Wire Forge-native release infrastructure
Some checks failed
Cache: Publish Nix / Publish Nix Cache (push) Waiting to run
Build Rust / Cargo Test (push) Successful in 4m14s
Build Site / Next.js Build (push) Failing after 6s
Infra: OpenTofu / OpenTofu (grafana) (push) Successful in 5s
Lint Governance / BEP Metadata (push) Successful in 0s
Build: Android / Android Rust Core Stub (push) Failing after 23s

This commit is contained in:
Conrad Kramer 2026-06-07 05:51:12 -07:00
parent 97c569fb35
commit 002bd382e9
199 changed files with 14268 additions and 185 deletions

View file

@ -0,0 +1,25 @@
# Burrow MCP Hub Extraction
This directory is the in-repo extraction plan for a dedicated MCP hub repository.
Target repository:
```text
compatible.systems/burrow/mcp-hub
```
The hub should expose Burrow-operated tools for:
- Authentik users, groups, OIDC, SAML, SCIM, and WIF applications
- OpenBao mounts, policies, AppRole, and secret-read workflows
- Google KMS key catalog, public-key export, and signing readiness
- Forgejo workflow dispatch, runner identity, and Namespace runner status
- Grafana dashboard and alert checks
- Jitsi meeting readiness and service health
- mail and webmail readiness after the Stalwart phase starts
- release signing, store upload readiness, and distribution metadata checks
- agent identity inventory derived from `contributors.nix`
The hub must keep identity and authorization explicit. Agent identities should be
named, attributable, and backed by Authentik/WIF or OpenBao AppRole rather than
static shared tokens.