stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity

feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries

Browse Source 
- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys.
- Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations.
- Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.
This commit is contained in:
master
2025-10-31 14:37:45 +02:00
parent 240e8ff25d
commit 15b4a1de6a
312 changed files with 6399 additions and 3319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
docs/technical/operations/README.md Normal file
View File

@@ -0,0 +1,47 @@
# Operations, Deployment & Offline
Deployment, runtime operations, and air-gap playbooks for running StellaOps in production.
## Install & Upgrade
- [../21_INSTALL_GUIDE.md](../../21_INSTALL_GUIDE.md) canonical install guide (Docker, air-gap considerations).
- [../install/docker.md](../../install/docker.md) Docker install recipes.
- [../deploy/containers.md](../../deploy/containers.md) container deployment guidance for AOC environments.
- [../deploy/console.md](../../deploy/console.md) console deployment specifics.
- [../13_RELEASE_ENGINEERING_PLAYBOOK.md](../../13_RELEASE_ENGINEERING_PLAYBOOK.md) release automation, signing, reproducibility.
- [../artifacts/bom-index/README.md](../../artifacts/bom-index/README.md) BOM index artifact layout for Offline Kit exports.
## Offline & Sovereign Operations
- [../quickstart.md](../../quickstart.md) 5-minute path to first scan (useful for smoke testing installs).
- [../10_OFFLINE_KIT.md](../../10_OFFLINE_KIT.md) & [../24_OFFLINE_KIT.md](../../24_OFFLINE_KIT.md) bundle contents, import/export workflow.
- [../airgap/airgap-mode.md](../../airgap/airgap-mode.md) configuration for sealed environments.
- [../license-jwt-quota.md](../../license-jwt-quota.md) offline quota token lifecycle.
- [../10_CONCELIER_CLI_QUICKSTART.md](../../10_CONCELIER_CLI_QUICKSTART.md) workstation ingest/export workflow (operators).
## Hardening & Governance
- [../17_SECURITY_HARDENING_GUIDE.md](../../17_SECURITY_HARDENING_GUIDE.md) platform hardening checklist.
- [../accessibility.md](../../accessibility.md) accessibility checklist for console deployments.
- [../security/console-security.md](../../security/console-security.md) console-specific controls.
- [../security/authority-scopes.md](../../security/authority-scopes.md) Authority scope model.
- [../security/rate-limits.md](../../security/rate-limits.md) throttling policy reference.
- [../security/policy-governance.md](../../security/policy-governance.md) policy governance guardrails.
- [../security/audit-events.md](../../security/audit-events.md) audit event catalogue.
- [../security/revocation-bundle.md](../../security/revocation-bundle.md) & [../security/revocation-bundle-example.json](../../security/revocation-bundle-example.json) revocation workflow.
- [../security/password-hashing.md](../../security/password-hashing.md) credential storage details.
## Module Runbooks & Ops Guides
- Module operations directories under [../../modules/](../../modules/) (Authority backups/monitoring, Concelier connectors, Scanner analyzers, Scheduler worker dashboards, Export Center runbook, DevOps launch readiness, Telemetry collector/storage, etc.).
- [../runtime/SCANNER_RUNTIME_READINESS.md](../../runtime/SCANNER_RUNTIME_READINESS.md) runtime readiness checklist.
- Notifications Studio operations: see [../notifications/architecture.md](../../notifications/architecture.md), [../notifications/overview.md](../../notifications/overview.md), [../notifications/rules.md](../../notifications/rules.md), [../notifications/templates.md](../../notifications/templates.md), [../notifications/digests.md](../../notifications/digests.md).
- Additional notification flows: [../notifications/pack-approvals-integration.md](../../notifications/pack-approvals-integration.md).
- Observability operations: [../observability/observability.md](../../observability/observability.md), [../observability/ui-telemetry.md](../../observability/ui-telemetry.md).
## DevOps & Release Automation
- [../devops/policy-schema-export.md](../../devops/policy-schema-export.md) policy schema export automation.
- [../modules/devops/runbooks/launch-readiness.md](../../modules/devops/runbooks/launch-readiness.md), [../modules/devops/runbooks/launch-cutover.md](../../modules/devops/runbooks/launch-cutover.md), [../modules/devops/runbooks/deployment-upgrade.md](../../modules/devops/runbooks/deployment-upgrade.md), [../modules/devops/runbooks/nuget-preview-bootstrap.md](../../modules/devops/runbooks/nuget-preview-bootstrap.md).
- [../modules/registry/operations/token-service.md](../../modules/registry/operations/token-service.md) registry token runbook.
- [../modules/concelier/operations/mirror.md](../../modules/concelier/operations/mirror.md) mirror operations.
- [../modules/concelier/operations/connectors/](../../modules/concelier/operations/connectors/) connector-specific procedures (ACSC, CCCS, CERT-Bund, etc.).
- [../modules/authority/operations/](../../modules/authority/operations/) key rotation, monitoring, backup/restore.
- [../modules/scanner/operations/](../../modules/scanner/operations/) analyzer management, entrypoint guides, RustFS migration.
- [../modules/scheduler/operations/](../../modules/scheduler/operations/) worker dashboards, Prometheus rules.
- [../modules/telemetry/operations/](../../modules/telemetry/operations/) collector/storage deployment.