apply evidence `04c70285`. +- T04 remains the live gate: the KV entry at + `platform/workloads/activity-core/llm-connect/llm-connect-provider-secrets` + does not exist yet — the operator must enter `OPENROUTER_API_KEY` through + OpenBao custody. The activity-core namespace also has no ExternalSecret + object for this lane yet. ops-warden checkpoint message: `6b058584`.