README explains:
- guildhall = ceremony orchestrator + governance UI
- guildhall != ceremony engine (that's substrate)
- five umbrella apps with responsibilities
- local dev setup (mix deps.get + ecto.setup + phx.server)
- runtime config env vars (DATABASE_URL, SECRET_KEY_BASE,
PHX_HOST, POOL_SIZE, ECTO_IPV6)
- relationship to substrate, bxnet-ops, guildhouse-specs
- links to all relevant design docs
.forgejo/workflows/ placeholder for CI (future WS2 work).
Runtime config (config/runtime.exs) reads DATABASE_URL with
ECTO_IPV6 socket option support. Commented placeholders for
KUBECONFIG (substrate CRD watcher) and OIDC_* (Keycloak) are
explicit about what comes in future sprints.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Tyler J King <tking@guildhouse.dev>
CeremonyOrchestrator: GenServer providing a PubSub broadcast
interface for ceremony status changes. LiveView subscribes to
these broadcasts for real-time updates. A K8s CRD watcher will
feed events into this in a future sprint; for now the init log
makes the stub state explicit.
Chronicle.Consumer: stub for the Ops DB projector that will
consume Chronicle events and hydrate the Ecto tables. Projector
design (idempotent, checkpointed, catch-up on restart) per
DESIGN-OPS-DB-CHAIN-OF-CUSTODY-0001 §2.5.
Both modules document the orchestrator/engine distinction:
guildhall orchestrates, substrate decides.
Both are now supervised by their respective application trees
(Guildhall.Orchestrator.Supervisor, Guildhall.Chronicle.Supervisor).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Tyler J King <tking@guildhouse.dev>
Three LiveView modules reading from the Ops DB:
- DashboardLive at /: governance overview with artifact count,
healthy/drifted deployment states, and the five most recent
verification results. Subscribes to Guildhall.PubSub for
ceremony:* and posture:* topics.
- CeremonyLive.Index at /ceremonies: lists open ceremonies. Query
finds the latest custody_transition per artifact and keeps the
ones where to_state = 'ceremony_open'. PubSub-driven refresh.
Will integrate with substrate CRD watcher in a future sprint.
- ArtifactLive.Index at /artifacts: lists governed artifacts with
name, type, tier, truncated CID, and aggregate drift status
derived from their deployment_states.
Router updated to mount these LiveViews at /, /ceremonies,
/artifacts. Default PageController route removed.
Inline Heex templates (no separate .html.heex files); uses
Tailwind classes from Phoenix 1.8 default CSS.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Tyler J King <tking@guildhouse.dev>
Direct translation of DESIGN-OPS-DB-CHAIN-OF-CUSTODY-0001 §2.2:
- AccordBinding: governance context per artifact
- GovernedArtifact: registry with JSONB content + content_schema
- CustodyTransition: append-only chain of custody
- DeploymentState: current deployment per (artifact, target)
- VerificationResult: continuous attestation records
- ProjectorCheckpoint: Chronicle projector resume state
All JSONB fields use Ecto :map type (Postgres JSONB).
GIN indexes (jsonb_path_ops) on accord_terms and content columns.
Partitioning notes for time-series tables (DBA applies in prod).
Migrations renumbered to enforce FK dependency order
(accord_bindings → governed_artifacts → dependents).
Dev seed data (priv/repo/seeds.exs) creates nine governed artifacts
matching the JSONB content examples in the design doc §2.3
(Intune profile, DNS zone, DSC MOF, YANG config, Helm values,
JEA role, Conditional Access, TLS cert, OCI image) plus custody
transitions, deployment states, and verification results.
Verified: mix ecto.create + mix ecto.migrate + mix run seeds all
pass; 9 artifacts in governed_artifacts table.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Tyler J King <tking@guildhouse.dev>
