Implements the full founding-guild onboarding stack across four phases:
Phase A — Keycloak OIDC auth pipeline (oidcc) + guild registration with
ceremony-engine approval (SingleApproval, hub operator approves via gRPC).
Phase B — Founding schematic templates (MSP/ISV/NSP TOML), gRPC clients
for ceremony-service and ffc-schematic-server, schematic fork/bind/realize
LiveView with DB audit trail in guild_schematics.
Phase C — RealizationPoller GenServer polling realization status every 5s,
PubSub broadcast, live realization dashboard showing 7 reconciler sections.
Phase D — Self-service member onboarding (join request → guild master
approval via ceremony), member management LiveView, auto-create guild
master on guild approval via Ecto.Multi transaction.
Includes K8s manifests for ceremony-service (port 50053) and
ffc-schematic-server (port 9091) as ClusterIP services, plus updated
guildhall deployment with OIDC and gRPC service URL env vars.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Tyler J King <tking@guildhouse.dev>
CeremonyOrchestrator: GenServer providing a PubSub broadcast
interface for ceremony status changes. LiveView subscribes to
these broadcasts for real-time updates. A K8s CRD watcher will
feed events into this in a future sprint; for now the init log
makes the stub state explicit.
Chronicle.Consumer: stub for the Ops DB projector that will
consume Chronicle events and hydrate the Ecto tables. Projector
design (idempotent, checkpointed, catch-up on restart) per
DESIGN-OPS-DB-CHAIN-OF-CUSTODY-0001 §2.5.
Both modules document the orchestrator/engine distinction:
guildhall orchestrates, substrate decides.
Both are now supervised by their respective application trees
(Guildhall.Orchestrator.Supervisor, Guildhall.Chronicle.Supervisor).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Tyler J King <tking@guildhouse.dev>
