3 Commits

Author SHA1 Message Date
justin 2f61b342af Document service account choices for AD-aware hooks
Add a Service account section to PLAN.md and README.md covering
LocalSystem, domain user, and gMSA install paths so users running AD
PowerShell scripts know which identity to pick. Drop the stale
"outbound webhook delivery" out-of-scope bullet now that callbacks are
in v1.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 21:32:07 -04:00
justin 920c3d8916 Add outbound callback design to plan
Per-endpoint optional callback URL: service POSTs run result after async
runs (and optionally sync). Reuses inbound HMAC code path for outbound
signing. No caller-supplied URLs (SSRF risk). Bounded queue, exponential
backoff with jitter, configurable retries.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:32:20 -04:00
justin 2a4b1b3adb Initial plan and README for Windows webhook server
Empty project scaffolded with the approved implementation plan,
README overview, and a .NET-appropriate .gitignore. Implementation
will follow on a Windows machine.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 00:27:50 -04:00