gh-claude/guildhall
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
guildhall/apps/guildhall_orchestrator/priv/schematic_templates/nsp-founding.toml
Tyler J King 50c488b92b feat(orchestrator): harden consortium starter pipeline — FfcSchematic RPCs, validation, wire encoding 
Rewrites the schematic deployment pipeline from dead SchematicsService RPCs
(ForkSchematic/CreateDeploymentBinding) to the actual FfcSchematicService flow
(Create→Validate→Approve→Publish→Realize). Adds template schema validation,
variable resolution hardening, wire encoding, and centralized realization status.

New modules:
- SchematicTemplate.Schema — 7-section structural + cross-section validation
- SchematicTemplate.VariableResolver — placeholder resolution with param checks
- SchematicTemplate.WireEncoder — resolved template → FfcSchematic wire format
- SchematicClient.Behaviour — callback definitions for testability
- FfcPipeline — 12-step deploy orchestrator with step-level error reporting
- RealizationStatus — centralized status classification and display helpers

Changes:
- SchematicClient: removed fork/bind RPCs, added FfcSchematic RPCs
- RealizationPoller: delegates to RealizationStatus, persists snapshots to DB
- GuildSchematic: expanded status enum, added founding_override_expires_at
- Realization LiveView: uses RealizationStatus for all status logic
- Schematic LiveView: replaced dead flow with FfcPipeline.deploy/2

52 tests, 0 failures.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Tyler J King <tking@guildhouse.dev>
2026-05-16 10:33:13 -04:00

47 lines
989 B
TOML
Raw Blame History

[meta]
template_name = "nsp-founding"
description = "Network Service Provider founding schematic"
source_schematic = "guildhouse-nsp-base"
source_version = "1.0.0"
[trust_domain]
spiffe_trust_domain = "{{trust_domain}}"
attestation_tier = 3
[identity_authority]
provider = "keycloak"
url = "https://auth.guildhouse.dev"
realm = "guildhouse"
client_prefix = "{{guild_slug}}"
trust_level = "federated"
mfa_required = true
hardware_credential_required = true
[members]
founding_master_did = "{{registrant_did}}"
initial_roles = ["master"]
[infrastructure]
compute_attestation_tier = 3
wireguard_tunnel = true
vpp_dataplane = true
[ceremonies.code_change]
type = "single_approval"
eligible_roles = ["master", "journeyman"]
quorum = 1
[ceremonies.governance_change]
type = "multi_party"
eligible_roles = ["master"]
quorum = 2
founding_override = 1
[federation_peers]
mode = "mesh"
hub_trust_domain = "guildhouse.dev"
[attestation]
tier = 3
require_tpm = true
require_secure_boot = true
Reference in a new issue View git blame Copy permalink