stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

fix(platform): make topology probe fallback truthful

Browse Source 
Signed-off-by: master <>
This commit is contained in:
master
2026-03-31 23:44:40 +03:00
parent 152c1b1357
commit 0d858ba9d1
13 changed files with 153 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/modules/platform/platform-service.md
View File

@@ -71,6 +71,11 @@ Provide a single, deterministic aggregation layer for cross-service UX workflows
- Platform ships locale-complete `ui` and `platform` namespace bundles for `en-US`, `de-DE`, `bg-BG`, `ru-RU`, `es-ES`, `fr-FR`, `uk-UA`, `zh-TW`, `zh-CN`; shared localization library now provides `common` bundles for the same locale set.
- Bundled locales currently shipped: `en-US`, `de-DE`, `bg-BG`, `ru-RU`, `es-ES`, `fr-FR`, `uk-UA`, `zh-TW`, `zh-CN`.
### Release Orchestrator compatibility
- Platform hosts `/api/v1/release-orchestrator/environments/*` as a compatibility facade for Console release-management flows.
- Supported families include environment CRUD plus `/settings`, per-environment `/targets` CRUD with `/health-check`, and `/freeze-windows` CRUD.
- The compatibility facade reuses the Release Orchestrator environment library and deterministic in-memory stores so local console flows work without a dedicated Release Orchestrator WebApi host.
## API surface (v2)
### Global context
@@ -94,6 +99,9 @@ Provide a single, deterministic aggregation layer for cross-service UX workflows
- GET `/api/v2/topology/promotion-paths`
- GET `/api/v2/topology/workflows`
- GET `/api/v2/topology/gate-profiles`
- `/api/v2/topology/hosts` includes `ProbeStatus`, `ProbeType`, and `ProbeLastHeartbeat`.
- Current host probe contract is projection-derived rather than live Signals state: `ProbeLastHeartbeat` mirrors the latest projected host sync timestamp, `ProbeStatus` is `active` when that heartbeat is within two minutes of the freshest host heartbeat in the tenant snapshot and `offline` otherwise, and missing heartbeat data yields `not_installed`.
- Probe type mapping is deterministic: `winrm_host` -> `etw`; `docker_host`, `compose_host`, `ssh_host`, `ecs_service`, and `nomad_job` -> `ebpf`.
### Security read model
- GET `/api/v2/security/findings`
@@ -165,6 +173,8 @@ Provide a single, deterministic aggregation layer for cross-service UX workflows
- Runtime read-model services (`/api/v2/releases`, `/api/v2/topology/*`, `/api/v2/security/*`, `/api/v2/integrations/*`) must depend only on explicit query contracts:
- `IReleaseControlBundleStore`
- `IPlatformContextQuery`
- Current host probe enrichment is derived only from the topology projection timestamps already returned by `IReleaseControlBundleStore`.
- Future live runtime probe or observed inventory enrichment for `/api/v2/topology/hosts` must still arrive through an explicit query contract. Read-model services must not reach into foreign persistence directly.
- Foreign module persistence references are migration/admin-only and limited to explicit allowlist surfaces (`SeedEndpoints`, `MigrationModulePlugins`).
- Runtime read endpoints must not inject foreign `*.Persistence*` types, `DbContext` from other modules, or migration runners directly.
- Guard tests: `src/Platform/__Tests/StellaOps.Platform.WebService.Tests/PlatformRuntimeBoundaryGuardTests.cs`.