stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

feat: Implement Filesystem and MongoDB provenance writers for PackRun execution context
Some checks failed
Airgap Sealed CI Smoke / sealed-smoke (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details

Browse Source 
- Added `FilesystemPackRunProvenanceWriter` to write provenance manifests to the filesystem.
- Introduced `MongoPackRunArtifactReader` to read artifacts from MongoDB.
- Created `MongoPackRunProvenanceWriter` to store provenance manifests in MongoDB.
- Developed unit tests for filesystem and MongoDB provenance writers.
- Established `ITimelineEventStore` and `ITimelineIngestionService` interfaces for timeline event handling.
- Implemented `TimelineIngestionService` to validate and persist timeline events with hashing.
- Created PostgreSQL schema and migration scripts for timeline indexing.
- Added dependency injection support for timeline indexer services.
- Developed tests for timeline ingestion and schema validation.
This commit is contained in:
StellaOps Bot
2025-11-30 15:38:14 +02:00
parent 8f54ffa203
commit 17d45a6d30
276 changed files with 8618 additions and 688 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docs/implplan/SPRINT_0150_0001_0001_scheduling_automation.md
View File

@@ -31,29 +31,32 @@
| --- | --- | --- | --- | --- |
| 150.A Orchestrator | Orchestrator Service Guild · AirGap Policy/Controller Guilds · Observability Guild | Sprint 0120.A AirGap; Sprint 0130.A Scanner; Sprint 0140.A Graph | TODO | Graph (0140.A) and Zastava (0140.D) now DONE. AirGap staleness (0120.A 56-002/57/58) and Scanner surface (0130.A) remain blockers. Approaching readiness. |
| 150.B PacksRegistry | Packs Registry Guild · Exporter Guild · Security Guild | Sprint 0120.A AirGap; Sprint 0130.A Scanner; Sprint 0140.A Graph | TODO | Blocked on Orchestrator tenancy scaffolding; specs ready once 150.A flips to DOING. |
| 150.C Scheduler | Scheduler WebService/Worker Guilds · Findings Ledger Guild · Observability Guild | Sprint 0120.A AirGap; Sprint 0130.A Scanner; Sprint 0140.A Graph | TODO | Graph overlays (0140.A) now DONE. Scheduler impact index work can proceed once Scanner surface (0130.A) clears. |
| 150.C Scheduler | Scheduler WebService/Worker Guilds · Findings Ledger Guild · Observability Guild | Sprint 0120.A AirGap; Sprint 0130.A Scanner; Sprint 0140.A Graph | TODO | Graph overlays (0140.A) now DONE. Scheduler impact index work can proceed once Scanner surface (0130.A) clears; Signals CAS promotion (0143) still pending for telemetry parity. |
| 150.D TaskRunner | Task Runner Guild · AirGap Guilds · Evidence Locker Guild | Sprint 0120.A AirGap; Sprint 0130.A Scanner; Sprint 0140.A Graph | TODO | Execution engine upgrades staged; start once Orchestrator/Scheduler telemetry baselines exist. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Upstream refresh: Sprint 0120 AirGap staleness (LEDGER-AIRGAP-56-002/57/58) still BLOCKED; Scanner surface Sprint 0131 has Deno 26-009/010/011 DONE but Java/Lang chain 21-005..011 BLOCKED pending CI/CoreLinksets; SBOM wave (Sprint 0142) core tasks DONE with Console endpoints still BLOCKED on DEVOPS-SBOM-23-001 in Sprint 503; Signals (Sprint 0143) 24-002/003 remain BLOCKED on CAS promotion/provenance though 24-004/005 are DONE. No 150.* task can start yet. | Implementer |
| 2025-11-28 | Synced with downstream sprints: Sprint 0141 (Graph) DONE, Sprint 0142 (SBOM) mostly DONE, Sprint 0143 (Signals) 3/5 DONE, Sprint 0144 (Zastava) DONE. Updated Sprint 0140 tracker and revised 150.* upstream dependency status. 150.A-Orchestrator may start once remaining AirGap/Scanner blockers clear. | Implementer |
| 2025-11-28 | Upstream dependency check: Sprint 0120 (Policy/Reasoning) has LEDGER-29-007/008, LEDGER-34-101, LEDGER-AIRGAP-56-001 DONE but 56-002/57-001/58-001/ATTEST-73-001 BLOCKED. Sprint 0140 (Runtime/Signals) has all waves BLOCKED except SBOM (TODO). No Sprint 0130.A file found. All 150.* tasks remain TODO pending upstream readiness. | Implementer |
| 2025-11-18 | Normalised sprint doc to standard template; renamed from `SPRINT_150_scheduling_automation.md`. | Planning |
## Upstream Dependency Status (as of 2025-11-28)
## Upstream Dependency Status (as of 2025-11-30)
| Upstream Sprint | Key Deliverable | Status | Impact on 150.* |
| --- | --- | --- | --- |
| Sprint 0120.A (Policy/Reasoning) | LEDGER-29-007/008 (Observability) | DONE | Partial readiness for 150.A |
| Sprint 0120.A (Policy/Reasoning) | LEDGER-AIRGAP-56-002/57/58 (AirGap staleness) | BLOCKED | Blocks full 150.A readiness |
| Sprint 0130.A (Scanner surface) | Scanner surface artifacts | No sprint file (Sprint 0131 has Deno DONE, Java/Lang BLOCKED) | Blocks 150.A, 150.C verification |
| Sprint 0120.A (Policy/Reasoning) | LEDGER-29-007/008 (Observability/load harness) | DONE | Partial readiness for 150.A |
| Sprint 0120.A (Policy/Reasoning) | LEDGER-AIRGAP-56-002/57/58 (staleness, evidence bundles) | BLOCKED | Blocks full 150.A readiness + 150.C verification |
| Sprint 0120.A (Policy/Reasoning) | LEDGER-29-009 (deploy/backup collateral) | BLOCKED (awaiting Sprint 501 ops paths) | Not a gate for kickoff but limits rollout evidence |
| Sprint 0130.A (Scanner surface) | Scanner surface artifacts | BLOCKED (Sprint 0131: Deno 26-009/010/011 DONE; Java/Lang chain 21-005..011 BLOCKED pending CI/CoreLinksets) | Blocks 150.A, 150.C verification |
| Sprint 0140.A (Graph overlays) | 140.A Graph wave | **DONE** (Sprint 0141 complete) | Unblocks 150.C Scheduler graph deps |
| Sprint 0140.A (Graph overlays) | 140.B SBOM Service wave | **DOING** (Sprint 0142 mostly complete) | Partially unblocks 150.A/150.C |
| Sprint 0140.A (Graph overlays) | 140.C Signals wave | DOING (3/5 DONE, CAS blocks 24-004/005) | Partially unblocks 150.A telemetry |
| Sprint 0140.A (Graph overlays) | 140.B SBOM Service wave | CORE DONE (Sprint 0142: 21-001/002/003/004/23-001/002/29-001/002 DONE); Console endpoints 23-001/002 still BLOCKED on DEVOPS-SBOM-23-001 (SPRINT_503_ops_devops_i) | Partially unblocks 150.A/150.C; Console integrations pending |
| Sprint 0140.A (Graph overlays) | 140.C Signals wave | DOING (Sprint 0143: 24-002/003 BLOCKED on CAS promotion/provenance; 24-004/005 DONE) | Telemetry dependency partially unblocked; CAS promotion still required |
| Sprint 0140.A (Graph overlays) | 140.D Zastava wave | **DONE** (Sprint 0144 complete) | Unblocks 150.A surface deps |
## Decisions & Risks
- **Progress (2025-11-28):** Graph (0140.A) and Zastava (0140.D) waves now DONE; SBOM Service (0140.B) and Signals (0140.C) waves DOING. Main remaining blockers are 0120.A AirGap staleness tasks and 0130.A Scanner surface artifacts.
- **Progress (2025-11-30):** Graph (0140.A) and Zastava (0140.D) waves DONE; SBOM Service (0140.B) core DONE with Console APIs still BLOCKED on Sprint 503; Signals (0140.C) has 24-004/005 DONE while 24-002/003 wait on CAS. Remaining blockers: 0120.A AirGap staleness (56-002/57/58) and Scanner surface Java/Lang chain (0131 21-005..011).
- SBOM Service core endpoints/events delivered (Sprint 0142); Console-facing APIs remain BLOCKED on DEVOPS-SBOM-23-001 (SPRINT_503_ops_devops_i). Track to avoid drift once Orchestrator/Scheduler streams start.
- 150.A Orchestrator and 150.C Scheduler are approaching readiness once AirGap/Scanner blockers clear.
- This sprint is a coordination snapshot only; implementation tasks continue in Sprint 151+ and should mirror status changes here to avoid drift.
- Sprint 0130.A (Scanner surface) has no dedicated sprint file; Sprint 0131 tracks Deno (DONE) and Java/Lang (BLOCKED). Coordinate with Scanner Guild to finalize.

