feat: enforce CAC admissibility pipeline and signed CACert issuance

[BrianCLong]

Motivation

• Bind the CAC spec to execution by enforcing admissibility, reproducibility, and cryptographic evidence checks in CI so every PR produces a machine-verifiable CACert or is blocked.
• Prevent non-deterministic or orphaned decision outputs and ensure artifact integrity via hash-addressable manifests and signature verification.

Description

• Added CI gate and orchestration at .github/workflows/cac-enforcement.yml that runs the three checks and issues/verifies a signed CACert.
• Implemented enforcement checks under ci/admissibility/: admissibility_check.mjs, reproducibility_check.mjs, and evidence_integrity_check.mjs which validate lineage, replayability, and artifact signature/hash integrity respectively.
• Added CAC tooling under scripts/cac/: generate_cacert.mjs to emit and sign cacert.json and verify_cacert.mjs to validate schema, signatures, and artifact hashes.
• Introduced deterministic schemas in schemas/cac/ (report.schema.json, metrics.schema.json, decision_trace.schema.json, failure_case.schema.json, cacert.schema.json) that require hashes, stable ordering, and forbid timestamps/volatile fields.
• Added runnable examples in examples/cac/valid_run/ and examples/cac/failing_run/ including per-case failure_case.json artifacts and manifest samples to exercise pass/fail behavior.
• Updated docs/roadmap/STATUS.json to record progress and intent.

Testing

• Ran node ci/admissibility/admissibility_check.mjs examples/cac/valid_run schemas/cac and it PASSed.
• Ran node ci/admissibility/reproducibility_check.mjs examples/cac/valid_run 0 and it PASSed.
• Exercised failure cases: admissibility_check, reproducibility_check, and evidence_integrity_check on examples/cac/failing_run all failed as expected (missing trace link, replay drift, and hash mismatch respectively).
• Note: evidence_integrity_check and CACert signing/verification require the cosign binary; cosign is installed in the workflow via sigstore/cosign-installer@v3.7.0, and the local sandbox did not include cosign for a full local sign/verify run. All checks and signing are exercised end-to-end in CI.

---

Codex Task

[gemini-code-assist]

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

[coderabbitai]

Warning

Rate limit exceeded

@BrianCLong has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 17 minutes and 44 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 17 minutes and 44 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 31202442-3f78-4294-8b0d-6e9502f5f01a

📥 Commits

Reviewing files that changed from the base of the PR and between e87382b and 84c7eed.

📒 Files selected for processing (28)

• ci/admissibility/admissibility_check.mjs
• ci/admissibility/evidence_integrity_check.mjs
• ci/admissibility/reproducibility_check.mjs
• docs/roadmap/STATUS.json
• examples/cac/failing_run/artifact_manifest.json
• examples/cac/failing_run/decision_trace.json
• examples/cac/failing_run/failure_case_hash_mismatch.json
• examples/cac/failing_run/failure_case_missing_trace.json
• examples/cac/failing_run/failure_case_non_reproducible.json
• examples/cac/failing_run/hash_mismatch/failure_case.json
• examples/cac/failing_run/missing_trace_linkage/failure_case.json
• examples/cac/failing_run/non_reproducible_output/failure_case.json
• examples/cac/failing_run/pipeline.json
• examples/cac/failing_run/report.json
• examples/cac/valid_run/admissibility_result.json
• examples/cac/valid_run/artifact_manifest.json
• examples/cac/valid_run/decision_trace.json
• examples/cac/valid_run/metrics.json
• examples/cac/valid_run/pipeline.json
• examples/cac/valid_run/report.json
• examples/cac/valid_run/reproducibility_result.json
• schemas/cac/cacert.schema.json
• schemas/cac/decision_trace.schema.json
• schemas/cac/failure_case.schema.json
• schemas/cac/metrics.schema.json
• schemas/cac/report.schema.json
• scripts/cac/generate_cacert.mjs
• scripts/cac/verify_cacert.mjs

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/implement-cacert-enforcement-and-issuance-pipeline

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 40dce4bbc3

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Install Ajv before rerunning CAC checks in cacert job

Each GitHub Actions job starts from a fresh checkout, but only admissibility_check installs ajv; the cacert job reruns admissibility_check.mjs (and later verify_cacert.mjs), both of which import ajv. In a clean runner this causes ERR_MODULE_NOT_FOUND and blocks CACert generation even for valid inputs, so the enforcement workflow cannot pass end-to-end.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Validate producer step IDs for trace outputs

The admissibility check only tracks decision_trace.outputs[*].id and never validates that each produced_by_step_id points to an existing step that actually emits that output. This allows a tampered trace to pass with incorrect provenance links (wrong producer attribution), which weakens the lineage guarantees this gate is supposed to enforce.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Bind report manifest hash to verified manifest contents

The integrity check verifies manifest signatures and per-artifact hashes, but it never checks that the report’s required artifact_manifest_sha256 matches the manifest digest being verified. Because of this, a report can carry an arbitrary or stale manifest hash and still PASS, so the reported digest is not cryptographically bound to the validated evidence set.

Useful? React with 👍 / 👎.