45 lines
2 KiB
Text
45 lines
2 KiB
Text
let d = import "ontology/defaults/gate.ncl" in
|
|
|
|
{
|
|
membranes = [
|
|
|
|
d.make_membrane {
|
|
id = "control-plane-readiness",
|
|
name = "Control Plane Readiness",
|
|
description = "Controls when the provisioning control plane is ready for production deployment and multi-user mode.",
|
|
permeability = 'Low,
|
|
accepts = ['EcosystemRelevance],
|
|
protects = ["production deployment", "multi-user mode"],
|
|
opening_condition = {
|
|
max_tension_dimensions = 2,
|
|
pending_transitions = 2,
|
|
core_stable = true,
|
|
description = "Orchestrator + Control Center operational, NATS streams configured and stable, SOLID boundaries passing all 6 enforcement layers, Cedar policies loaded and evaluated.",
|
|
},
|
|
closing_condition = "Any SOLID enforcement layer failing or NATS stream misconfiguration detected.",
|
|
max_duration = 'Indefinite,
|
|
protocol = 'Challenge,
|
|
active = false,
|
|
},
|
|
|
|
d.make_membrane {
|
|
id = "workspace-certification",
|
|
name = "Workspace Certification",
|
|
description = "Controls when a workspace is ready for production use — all taskservs validated, config schema-checked, provider capabilities matched.",
|
|
permeability = 'Medium,
|
|
accepts = ['EcosystemRelevance, 'OpportunityAlignment],
|
|
protects = ["workspace production use"],
|
|
opening_condition = {
|
|
max_tension_dimensions = 3,
|
|
pending_transitions = 3,
|
|
core_stable = true,
|
|
description = "All taskservs in workspace have dependencies.ncl, config validates via nickel typecheck, provider capabilities match requirements.",
|
|
},
|
|
closing_condition = "Workspace config fails schema validation or provider capabilities no longer match declared requirements.",
|
|
max_duration = 'Indefinite,
|
|
protocol = 'Observe,
|
|
active = false,
|
|
},
|
|
|
|
],
|
|
}
|