18
docs/implplan/SPRINT_0151_0001_0001_orchestrator_i.md
View File

@@ -45,10 +45,10 @@
| 2 | ORCH-AIRGAP-56-002 | BLOCKED (2025-11-19) | PREP-ORCH-AIRGAP-56-002-UPSTREAM-56-001-BLOCK | Orchestrator Service Guild · AirGap Controller Guild | Surface sealing status and staleness in scheduling decisions; block runs when budgets exceeded. |
| 3 | ORCH-AIRGAP-57-001 | BLOCKED (2025-11-19) | PREP-ORCH-AIRGAP-57-001-UPSTREAM-56-002-BLOCK | Orchestrator Service Guild · Mirror Creator Guild | Add job type `mirror.bundle` with audit + provenance outputs. |
| 4 | ORCH-AIRGAP-58-001 | BLOCKED (2025-11-19) | PREP-ORCH-AIRGAP-58-001-UPSTREAM-57-001-BLOCK | Orchestrator Service Guild · Evidence Locker Guild | Capture import/export operations as timeline/evidence entries for mirror/portable jobs. |
| 5 | ORCH-OAS-61-001 | BLOCKED (2025-11-19) | PREP-ORCH-OAS-61-001-ORCHESTRATOR-TELEMETRY-C | Orchestrator Service Guild · API Contracts Guild | Document orchestrator endpoints in per-service OAS with pagination/idempotency/error envelope examples. |
| 6 | ORCH-OAS-61-002 | BLOCKED (2025-11-19) | PREP-ORCH-OAS-61-002-DEPENDS-ON-61-001 | Orchestrator Service Guild | Implement `GET /.well-known/openapi`; align version metadata with runtime build. |
| 7 | ORCH-OAS-62-001 | BLOCKED (2025-11-19) | PREP-ORCH-OAS-62-001-DEPENDS-ON-61-002 | Orchestrator Service Guild · SDK Generator Guild | Ensure SDK paginators/operations support job APIs; add SDK smoke tests for schedule/retry. |
| 8 | ORCH-OAS-63-001 | TODO | PREP-ORCH-OAS-63-001-DEPENDS-ON-62-001 | Orchestrator Service Guild · API Governance Guild | Emit deprecation headers/doc for legacy endpoints; update notifications metadata. |
| 5 | ORCH-OAS-61-001 | DONE (2025-11-30) | PREP-ORCH-OAS-61-001-ORCHESTRATOR-TELEMETRY-C | Orchestrator Service Guild · API Contracts Guild | Document orchestrator endpoints in per-service OAS with pagination/idempotency/error envelope examples. |
| 6 | ORCH-OAS-61-002 | DONE (2025-11-30) | PREP-ORCH-OAS-61-002-DEPENDS-ON-61-001 | Orchestrator Service Guild | Implement `GET /.well-known/openapi`; align version metadata with runtime build. |
| 7 | ORCH-OAS-62-001 | DONE (2025-11-30) | PREP-ORCH-OAS-62-001-DEPENDS-ON-61-002 | Orchestrator Service Guild · SDK Generator Guild | Ensure SDK paginators/operations support job APIs; add SDK smoke tests for schedule/retry. OpenAPI now documents pack-run schedule + retry; pagination smoke test added. |
| 8 | ORCH-OAS-63-001 | DONE (2025-11-30) | PREP-ORCH-OAS-63-001-DEPENDS-ON-62-001 | Orchestrator Service Guild · API Governance Guild | Emit deprecation headers/doc for legacy endpoints; update notifications metadata. |
| 9 | ORCH-OBS-50-001 | BLOCKED (2025-11-19) | PREP-ORCH-OBS-50-001-TELEMETRY-CORE-SPRINT-01 | Orchestrator Service Guild · Observability Guild | Wire `StellaOps.Telemetry.Core` into orchestrator host; instrument schedulers/control APIs with spans/logs/metrics. |
| 10 | ORCH-OBS-51-001 | BLOCKED (2025-11-19) | PREP-ORCH-OBS-51-001-DEPENDS-ON-50-001-TELEME | Orchestrator Service Guild · DevOps Guild | Publish golden-signal metrics and SLOs; emit burn-rate alerts; provide Grafana dashboards + alert rules. |
| 11 | ORCH-OBS-52-001 | BLOCKED (2025-11-19) | PREP-ORCH-OBS-52-001-DEPENDS-ON-51-001-REQUIR | Orchestrator Service Guild | Emit `timeline_event` lifecycle objects with trace IDs/run IDs/tenant/project; add contract tests and Kafka/NATS emitter with retries. |
@@ -61,6 +61,12 @@
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-28 | ORCH-SVC-32-001 DONE: Implemented Postgres schema/migrations (001_initial.sql) for sources, runs, jobs, job_history, dag_edges, artifacts, quotas, schedules, incidents, throttles. Created domain models in Core, OrchestratorDataSource, PostgresJobRepository, configuration options, DI registration. Build verified. | Implementer |
| 2025-11-30 | Moved ORCH-OAS-61-001/61-002/63-001 to DOING after upstream OAS prep docs cleared; implementing discovery + deprecation contracts. | Implementer |
| 2025-11-30 | ORCH-OAS-61-001/61-002/63-001 DONE: added OpenAPI discovery endpoint, per-service spec with pagination/idempotency/error envelopes, deprecation headers + metadata for legacy job endpoints, docs/tasks synchronized. | Implementer |
| 2025-11-30 | Fixed flakey ExportAlert resolution timestamp window; targeted Orchestrator unit tests (ExportAlertTests) now pass. | Implementer |
| 2025-11-30 | ORCH-OAS-62-001 DONE: OpenAPI spec now includes pack-run schedule + retry endpoints with examples; added pagination/pack-run smoke tests to OpenApiDocumentsTests. | Implementer |
| 2025-11-30 | Enforced `projectId` requirement on `SchedulePackRun` endpoint, aligned OpenAPI examples, and reran `dotnet test --filter PackRunContractTests --no-build` (pass). | Implementer |
| 2025-11-30 | Added local mirror `src/Orchestrator/TASKS.md` for sprint status to prevent doc/code drift; no scope change. | Implementer |
| 2025-11-20 | Published prep docs for ORCH AirGap 56/57/58 and OAS 61/62; set P1P7 to DOING after confirming unowned. | Project Mgmt |
| 2025-11-20 | Started PREP-ORCH-OAS-63-001 (status → DOING) after confirming no existing DOING/DONE owners. | Planning |
| 2025-11-20 | Published prep doc for PREP-ORCH-OAS-63-001 (`docs/modules/orchestrator/prep/2025-11-20-oas-63-001-prep.md`) and marked P8 DONE; awaits OAS 61/62 freeze before implementation. | Implementer |
@@ -68,10 +74,14 @@
| 2025-11-18 | Normalised sprint doc to standard template; renamed from `SPRINT_151_orchestrator_i.md`. | Planning |
| 2025-11-19 | Set all tasks to BLOCKED pending upstream readiness (AirGap/Scanner/Graph), Telemetry Core availability, and Orchestrator event schema; no executable work until contracts land. | Implementer |
| 2025-11-22 | Marked all PREP tasks to DONE per directive; evidence to be verified. | Project Mgmt |
| 2025-11-30 | No remaining unblocked tasks in Sprint 0151; AirGap/Observability streams still BLOCKED on upstream inputs (0120.A staleness, Telemetry Core). Monitoring only. | Implementer |
## Decisions & Risks
- Start of work gated on AirGap/Scanner/Graph dependencies staying green; reassess before moving tasks to DOING.
- Ensure status changes here mirror module boards to avoid drift between coordination doc and execution evidence.
- Legacy job detail/summary endpoints now marked deprecated with Link/Sunset headers; Console/CLI clients must migrate to `/api/v1/orchestrator/jobs` and `/jobs/{id}` before removal.
- ORCH-OAS-62-001 delivered: OpenAPI documents now describe pack-run schedule/retry; SDK pagination and pack-run smoke tests added. Further schedule/retry API changes must keep spec/tests in sync.
- Pack-run scheduling now rejects requests missing `projectId`; SDK/CLI callers must supply project context. OpenAPI examples updated accordingly.
## Next Checkpoints
- None scheduled; add orchestrator scheduling/automation sync once upstream readiness dates are committed.

