SecAI-Hub
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 104 additions & 7 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 104 additions & 7 deletions
diff --git a/‎README.md‎
Lines changed: 33 additions & 15 deletions b/‎README.md‎
Lines changed: 33 additions & 15 deletions
diff --git a/‎docs/install/bare-metal.md‎
Lines changed: 51 additions & 6 deletions b/‎docs/install/bare-metal.md‎
Lines changed: 51 additions & 6 deletions
@@ -3,11 +3,7 @@ name: CI
 on:
   push:
     branches: [main]
-    paths-ignore:
-      - "**.md"
   pull_request:
-    paths-ignore:
-      - "**.md"
   workflow_dispatch:
 
 concurrency:
@@ -58,7 +54,7 @@ jobs:
           python-version: "3.12"
 
       - name: Install dependencies
-        run: pip install pyyaml flask requests pytest
+        run: pip install pyyaml flask requests pytest ruff bandit
 
       - name: Lint (syntax check)
         run: |
@@ -76,10 +72,25 @@ jobs:
           python -m py_compile services/agent/agent/capabilities.py
           python -m py_compile services/agent/agent/sandbox.py
 
-      - name: Test
+      - name: Ruff lint
+        run: ruff check services/ tests/ --select E,F,W --ignore E501,E402
+
+      - name: Bandit security scan
+        run: |
+          bandit -r services/ -ll --skip B101,B404,B603 -f txt || {
+            echo "::warning::Bandit found potential security issues (see above)"
+            true
+          }
+
+      - name: Test (unit + integration)
         env:
           PYTHONPATH: services
-        run: python -m pytest tests/ -v
+        run: python -m pytest tests/ -v --ignore=tests/test_adversarial.py --ignore=tests/test_m5_acceptance.py -x
+
+      - name: Test (adversarial + acceptance)
+        env:
+          PYTHONPATH: services
+        run: python -m pytest tests/test_adversarial.py tests/test_m5_acceptance.py -v --tb=short
 
