3 Commits

Author SHA1 Message Date
25c6cb705d chore(security): purge burned Guardian literal from dev/test config (Phase 4)
Replace the compromised committed Guardian secret with an obviously-fake
dev-only value. Prod reads GUARDIAN_SECRET_KEY from env and raises (Phase 1,
already merged); this removes the dead literal from the repo entirely.
Ref: arcadia-core/docs/GUARDIAN_SECRET_ROTATION.md Phase 4.
2026-06-21 11:29:12 +10:00
20ce45717a fix(security): wire Guardian secret_key (raise in prod)
ArcadiaCloud.Guardian had no secret_key for prod at all — every authed route
would fail at deploy. Wire it from GUARDIAN_SECRET_KEY, raising when absent in
prod; keep the pinned dev/staging default.

Ecosystem audit 2026-06-20, rank 2 blocker.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-20 16:22:17 +10:00
5959479ce1 Phase 0 scaffold: arcadia-cloud Phoenix service
API-only Phoenix 1.8 project for cloud-ops, inventory, billing, and
provisioning sagas. Validates arcadia JWTs via shared Guardian secret
(verify-only; arcadia-app remains the issuer).

Deps beyond default Phoenix: guardian, cors_plug, oban, req.
Postgres on local port 5433 per arcadia stack convention.
Endpoint runs on :4005.

Endpoints:
- GET /api/health         — public, returns service identifier
- GET /api/v1/inventory   — auth-gated, returns empty list (phase 0 stub)

Oban configured with the queues phase 1+ will need:
provisioning / cloud_sync_fast|full|slow / cloud_billing / metering.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-19 21:51:11 +10:00