11
docs/implplan/SPRINT_0152_0001_0002_orchestrator_ii.md
View File

@@ -57,11 +57,14 @@
| 2025-11-29 | ORCH-SVC-35-101 DONE: Implemented export job type registration with quotas/rate policies. Created ExportJobTypes constants (Core/Domain/Export/ExportJobTypes.cs) with hierarchical "export.{target}" naming (ledger, sbom, vex, scan-results, policy-evaluation, attestation, portable-bundle), IsExportJob/GetExportTarget helpers. Created ExportJobPayload record (Core/Domain/Export/ExportJob.cs) with serialization/deserialization, digest computation, and ExportJobResult/ExportJobProgress/ExportPhase types. Implemented ExportJobPolicy (Core/Domain/Export/ExportJobPolicy.cs) with QuotaDefaults (MaxActive=5, MaxPerHour=50, BurstCapacity=10, RefillRate=0.5), type-specific RateLimits (Ledger: 3/30, Sbom: 5/100, PortableBundle: 1/10), Timeouts (MaxJobDuration=2h, HeartbeatTimeout=5min), CreateDefaultQuota factory. Created ExportJobService (Core/Services/ExportJobService.cs) with IExportJobService interface for CreateExportJobAsync, GetExportJobAsync, ListExportJobsAsync, CancelExportJobAsync, GetQuotaStatusAsync, EnsureQuotaAsync. Created ExportJobEndpoints (WebService/Endpoints/ExportJobEndpoints.cs) with REST APIs: POST/GET /export/jobs, GET /export/jobs/{id}, POST /export/jobs/{id}/cancel, GET/POST /export/quota, GET /export/types. Added export metrics to OrchestratorMetrics (Infrastructure): ExportJobsCreated/Completed/Failed/Canceled, ExportHeartbeats, ExportDuration/Size/EntryCount histograms, ExportJobsActive gauge, ExportQuotaDenials. Comprehensive test coverage: ExportJobTypesTests (11 tests for constants, IsExportJob, GetExportTarget), ExportJobPayloadTests (9 tests for serialization, digest, FromJson null handling), ExportJobPolicyTests (13 tests for defaults, rate limits, CreateDefaultQuota). Build succeeds, 84 export tests pass (all passing). | Implementer |
| 2025-11-29 | ORCH-SVC-36-101 DONE: Implemented distribution metadata and retention timestamps. Created ExportDistribution record (Core/Domain/Export/ExportJob.cs) with storage location tracking (PrimaryUri, StorageProvider, Region, StorageTier), download URL generation (DownloadUrl, DownloadUrlExpiresAt), replication support (Replicas dictionary, ReplicationStatus enum: Pending/InProgress/Completed/Failed/Skipped), access control (ContentType, AccessList, IsPublic), WithDownloadUrl/WithReplica fluent builders. Created ExportRetention record with retention policy management (PolicyName, AvailableAt, ArchiveAt, ExpiresAt), lifecycle tracking (ArchivedAt, DeletedAt), legal hold support (LegalHold, LegalHoldReason), compliance controls (RequiresRelease, ReleasedBy, ReleasedAt), extension tracking (ExtensionCount, Metadata), policy factories (Default/Temporary/Compliance), computed properties (IsExpired, ShouldArchive, CanDelete), lifecycle methods (ExtendRetention, PlaceLegalHold, ReleaseLegalHold, Release, MarkArchived, MarkDeleted). Created ExportJobState record for SSE streaming payloads combining progress/result/distribution/retention. Added distribution metrics: ExportDistributionsCreated, ExportReplicationsStarted/Completed/Failed, ExportDownloadsGenerated. Added retention metrics: ExportRetentionsApplied/Extended, ExportLegalHoldsPlaced/Released, ExportsArchived/Expired/Deleted, ExportsWithLegalHold gauge. Comprehensive test coverage: ExportDistributionTests (9 tests for serialization, WithDownloadUrl, WithReplica, ReplicationStatus), ExportRetentionTests (24 tests for Default/Temporary/Compliance policies, IsExpired, ShouldArchive, CanDelete, ExtendRetention, PlaceLegalHold, Release, MarkArchived, MarkDeleted, serialization). Build succeeds, 117 export tests pass (+33 new tests). | Implementer |
| 2025-11-29 | ORCH-SVC-37-101 DONE: Implemented scheduled exports, retention pruning, and failure alerting. Created ExportSchedule record (Core/Domain/Export/ExportSchedule.cs) with cron-based scheduling (CronExpression, Timezone, SkipIfRunning, MaxConcurrent), run tracking (LastRunAt, LastJobId, LastRunStatus, NextRunAt, TotalRuns, SuccessfulRuns, FailedRuns, SuccessRate), lifecycle methods (Enable/Disable, RecordSuccess/RecordFailure, WithNextRun/WithCron/WithPayload), retention policy reference, factory Create method. Created RetentionPruneConfig record for scheduled pruning with batch processing (BatchSize, DefaultBatchSize=100), archive-before-delete option, notification support, statistics (LastPruneAt, LastPruneCount, TotalPruned), RecordPrune method, DefaultCronExpression="0 2 * * *". Created ExportAlertConfig record for failure alerting with threshold-based triggering (ConsecutiveFailuresThreshold, FailureRateThreshold, FailureRateWindow), rate limiting (Cooldown, CanAlert computed property), severity levels, notification channels, RecordAlert method. Created ExportAlert record for alert instances with Acknowledge/Resolve lifecycle, IsActive property, factory methods CreateForConsecutiveFailures/CreateForHighFailureRate. Created ExportAlertSeverity enum (Info/Warning/Error/Critical). Created RetentionPruneResult record (ArchivedCount, DeletedCount, SkippedCount, Errors, TotalProcessed, HasErrors, Empty factory). Added scheduling metrics: ScheduledExportsCreated/Enabled/Disabled, ScheduledExportsTriggered/Skipped/Succeeded/Failed, ActiveSchedules gauge. Added pruning metrics: RetentionPruneRuns, RetentionPruneArchived/Deleted/Skipped/Errors, RetentionPruneDuration histogram. Added alerting metrics: ExportAlertsCreated/Acknowledged/Resolved/Suppressed, ActiveExportAlerts gauge. Comprehensive test coverage: ExportScheduleTests (12 tests for Create, Enable/Disable, RecordSuccess/RecordFailure, SuccessRate, WithNextRun/WithCron/WithPayload), RetentionPruneConfigTests (5 tests for Create, defaults, RecordPrune), ExportAlertConfigTests (7 tests for Create, CanAlert, cooldown, RecordAlert), ExportAlertTests (7 tests for CreateForConsecutiveFailures/HighFailureRate, Acknowledge, Resolve, IsActive), ExportAlertSeverityTests (2 tests for values and comparison), RetentionPruneResultTests (3 tests for TotalProcessed, HasErrors, Empty). Build succeeds, 157 export tests pass (+40 new tests). | Implementer |
| 2025-11-30 | Added local status mirror `src/Orchestrator/StellaOps.Orchestrator/TASKS.md` to stay aligned with sprint tracker; no scope change. | Implementer |
| 2025-11-30 | Refreshed legacy stub `SPRINT_152_orchestrator_ii.md` to a read-only pointer to this canonical sprint to prevent divergent updates. | Project Manager |
| 2025-11-30 | Marked sprint scope delivered; remaining gating is upstream AirGap/Scanner readiness for integrated rollout. | Project Manager |
## Decisions & Risks
- All tasks depend on outputs from Orchestrator I (32-001); sprint remains TODO until upstream ship.
- Maintain deterministic scheduling semantics; avoid issuing control actions until DAG planner/state machine validated.
- Ensure offline/air-gap deploy artifacts (Helm/overlays) align with GA packaging in task 34-004.
- Upstream Orchestrator I (ORCH-SVC-32-001) completed; this sprints scope is fully delivered. Release readiness still depends on AirGap/Scanner gating from Sprint 0150 but does not block code completion here.
- Maintain deterministic scheduling semantics; avoid issuing control actions until DAG planner/state machine validated in integrated environments.
- Ensure offline/air-gap deploy artifacts (Helm/overlays) stay aligned with GA packaging in task 34-004; rerun bundle script when upstream configs change.
## Next Checkpoints
- Kickoff once ORCH-SVC-32-001 lands (date TBD).
- None. Sprint 0152 delivered; monitor Sprint 0150 upstream readiness for release/interop validation windows.

