provisioning

Demo Manufacturing BV

Source intake runs stored source-traceable

blocked-before-live-provisioning

Provisioning

Read-only live OpenAI provisioning checklist. It does not provision secrets, expose secret values, record approvals, or call OpenAI.

Environment

blocked-before-live-provisioning

Operator steps

Approval preconditions

Evidence after provisioning

No-go rules

Secret handling rules

Do not commit OPENAI_API_KEY or paste it into Markdown, JSON, screenshots, approval notes, or prompt overrides.
Provision the key only after data-handling, access/role, live OpenAI, output/archive, and learning gates are accepted for the rehearsal scope.
Restart the app process after provisioning; do not expect an already-running process to see new environment variables.
Use the readiness page only to confirm presence/absence; never add a route that displays the secret value.
Rotate or remove the key after rehearsal if the environment is not a controlled persistent runtime.