Files
railiance-platform/.custodian-brief.md
tegwick 8c1e64d5e0 chore(consistency): sync task status from DB [auto]
Updated by fix-consistency on 2026-06-27:
  - update .custodian-brief.md for railiance-platform
2026-06-27 22:55:36 +02:00

2.6 KiB

Custodian Brief — railiance-platform

Domain: financials
Last synced: 2026-06-27 20:55 UTC
State Hub: http://127.0.0.1:8000 (adjust if running on a remote machine)

Active Workstreams

Credential Change Proposal Review Workflow

Progress: 3/8 done | workstream_id: 4d7ce243-f40a-4249-a46a-a24f75d6fe4c

Open tasks:

  • ► T04 - Generate OpenBao apply plans from approved CCRs 1b2e7752
  • ► T05 - Add chat/CLI approval commands e6d4d2d1
  • ► T07 - Pilot with whynot-design and ops-warden 07a7d8bf
  • · T06 - Build an interactive runbook for apply and verify 3c3fc38c
  • · T08 - Add deactivation, rotation, and compromise flows 23d6ef9d

Credential Request and Lease Broker

Progress: 3/10 done | workstream_id: 2731fece-6c49-45b8-ab8a-4ea6c04ac603

Open tasks:

  • ! T03 - Configure bounded OpenBao token roles and policies d8498e3b (wait: OpenBao issuer policy apply denied)
  • ! T04 - Build credential helper MVP 0c543cb3 (wait: OpenBao issuer policy apply denied)
  • ! T05 - Implement secure delivery modes 66f3cd6d (wait: OpenBao live delivery verification pending)
  • ! T07 - Add flex-auth preflight authorization and State Hub request metadata 1269bb58 (wait: Live flex-auth/OpenBao lifecycle evidence pending)
  • ! T08 - Integrate ops-warden smoke and routing catalog 4571d4c9 (wait: External ops-warden routing update and live smoke pending)
  • ! T09 - Verification, audit, and red-team checks 78d1db83 (wait: Live OpenBao audit evidence pending)
  • ! T10 - Rollout and migration 44ce4082 (wait: Live pilot and external routing rollout pending)

Workload KV Access Lanes for ops-warden Fetch

Progress: 3/7 done | workstream_id: 96c8a93d-7a5a-4fa9-8f7b-865119551da3

Open tasks:

  • ! T03 - Define and apply auth bindings a217371a (wait: Whynot bound claim/service account not confirmed)
  • ! T04 - Provision the KV path without exposing the token c43724a3 (wait: NPM_AUTH_TOKEN requires approved operator custody)
  • ! T05 - Verify caller-scoped fetch behavior dc1f470b (wait: Live policy role and secret not yet provisioned)
  • ! T06 - Coordinate ops-warden catalog activation 8e84ec19 (wait: Awaiting ops-warden draft catalog wiring and live verification)

MCP Orientation (when available)

If the state-hub MCP server is reachable, call: get_domain_summary("financials") This provides richer cross-domain context. If the MCP call fails, use this file as your orientation source.