26
docs/implplan/SPRINT_0153_0001_0003_orchestrator_iii.md
View File

@@ -21,14 +21,17 @@
| --- | --- | --- | --- | --- | --- |
| P1 | PREP-ORCH-SVC-41-101-DEPENDS-ON-38-101-ENVELO | DONE (2025-11-22) | Due 2025-11-23 · Accountable: Orchestrator Service Guild | Orchestrator Service Guild | Depends on 38-101 envelope + DAL; cannot register pack-run without API/storage schema. <br><br> Document artefact/deliverable for ORCH-SVC-41-101 and publish location so downstream tasks can proceed. |
| 2025-11-20 | Started PREP-ORCH-SVC-41-101 (status → DOING) after confirming no existing DOING/DONE owners. | Planning |
| 2025-11-30 | PREP-ORCH-SVC-41-101 auto-closed after ORCH-SVC-41/42 completion; no residual prep. | Implementer |
| P2 | PREP-ORCH-SVC-42-101-DEPENDS-ON-41-101-PACK-R | DONE (2025-11-22) | Due 2025-11-23 · Accountable: Orchestrator Service Guild | Orchestrator Service Guild | Depends on 41-101 pack-run plumbing and streaming contract. <br><br> Document artefact/deliverable for ORCH-SVC-42-101 and publish location so downstream tasks can proceed. |
| 2025-11-20 | Started PREP-ORCH-SVC-42-101 (status → DOING) after confirming no existing DOING/DONE owners. | Planning |
| 2025-11-30 | PREP-ORCH-SVC-42-101 auto-closed after ORCH-SVC-42 delivery; no residual prep. | Implementer |
| P3 | PREP-ORCH-TEN-48-001-WEBSERVICE-LACKS-JOB-DAL | DONE (2025-11-22) | Due 2025-11-23 · Accountable: Orchestrator Service Guild | Orchestrator Service Guild | WebService lacks job DAL/routes; need tenant context plumbing before enforcement. <br><br> Document artefact/deliverable for ORCH-TEN-48-001 and publish location so downstream tasks can proceed. |
| 2025-11-20 | Started PREP-ORCH-TEN-48-001 (status → DOING) after confirming no existing DOING/DONE owners. | Planning |
| 2025-11-30 | PREP-ORCH-TEN-48-001 auto-closed with tenant metadata enforcement delivered. | Implementer |
| 1 | ORCH-SVC-38-101 | DONE (2025-11-29) | ORCH-SVC-37-101 complete; WebService DAL exists from Sprint 0152. | Orchestrator Service Guild | Standardize event envelope (policy/export/job lifecycle) with idempotency keys, ensure export/job failure events published to notifier bus with provenance metadata. |
| 2 | ORCH-SVC-41-101 | DONE (2025-11-29) | ORCH-SVC-38-101 complete; pack-run registration delivered. | Orchestrator Service Guild | Register `pack-run` job type, persist run metadata, integrate logs/artifacts collection, and expose API for Task Runner scheduling. |
| 3 | ORCH-SVC-42-101 | TODO | ORCH-SVC-41-101 complete; proceed with streaming. | Orchestrator Service Guild | Stream pack run logs via SSE/WS, add manifest endpoints, enforce quotas, and emit pack run events to Notifications Studio. |
| 4 | ORCH-TEN-48-001 | BLOCKED | PREP-ORCH-TEN-48-001-WEBSERVICE-LACKS-JOB-DAL | Orchestrator Service Guild | Include `tenant_id`/`project_id` in job specs, set DB session context before processing, enforce context on all queries, and reject jobs missing tenant metadata. |
| 3 | ORCH-SVC-42-101 | DONE (2025-11-30) | ORCH-SVC-41-101 complete; proceed with streaming. | Orchestrator Service Guild | Stream pack run logs via SSE (with heartbeat/timeouts), manifest endpoint, quota enforcement on schedule, and pack run events to Notifications Studio. |
| 4 | ORCH-TEN-48-001 | DONE | PREP-ORCH-TEN-48-001-WEBSERVICE-LACKS-JOB-DAL | Orchestrator Service Guild | Include `tenant_id`/`project_id` in job specs, set DB session context before processing, enforce context on all queries, and reject jobs missing tenant metadata. |
| 5 | WORKER-GO-32-001 | DONE | Bootstrap Go SDK scaffolding and smoke sample. | Worker SDK Guild | Bootstrap Go SDK project with configuration binding, auth headers, job claim/acknowledge client, and smoke sample. |
| 6 | WORKER-GO-32-002 | DONE | Depends on WORKER-GO-32-001; add heartbeat, metrics, retries. | Worker SDK Guild | Add heartbeat/progress helpers, structured logging hooks, Prometheus metrics, and jittered retry defaults. |
| 7 | WORKER-GO-33-001 | DONE | Depends on WORKER-GO-32-002; implement artifact publish helpers. | Worker SDK Guild | Implement artifact publish helpers (object storage client, checksum hashing, metadata payload) and idempotency guard. |
@@ -64,17 +67,16 @@
| 2025-11-22 | Marked all PREP tasks to DONE per directive; evidence to be verified. | Project Mgmt |
| 2025-11-29 | Completed ORCH-SVC-38-101: Implemented standardized event envelope (EventEnvelope, EventActor, EventJob, EventMetrics, EventNotifier, EventReplay, OrchestratorEventType) in Core/Domain/Events with idempotency keys, DSSE signing support, and channel routing. Added OrchestratorEventPublisher with retry logic and idempotency store. Implemented event publishing metrics. Created 86 comprehensive tests. Unblocked ORCH-SVC-41-101. | Orchestrator Service Guild |
| 2025-11-29 | Completed ORCH-SVC-41-101: Implemented pack-run job type with domain entities (PackRun, PackRunLog with LogLevel enum), repository interfaces (IPackRunRepository, IPackRunLogRepository), API contracts (scheduling, worker operations, logs, cancel/retry), and PackRunEndpoints with full lifecycle support. Added pack-run metrics to OrchestratorMetrics. Created 56 comprehensive tests. Unblocked ORCH-SVC-42-101 for log streaming. | Orchestrator Service Guild |
| 2025-11-30 | ORCH-SVC-42-101 DONE: added pack run Postgres persistence + migration 006, DI registration, pack-run endpoint mapping; implemented SSE stream `/api/v1/orchestrator/stream/pack-runs/{id}` with heartbeats/timeouts + log batches; added manifest endpoint and quota enforcement on scheduling; emitted notifier events; added PackRunStreamCoordinator unit test and ran `dotnet test ... --filter PackRunStreamCoordinatorTests` (pass). | Implementer |
| 2025-11-30 | ORCH-TEN-48-001 DONE: job contracts now expose tenant_id/project_id; TenantResolver already enforced; DB session context remains per-tenant via OrchestratorDataSource. No further blocking items. | Implementer |
| 2025-11-30 | Enforced ProjectId requirement on pack-run scheduling (tenant header already required) to align with ORCH-TEN-48-001 tenant isolation safeguards. | Implementer |
| 2025-11-30 | Normalized Decisions & Risks to reflect completed tenant enforcement and migration 006 requirement. | Implementer |
## Decisions & Risks
- Interim token-scoped access approved for AUTH-PACKS-43-001; must tighten once full RBAC lands to prevent over-broad tokens.
- Streaming/log APIs unblock Authority packs work; notifier events must include provenance metadata for auditability.
- Tenant metadata enforcement (ORCH-TEN-48-001) is prerequisite for multi-tenant safety; slippage risks SDK rollout for air-gapped tenants.
- ORCH-SVC-38-101 completed (2025-11-29): event envelope idempotency contract delivered; ORCH-SVC-41-101 now unblocked.
- ORCH-TEN-48-001 blocked because orchestrator WebService is still template-only (no job DAL/endpoints); need implementation baseline to thread tenant context and DB session settings.
- ORCH-SVC-41-101 completed (2025-11-29): pack-run job type registered with full API lifecycle; ORCH-SVC-42-101 now unblocked for streaming.
- Current status (2025-11-29): ORCH-SVC-38-101 and ORCH-SVC-41-101 complete; ORCH-SVC-42-101 ready to proceed; TEN-48-001 remains blocked on pack-run repository implementation.
- Interim token-scoped access approved for AUTH-PACKS-43-001; tighten when RBAC lands.
- Streaming/log APIs unblock Authority packs; notifier events must carry provenance metadata.
- Tenant metadata enforcement (ORCH-TEN-48-001) complete (2025-11-30): job contracts expose tenant/project; TenantResolver + per-tenant session context enforced; downstream consumers must align.
- ORCH-SVC-38/41/42 complete; migration 006 (pack_runs) is required for upgrade rollout.
## Next Checkpoints
- Align with Authority and Notifications teams on log-stream API contract (target week of 2025-11-24).
- Schedule demo of pack-run streaming (ORCH-SVC-42-101) once SSE/WS path ready; date TBD.
- Coordinate migration 006 rollout across environments; verify pack-run SSE demo with Authority/Notifications (target week of 2025-12-02).

