Correct whynot credential tenant path

This commit is contained in:
2026-06-28 01:00:12 +02:00
parent ad47a136f7
commit eb24e04b71
10 changed files with 67 additions and 48 deletions

View File

@@ -3,9 +3,9 @@ kind: credential-change-request
schema_version: 1
request_type: workload-kv-read
title: whynot-design npm publish token lane
status: approved
status: proposed
created: '2026-06-27'
updated: '2026-06-27'
updated: '2026-06-28'
requester:
agent: ops-warden
message_id: fe5b1696-8956-4bd5-9d6f-dbde1901a076
@@ -26,15 +26,22 @@ review:
decision: approved
comment: 'State Hub decision 250669d0-8475-4527-9624-cd072249f9a9: APPROVE: scoped
path and confirmed binding are acceptable'
- at: '2026-06-27T22:54:20+00:00'
reviewer: bernd.worsch
decision: scope_corrected_requires_review
comment: Corrected tenant from whynot-design to coulomb per operator clarification.
The previous approval covered platform/workloads/whynot-design/whynot-design/npm-publish
and must not be reused for the corrected platform/workloads/coulomb/whynot-design/npm-publish
scope.
target:
domain: financials
tenant: whynot-design
tenant: coulomb
workload: whynot-design
environment: production
purpose: npm package publishing through ops-warden caller-scoped fetch/exec
openbao:
mount: platform
kv_path: platform/workloads/whynot-design/whynot-design/npm-publish
kv_path: platform/workloads/coulomb/whynot-design/npm-publish
fields:
- NPM_AUTH_TOKEN
policy_name: workload-kv-read-whynot-design-npm-publish
@@ -90,7 +97,6 @@ state_hub:
related_workplan_id: RAILIANCE-WP-0006
ops_warden_reply_message_id: b175c561-7858-43f5-a309-949b0dede1b4
ops_warden_batch_message_id: fe5b1696-8956-4bd5-9d6f-dbde1901a076
decision_id: 250669d0-8475-4527-9624-cd072249f9a9
decision_api_url: http://127.0.0.1:8000/decisions/250669d0-8475-4527-9624-cd072249f9a9
decision_dashboard_url: http://127.0.0.1:3000/decisions
decision_resolved_at: '2026-06-27T22:04:32.956077Z'
superseded_decision_id: 250669d0-8475-4527-9624-cd072249f9a9
superseded_decision_resolved_at: '2026-06-27T22:04:32.956077Z'
superseded_decision_reason: tenant/workload scope corrected before secret provisioning