coulomb/the-custodian
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refresh stabilization checkpoint after Core Hub reset

Browse Source
This commit is contained in:
Bernd Worsch
2026-06-27 23:06:15 +02:00
parent d03ddcd9fb
commit 225f3a7834
2 changed files with 39 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
docs/infrastructure-stabilization-pickup-checkpoint.md
View File

@@ -66,8 +66,8 @@ separate ops-warden worker.
| --- | --- | --- | --- |
| State Hub pragmatic cutover | Custodian operator approval; `CUST-WP-0011-T07` | Final dump id/time, row-count comparison, chosen private endpoint, stabilization notes | Approve freeze/final restore and make railiance01 State Hub primary, or leave WSL2 primary explicitly. |
| State Hub fallback retirement | Custodian/operator approval; `CUST-WP-0038-T08` | HA failover drill id, restore drill id, stabilization pass | Keep deferred until after HA drills; do not retire WSL2 fallback early. |
| Inter-Hub ops-hub bootstrap | `inter-hub-bootstrap-ssh`, `openbao-api-key`, `ssh-cert-host-access` as needed | Hub id, manifest id, widget count, runtime key prefix only, smoke result | Use the aligned live-vocabulary mapping, then run attended bootstrap and protected widget lookup. |
| Ops-hub runtime evidence key | `openbao-api-key` / OpenBao custody | OpenBao path/version or populated key count, event smoke id | Store/provide `OPS_HUB_KEY` outside Git and run the protected evidence smoke. |
| Inter-Hub ops-hub bootstrap | `inter-hub-bootstrap-ssh`, `openbao-api-key`, `ssh-cert-host-access` as needed | Hub id, manifest id, widget count, runtime key prefix only, smoke result | Legacy/fallback only. Prefer Core Hub deployed smoke; run attended Inter-Hub bootstrap only by explicit operator supersede/rollback decision. |
| Ops-hub runtime evidence key | `openbao-api-key` / OpenBao custody | OpenBao path/version or populated key count, event smoke id | Do not materialize legacy `OPS_HUB_KEY` until a deployed Core Hub smoke or explicit legacy Inter-Hub smoke is ready to use it. |
| Daily-triage live proof | activity-core deploy/runtime operator | State Hub `daily_triage` id, output-valid or partial/quarantine status, working-memory path | Deploy WP-0016 code/schema and bounded runtime prompt bundle, then run railiance01 smoke. |
| activity-core to issue-core | route `activity-core-issue-sink` | `actcore-runtime-secret` has key, activity-core points to issue-core port `8765`, HTTP 201, Gitea issue id | Inject `ISSUE_CORE_API_KEY` through approved custody, set REST sink env, restart/sync, run safe emission. |
| Forgejo production design | Forgejo/operator decisions plus OpenBao/KeyCape/ops-bridge routes as needed | Decision id, SMTP smoke, backup/restore drill, package/action smoke, cutover approval id | Resolve T02 production choices before any production cutover work. |
@@ -99,30 +99,31 @@ Resume from `docs/daily-triage-stabilization-status.md` and
| Surface | Stable fact | Remaining gate |
| --- | --- | --- |
| State Hub | Pragmatic railiance01 path has image, manifests, empty deploy, migrations, restored WSL2 data, row-count comparison, and healthy API through `CUST-WP-0011-T06`. | `CUST-WP-0011-T07` cutover approval, then stabilization; HA path stays deferred. |
| Inter-Hub / Core Hub | Public `https://hub.coulomb.social/api/v2/hubs` exposes `ops-hub`; Core Hub has local `/api/v2` compatibility and ops-hub bootstrap smoke evidence. | Reframe remaining Inter-Hub evidence as Core Hub API-first replacement work, keeping Haskell Inter-Hub only for migration/rollback proof. |
| ops-hub evidence | `ops-hub` exists as the Inter-Hub Operations extension; Core Hub can locally create the ops-hub resources through protected persistence-backed routes. | Create/update Core Hub continuation workplan, then prove deployed ops-hub bootstrap/evidence smoke with approved custody. |
| Inter-Hub / Core Hub | Public `https://hub.coulomb.social/api/v2/hubs` exposes `ops-hub`; `CORE-WP-0008` finished the Core Hub API smoke harness, activity-core sink, staging profile, CLI wrappers, UI backlog, and Custodian handoff. | Run deployed Core Hub smoke, staging import, activity-core sink smoke, and readiness summary; keep Haskell Inter-Hub only for migration/rollback proof. |
| ops-hub evidence | `CUST-WP-0025-T13` through `T19` now use Core Hub API/CLI/UI gates; `CUST-WP-0047` and `CUST-WP-0049` remain legacy/fallback records. | Execute `CUST-WP-0025-T14`, `T16`, `T17`, and `T18`; close legacy Inter-Hub waits only through deployed Core Hub evidence or explicit supersede decision. |
| issue-core | ArgoCD service is healthy on port `8765`; image `0.2.1`; ExternalSecret Ready; authenticated smoke created Gitea issue `175`. | activity-core still needs `ISSUE_CORE_API_KEY`, URL port `8765`, `ISSUE_SINK_TYPE=rest`, and a safe emission smoke. |
| Forgejo | Migration inventory/design lane is active but pre-cutover. | Production design decisions, SMTP/email recovery, package registry, Actions, backup/restore, migration drill, cutover approval. |
| artifact-store | Workplan is active with all tasks open and no current live secret handoff recorded. | Start D7.1 fork/object-store landscape and D7.2 compatibility harness. |
| FOS hub | Old NK-WP-0001 Keycloak prerequisite is cancelled; NK-WP-0002 local identity and IAM Profile v0.2 are done; hub-core extraction/dev-hub work is done. | Keep `CUST-WP-0025-T03` as the identity integration test, then reconcile old ops-hub scaffold tasks after first Inter-Hub ops event lands. |
| FOS hub | Old NK-WP-0001 Keycloak prerequisite is cancelled; NK-WP-0002 local identity and IAM Profile v0.2 are done; hub-core extraction/dev-hub work is done; CUST-WP-0025 Phase 3 has been rewritten for Core Hub. | Keep `CUST-WP-0025-T03` as the identity integration test, then execute the rewritten Core Hub ops evidence, deployed smoke/cutover, and UI first-screen gates. |
## Next-Pick List
1. Use `CUST-WP-0052` to open or update the Core Hub API-first continuation
lane for ops-hub bootstrap/evidence replacement.
1. Execute the rewritten `CUST-WP-0025` Core Hub gates: identity integration
(`T03`), ops evidence/read-model contract (`T14`), deployed smoke and
activity-core proof (`T16`), cutover decision coupling (`T17`), and first UI
screens (`T18`).
2. Keep `CUST-WP-0047` and `CUST-WP-0049` as legacy evidence/fallback until
Core Hub smoke evidence or an explicit supersede decision closes them.
3. Store/confirm `OPS_HUB_KEY` through approved custody only when a deployed
Core Hub or explicit legacy Inter-Hub smoke is ready to use it.
4. Deploy the activity-core WP-0016 code/schema and bounded runtime prompt
Core Hub deployed smoke evidence or an explicit supersede decision closes
them.
3. Deploy the activity-core WP-0016 code/schema and bounded runtime prompt
bundle, then run the railiance01 daily-triage smoke.
5. Complete the issue-core handoff by wiring activity-core to port `8765` with
4. Complete the issue-core handoff by wiring activity-core to port `8765` with
`ISSUE_SINK_TYPE=rest` and one known-safe emission smoke.
6. Request explicit State Hub cutover approval for `CUST-WP-0011-T07`, or
5. Request explicit State Hub cutover approval for `CUST-WP-0011-T07`, or
record that WSL2 remains primary for the next operating period.
7. Start artifact-store D7.1/D7.2; Forgejo and storage work can now inherit
6. Start artifact-store D7.1/D7.2; Forgejo and storage work can now inherit
the finished staged-promotion gates.
8. Keep Forgejo cutover and State Hub HA work parked until their human decision
7. Keep Forgejo cutover and State Hub HA work parked until their human decision
and drill gates are satisfied.
## Resume Commands