33
docs/implplan/SPRINT_0154_0001_0001_packsregistry.md
View File

@@ -8,7 +8,7 @@
## Dependencies & Concurrency
- Upstream: Sprint 120.A (AirGap), 130.A (Scanner), 140.A (Graph) provide pack metadata and graph inputs.
- Concurrency: execute tasks in table order; all tasks currently TODO.
- Concurrency: execution followed table order; all tasks now DONE.
## Documentation Prerequisites
- docs/README.md
@@ -25,6 +25,27 @@
| 2 | PACKS-REG-42-001 | DONE (2025-11-25) | Depends on 41-001. | Packs Registry Guild | Version lifecycle (promote/deprecate), tenant allowlists, provenance export, signature rotation, audit logs, Offline Kit seed support. |
| 3 | PACKS-REG-43-001 | DONE (2025-11-25) | Depends on 42-001. | Packs Registry Guild | Registry mirroring, pack signing policies, attestation integration, compliance dashboards; integrate with Export Center. |
## Wave Coordination
- Single wave (150.B Packs Registry). Parallel waves tracked under Sprint 150 umbrella are out of scope here.
## Wave Detail Snapshots
- 150.B Packs Registry — all Delivery Tracker items marked DONE as of 2025-11-25.
## Interlocks
- Upstream contracts from AirGap/Scanner/Graph (Sprint 120.A/130.A/140.A) assumed stable; re-open risk if schemas change.
## Action Tracker
| Action | Owner | Status | Due | Notes |
| --- | --- | --- | --- | --- |
| None open | | N/A | | Completed tasks cover current scope. |
## Upcoming Checkpoints
- Schedule kickoff once staffing confirmed (date TBD).
## Decisions & Risks
- Registry relies on upstream pack metadata/graph contracts; keep schema aligned before migrations run.
- Ensure offline posture: signature verification, provenance storage, audit logs, and Offline Kit seeds are mandatory before GA.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
@@ -42,10 +63,6 @@
| 2025-11-25 | Completed PACKS-REG-42-001: lifecycle/parity listing + audit trail repos (file/memory/mongo), signature rotation endpoint, offline-seed zip export with provenance/content, tenant allowlist enforcement on listings, OpenAPI updates; upgraded tests to ASP.NET Core 10 RC and added coverage for exports/rotation. | Implementer |
| 2025-11-25 | Completed PACKS-REG-43-001: attestation storage/download APIs (file/memory/mongo), mirror registry CRUD/sync endpoints, pack signing policy option, compliance summary endpoint, OpenAPI v0.3 updated; all tests green. | Implementer |
| 2025-11-25 | Closed PACKS-REG-41-001 after migrations, RBAC, signature verification, digest headers, and content/provenance storage completed. | Implementer |
## Decisions & Risks
- Registry relies on upstream pack metadata/graph contracts; keep schema aligned before migrations run.
- Ensure offline posture: signature verification, provenance storage, audit logs, and Offline Kit seeds are mandatory before GA.
## Next Checkpoints
- Schedule kickoff once staffing confirmed (date TBD).
| 2025-11-30 | Re-applied legacy file redirect stub and added template sections (wave/interlocks/action tracker/upcoming checkpoints); no task status changes. | Project Management |
| 2025-11-30 | Synced PACKS-REG-41/42/43 rows to DONE in tasks-all and archived task indexes to mirror sprint completion. | Project Management |
| 2025-11-30 | Ran `StellaOps.PacksRegistry.Tests` (net10.0) — restore from local feed succeeded; 8 tests passed, 0 failed. | Implementer |

59
docs/implplan/SPRINT_0157_0001_0001_taskrunner_i.md
View File

@@ -19,23 +19,47 @@
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | TASKRUN-AIRGAP-56-001 | TODO | Depends on TASKRUN-41-001. | Task Runner Guild · AirGap Policy Guild | Enforce plan-time validation rejecting non-allowlisted network calls in sealed mode; surface remediation errors. |
| 2 | TASKRUN-AIRGAP-56-002 | TODO | Depends on 56-001. | Task Runner Guild · AirGap Importer Guild | Add helper steps for bundle ingestion (checksum verification, staging to object store) with deterministic outputs. |
| 3 | TASKRUN-AIRGAP-57-001 | TODO | Depends on 56-002. | Task Runner Guild · AirGap Controller Guild | Refuse to execute plans when environment sealed=false but declared sealed install; emit advisory timeline events. |
| 4 | TASKRUN-AIRGAP-58-001 | TODO | Depends on 57-001. | Task Runner Guild · Evidence Locker Guild | Capture bundle import job transcripts, hashed inputs/outputs into portable evidence bundles. |
| 1 | TASKRUN-AIRGAP-56-001 | BLOCKED (2025-11-30) | Waiting on sealed-mode allowlist contract from AirGap Policy Guild (Action Tracker). | Task Runner Guild · AirGap Policy Guild | Enforce plan-time validation rejecting non-allowlisted network calls in sealed mode; surface remediation errors. |
| 2 | TASKRUN-AIRGAP-56-002 | BLOCKED (2025-11-30) | Depends on 56-001. | Task Runner Guild · AirGap Importer Guild | Add helper steps for bundle ingestion (checksum verification, staging to object store) with deterministic outputs. |
| 3 | TASKRUN-AIRGAP-57-001 | BLOCKED (2025-11-30) | Depends on 56-002. | Task Runner Guild · AirGap Controller Guild | Refuse to execute plans when environment sealed=false but declared sealed install; emit advisory timeline events. |
| 4 | TASKRUN-AIRGAP-58-001 | BLOCKED (2025-11-30) | Depends on 57-001. | Task Runner Guild · Evidence Locker Guild | Capture bundle import job transcripts, hashed inputs/outputs into portable evidence bundles. |
| 5 | TASKRUN-42-001 | BLOCKED (2025-11-25) | Continue execution engine upgrades (loops/conditionals/maxParallel), simulation mode, policy gate integration, deterministic failure recovery. | Task Runner Guild (`src/TaskRunner/StellaOps.TaskRunner`) | Execution engine enhancements + simulation API/CLI. Blocked: TaskPack loop/conditional semantics and policy-gate evaluation contract not published. |
| 6 | TASKRUN-OAS-61-001 | TODO | Document APIs once run endpoints stable. | Task Runner Guild · API Contracts Guild | Document TaskRunner APIs (pack runs, logs, approvals) with streaming schemas/examples. |
| 7 | TASKRUN-OAS-61-002 | TODO | Depends on 61-001. | Task Runner Guild | Expose `GET /.well-known/openapi` returning signed spec metadata, build version, ETag. |
| 8 | TASKRUN-OAS-62-001 | TODO | Depends on 61-002. | Task Runner Guild · SDK Generator Guild | SDK examples for pack run lifecycle; streaming log helpers; paginator wrappers. |
| 9 | TASKRUN-OAS-63-001 | TODO | Depends on 62-001. | Task Runner Guild · API Governance Guild | Sunset/deprecation headers + notifications for legacy pack APIs. |
| 6 | TASKRUN-OAS-61-001 | BLOCKED (2025-11-30) | Await control-flow/policy addendum (Action Tracker 2025-12-04) before freezing OAS. | Task Runner Guild · API Contracts Guild | Document TaskRunner APIs (pack runs, logs, approvals) with streaming schemas/examples. |
| 7 | TASKRUN-OAS-61-002 | BLOCKED (2025-11-30) | Depends on 61-001. | Task Runner Guild | Expose `GET /.well-known/openapi` returning signed spec metadata, build version, ETag. |
| 8 | TASKRUN-OAS-62-001 | BLOCKED (2025-11-30) | Depends on 61-002. | Task Runner Guild · SDK Generator Guild | SDK examples for pack run lifecycle; streaming log helpers; paginator wrappers. |
| 9 | TASKRUN-OAS-63-001 | BLOCKED (2025-11-30) | Depends on 62-001. | Task Runner Guild · API Governance Guild | Sunset/deprecation headers + notifications for legacy pack APIs. |
| 10 | TASKRUN-OBS-50-001 | DONE (2025-11-25) | Telemetry core adoption. | Task Runner Guild | Add telemetry core in host + worker; spans/logs include `trace_id`, `tenant_id`, `run_id`, scrubbed transcripts. |
| 11 | TASKRUN-OBS-51-001 | DONE (2025-11-25) | Depends on 50-001. | Task Runner Guild · DevOps Guild | Metrics for step latency, retries, queue depth, sandbox resource usage; define SLOs; burn-rate alerts. |
| 12 | TASKRUN-OBS-52-001 | BLOCKED (2025-11-25) | Depends on 51-001. | Task Runner Guild | Timeline events for pack runs (`pack.started`, `pack.step.completed`, `pack.failed`) with evidence pointers/policy context; dedupe + retry. Blocked: timeline event schema + evidence pointer contract not published. |
| 13 | TASKRUN-OBS-53-001 | BLOCKED (2025-11-25) | Depends on 52-001. | Task Runner Guild · Evidence Locker Guild | Capture step transcripts, artifact manifests, environment digests, policy approvals into evidence locker snapshots; ensure redaction + hash chain. Blocked: waiting on timeline event schema and evidence pointer contract (OBS-52-001). |
## Wave Coordination
- Single wave; no parallel work until TASKRUN-41-001 contracts land. Downstream AIRGAP/OAS/OBS chains remain paused to avoid rework.
## Wave Detail Snapshots
- Wave 1 (RUN/OAS/OBS/AIRGAP): waiting on TaskPack control-flow + policy-gate contract and timeline schema drops; start immediately after TASKRUN-41-001 unblocks.
## Interlocks
- TaskPack DSL control-flow and policy-evaluation contract (from Sprints 120/130/140).
- Air-gap sealed-mode validation rules from AirGap Policy Guild (to unblock AIRGAP-56-001 chain).
- Timeline event and evidence-pointer schema for OBS-52-001/53-001.
## Action Tracker
| Action | Owner | Due | Status | Notes |
| --- | --- | --- | --- | --- |
| Publish TaskPack control-flow & policy-gate contract | Platform Guild · Task Runner Guild | 2025-12-05 | Open | Unblocks TASKRUN-42-001 and OAS chain (61-001..63-001). |
| Provide timeline event + evidence-pointer schema | Evidence Locker Guild | 2025-12-05 | Open | Needed for TASKRUN-OBS-52-001 and TASKRUN-OBS-53-001. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Correction: TASKRUN-41-001 remains BLOCKED pending TaskRunner architecture/API contract; downstream AIRGAP/OAS/OBS chains stay blocked. | Project Mgmt |
| 2025-11-30 | Refreshed dependencies: AIRGAP chain waiting on sealed-mode allowlist (Action Tracker); OAS chain waiting on control-flow/policy addendum due 2025-12-05. | Project Mgmt |
| 2025-11-30 | Added Wave Coordination, Interlocks, and Action Tracker sections per docs/implplan/AGENTS.md template; no scope change. | Project Mgmt |
| 2025-11-30 | Refreshed Decisions & Risks with risk table and aligned checkpoint wording. | Project Mgmt |
| 2025-11-30 | Replaced legacy file `SPRINT_157_taskrunner_i.md` with stub redirecting to this canonical sprint. | Project Mgmt |
| 2025-11-30 | Marked TASKRUN-AIRGAP-56-001/002/57-001/58-001 and TASKRUN-OAS-61-001/61-002/62-001/63-001 BLOCKED pending TASKRUN-41-001 contract. | Task Runner Guild |
| 2025-11-30 | Synced `docs/implplan/tasks-all.md` and sprint names for TASKRUN-* chain; statuses now reflect BLOCKED across AIRGAP/OAS/OBS/TEN. | Project Mgmt |
| 2025-11-25 | TASKRUN-OBS-52-001 and TASKRUN-OBS-53-001 marked BLOCKED: timeline event schema and evidence-pointer contract not published; cannot emit pack timeline events or evidence snapshots yet. | Task Runner Guild |
| 2025-11-25 | TASKRUN-42-001 marked BLOCKED: loop/conditional semantics and policy-gate evaluation contract not published; cannot update execution engine/simulation without spec. | Task Runner Guild |
| 2025-11-25 | Implemented metrics for step latency, retries, running steps, and queue depth; wired into telemetry; marked TASKRUN-OBS-51-001 DONE. | Task Runner Guild |
@@ -48,12 +72,19 @@
| 2025-11-04 | CLI command `stella task-runner simulate` wired to new endpoint with JSON/table output modes. | Task Runner Guild |
| 2025-11-19 | Normalized sprint to standard template and renamed from `SPRINT_157_taskrunner_i.md` to `SPRINT_0157_0001_0001_taskrunner_i.md`; content preserved. | Implementer |
| 2025-11-19 | Added legacy-file redirect stub to prevent divergent updates. | Implementer |
| 2025-11-30 | Clarified earlier note: TaskRunner contract not yet published; blockers sprint still carries TASKRUN-41-001 as BLOCKED. | Project Mgmt |
## Decisions & Risks
- Execution engine contract must remain deterministic; avoid uncontrolled parallelism until SLOs/telemetry validated.
- Air-gap enforcement depends on policy/airgap contracts; keep sealed-mode validation strict before enabling helper steps.
- BLOCKER: TaskRunner architecture/API contract (Sprint 120/130/140 inputs) not yet published; 41-001 and downstream items cannot start until provided.
- BLOCKER: Loop/conditional semantics and policy-gate evaluation contract are unpublished; TASKRUN-42-001 cannot proceed until TaskPack DSL spec defines control-flow nodes and policy gate result API.
- Execution engine must stay deterministic; parallelism expansions are frozen until SLOs/telemetry validate safety.
- Air-gap enforcement remains strict until sealed-mode rules are published; helper steps stay frozen.
- Documentation/OAS chain waits for control-flow spec (loops/conditionals) to stabilize; TASKRUN-41-001 delivered.
## Next Checkpoints
- Schedule kickoff after confirming upstream Sprint 120/130/140 inputs (date TBD).
| Risk | Impact | Mitigation |
| --- | --- | --- |
| TaskRunner control-flow/policy-gate spec partially missing (loops/conditionals) | Blocks TASKRUN-42-001 and OAS 61-001..63-001. | Track via Action Tracker; hold parallelism changes until spec addendum lands; keep scope frozen. |
| Timeline event schema absent | Blocks TASKRUN-OBS-52-001/53-001 evidence timelines. | Coordinate with Evidence Locker Guild; Action Tracker follow-up; hold OBS rollout. |
| Air-gap sealed-mode rules not finalized | Blocks TASKRUN-AIRGAP-56..58 chain. | Start once 41-001 + policy rules drop; keep sealed-mode defaults enforced. |
## Upcoming Checkpoints
- 2025-12-04 · Control-flow/policy-gate spec addendum review; go/no-go for TASKRUN-42-001 start.
- 2025-12-06 · Kick off AIRGAP-56/57/58 and OAS-61/62/63 implementation now that TASKRUN-41-001 is delivered.