   shellcheck:
     name: Shell Script Lint
@@ -300,3 +311,89 @@ jobs:
           pip install pip-audit pyyaml flask requests
           echo "=== Python Dependency Audit ==="
           pip-audit --strict --desc || echo "WARNING: Python dependencies have known vulnerabilities"
+
+  docs-validation:
+    name: Documentation Validation
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: Check for broken internal links
+        run: |
+          echo "=== Checking internal doc links ==="
+          ERRORS=0
+          # Find all markdown links to local files
+          for md in $(find docs/ README.md CONTRIBUTING.md SECURITY.md -name '*.md' 2>/dev/null); do
+            # Extract relative links (not URLs, not anchors)
+            grep -oP '\[([^\]]*)\]\((?!https?://|#)([^)]+)\)' "$md" 2>/dev/null | \
+              grep -oP '\(([^)]+)\)' | tr -d '()' | while read -r link; do
+                # Strip anchor fragments
+                target="${link%%#*}"
+                [ -z "$target" ] && continue
+                # Resolve relative to file's directory
+                dir=$(dirname "$md")
+                resolved="${dir}/${target}"
+                if [ ! -f "$resolved" ] && [ ! -d "$resolved" ]; then
+                  echo "BROKEN: ${md} -> ${link} (resolved: ${resolved})"
+                  ERRORS=$((ERRORS + 1))
+                fi
+              done
+          done
+          if [ "$ERRORS" -gt 0 ]; then
+            echo "FAIL: ${ERRORS} broken internal links found"
+            exit 1
+          fi
+          echo "OK: All internal doc links valid"
+
+      - name: Verify required docs exist
+        run: |
+          echo "=== Checking required documentation ==="
+          REQUIRED_DOCS=(
+            "docs/threat-model.md"
+            "docs/architecture.md"
+            "docs/api.md"
+            "docs/security-status.md"
+            "docs/production-operations.md"
+            "docs/production-readiness-checklist.md"
+            "docs/slos.md"
+            "docs/release-policy.md"
+            "docs/support-lifecycle.md"
+            "docs/test-counts.json"
+            "docs/install/bare-metal.md"
+            "SECURITY.md"
+            "CONTRIBUTING.md"
+            "LICENSE"
+          )
+          ERRORS=0
+          for doc in "${REQUIRED_DOCS[@]}"; do
+            if [ -f "$doc" ]; then
+              echo "OK: $doc"
+            else
+              echo "MISSING: $doc"
+              ERRORS=$((ERRORS + 1))
+            fi
+          done
+          if [ "$ERRORS" -gt 0 ]; then
+            echo "FAIL: ${ERRORS} required document(s) missing"
+            exit 1
+          fi
+          echo "All required documents present"
+
+      - name: Validate test-counts.json format
+        run: |
+          python3 -c "
+          import json, sys
+          with open('docs/test-counts.json') as f:
+              data = json.load(f)
+          required = ['generated', 'go', 'go_total', 'python_total', 'grand_total']
+          for key in required:
+              if key not in data:
+                  print(f'FAIL: test-counts.json missing key: {key}')
+                  sys.exit(1)
+          if not isinstance(data['go'], dict):
+              print('FAIL: go field must be a dict of service -> count')
+              sys.exit(1)
+          print(f'OK: test-counts.json valid (total: {data[\"grand_total\"]} tests)')
+          "
@@ -49,18 +49,26 @@ Built on [uBlue](https://universal-blue.org/) (Fedora Atomic / Silverblue). All
 ### Install (Fedora Atomic)
 
 ```bash
-# Rebase to unsigned image first
+# 1. Verify image signature before installing (requires cosign)
+cosign verify --key cosign.pub ghcr.io/sec_ai/secai_os:latest
+
+# 2. Bootstrap rebase (one-time unverified pull, see install docs for rationale)
 sudo rpm-ostree rebase ostree-unverified-registry:ghcr.io/sec_ai/secai_os:latest
 sudo systemctl reboot
 
-# Then rebase to signed image
+# 3. Switch to signed transport (all future updates verified automatically)
 sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/sec_ai/secai_os:latest
 sudo systemctl reboot
 
-# Set up encrypted vault
+# 4. Set up encrypted vault
 sudo /usr/libexec/secure-ai/setup-vault.sh /dev/sdX
 ```
 
+> **Why the two-step rebase?** The local ostree store doesn't have the signing policy
+> until the first boot. Step 1 provides out-of-band signature verification via cosign
+> before the unverified pull. Step 3 enables automatic verification for all future updates.
+> See [docs/install/bare-metal.md](docs/install/bare-metal.md) for full details.
+
 See [docs/install/](docs/install/) for detailed guides: [bare metal](docs/install/bare-metal.md) | [virtual machine](docs/install/vm.md) | [development](docs/install/dev.md)
 
 ### Get Your First Model
@@ -151,7 +159,7 @@ Every model passes through the same fully automatic pipeline:
 | **Updates** | Cosign-verified rpm-ostree, staged workflow, greenboot auto-rollback |
 | **Supply Chain** | Per-service CycloneDX SBOMs, SLSA3 provenance attestation, cosign-signed checksums |
 
-See [docs/threat-model.md](docs/threat-model.md) for threat classes, residual risks, and security invariants. See [docs/security-status.md](docs/security-status.md) for implementation status of all 45 milestones.
+See [docs/threat-model.md](docs/threat-model.md) for threat classes, residual risks, and security invariants. See [docs/security-status.md](docs/security-status.md) for implementation status of all 46 milestones.
 
