251 lines
7.7 KiB
Markdown
251 lines
7.7 KiB
Markdown
---
|
|
id: CUST-WP-0047
|
|
type: workplan
|
|
title: "Ops Hub Service Inventory Now View"
|
|
domain: custodian
|
|
repo: the-custodian
|
|
status: active
|
|
owner: codex
|
|
topic_slug: custodian
|
|
planning_priority: high
|
|
planning_order: 47
|
|
created: "2026-06-05"
|
|
updated: "2026-06-17"
|
|
state_hub_workstream_id: "656e435d-3a00-4f5e-a38e-114467f9062e"
|
|
---
|
|
|
|
# CUST-WP-0047 - Ops Hub Service Inventory Now View
|
|
|
|
## Goal
|
|
|
|
Establish a systematic, low-implementation overview of which services are
|
|
running where, then surface that overview as the first ops-hub "now view".
|
|
|
|
The immediate strategy is inventory-first:
|
|
|
|
- declare a small service inventory in Git
|
|
- map inventory ids to existing ops-hub widget concepts in Inter-Hub
|
|
- record evidence as events rather than building a new database first
|
|
- let activity-core run repeatable probes later
|
|
- leave the full standalone ops-hub scaffold to `CUST-WP-0025`
|
|
|
|
## Relationship To CUST-WP-0025
|
|
|
|
This workplan is a narrow implementation slice of the CUST-WP-0025 Ops Hub
|
|
phase. It advances the useful parts of:
|
|
|
|
- T14, by defining the first service/access/evidence record shape
|
|
- T16, by preparing the probe/evidence path for runtime observability
|
|
- T18, by defining the first service status grid
|
|
|
|
It intentionally does not require T13, T15, T17, or T19 to be complete first.
|
|
When the standalone `ops-hub` repo exists, it should ingest these inventory and
|
|
evidence artifacts instead of replacing them.
|
|
|
|
## Scope
|
|
|
|
In scope:
|
|
|
|
- A non-secret service inventory contract.
|
|
- An initial service inventory seed covering the currently known local,
|
|
CoulombCore, Railiance01, Inter-Hub, activity-core, bridge, and build-agent
|
|
surfaces.
|
|
- A first ops-hub view shape: service, where, owner, endpoint, health, data,
|
|
access, gaps.
|
|
- Inter-Hub widget/event handoff for the first visible ops-hub surface.
|
|
- activity-core probe handoff for later scheduled evidence.
|
|
|
|
Out of scope:
|
|
|
|
- Building the full standalone ops-hub FastAPI/MCP repo.
|
|
- Replacing Inter-Hub, State Hub, or activity-core.
|
|
- Capturing credentials, secret values, or sensitive command output.
|
|
- Treating bridge reachability as the service catalog.
|
|
|
|
## Task: Carve CUST-WP-0025 Inventory-First Slice
|
|
|
|
```task
|
|
id: CUST-WP-0047-T01
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "0f2c504b-833e-4144-8849-4f74e6e6ab57"
|
|
```
|
|
|
|
Update `CUST-WP-0025` so Phase 3 explicitly recognizes this workplan as the
|
|
inventory-first implementation slice for the useful parts of T14/T16/T18.
|
|
|
|
Done when CUST-WP-0025 points to this workplan and still preserves the full
|
|
ops-hub scaffold as the long-term target.
|
|
|
|
## Task: Define Minimal Inventory Contract
|
|
|
|
```task
|
|
id: CUST-WP-0047-T02
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "b9040dbf-64e1-46bf-bcca-e72d5a25b951"
|
|
```
|
|
|
|
Define the non-secret service inventory contract and first-view semantics.
|
|
|
|
Deliverables:
|
|
|
|
- `docs/ops-hub-service-inventory.md`
|
|
- `schemas/ops-service-inventory.schema.json`
|
|
|
|
Done when the contract explains the record shape, evidence event vocabulary,
|
|
first table view, and promotion path into the future ops-hub repo.
|
|
|
|
## Task: Seed Initial Service Inventory
|
|
|
|
```task
|
|
id: CUST-WP-0047-T03
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "cf4404a8-1284-4412-a998-80cc98c617ce"
|
|
```
|
|
|
|
Create the initial inventory artifact from existing evidence in
|
|
`helix-forge/wiki/OpsHubInventory.md`, CUST-WP-0025, CUST-WP-0046, and current
|
|
Custodian ops docs.
|
|
|
|
Deliverable:
|
|
|
|
- `ops/service-inventory.yml`
|
|
|
|
Done when the seed includes environments, hosts, clusters, services, endpoints,
|
|
access paths, evidence links, and gaps for the known operating surface.
|
|
|
|
## Task: Register Workplan With State Hub
|
|
|
|
```task
|
|
id: CUST-WP-0047-T04
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "221a30bc-d1f9-44e6-92db-99ea36c17e87"
|
|
```
|
|
|
|
Run the State Hub consistency sync for `the-custodian` so this workplan and its
|
|
task statuses are registered in the hub database.