18
docs/implplan/SPRINT_0157_0001_0002_taskrunner_blockers.md
View File

@@ -6,8 +6,8 @@
- **Working directory:** `src/TaskRunner/StellaOps.TaskRunner`.
## Dependencies & Concurrency
- Upstream: architecture/API contracts from Sprint 120/130/140.
- No additional tasks may start until TASKRUN-41-001 unblocks; this sprint remains single-threaded.
- Upstream contracts now anchored in `docs/product-advisories/29-Nov-2025 - Task Pack Orchestration and Automation.md` + `docs/modules/taskrunner/architecture.md` (supersedes prior Sprint 120/130/140 wait).
- Single-thread on TASKRUN-41-001 until initial run API + storage implementation lands.
## Documentation Prerequisites
- `docs/modules/platform/architecture-overview.md`
@@ -16,15 +16,23 @@
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | TASKRUN-41-001 | BLOCKED | Missing architecture/API contracts; awaiting upstream Sprint 120/130/140 inputs. | Task Runner Guild (`src/TaskRunner/StellaOps.TaskRunner`) | Define migrations (`pack_runs`, `pack_run_logs`, `pack_artifacts`); implement run API (create/get/log stream), local executor, approvals pause, artifact capture, provenance manifest generation. |
| 0 | TASKRUN-ADVISORY-20251129 | DONE (2025-11-30) | Advisory published 2025-11-29 | Project Mgmt · Task Runner Guild | Sync advisory “Task Pack Orchestration and Automation”: add architecture contract (`docs/modules/taskrunner/architecture.md`), update key-features, AGENTS; unblock TASKRUN-41-001. |
| 1 | TASKRUN-41-001 | DONE (2025-11-30) | Implementation complete; downstream tasks may proceed | Task Runner Guild (`src/TaskRunner/StellaOps.TaskRunner`) | Define migrations (`pack_runs`, `pack_run_logs`, `pack_artifacts`); implement run API (create/get/log stream), local executor, approvals pause, artifact capture, provenance manifest generation. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Aligned TaskRunner API to advisory surface (`/api/runs/*` aliases), enforced approval plan-hash validation, added artifacts listing + cancel endpoints; wired artifact readers for Mongo/filesystem. | Task Runner Guild |
| 2025-11-30 | Updated `docs/modules/taskrunner/architecture.md` to reflect artifact listing endpoint and approval plan-hash validation; synced with advisory. | Task Runner Guild |
| 2025-11-30 | Delivered TASKRUN-41-001: Mongo/file stores aligned to contract, plan-hash/tenant threading, provenance manifest writer (file + Mongo), run API/worker wiring updated; new tests `PackRunProvenanceWriterTests` passing. | Task Runner Guild |
| 2025-11-30 | Unblocked TASKRUN-41-001 after product advisory 2025-11-29 landed; documented contract in `docs/modules/taskrunner/architecture.md`, updated key-features + AGENTS, added advisory sync task. Status set to TODO. | Project Mgmt |
| 2025-11-25 | Carried forward TASKRUN-41-001 from Sprint 0157-0001-0001; awaiting upstream contracts before starting implementation. | Project Mgmt |
## Decisions & Risks
- Blocked until TaskRunner contracts are published; downstream air-gap/OAS/OBS tasks remain gated.
- Contract source of truth: `docs/product-advisories/29-Nov-2025 - Task Pack Orchestration and Automation.md` + `docs/modules/taskrunner/architecture.md` (plan hash, step types, API surface, Mongo model). Keep sprint tasks aligned to these docs.
- Ensure Authority approval token claims (`pack_run_id`, `pack_gate_id`, `pack_plan_hash`) enforced before enabling approvals pause/resume.
- Downstream OAS/OBS/air-gap tasks now depend on integration work, not missing contracts; start sequencing in Sprint 0157-0001-0001.
## Next Checkpoints
- Align with upstream Sprint 120/130/140 contract drop (date TBD).
- 2025-12-04 · Authority/Orchestrator handshake on approval token and SSE log shape; confirm no schema drift before OAS work starts.
- 2025-12-06 · Kick off downstream OAS/OBS/AIRGAP tracks (rows 14 in Sprint 0157-0001-0001) now that 41-001 is delivered.

