STATUS: record tag standard + enforcement (ADR-019)
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
fac438cc92
commit
86bb3559ad
1 changed files with 2 additions and 1 deletions
|
|
@ -5,7 +5,7 @@ This repo is partly aspirational: the ADRs in `docs/decisions/` describe the
|
|||
truth. **Before relying on a role, provider, or pipeline existing, check here.**
|
||||
If something is listed as "designed, not built", do not assume it works.
|
||||
|
||||
_Last reviewed: 2026-05-30._
|
||||
_Last reviewed: 2026-06-06._
|
||||
|
||||
## Real and working today
|
||||
|
||||
|
|
@ -25,6 +25,7 @@ _Last reviewed: 2026-05-30._
|
|||
| `/capacity-review` | Works — on-demand capacity evaluation → `docs/hardware/reviews/`. Intent-based (no live usage yet) |
|
||||
| ADR-002 security strategy + `docs/security/{accepted-risks,service-checklist}.md` | Present — threat model, principles, governance frame; checklist + risk register are docs, enforced manually in review |
|
||||
| Service-role standard + per-service `SECURITY.md` convention | Defined (ADR-004 + `docs/security/service-security-template.md`); not yet applied — no service roles exist |
|
||||
| Tag standard + enforcement (ADR-019) | Works — `tests/tags.yml` (closed vocabulary) + `scripts/check-tags.py` (run by `make lint`, unit-tested): enforces the tag vocabulary and that each role import in a play's `roles:` block carries its role-name tag. Governs mostly-unbuilt roles, but the linter is live now. Proxmox VM tag convention (`<env>`, group, `managed-by=terraform`) is in the Terraform HCL but unprovisioned. |
|
||||
|
||||
## Scaffolded but empty — NOT implemented
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue