---
id: "40d15a87-7ff6-4d8e-992c-37df15f95110"
name: "Ops Service Inventory Probes"
type: activity-definition
version: "0.1"
enabled: false
owner: custodian
governance: custodian
status: proposed
created: "2026-06-05"
trigger:
  type: cron
  cron_expression: "15 * * * *"
  timezone: Europe/Berlin
  misfire_policy: skip
context_sources:
  - type: static
    bind_to: context.inventory_path
    config:
      value: /home/worsch/the-custodian/ops/service-inventory.yml
  - type: static
    bind_to: context.catalog_path
    config:
      value: /home/worsch/the-custodian/docs/ops-hub-service-catalog.md
---

# ActivityDefinition: Ops Service Inventory Probes

## Purpose

This disabled draft is the activity-core handoff point for
`CUST-WP-0047 - Ops Hub Service Inventory Now View`.

The future enabled routine should read the non-secret inventory, run repeatable
probes for declared endpoints and access paths, render the catalog view, and
submit non-secret ops evidence events against stable inventory ids.

## Runner Status

This definition is intentionally `enabled: false`.

Do not enable it until both of these are true:

- activity-core has an inventory probe runner or State Hub resolver that can
  execute the checks without embedding secrets in ActivityRun context
- the ops-hub Inter-Hub widget/event sink can accept `ops-service-observed`,
  `ops-endpoint-verified`, `ops-access-path-checked`, `ops-backup-verified`,
  and `ops-inventory-drift` events

## Trigger

Hourly at minute 15 in `Europe/Berlin`, with `misfire_policy: skip`.

This offset avoids colliding with the hourly RecentlyOnScope run at minute 0.

## Probe Candidates

Initial deterministic probes:

- State Hub local health endpoint:
  `http://127.0.0.1:8000/state/health`
- Inter-Hub OpenAPI endpoint:
  `https://hub.coulomb.social/api/v2/openapi.json`
- Gitea OCI registry auth challenge:
  `https://gitea.coulomb.social/v2/`
- activity-core API health and Temporal schedule availability
- ops-bridge tunnel reachability
- Haskell build-agent State Hub registration and tunnel state

## Output Contract

Each successful run should produce:

- an updated `docs/ops-hub-service-catalog.md`
- one evidence event per checked service/endpoint/access path
- one ActivityRun with compact non-secret summary metadata
- no credentials, tokens, cookies, private key material, or sensitive command
  output in context snapshots, event metadata, reports, or logs

## Event Mapping

| Probe result | Event type |
|---|---|
| Runtime object observed | `ops-service-observed` |
| HTTP/HTTPS/tunnel endpoint matches expected signal | `ops-endpoint-verified` |
| SSH, Kubernetes, or HTTP access path checked | `ops-access-path-checked` |
| Backup and restore evidence found | `ops-backup-verified` |
| Observed runtime differs from inventory | `ops-inventory-drift` |