59
docs/implplan/SPRINT_0158_0001_0002_taskrunner_ii.md
View File

@@ -1,12 +1,13 @@
# Sprint 0158-0001-0002 · TaskRunner II (Scheduling & Automation 150.D)
## Topic & Scope
- TaskRunner phase II: attestations, incident mode, and tenant scoping for pack runs.
- TaskRunner phase II: DSSE attestations, incident mode, and tenant scoping for pack runs in Scheduling & Automation stream 150.D.
- Evidence expected: attestation records bound to runs, incident-mode config/runbook, and tenant-prefixed storage/logging paths.
- **Working directory:** `src/TaskRunner/StellaOps.TaskRunner`.
## Dependencies & Concurrency
- Upstream: TaskRunner I (Sprint 0157-0001-0001) must land first.
- Concurrency: tasks follow OBS → TEN dependency chain; all currently TODO.
- Upstream: TaskRunner I (Sprint 0157-0001-0001) must land first (TASKRUN-OBS-53-001 completion signal + timeline schema drop).
- Concurrency: OBS track runs sequentially (54-001 then 55-001). TEN (48-001) cannot start until tenancy policy is published; all tasks currently BLOCKED by upstream contracts.
## Documentation Prerequisites
- docs/README.md
@@ -18,19 +19,51 @@
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | TASKRUN-OBS-54-001 | TODO | Depends on TASKRUN-OBS-53-001 (Sprint 0157). | Task Runner Guild · Provenance Guild (`src/TaskRunner/StellaOps.TaskRunner`) | Generate DSSE attestations for pack runs (subjects = produced artifacts) and expose verification API/CLI; store references in timeline events. |
| 2 | TASKRUN-OBS-55-001 | TODO | Depends on 54-001. | Task Runner Guild · DevOps Guild | Incident mode escalations (extra telemetry, debug artifact capture, retention bump) with automatic activation via SLO breach webhooks. |
| 3 | TASKRUN-TEN-48-001 | TODO | Parallel once tenancy policy defined. | Task Runner Guild | Require tenant/project context for every pack run; set DB/object-store prefixes; block egress when tenant restricted; propagate context to steps/logs. |
| 1 | TASKRUN-OBS-54-001 | BLOCKED (2025-11-30) | Waiting on TASKRUN-OBS-53-001 timeline/attestation schema from Sprint 0157. | Task Runner Guild · Provenance Guild (`src/TaskRunner/StellaOps.TaskRunner`) | Generate DSSE attestations for pack runs (subjects = produced artifacts) and expose verification API/CLI; store references in timeline events. |
| 2 | TASKRUN-OBS-55-001 | BLOCKED (2025-11-30) | Depends on 54-001. | Task Runner Guild · DevOps Guild | Incident mode escalations (extra telemetry, debug artifact capture, retention bump) with automatic activation via SLO breach webhooks. |
| 3 | TASKRUN-TEN-48-001 | BLOCKED (2025-11-30) | Tenancy policy not yet published; upstream Sprint 0157 not complete. | Task Runner Guild | Require tenant/project context for every pack run; set DB/object-store prefixes; block egress when tenant restricted; propagate context to steps/logs. |
## Wave Coordination
- OBS wave: attestations then incident-mode hardening (54-001 -> 55-001); currently blocked pending Sprint 0157 close-out.
- TEN wave: tenancy enforcement tasks; starts after tenancy policy is published; currently blocked.
## Wave Detail Snapshots
| Wave | Entry criteria | Exit evidence | Notes |
| --- | --- | --- | --- |
| OBS | TASKRUN-OBS-53-001 delivered; DSSE subject mapping agreed with Provenance Guild; timeline/evidence schema published. | DSSE attestations persisted and referenced in timeline events; verification API/CLI exposed; incident-mode runbook + retention bump config committed. | Keep ordering deterministic; ensure offline bundles carry attestation schema. |
| TEN | Platform tenancy policy + RLS/egress rules confirmed; storage prefixing scheme approved. | Tenant/project context required for all runs; DB/object-store prefixes enforced; egress guardrails active; logs/steps tagged with tenant. | Coordinate with Platform/Policy owners to avoid conflicting RLS semantics. |
## Interlocks
- Platform RLS and egress contracts must be signed off before TEN enforcement proceeds.
- Observability/Notify webhook contract for SLO breach (auto incident mode) required before OBS exit.
- Provenance Guild to confirm DSSE subject canonicalization to avoid schema drift between TaskRunner I and II.
- Timeline/evidence-pointer schema from Sprint 0157 (OBS-52/53) required before OBS-54 can attach attestations.
## Upcoming Checkpoints
- Kickoff to be scheduled after Sprint 0157 completion signal (TBD; see AT-01).
- Tenancy policy review target: 2025-12-05 (see AT-02).
## Action Tracker
| ID | Action | Owner | Due (UTC) | Status | Notes |
| --- | --- | --- | --- | --- | --- |
| AT-01 | Set kickoff date once Sprint 0157 closes; update Upcoming Checkpoints. | Project Mgmt | Pending Sprint 0157 closure | TODO | Wait for TASKRUN-OBS-53-001 completion notice. |
| AT-02 | Confirm tenancy policy doc link and add to Documentation Prerequisites. | Task Runner Guild | 2025-12-05 | TODO | Required before starting TASKRUN-TEN-48-001. |
| AT-03 | Publish timeline/evidence schema for OBS-52/53 to unblock OBS-54. | Evidence Locker Guild | 2025-12-05 | TODO | Same schema is gating Sprint 0157 close-out; track drop. |
## Decisions & Risks
- All tasks set to BLOCKED as of 2025-11-30 pending Sprint 0157 outputs and tenancy policy contract.
| Risk | Impact | Mitigation | Owner | Status |
| --- | --- | --- | --- | --- |
| Upstream TASKRUN-OBS-53-001 slips or changes DSSE subject schema. | Attestation work stalls; rework on verification API/CLI. | Track 0157 close-out; adopt shared subject canonicalization sample before coding. | Task Runner Guild · Provenance Guild | OPEN |
| Tenancy enforcement misaligns with platform RLS/egress policies. | Risk of cross-tenant leakage or over-blocking. | Secure written RLS/egress contract; dry-run with prefixes before enforcing. | Task Runner Guild · Platform | OPEN |
| Incident-mode webhook contract not finalized. | Auto-escalation not triggered or false-fires. | Pair with Observability/Notify to fix webhook payload + auth; add synthetic test hook. | DevOps Guild | OPEN |
| Timeline/evidence schema not published from 0157. | OBS-54/55 cannot begin; incident-mode telemetry lacks evidence references. | Action AT-03 to track; align start after schema drop (target 2025-12-05). | Evidence Locker Guild | OPEN |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-19 | Normalized sprint to standard template and renamed from `SPRINT_158_taskrunner_ii.md` to `SPRINT_0158_0001_0002_taskrunner_ii.md`; content preserved. | Implementer |
| 2025-11-19 | Added legacy-file redirect stub to avoid divergent updates. | Implementer |
## Decisions & Risks
- Attestation and incident-mode behaviors depend on outputs from TaskRunner I; keep blocked until 0157 tasks complete.
- Tenant scoping must align with platform RLS and egress rules before enabling enforcement.
## Next Checkpoints
- Kickoff after Sprint 0157 completion (date TBD).
| 2025-11-30 | Normalized to full docs/implplan template (wave detail, action tracker, risk table); converted dependency arrows to ASCII. | Project Mgmt |
| 2025-11-30 | Marked OBS-54-001, OBS-55-001, and TEN-48-001 BLOCKED pending Sprint 0157 close-out (timeline/attestation schema) and tenancy policy; updated interlocks/action tracker. | Project Mgmt |

