bxnet-ops

SHA256

History

Tyler J King 7107b2860a feat: wire GSAP into playbook runner — full AC→shell→CR loop The governed playbook runner now: 1. Requests an AC from the GSAP broker before execution 2. Validates corpus CID + parameters CID + single-use 3. Executes the ansible playbook (unchanged) 4. Posts a Completion Receipt to the broker after execution Environment variables: GSAP_BROKER_URL — Capstone broker endpoint GSAP_BEARER_TOKEN — JWT for broker auth GSAP_DRIVER_ID — identity driver (default: keycloak-guildhouse) GSAP_ACCORD_TEMPLATE — accord template (default: from GUILDHOUSE_ACCORD) GSAP_SESSION_DIR — local session state directory Self-authorized mode: If GSAP_BROKER_URL not set, execution proceeds without AC/CR. Valid for development (GSAP §1.3). Not for production. Error handling: ElevationRequired → shows activation instructions, aborts Denied → shows reason, aborts CorpusMismatch → shows CID diff, aborts CR delivery failure → stores locally, warns, does not abort 4/4 gsap_client unit tests passing. Build clean with zero errors. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-30 13:15:54 -04:00
..
src	feat: wire GSAP into playbook runner — full AC→shell→CR loop	2026-03-30 13:15:54 -04:00
Cargo.toml	feat: GSAP client module — shell side of GSAP protocol	2026-03-30 12:44:59 -04:00

Tyler J King 7107b2860a feat: wire GSAP into playbook runner — full AC→shell→CR loop

The governed playbook runner now:
1. Requests an AC from the GSAP broker before execution
2. Validates corpus CID + parameters CID + single-use
3. Executes the ansible playbook (unchanged)
4. Posts a Completion Receipt to the broker after execution

Environment variables:
  GSAP_BROKER_URL — Capstone broker endpoint
  GSAP_BEARER_TOKEN — JWT for broker auth
  GSAP_DRIVER_ID — identity driver (default: keycloak-guildhouse)
  GSAP_ACCORD_TEMPLATE — accord template (default: from GUILDHOUSE_ACCORD)
  GSAP_SESSION_DIR — local session state directory

Self-authorized mode:
  If GSAP_BROKER_URL not set, execution proceeds without AC/CR.
  Valid for development (GSAP §1.3). Not for production.

Error handling:
  ElevationRequired → shows activation instructions, aborts
  Denied → shows reason, aborts
  CorpusMismatch → shows CID diff, aborts
  CR delivery failure → stores locally, warns, does not abort

4/4 gsap_client unit tests passing.
Build clean with zero errors.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-30 13:15:54 -04:00

src

feat: wire GSAP into playbook runner — full AC→shell→CR loop

2026-03-30 13:15:54 -04:00

Cargo.toml

feat: GSAP client module — shell side of GSAP protocol

2026-03-30 12:44:59 -04:00