Expose maildesk lifecycle in cfctl registry#26
Conversation
The maildesk lifecycle command already existed, but standards/classify/guide could not see it because the surface was absent from the catalogs. Add maildesk-cf as a non-apply lifecycle surface, teach classify and guide to point at the real composite preview path, and keep ack explicitly blocked until component writes are preview-gated. Also add file selector readiness so file-backed lifecycle operations can prove their required selector.
|
@codex please review the lifecycle surface semantics: |
|
CI blocker note: The rerun of Local proof on branch
I am not merging this PR while the required GitHub runner check is blocked by account billing state. |
|
Fresh local proof on
The GitHub |
Summary
maildesk-cfas a catalog-backed cfctl lifecycle surface with standards metadata.cfctl classify maildesk-cf provisionandcfctl guide maildesk-cf provisionto point at the real composite preview path.fileselector readiness for file-backed lifecycle operations.Behavioral changes
cfctl standards maildesk-cfnow returns the maildesk lifecycle standards and runtime metadata.cfctl classify maildesk-cf provision --file ...now reports preview-required readiness instead ofunsupported_surface.cfctl guide maildesk-cf provision --file ...now emitscfctl maildesk-cf verify,cfctl maildesk-cf provision --plan, and anapply_blockedack command with explicit caution.cfctl surfacesanddocs/capabilities.mdnow showmaildesk-cfas a desired-state-backed, non-generic-apply lifecycle surface.Implications
cfctl apply maildesk-cf provisionavailable.Risk areas and confidence
maildesk-cfis intentionally non-apply even though it is desired-state-backed.CFCTL_PUBLIC_CONTRACT_ZONEis not set in this shell; no live DNS/token smoke was attempted.Test plan
cfctl doctorreadback: degraded only by expired previews, with healthy dev/global lanes and no secret leaks./scripts/verify_maildesk_cf_contract.sh./scripts/verify_static_contract.sh./cfctl surfaces | jq ... maildesk-cf ..../cfctl explain maildesk-cf./cfctl standards maildesk-cf./cfctl classify maildesk-cf provision --file state/maildesk-cf/example.json./cfctl guide maildesk-cf provision --file state/maildesk-cf/example.jsongit diff --check./scripts/verify_public_contract.shblocked:CFCTL_PUBLIC_CONTRACT_ZONE must be set for live DNS/token smoke testsReview focus
maildesk-cfshould remain non-apply incatalog/surfaces.jsonwhile still being standards/classify/guide visible.cfctl maildesk-cf provision --planpath and do not infer a generic apply surface.