Updated by fix-consistency on 2026-06-28: - update .custodian-brief.md for railiance-platform
64 lines
2.7 KiB
Markdown
64 lines
2.7 KiB
Markdown
<!-- custodian-brief: generated by fix-consistency — do not edit manually -->
|
|
# Custodian Brief — railiance-platform
|
|
|
|
**Domain:** financials
|
|
**Last synced:** 2026-06-28 10:40 UTC
|
|
**State Hub:** http://127.0.0.1:8000 *(adjust if running on a remote machine)*
|
|
|
|
## Active Workstreams
|
|
|
|
### Workload KV Access Lanes for ops-warden Fetch
|
|
Progress: 5/7 done | workstream_id: `96c8a93d-7a5a-4fa9-8f7b-865119551da3`
|
|
|
|
**Open tasks:**
|
|
- ► T05 - Verify caller-scoped fetch behavior `dc1f470b`
|
|
- ► T06 - Coordinate ops-warden catalog activation `8e84ec19`
|
|
|
|
### Credential Change Proposal Review Workflow
|
|
Progress: 3/9 done | workstream_id: `4d7ce243-f40a-4249-a46a-a24f75d6fe4c`
|
|
|
|
**Open tasks:**
|
|
- ► T04 - Generate OpenBao apply plans from approved CCRs `1b2e7752`
|
|
- ► T05 - Add chat/CLI approval commands `e6d4d2d1`
|
|
- ► T07 - Pilot with whynot-design and ops-warden `07a7d8bf`
|
|
- · T06 - Build an interactive runbook for apply and verify `3c3fc38c`
|
|
- · T08 - Add deactivation, rotation, and compromise flows `23d6ef9d`
|
|
- · T09 - Add decision templates and guided review actions `c436fd8b`
|
|
|
|
### OpenBao Approved Automation Delegation
|
|
Progress: 0/5 done | workstream_id: `671898ef-2378-4814-b8f6-066148cdad46`
|
|
|
|
**Open tasks:**
|
|
- ! T05 - Close the whynot-design pilot `18f34c95`
|
|
- · T01 - Specify delegated applier policy boundaries `d19fdfc5`
|
|
- · T02 - Implement a CCR-aware applier dry-run `2613f40d`
|
|
- · T03 - Add non-production applier role first `ff927a19`
|
|
- · T04 - Add production metadata applier with human approval gate `414abd65`
|
|
|
|
### Credential Request and Lease Broker
|
|
Progress: 3/10 done | workstream_id: `2731fece-6c49-45b8-ab8a-4ea6c04ac603`
|
|
|
|
**Open tasks:**
|
|
- ! T03 - Configure bounded OpenBao token roles and policies `d8498e3b`
|
|
*(wait: OpenBao issuer policy apply denied)*
|
|
- ! T04 - Build credential helper MVP `0c543cb3`
|
|
*(wait: OpenBao issuer policy apply denied)*
|
|
- ! T05 - Implement secure delivery modes `66f3cd6d`
|
|
*(wait: OpenBao live delivery verification pending)*
|
|
- ! T07 - Add flex-auth preflight authorization and State Hub request metadata `1269bb58`
|
|
*(wait: Live flex-auth/OpenBao lifecycle evidence pending)*
|
|
- ! T08 - Integrate ops-warden smoke and routing catalog `4571d4c9`
|
|
*(wait: External ops-warden routing update and live smoke pending)*
|
|
- ! T09 - Verification, audit, and red-team checks `78d1db83`
|
|
*(wait: Live OpenBao audit evidence pending)*
|
|
- ! T10 - Rollout and migration `44ce4082`
|
|
*(wait: Live pilot and external routing rollout pending)*
|
|
|
|
---
|
|
## MCP Orientation (when available)
|
|
|
|
If the state-hub MCP server is reachable, call:
|
|
`get_domain_summary("financials")`
|
|
This provides richer cross-domain context.
|
|
If the MCP call fails, use this file as your orientation source.
|