From 5a36ea5423d4b22360c5309ce80f1af807023b21 Mon Sep 17 00:00:00 2001 From: tegwick Date: Tue, 16 Jun 2026 23:41:37 +0200 Subject: [PATCH] feat(ops): align inventory probe activity source --- .../daily-statehub-wsjf-triage.md | 9 +++ .../ops-service-inventory-probes.md | 81 ++++++++++++------- ...0047-ops-hub-service-inventory-now-view.md | 24 +++++- 3 files changed, 83 insertions(+), 31 deletions(-) diff --git a/activity-definitions/daily-statehub-wsjf-triage.md b/activity-definitions/daily-statehub-wsjf-triage.md index bbd93e6..ec6b48d 100644 --- a/activity-definitions/daily-statehub-wsjf-triage.md +++ b/activity-definitions/daily-statehub-wsjf-triage.md @@ -52,6 +52,15 @@ Current active runner: - Prompt source: `/home/worsch/the-custodian/runtime/prompts/daily_statehub_wsgi_triage.md` +Railiance projection note: + +- This Custodian file remains the canonical prompt, schedule, and governance + contract. +- The Railiance activity-core projection may rewrite runtime-only paths, such + as `output_schema` to `/etc/activity-core/schemas/daily-triage-report.json`, + and mounts working-memory storage for the worker. Those container-local paths + are deployment wiring, not the source contract. + Deprecated fallback runner: - Codex app automation: `daily-state-hub-wsjf-triage` diff --git a/activity-definitions/ops-service-inventory-probes.md b/activity-definitions/ops-service-inventory-probes.md index 094aab0..8b38828 100644 --- a/activity-definitions/ops-service-inventory-probes.md +++ b/activity-definitions/ops-service-inventory-probes.md @@ -14,38 +14,50 @@ trigger: timezone: Europe/Berlin misfire_policy: skip context_sources: - - type: static - bind_to: context.inventory_path - config: - value: /home/worsch/the-custodian/ops/service-inventory.yml - - type: static - bind_to: context.catalog_path - config: - value: /home/worsch/the-custodian/docs/ops-hub-service-catalog.md + - type: ops-inventory + query: probe_services + required: false + params: + inventory_path: /etc/activity-core/ops/service-inventory.yml + timeout_seconds: 10 + include_kinds: + - http + - https + allow_network: true + evidence_sinks: + - type: state-hub-progress + event_type: ops_inventory_probe + author: activity-core + bind_to: context.ops_inventory_probe --- # ActivityDefinition: Ops Service Inventory Probes ## Purpose -This disabled draft is the activity-core handoff point for +This disabled source definition is the activity-core handoff point for `CUST-WP-0047 - Ops Hub Service Inventory Now View`. -The future enabled routine should read the non-secret inventory, run repeatable -probes for declared endpoints and access paths, render the catalog view, and -submit non-secret ops evidence events against stable inventory ids. +When enabled by the activity-core runtime, it reads the non-secret service +inventory through the `ops-inventory` context resolver, runs bounded HTTP/HTTPS +endpoint probes, and submits compact non-secret evidence to State Hub progress. ## Runner Status -This definition is intentionally `enabled: false`. +This source definition remains intentionally `enabled: false`. -Do not enable it until both of these are true: +Do not enable it until live Railiance verification confirms both of these are +true: -- activity-core has an inventory probe runner or State Hub resolver that can - execute the checks without embedding secrets in ActivityRun context -- the ops-hub Inter-Hub widget/event sink can accept `ops-service-observed`, - `ops-endpoint-verified`, `ops-access-path-checked`, `ops-backup-verified`, - and `ops-inventory-drift` events +- activity-core has projected this definition with the container-local + inventory snapshot at `/etc/activity-core/ops/service-inventory.yml` +- the State Hub `ops_inventory_probe` evidence sink is reachable from the + worker without embedding secrets in ActivityRun context + +The Inter-Hub ops-hub widget/event sink remains the promotion target for +`ops-service-observed`, `ops-endpoint-verified`, `ops-access-path-checked`, +`ops-backup-verified`, and `ops-inventory-drift` events. It