jesus/stratumiops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
stratumiops/config/cedar/permit-orchestrator-execute.cedar
Jesús Pérez 9095ea6d8e
Some checks failed
Nickel Type Check / Nickel Type Checking (push) Has been cancelled
Details
Rust CI / Security Audit (push) Has been cancelled
Details
Rust CI / Check + Test + Lint (nightly) (push) Has been cancelled
Details
Rust CI / Check + Test + Lint (stable) (push) Has been cancelled
Details
feat: add stratum-orchestrator with graph, state, NATS, and Nickel action nodes 
New crates: stratum-orchestrator (Cedar authz, Vault secrets, Nu/agent executors,
  saga runner), stratum-graph (petgraph DAG + SurrealDB repo), stratum-state
  (SurrealDB tracker), platform-nats (NKey auth client), ncl-import-resolver.

  Updates: stratum-embeddings (SurrealDB store + persistent cache), stratum-llm
  circuit breaker. Adds Nickel action-nodes, schemas, config, Nushell scripts,
  docker-compose dev stack, and ADR-003.
2026-02-22 21:33:26 +00:00

7 lines
184 B
Plaintext
Raw Permalink Blame History

// Permit the orchestrator principal to execute any node.
permit(
principal == User::"orchestrator",
action == Action::"execute",
resource in ResourceGroup::"nodes"
);
Reference in New Issue View Git Blame Copy Permalink