From f203a5372df80dcf9b7ba89d73657e86bc1c3ef6 Mon Sep 17 00:00:00 2001 From: shankar0123 Date: Sun, 10 May 2026 15:58:03 +0000 Subject: [PATCH] auth-bundle-2 Phase 11 follow-on: drop external-tester reference from oidc-runbooks/index.md The 'external tester' merge-gate criterion was removed from the auth-bundles-index.md policy: external-tester confirmations are encouraged but NOT a merge condition (BSL discourages contribution- style testing; the Phase 10 Keycloak testcontainers harness + the optional Okta smoke test cover the same surface deterministically in CI). Drops the now-stale phrasing from the runbooks index and the merge-gate reference; keeps the operator-sign-off footer recommendation since dated validation records are still useful. --- docs/operator/oidc-runbooks/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/operator/oidc-runbooks/index.md b/docs/operator/oidc-runbooks/index.md index c8d6397..3aaf8d5 100644 --- a/docs/operator/oidc-runbooks/index.md +++ b/docs/operator/oidc-runbooks/index.md @@ -45,7 +45,7 @@ These show up in every runbook; understand them once and skim the rest. ## When you finish a runbook -Each per-IdP runbook ends with a **validation checklist** the operator runs against a real production-tier deployment. Per the merge-gate criterion in `cowork/auth-bundle-2-prompt.md`, each runbook must be validated end-to-end by either the operator or an external tester before Bundle 2 ships. Mark your sign-off in the runbook's footer when you've completed the matrix. +Each per-IdP runbook ends with a **validation checklist** the operator runs against a real production-tier deployment. Run through the matrix end-to-end against your IdP and mark your sign-off in the runbook's footer — that gives the next operator (or the next you) a dated record of what's been verified to work. ## Related docs