This repository implements the Fabric layer of the ThreadForge platform.
ThreadForge is an identity-first runtime architecture for securely executing distributed services and AI agents using workload identity and policy-driven communication boundaries.
Platform architecture reference: https://github.com/computeaholic/threadforge-reference-architecture
Minimal Identity-Ready Kubernetes Substrate
- Internal hardened container registry
- SPIRE-based identity plane (PSAT)
- Minimal RBAC and admission enforcement
- Durable PostgreSQL instance
- Prometheus metrics stack
- Kustomize-based deterministic deployment
This repository does NOT include:
- Application runtime
- AI services
- Vector databases
- Analytics stacks
- Observability UIs (Grafana, Loki, Tempo)
- Cluster provisioning logic
- Helm charts
- Development tooling
- Kubernetes 1.26+
- ValidatingAdmissionPolicy enabled
- Container runtime present
- Cluster-admin permissions for install
- Internal registry usage only
make install
make validateIntended Use
This repository provides the infrastructure substrate layer of the ThreadForge platform.
It establishes the Kubernetes environment, workload identity plumbing, and baseline security controls required for higher-level runtime layers.
ThreadForge Fabric is designed as a consulting-grade reference baseline or as a composable foundation for identity-aware workload platforms.