 ### Verify Image Signatures
 
@@ -209,15 +217,20 @@ See [docs/policy-schema.md](docs/policy-schema.md) for full schema reference. Se
 
 ### CI Verification Evidence
 
-Each CI job produces specific security evidence:
-
-| Job | What It Proves |
-|-----|---------------|
-| `security-regression` | Adversarial test suite: prompt injection, policy bypass, containment |
-| `supply-chain-verify` | SBOM generation via Syft, cosign availability, provenance keywords |
-| `go-build-and-test` | 399 Go tests across 9 services with `-race` |
-| `python-test` | 718 Python tests (agent, adversarial, M5 acceptance, UI, pipeline) |
-| `test-count-check` | Prevents documented test counts from drifting below actual |
+All CI jobs are defined in [`.github/workflows/ci.yml`](.github/workflows/ci.yml). View the [latest CI run](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml).
+
+| Job | Workflow Link | What It Proves |
+|-----|--------------|---------------|
+| `go-build-and-test` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | 399 Go tests across 9 services with `-race` (build, test, vet) |
+| `python-test` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | 718 Python tests split into unit/integration + adversarial/acceptance, ruff lint, bandit security scan |
+| `security-regression` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | Adversarial test suite: prompt injection, policy bypass, containment, recovery |
+| `supply-chain-verify` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | SBOM generation via Syft, cosign availability, provenance keywords in release/build workflows |
+| `test-count-check` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | Prevents documented test counts from drifting below actual (source of truth: [test-counts.json](docs/test-counts.json)) |
+| `dependency-audit` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | Go vulnerability scanning (govulncheck) + Python dependency audit (pip-audit) |
+| `shellcheck` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | Static analysis of all shell scripts (first-boot, build, verify-release, etc.) |
+| `policy-validate` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | YAML schema validation for all policy and recipe files |
+| `check-pins` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | Verifies all GitHub Actions are pinned to specific commit SHAs (not tags) |
+| `docs-validation` | [View job](https://github.com/SecAI-Hub/SecAI_OS/actions/workflows/ci.yml) | Broken link detection, required docs presence, test-counts.json format validation |
 
 ---
 
@@ -229,7 +242,7 @@ Each CI job produces specific security evidence:
 | [Threat Model](docs/threat-model.md) | Threat classes, invariants, residual risks |
 | [API Reference](docs/api.md) | HTTP API for all services |
 | [Policy Schema](docs/policy-schema.md) | Full policy.yaml schema reference |
-| [Security Status](docs/security-status.md) | Implementation status of all 45 milestones |
+| [Security Status](docs/security-status.md) | Implementation status of all 46 milestones |
 | [Test Matrix](docs/test-matrix.md) | Test coverage: 1,117 tests across Go and Python (see [test-counts.json](docs/test-counts.json)) |
 | [Compatibility Matrix](docs/compatibility-matrix.md) | GPU, VM, and hardware support |
 | [Security Test Matrix](docs/security-test-matrix.md) | Security feature test coverage |
@@ -259,6 +272,10 @@ Each CI job produces specific security evidence:
 | [Recovery Runbook](docs/recovery-runbook.md) | Operator procedures for degradation, containment, and recovery |
 | [Sample Release Bundle](docs/sample-release-bundle.md) | Release artifact structure and verification commands |
 | [Production Operations](docs/production-operations.md) | First-boot checks, upgrades, key rotation, monitoring, capacity |
+| [Production Readiness Checklist](docs/production-readiness-checklist.md) | Formal release gate checklist for production deployments |
+| [SLOs](docs/slos.md) | Service level objectives: availability, latency, correctness targets |
+| [Release Policy](docs/release-policy.md) | Release channels (stable/candidate/dev), versioning, upgrade paths |
+| [Support Lifecycle](docs/support-lifecycle.md) | Hardware matrix, driver versions, support windows, deprecation policy |
 
 ### Install Guides
 
@@ -362,7 +379,7 @@ See [docs/test-matrix.md](docs/test-matrix.md) for full breakdown.
 ## Roadmap
 
 <details>
-<summary>All 44 project milestones (click to expand)</summary>
+<summary>All 46 project milestones (click to expand)</summary>
 
