Files
railiance-platform/.custodian-brief.md
tegwick 3ef25cb787 chore(consistency): sync task status from DB [auto]
Updated by fix-consistency on 2026-06-28:
  - update .custodian-brief.md for railiance-platform
2026-06-28 12:40:16 +02:00

64 lines
2.7 KiB
Markdown

<!-- custodian-brief: generated by fix-consistency — do not edit manually -->
# Custodian Brief — railiance-platform
**Domain:** financials
**Last synced:** 2026-06-28 10:40 UTC
**State Hub:** http://127.0.0.1:8000 *(adjust if running on a remote machine)*
## Active Workstreams
### Workload KV Access Lanes for ops-warden Fetch
Progress: 5/7 done | workstream_id: `96c8a93d-7a5a-4fa9-8f7b-865119551da3`
**Open tasks:**
- ► T05 - Verify caller-scoped fetch behavior `dc1f470b`
- ► T06 - Coordinate ops-warden catalog activation `8e84ec19`
### Credential Change Proposal Review Workflow
Progress: 3/9 done | workstream_id: `4d7ce243-f40a-4249-a46a-a24f75d6fe4c`
**Open tasks:**
- ► T04 - Generate OpenBao apply plans from approved CCRs `1b2e7752`
- ► T05 - Add chat/CLI approval commands `e6d4d2d1`
- ► T07 - Pilot with whynot-design and ops-warden `07a7d8bf`
- · T06 - Build an interactive runbook for apply and verify `3c3fc38c`
- · T08 - Add deactivation, rotation, and compromise flows `23d6ef9d`
- · T09 - Add decision templates and guided review actions `c436fd8b`
### OpenBao Approved Automation Delegation
Progress: 0/5 done | workstream_id: `671898ef-2378-4814-b8f6-066148cdad46`
**Open tasks:**
- ! T05 - Close the whynot-design pilot `18f34c95`
- · T01 - Specify delegated applier policy boundaries `d19fdfc5`
- · T02 - Implement a CCR-aware applier dry-run `2613f40d`
- · T03 - Add non-production applier role first `ff927a19`
- · T04 - Add production metadata applier with human approval gate `414abd65`
### Credential Request and Lease Broker
Progress: 3/10 done | workstream_id: `2731fece-6c49-45b8-ab8a-4ea6c04ac603`
**Open tasks:**
- ! T03 - Configure bounded OpenBao token roles and policies `d8498e3b`
*(wait: OpenBao issuer policy apply denied)*
- ! T04 - Build credential helper MVP `0c543cb3`
*(wait: OpenBao issuer policy apply denied)*
- ! T05 - Implement secure delivery modes `66f3cd6d`
*(wait: OpenBao live delivery verification pending)*
- ! T07 - Add flex-auth preflight authorization and State Hub request metadata `1269bb58`
*(wait: Live flex-auth/OpenBao lifecycle evidence pending)*
- ! T08 - Integrate ops-warden smoke and routing catalog `4571d4c9`
*(wait: External ops-warden routing update and live smoke pending)*
- ! T09 - Verification, audit, and red-team checks `78d1db83`
*(wait: Live OpenBao audit evidence pending)*
- ! T10 - Rollout and migration `44ce4082`
*(wait: Live pilot and external routing rollout pending)*
---
## MCP Orientation (when available)
If the state-hub MCP server is reachable, call:
`get_domain_summary("financials")`
This provides richer cross-domain context.
If the MCP call fails, use this file as your orientation source.