|
|
|
|
Done when `make fix-consistency REPO=the-custodian` has completed and the
|
|
workstream appears in State Hub.
|
|
|
|
## Task: Activate Ops-Hub Widgets In Inter-Hub
|
|
|
|
```task
|
|
id: CUST-WP-0047-T05
|
|
status: wait
|
|
priority: high
|
|
state_hub_task_id: "b16c5e15-d44b-481a-abd7-3e059cb70c92"
|
|
```
|
|
|
|
Create or activate the ops-hub Inter-Hub row, capability manifest, API
|
|
consumer, and initial widgets from the existing seed material in
|
|
`helix-forge/wiki/ops-hub-widgets.seed.json`.
|
|
|
|
This is a human/operator-gated task because it requires authenticated
|
|
Inter-Hub admin access or deployment-side migration execution.
|
|
|
|
Access-lane follow-up (2026-06-17): `CUST-WP-0049` owns the reusable routine
|
|
for getting this class of production bootstrap across the line: ops-hub API
|
|
helper, operator key-file custody, ops-warden short-lived SSH envelope, and the
|
|
remaining live-execution blocker.
|
|
|
|
Done when the ops-hub widgets exist and can accept `ops-endpoint-verified` or
|
|
equivalent ops evidence events.
|
|
|
|
## Task: Build First Ops-Hub Service Catalog View
|
|
|
|
```task
|
|
id: CUST-WP-0047-T06
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "db97a10d-2b20-4ac8-97a2-0f81e3fca907"
|
|
```
|
|
|
|
Build the first visible service catalog view from `ops/service-inventory.yml`
|
|
plus latest evidence events.
|
|
|
|
The view should show:
|
|
|
|
- service
|
|
- where it runs
|
|
- owner repo
|
|
- endpoint
|
|
- health and last evidence
|
|
- data/backing store gaps
|
|
- access path status
|
|
- highest-priority operating gaps
|
|
|
|
Done when an operator can open ops-hub and answer "what is running where?"
|
|
without reading scattered workplans and runbooks.
|
|
|
|
Completed 2026-06-05:
|
|
|
|
- Added `ops/render_service_inventory.py`.
|
|
- Added `make ops-inventory-view`.
|
|
- Generated `docs/ops-hub-service-catalog.md` from
|
|
`ops/service-inventory.yml`.
|
|
|
|
This is the repo-native now view until the Inter-Hub/ops-hub widget surface is
|
|
activated.
|
|
|
|
## Task: Schedule Activity-Core Inventory Probes
|
|
|
|
```task
|
|
id: CUST-WP-0047-T07
|
|
status: done
|
|
priority: medium
|
|
state_hub_task_id: "5a972670-934f-458c-8274-acabc290992f"
|
|
```
|
|
|
|
Add an activity-core handoff for repeatable inventory probes.
|
|
|
|
Initial probe candidates:
|
|
|
|
- State Hub local health endpoint.
|
|
- Inter-Hub OpenAPI endpoint.
|
|
- Gitea OCI registry auth challenge.
|
|
- activity-core API health and Temporal schedule availability.
|
|
- ops-bridge tunnel reachability.
|
|
- build-agent State Hub registration and tunnel state.
|
|
|
|
Done when activity-core can run the probes on a schedule and submit non-secret
|
|
ops evidence events against the inventory ids.
|
|
|
|
Progress 2026-06-05:
|
|
|
|
- Added disabled draft handoff definition
|
|
`activity-definitions/ops-service-inventory-probes.md`.
|
|
- The definition names the inventory/catalog paths, hourly trigger, first probe
|
|
candidates, and evidence event mapping.
|
|
|
|
At this point the Custodian source definition still needed to be aligned with
|
|
the activity-core probe runner/resolver before the disabled handoff could be
|
|
projected cleanly into Railiance.
|
|
|
|
Completed 2026-06-16:
|
|
|
|
- Updated `activity-definitions/ops-service-inventory-probes.md` from static
|
|
path handoff to the implemented activity-core `ops-inventory` resolver:
|
|
`query: probe_services`, `bind_to: context.ops_inventory_probe`, projected
|
|
inventory path `/etc/activity-core/ops/service-inventory.yml`, and first safe
|
|
`http`/`https` endpoint probes.
|
|
- Added the explicit State Hub progress evidence sink:
|
|
`type: state-hub-progress`, `event_type: ops_inventory_probe`,
|
|
`author: activity-core`.
|
|
- Kept the source definition disabled for live Railiance verification. The
|
|
source-owned probe contract is now ready; the remaining open work in this
|
|
workplan is the human/operator-gated Inter-Hub ops-hub widget activation in
|
|
T05.
|
|
|
|
## Acceptance Criteria
|
|
|
|
- The service inventory has a stable file and schema in this repo.
|
|
- CUST-WP-0025 points to this workplan as the inventory-first slice.
|
|
- The workplan is registered in State Hub.
|
|
- The remaining blocked work is explicit: Inter-Hub ops-hub activation and
|
|
actual view/probe implementation.
|
|
- No secrets or sensitive command output are stored in the inventory.
|