31
workplans/CUST-WP-0051-infrastructure-stabilization-metaplan.md
View File

@@ -438,16 +438,20 @@ mega-hub pattern.
Recommended order:
1. Finish identity foundations: NK-WP-0001, NK-WP-0002, then the IAM profile
integration test.
2. Create the standalone ops-hub repo from hub-core and ingest the inventory
artifacts from `CUST-WP-0047`.
3. Add ops models, MCP tools, Railiance integration, dev-hub coupling, dashboard,
and MCP registration.
4. Only then start the fin-hub/business-model tasks.
1. Keep `CUST-WP-0025-T03` as the remaining identity integration gate, targeting
the current IAM Profile v0.2 contract and local-identity or KeyCape issuer.
2. Execute the rewritten Core Hub Phase 3 lane: ops evidence contract/read-model
gaps, deployed Core Hub smoke, activity-core Core Hub sink smoke,
migration/cutover readiness, and whynot-aligned first UI screens.
3. Keep `CUST-WP-0047-T05` and `CUST-WP-0049-T06` as legacy/fallback Inter-Hub
records until deployed Core Hub evidence or an explicit supersede decision
closes them.
4. Start fin-hub/business-model tasks only after identity and Core Hub ops-hub
evidence are proven enough to demonstrate the multi-hub pattern.
Done when `CUST-WP-0025` has no open foundational identity or ops-hub tasks and
fin-hub work is either started on a stable scaffold or deliberately deferred.
fin-hub work is either started on a stable Core Hub pattern or deliberately
deferred with a dated condition.
Progress 2026-06-27:
@@ -473,6 +477,17 @@ Progress 2026-06-27 Core Hub reset:
dual-run smokes, cutover evidence, and Haskell retirement approval remain
open.
Progress 2026-06-27 CUST-WP-0052 closeout:
- `CUST-WP-0052` is finished. It closed the Core Hub reframe, rewrote
`CUST-WP-0025-T13` through `T19`, aligned the build/release lane with
HelixForge/Railiance Forge practice, and posted non-secret State Hub
requirements to `railiance-apps` and `railiance-forge`.
- The remaining T07 gates are execution gates, not sequencing ambiguity:
`CUST-WP-0025-T03` identity integration, `T14` Core Hub ops evidence contract
gaps, `T16/T17` deployed evidence/cutover waits, and `T18` Core Hub operator
UI first screens.
## Task: Create The Stable Pickup Checkpoint
```task