dataforge/unibus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(flags): flip bus-auth to enforce and bus-tls on (target state)

Browse Source 
Declares the project's target rollout: bus-auth enforce, bus-tls enabled.
Flags are declarative; the operator activates them at deploy via membershipd
--bus-auth/--tls-cert/--tls-key. CLI defaults stay off so dev and tests run
unchanged.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Egutierrez
2026-06-07 12:49:19 +02:00
parent b647779521
commit 87dbc421cd
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dev/feature_flags.json
+7 -7
View File
@@ -1,19 +1,19 @@
{ {
"flags": { "flags": {
"bus-auth": { "bus-auth": {
"enabled": false, "enabled": true,
"state": "off", "state": "enforce",
"issue": "0001", "issue": "0001",
"description": "Signed control-plane auth + NATS nkey auth. Rollout: off -> soft (verify+log, allow) -> enforce (reject). 'enabled' mirrors state!=off.", "description": "Signed control-plane auth + NATS nkey auth. Rollout: off -> soft (verify+log, allow) -> enforce (reject). 'enabled' mirrors state!=off. Server opts in via membershipd --bus-auth; clients via client.Connect(caPath).",
"added": "2026-06-07", "added": "2026-06-07",
"enabled_at": null "enabled_at": "2026-06-07"
}, },
"bus-tls": { "bus-tls": {
"enabled": false, "enabled": true,
"issue": "0001", "issue": "0001",
"description": "TLS on the NATS data plane using the project's self-signed CA (deploy/tls/). When enabled the server presents its cert and clients pin the CA.", "description": "TLS on the NATS data plane using the project's self-signed CA (deploy/tls/). Server opts in via membershipd --tls-cert/--tls-key; clients pin ca.crt via client.Connect(caPath).",
"added": "2026-06-07", "added": "2026-06-07",
"enabled_at": null "enabled_at": "2026-06-07"
} }
} }
} }