PaaS Context Operations Runbook
Date: 2026-02-17 Scope: Operational guidance forinternal-dogfood and oss-demo contexts
Owner: Codex
1. Purpose
Define the day-2 operating procedure for runningsi paas safely across:
internal-dogfood(private/internal environments)oss-demo(public-safe demo environments)
2. Context Roles
internal-dogfood:
- Real internal validation and pre-production verification
- Private targets and private operational logs
- Private vault namespace and restricted operator access
oss-demo:
- Public demo and reproducible sample workflows
- Disposable/non-sensitive targets only
- No production credentials, no customer data, no private telemetry
3. Required Baseline Setup
- Set a private state root outside any git workspace:
- Initialize both contexts:
- Run isolation checks:
4. Daily Operating Flow
Forinternal-dogfood:
oss-demo:
- Always pass
--contextexplicitly for mutating commands (deploy,rollback,secret,target,context import).
5. Separation Guardrails
- Never share vault files across
internal-dogfoodandoss-demo. - Never copy context directories manually between contexts.
- Use
si paas context export|importfor metadata transfer only. - Block deploy if
si paas doctorreports contamination or secret exposure. - Keep backup artifacts encrypted and outside repository roots.
6. Deployment and Incident Rules
internal-dogfood:
- Run deploy with full audit/event capture.
- Treat critical deploy failures as incidents and follow
docs/PAAS_INCIDENT_RUNBOOK.md. - Require rollback readiness before cutover operations.
oss-demo:
- Prefer disposable targets and demo-safe datasets.
- If failure occurs, prioritize environment reset over forensic restore unless validating incident procedures.
7. Backup and Restore Coupling
- Follow
docs/PAAS_BACKUP_RESTORE_POLICY.mdfor backup scope and restore validation. - Post-restore, run:
- Do not restore secrets from plaintext artifacts; use vault-native recovery only.
8. Weekly Operational Checklist
si paas doctor --jsonreturnsok=truefor active state root.internal-dogfoodandoss-demohave distinct targets and vault paths.- Latest backup snapshot for each active context is present and checksum-verified.
- Alert policy and notification channel are configured per context.
- One rollback drill completed in
internal-dogfoodwithin the last week.
9. Escalation
Escalate immediately when any of these occur:si paas doctordetects repo-local private state or secret exposure.- Vault mapping for
internal-dogfoodresolves inside repository paths. - Cross-context data appears in
target list, deploy history, or events. - Backup checksum verification fails for latest required snapshot.
