egutierrez
ddc6cabc24
bus-auth carries the off -> soft -> enforce rollout state; bus-tls is a boolean. Both start disabled so master keeps compiling and passing tests while the auth/TLS code lands behind them across phases 0001a-0001e. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
20 lines
620 B
JSON
20 lines
620 B
JSON
{
|
|
"flags": {
|
|
"bus-auth": {
|
|
"enabled": false,
|
|
"state": "off",
|
|
"issue": "0001",
|
|
"description": "Signed control-plane auth + NATS nkey auth. Rollout: off -> soft (verify+log, allow) -> enforce (reject). 'enabled' mirrors state!=off.",
|
|
"added": "2026-06-07",
|
|
"enabled_at": null
|
|
},
|
|
"bus-tls": {
|
|
"enabled": false,
|
|
"issue": "0001",
|
|
"description": "TLS on the NATS data plane using the project's self-signed CA (deploy/tls/). When enabled the server presents its cert and clients pin the CA.",
|
|
"added": "2026-06-07",
|
|
"enabled_at": null
|
|
}
|
|
}
|
|
}
|