Skip to content

Portable source storage tier for enterprise audit (inline/object-stored critical artifacts) #1869

Description

@markmhendrickson

Summary

By-reference source storage is host-local and not portable, which limits enterprise auditability. Critical source artifacts referenced by path depend on the file staying in place on a specific host; they don't travel with the graph.

Motivation

Enterprise audit needs source evidence to be portable and durable — a provenance trail that survives host moves, backups/restores, and cross-instance sync. Reference storage is fine for large local files the operator controls, but critical artifacts should be inline or object-stored.

Scope

  • Inline / object-storage backing for critical source artifacts (not just by-reference path rows)
  • A policy/knob to mark a source as "must be portable" → stored inline or in object storage
  • Ensure portable sources survive backup/restore and cross-instance sync

Acceptance criteria

  • A source can be marked portable and is then retrievable independent of the original host path
  • Portable sources survive a backup/restore cycle
  • Existing by-reference behavior remains available for large operator-controlled local files

Context

Current source_storage: reference mode stores only a path + metadata row (host-local). This adds a durable/portable tier for audit-critical artifacts.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestlanius-triageApplied by Lanius triage workflow

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions