6.1 KiB
Core Hub Replacement Evidence Handoff
Date: 2026-06-27
Related workplans: CUST-WP-0052, CUST-WP-0025, CUST-WP-0047,
CUST-WP-0049, CORE-WP-0008, CORE-WP-0004, CORE-WP-0005,
CORE-WP-0007.
Current Evidence
Core Hub now has the API-first replacement lane needed to stop expanding the old Inter-Hub-first ops-hub path:
CORE-WP-0008-T02: repeatable deployed-smoke harness exists throughmake deployed-smoke. It probes health/readiness, OpenAPI compatibility, public catalogs, protected-route401behavior, operator auth, ops-hub bootstrap-equivalent creation, widget/event write, key-prefix evidence, and hub-registry visibility. It was verified against a disposable local HTTP Core Hub runtime, not a live staging endpoint.CORE-WP-0008-T03: activity-core has a direct Core Hubcore-hub-interaction-eventsink, verified locally against a disposable Core Hub runtime. Deployed execution still needsCORE_HUB_BASE_URL, runtime key, and widget mapping from approved custody.CORE-WP-0008-T04: staging deployment profile, Kubernetes manifests, migration job shape, secret references, health/readiness probes, rollback notes, and container build checks are documented.CORE-WP-0008-T05:make operator-cliwraps the same API behavior for deployed smoke, ops-hub bootstrap status, migration validate/import, and cutover readiness summaries.CORE-WP-0006: protected/consoleprototype exists with readiness, registry, migration/cutover, action-required, access metadata, and evidence stream sections.make visual-checkpassed on 2026-06-27 with desktop/mobile, no-overlap, horizontal-overflow, protected-route, PNG, and non-secret checks.CORE-WP-0008-T06: the web UI is gated behind API/CLI readiness and has a compact whynot-aligned first-screen backlog. The UI should not start by recreating every old Inter-Hub screen.
No live deployed smoke report was available in this session. Therefore there
are no deployed Core Hub smoke ids/counts to claim yet. The next live report
should record only non-secret fields: runId, hub id/slug/status, manifest
id/status, API consumer id/status/key prefix, widget count, interaction event
id/type, and hub-registry containment booleans.
0047 And 0049 Decision
CUST-WP-0047-T05 should remain wait as the legacy Inter-Hub evidence record.
Do not close it from local Core Hub evidence alone. It can close later through a
Core Hub deployed compatibility/evidence smoke or an explicit supersede
decision that states the legacy production widget activation is no longer
required.
CUST-WP-0049-T06 should remain wait as the legacy/fallback access routine.
Do not request Inter-Hub operator keys or new ops-warden work for the preferred
replacement lane. Use it only if the operator deliberately chooses legacy
Inter-Hub bootstrap or rollback validation.
CUST-WP-0025 Phase 3 Reset Recommendation
CUST-WP-0025-T13 through T19 should be rewritten before execution:
- T13: replace "create standalone ops-hub repo" with Core Hub-owned API-first ops evidence and registry work. Defer any standalone ops-hub repo until after Core Hub cutover proves the boundary still needs a separate service.
- T14: replace standalone ops-specific models with Core Hub resources and
migration/read-model gaps, preserving
CUST-WP-0047service inventory as input evidence. - T15: replace MCP-first ops tools with API and CLI parity first. Any MCP layer should consume the proven Core Hub API later.
- T16: route infrastructure evidence through activity-core probes and Core Hub interaction/deployment evidence, with credential ownership resolved through approved custody routes rather than chat or workplans.
- T17: reframe cross-hub coupling around Core Hub events, State Hub progress, and activity-core evidence sinks. Keep NATS as a later transport decision.
- T18: replace the old dashboard task with the whynot-aligned Core Hub operator
UI backlog from
CORE-WP-0008-T06. - T19: cancel or defer ops-hub MCP server registration until post-cutover demand proves it is needed.
2026-06-27 follow-up: CUST-WP-0025-T13 through T19 have now been
rewritten around this recommendation. The rewrite is enough to stop the obsolete
standalone ops-hub scaffold sequence, but not enough to declare Core Hub
production cutover complete.
2026-06-27 T14 closeout: Core Hub now has
docs/specs/ops-evidence-contract.md, which defines the ops evidence API
resources, event vocabulary, non-secret access metadata rules, service inventory
mapping, readiness-summary inputs, and read-model gaps. This closes the T14
definition gate while leaving deployed evidence, cutover coupling, and UI work
for T16/T17/T18.
2026-06-27 T03 closeout: Core Hub now has a reusable IAM Profile verifier and
FastAPI dependency plus tests/test_iam_profile.py, which proves OIDC
discovery, JWKS signature validation, authorization-code + PKCE token issuance,
protected endpoint access, required IAM Profile claims, missing-token rejection,
wrong-audience rejection, and production rejection of local-development issuers.
This closes the identity integration template while leaving production issuer
wiring for the deployed Core Hub gates.
2026-06-27 T18 closeout: Core Hub CORE-WP-0006 is finished and local
make visual-check passed for /console. The first UI surface is intentionally
compact and protected; broader UI implementation remains gated by deployed API
and CLI evidence through the rebuild backlog.
Remaining Gates
- Run
make deployed-smokeormake operator-cli CLI_ARGS="deployed-smoke ..."against a real Core Hub staging URL with an approved operator token. - Import the approved Inter-Hub export bundle into a staging Core Hub database and keep dry-run reports visibly open until a reviewed non-dry-run import succeeds.
- Run the deployed activity-core Core Hub sink smoke with approved runtime token and widget mapping.
- Build a
readiness-summaryevidence report from deployed smoke, migration, activity-core, and optional legacy Inter-Hub reference evidence. - Keep
CORE-WP-0007Haskell retirement blocked until staging import, dual-run smokes, cutover, rollback notes, and operator approval are complete.