is not required for +the current State Hub progress evidence path. ## Trigger @@ -53,26 +65,41 @@ Hourly at minute 15 in `Europe/Berlin`, with `misfire_policy: skip`. This offset avoids colliding with the hourly RecentlyOnScope run at minute 0. +## Context Source + +The source contract matches the activity-core `ops-inventory` resolver: + +- `query: probe_services` +- `bind_to: context.ops_inventory_probe` +- `params.inventory_path: /etc/activity-core/ops/service-inventory.yml` +- `params.include_kinds: [http, https]` +- `params.evidence_sinks`: State Hub progress event + `ops_inventory_probe` by `activity-core` + +The `/etc/activity-core/...` path is intentional. Custodian owns the source +definition and inventory file; the Railiance activity-core projection supplies +the container-local ConfigMap path at runtime. + ## Probe Candidates -Initial deterministic probes: +Initial deterministic HTTP/HTTPS probes: -- State Hub local health endpoint: - `http://127.0.0.1:8000/state/health` - Inter-Hub OpenAPI endpoint: `https://hub.coulomb.social/api/v2/openapi.json` - Gitea OCI registry auth challenge: `https://gitea.coulomb.social/v2/` -- activity-core API health and Temporal schedule availability -- ops-bridge tunnel reachability -- Haskell build-agent State Hub registration and tunnel state + +The Railiance projection rewrites the State Hub inventory endpoint to the +in-cluster bridge URL before probing. Non-HTTP access paths, cluster-local +checks, SSH, tunnel, backup, and authenticated checks are skipped by this first +safe slice rather than treated as failures. ## Output Contract Each successful run should produce: -- an updated `docs/ops-hub-service-catalog.md` -- one evidence event per checked service/endpoint/access path +- a compact `context.ops_inventory_probe` summary +- one State Hub progress event with `event_type: ops_inventory_probe` - one ActivityRun with compact non-secret summary metadata - no credentials, tokens, cookies, private key material, or sensitive command output in context snapshots, event metadata, reports, or logs diff --git a/workplans/CUST-WP-0047-ops-hub-service-inventory-now-view.md b/workplans/CUST-WP-0047-ops-hub-service-inventory-now-view.md index f60d73c..ebc9956 100644 --- a/workplans/CUST-WP-0047-ops-hub-service-inventory-now-view.md +++ b/workplans/CUST-WP-0047-ops-hub-service-inventory-now-view.md @@ -10,7 +10,7 @@ topic_slug: custodian planning_priority: high planning_order: 47 created: "2026-06-05" -updated: "2026-06-05" +updated: "2026-06-16" state_hub_workstream_id: "656e435d-3a00-4f5e-a38e-114467f9062e" --- @@ -190,7 +190,7 @@ activated. ```task id: CUST-WP-0047-T07 -status: progress +status: done priority: medium state_hub_task_id: "5a972670-934f-458c-8274-acabc290992f" ``` @@ -216,8 +216,24 @@ Progress 2026-06-05: - The definition names the inventory/catalog paths, hourly trigger, first probe candidates, and evidence event mapping. -Remaining work: implement the activity-core probe runner/resolver and enable the -definition only after the ops-hub Inter-Hub widget/event sink is active. +At this point the Custodian source definition still needed to be aligned with +the activity-core probe runner/resolver before the disabled handoff could be +projected cleanly into Railiance. + +Completed 2026-06-16: + +- Updated `activity-definitions/ops-service-inventory-probes.md` from static + path handoff to the implemented activity-core `ops-inventory` resolver: + `query: probe_services`, `bind_to: context.ops_inventory_probe`, projected + inventory path `/etc/activity-core/ops/service-inventory.yml`, and first safe + `http`/`https` endpoint probes. +- Added the explicit State Hub progress evidence sink: + `type: state-hub-progress`, `event_type: ops_inventory_probe`, + `author: activity-core`. +- Kept the source definition disabled for live Railiance verification. The + source-owned probe contract is now ready; the remaining open work in this + workplan is the human/operator-gated Inter-Hub ops-hub widget activation in + T05. ## Acceptance Criteria