 - [x] **Milestone 0** -- Threat model, dataflow, invariants, policy files
 - [x] **Milestone 1** -- Bootable OS, encrypted vault, GPU drivers
@@ -410,6 +427,7 @@ See [docs/test-matrix.md](docs/test-matrix.md) for full breakdown.
 - [x] **Milestone 43** -- Stronger isolation: sandbox tightening, adversarial tests, CI security regression, MCP isolation, recovery ceremonies, M5 acceptance suite
 - [x] **Milestone 44** -- Auditability and documentation hardening: test-count drift CI check, CI evidence links and badges, M4/M5 terminology disambiguation, audit quick-path doc, recovery runbook, verify-release script, security/product roadmap split
 - [x] **Milestone 45** -- Production readiness hardening: incident persistence (file-backed), graceful shutdown for all Go services, HTTP timeouts, systemd production hardening, first-boot validation, audit log rotation, CI vulnerability scanning, production operations guide
+- [x] **Milestone 46** -- Operational maturity: bootstrap trust gap fix (cosign verify before rebase), CI runs on all changes (removed paths-ignore for .md), Python quality gates (ruff + bandit + split test suites), docs-validation CI job, production-readiness checklist, SLOs, release channel policy, support lifecycle, sample verification output
 
 </details>
 
 
@@ -65,19 +65,53 @@ Replace `/dev/sdX` or `/dev/rdiskN` with your actual USB device. Double-check th
 
 ## Step 4: Rebase to SecAI OS
 
-After booting into the fresh Fedora Silverblue installation, open a terminal and rebase to the SecAI OS image:
+After booting into the fresh Fedora Silverblue installation, open a terminal.
+
+### 4a. Verify image signature (before rebasing)
+
+Before installing the image, verify its authenticity using cosign:
 
 ```bash
-rpm-ostree rebase ostree-unverified-registry:ghcr.io/sec_ai/secai_os:latest
+# Install cosign (if not already present)
+sudo dnf install -y cosign
+
+# Fetch the project's public key
+curl -sSfL https://raw.githubusercontent.com/SecAI-Hub/SecAI_OS/main/cosign.pub -o /tmp/cosign.pub
+
+# Verify the image signature
+cosign verify --key /tmp/cosign.pub ghcr.io/sec_ai/secai_os:latest
 ```
 
-Wait for the rebase to complete, then reboot:
+You should see `The following checks were performed on each of these signatures: ...`
+with a successful verification result. **Do not proceed if verification fails.**
+
+### 4b. Bootstrap rebase
+
+> **Note on the bootstrap trust gap:** The first rebase must use
+> `ostree-unverified-registry:` because the local ostree store does not yet
+> have the SecAI signing policy configured. This is a one-time bootstrapping
+> step — the cosign verification above provides out-of-band attestation
+> before the unverified pull. After the first boot, all subsequent updates
+> use `ostree-image-signed:` and are verified automatically.
 
 ```bash
-systemctl reboot
+# Initial rebase (signature verified out-of-band above)
+sudo rpm-ostree rebase ostree-unverified-registry:ghcr.io/sec_ai/secai_os:latest
+sudo systemctl reboot
 ```
 
-After reboot, the system will be running SecAI OS.
+### 4c. Switch to signed updates
+
+After the first reboot, switch to the signed image transport so that all
+future updates are cryptographically verified by rpm-ostree:
+
+```bash
+# Switch to the signed transport (all future updates verified automatically)
+sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/sec_ai/secai_os:latest
+sudo systemctl reboot
+```
+
+After this reboot, the system is running SecAI OS with full signature verification enabled.
 
 ---
 
@@ -97,7 +131,18 @@ You will be prompted to set a vault passphrase. This passphrase encrypts the LUK
 
 ## Step 6: First Boot Verification
 
-After firstboot completes, verify the installation:
+After firstboot completes, run the automated health check:
+
+```bash
+# Comprehensive health check (validates all services, endpoints, security posture)
+sudo /usr/libexec/secure-ai/first-boot-check.sh
+```
+
+This validates all core services are running, health endpoints respond, attestation
+state is verified, no open incidents exist, and no services are exposed on public
+interfaces. See [docs/production-operations.md](../production-operations.md) for details.
+
+You can also verify manually:
 
 ```bash
 # Check that all services are running