KB-349F
Tool-Kiem-Thu-CI Repo Lifecycle Record (2026-06-10)
3 min read Revision 1
tool-kiem-thugovernanceci-repolifecycletool-kiem-thu-ciretention2026-06-10
CI Repo Lifecycle Record — Huyen1974/tool-kiem-thu-ci
Date: 2026-06-10. Object: TKT-OBJ-011. Owner class: OPERATOR. Authority: evidence-only. Lifecycle: retained-evidence (inert).
| Field | Value |
|---|---|
| Role | Single dedicated, private GitHub repo authorized by owner as the Phase 2/3/B4′ execution + evidence venue (route CI-C). NOT Mac-local. |
| Why it exists | Both pre-authorized repos were verified UNSAFE (auto-trigger terraform/GCP-secret CI via WIF/SA): Huyen1974/agent-data-test (17 workflows incl. guard_bootstrap.yml/lint-only.yml→terraform-plan), Huyen1974/chatgpt-githubnew (deploy_*/sync-secrets/wif-gsm-smoke). agent-data-production prohibited. A clean isolated repo was the only safe substrate. |
| Secrets / prod link | NONE. No secrets, no id-token/WIF, no terraform, no deploy, no GCP/SA, no production link. Workflows declare permissions: contents: read only. |
| Trigger posture | workflow_dispatch-only on both workflows → inert unless a human manually dispatches. No push/PR/schedule triggers. |
| Contents | Verbatim full source tree (canonical full source of ip_dot_inspector, guard/test harnesses, inspector/main.py, Dockerfiles, seccomp profiles, workflows, fixtures). |
| Run artifacts | phase2-3-offline-mvp-evidence + B4′ attestation artifact, GitHub 30-day retention (auto-expire). Durable record = KB reports + raw-log indices. |
| Retention status | RETAINED. |
| Reason for retention | Reproducible source-of-record so Phase 2/3/B4′ evidence can be re-derived; holds the only verbatim full tree. |
| Deletion condition | Owner may delete once the evidence is no longer needed for re-derivation and Phase 4 has its own substrate decision. Command: gh repo delete Huyen1974/tool-kiem-thu-ci --yes. Deletion is reversible-impact-low (KB reports persist) but owner-authority only — not performed by this macro. |
| Prohibited uses | Adding secrets/WIF/terraform/deploy; linking to production; enabling auto-triggers (push/PR/schedule); using it as a gate; hosting a KB writer or production credentials; Mac-local execution. |
| Future-use policy | May be reused as the read-only venue for the B7-EXP-2/D9 automated export service IF the owner authorizes it AND Codex approves the network policy — otherwise it stays inert. Any such reuse must keep the no-secrets / read-only / workflow_dispatch posture. |
| Auto-governance | NONE — no native sensor reads GitHub; the repo is invisible to birth_registry. Governed only by this KB record. |
Verdict
CI_REPO_LIFECYCLE_RECORDED — role, safety posture, retention reason, deletion condition (owner-only), prohibited + future uses all documented. Repo remains a governed-at-KB-level, inert evidence venue.