From 62dd7e14633bf5a095fbcb4148558b72ffa4ae29 Mon Sep 17 00:00:00 2001 From: shankar0123 Date: Mon, 4 May 2026 01:18:59 +0000 Subject: [PATCH] docs(approval-workflow): drop Infisical reference from operator playbook The operator-facing approval-workflow.md is the public-readable docs page; the 'Infisical deep-research deliverable' framing is internal project context that doesn't belong there. Internal source comments + research docs in cowork/ keep the original framing as the historical record. --- docs/approval-workflow.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/approval-workflow.md b/docs/approval-workflow.md index 7bef42f..add8550 100644 --- a/docs/approval-workflow.md +++ b/docs/approval-workflow.md @@ -2,7 +2,7 @@ certctl can gate certificate issuance + renewal on a per-profile, two-person-integrity check. Compliance customers (PCI-DSS Level 1, FedRAMP Moderate / High, SOC 2 Type II, HIPAA) configure this on production-tier `CertificateProfile` rows so every renewal-loop tick or manual `POST /api/v1/certificates/{id}/renew` blocks at `JobStatusAwaitingApproval` until a different actor approves. -Rank 7 of the 2026-05-03 Infisical deep-research deliverable. Closes the procurement-checklist question "How do you enforce two-person integrity on cert issuance?" — pre-Rank-7 the answer was "we don't"; post-Rank-7 the answer is "set `requires_approval=true` on the profile + here's the audit query that proves bypass mode is off in production." +Closes the procurement-checklist question "How do you enforce two-person integrity on cert issuance?" — without this surface the answer is "we don't"; with `requires_approval=true` on the profile, the answer is "here's the RBAC contract + here's the audit query that proves bypass mode is off in production." ## End-to-end flow