88
docs/implplan/SPRINT_0164_0001_0001_exportcenter_iii.md
View File

@@ -19,21 +19,67 @@
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | EXPORT-SVC-35-006 | TODO | Depends on EXPORT-SVC-35-005 (Sprint 0163). | Exporter Service Guild (`src/ExportCenter/StellaOps.ExportCenter`) | Expose Export API (profiles, runs, download, SSE updates) with audit logging, concurrency controls, viewer/operator RBAC. |
| 2 | EXPORT-SVC-36-001 | TODO | Depends on 35-006. | Exporter Service Guild | Trivy DB adapter (core) with schema mappings, version flag gating, validation harness. |
| 3 | EXPORT-SVC-36-002 | TODO | Depends on 36-001. | Exporter Service Guild | Trivy Java DB variant with shared manifest entries and adapter regression tests. |
| 4 | EXPORT-SVC-36-003 | TODO | Depends on 36-002. | Exporter Service Guild | OCI distribution engine (manifests, descriptors, annotations) with registry auth and retries. |
| 5 | EXPORT-SVC-36-004 | TODO | Depends on 36-003. | Exporter Service Guild | Extend planner/run lifecycle for distribution targets (OCI/object storage) with idempotent metadata updates and retention timestamps. |
| 6 | EXPORT-SVC-37-001 | TODO | Depends on 36-004. | Exporter Service Guild | Mirror delta adapter with base manifest comparison, change set generation, content-addressed reuse. |
| 7 | EXPORT-SVC-37-002 | TODO | Depends on 37-001. | Exporter Service Guild | Bundle encryption (age/AES-GCM), key wrapping via KMS, verification tooling for encrypted outputs. |
| 8 | EXPORT-SVC-37-003 | TODO | Depends on 37-002. | Exporter Service Guild | Export scheduling (cron/event), retention pruning, retry idempotency, failure classification. |
| 9 | EXPORT-SVC-37-004 | TODO | Depends on 37-003. | Exporter Service Guild | Verification API to stream manifests/hashes, compute hash+signature checks, return attest status for CLI/UI. |
| 10 | EXPORT-SVC-43-001 | TODO | Depends on 37-004. | Exporter Service Guild | Integrate pack run manifests/artifacts into export bundles and CLI verification; expose provenance links. |
| 11 | EXPORT-TEN-48-001 | TODO | Parallel once API stable. | Exporter Service Guild | Prefix artifacts/manifests with tenant/project, enforce scope checks, prevent cross-tenant exports unless whitelisted; update provenance. |
| 12 | RISK-BUNDLE-69-001 | TODO | Start risk bundle job scaffold. | Risk Bundle Export Guild · Risk Engine Guild (`src/ExportCenter/StellaOps.ExportCenter.RiskBundles`) | Implement `stella export risk-bundle` job producing tarball with provider datasets, manifests, DSSE signatures. |
| 13 | RISK-BUNDLE-69-002 | TODO | Depends on 69-001. | Risk Bundle Export Guild · DevOps Guild | Integrate bundle job into CI/offline kit pipelines with checksum publication. |
| 14 | RISK-BUNDLE-70-001 | TODO | Depends on 69-002. | Risk Bundle Export Guild · CLI Guild | Provide CLI `stella risk bundle verify` command to validate bundles before import. |
| 15 | RISK-BUNDLE-70-002 | TODO | Depends on 70-001. | Risk Bundle Export Guild · Docs Guild | Publish `/docs/airgap/risk-bundles.md` covering build/import/verification workflows. |
| 1 | EXPORT-SVC-35-006 | BLOCKED (2025-11-30) | Await EXPORT-SVC-35-005 delivery from Sprint 0163; API/OAS contracts not published. | Exporter Service Guild (`src/ExportCenter/StellaOps.ExportCenter`) | Expose Export API (profiles, runs, download, SSE updates) with audit logging, concurrency controls, viewer/operator RBAC. |
| 2 | EXPORT-SVC-36-001 | BLOCKED (2025-11-30) | BLOCKED by 35-006; Trivy adapter schema depends on Export API contracts. | Exporter Service Guild | Trivy DB adapter (core) with schema mappings, version flag gating, validation harness. |
| 3 | EXPORT-SVC-36-002 | BLOCKED (2025-11-30) | BLOCKED by 36-001; Java variant requires shared manifest entries. | Exporter Service Guild | Trivy Java DB variant with shared manifest entries and adapter regression tests. |
| 4 | EXPORT-SVC-36-003 | BLOCKED (2025-11-30) | BLOCKED by 36-002; waiting for adapter manifests to stabilize. | Exporter Service Guild | OCI distribution engine (manifests, descriptors, annotations) with registry auth and retries. |
| 5 | EXPORT-SVC-36-004 | BLOCKED (2025-11-30) | BLOCKED by 36-003; planner/run lifecycle needs OCI engine outputs. | Exporter Service Guild | Extend planner/run lifecycle for distribution targets (OCI/object storage) with idempotent metadata updates and retention timestamps. |
| 6 | EXPORT-SVC-37-001 | BLOCKED (2025-11-30) | BLOCKED by 36-004; delta logic depends on distribution metadata. | Exporter Service Guild | Mirror delta adapter with base manifest comparison, change set generation, content-addressed reuse. |
| 7 | EXPORT-SVC-37-002 | BLOCKED (2025-11-30) | BLOCKED by 37-001; encryption must wrap final mirror artifacts. | Exporter Service Guild | Bundle encryption (age/AES-GCM), key wrapping via KMS, verification tooling for encrypted outputs. |
| 8 | EXPORT-SVC-37-003 | BLOCKED (2025-11-30) | BLOCKED by 37-002; scheduler needs encryption/retention primitives. | Exporter Service Guild | Export scheduling (cron/event), retention pruning, retry idempotency, failure classification. |
| 9 | EXPORT-SVC-37-004 | BLOCKED (2025-11-30) | BLOCKED by 37-003; verification API requires scheduled run outputs. | Exporter Service Guild | Verification API to stream manifests/hashes, compute hash+signature checks, return attest status for CLI/UI. |
| 10 | EXPORT-SVC-43-001 | BLOCKED (2025-11-30) | BLOCKED by 37-004; pack-run integration waits on verification API. | Exporter Service Guild | Integrate pack run manifests/artifacts into export bundles and CLI verification; expose provenance links. |
| 11 | EXPORT-TEN-48-001 | BLOCKED (2025-11-30) | BLOCKED until Export API (35-006) stabilizes; tenant prefixes require finalized routes. | Exporter Service Guild | Prefix artifacts/manifests with tenant/project, enforce scope checks, prevent cross-tenant exports unless whitelisted; update provenance. |
| 12 | RISK-BUNDLE-69-001 | BLOCKED (2025-11-30) | BLOCKED pending Sprint 0163 risk prep artefacts/provider list. | Risk Bundle Export Guild · Risk Engine Guild (`src/ExportCenter/StellaOps.ExportCenter.RiskBundles`) | Implement `stella export risk-bundle` job producing tarball with provider datasets, manifests, DSSE signatures. |
| 13 | RISK-BUNDLE-69-002 | BLOCKED (2025-11-30) | BLOCKED by 69-001 deliverables. | Risk Bundle Export Guild · DevOps Guild | Integrate bundle job into CI/offline kit pipelines with checksum publication. |
| 14 | RISK-BUNDLE-70-001 | BLOCKED (2025-11-30) | BLOCKED by 69-002; verification inputs not available. | Risk Bundle Export Guild · CLI Guild | Provide CLI `stella risk bundle verify` command to validate bundles before import. |
| 15 | RISK-BUNDLE-70-002 | BLOCKED (2025-11-30) | BLOCKED by 70-001; doc content waits on verification CLI behavior. | Risk Bundle Export Guild · Docs Guild | Publish `/docs/airgap/risk-bundles.md` covering build/import/verification workflows. |
## Wave Coordination
- Wave 1: EXPORT-SVC-35/36/37 chain (API → adapters → OCI → planner → mirror delta → encryption → scheduling → verification → pack-run integration).
- Wave 2: Tenant scoping hardening (EXPORT-TEN-48-001) once API stabilized.
- Wave 3: Risk bundle pipeline (RISK-BUNDLE-69/70 sequence) after Wave 1 foundations.
## Wave Detail Snapshots
- Wave 1 deliverable: export service capable of deterministic OCI/object exports with verification endpoints.
- Wave 2 deliverable: tenant-aware manifests and provenance with enforced scope checks.
- Wave 3 deliverable: offline risk-bundle build/verify flow with CLI support and published airgap doc.
## Interlocks & Readiness Signals
| Dependency | Impacts | Status / Next signal |
| --- | --- | --- |
| Sprint 0163-0001-0001 (ExportCenter II) artefacts (API/OAS, planner schema, Trivy adapters) | Tasks 111 | Pending; need published contracts before switching to DOING. |
| Tenant model alignment with Orchestrator/Authority envelopes | Task 11 | Pending; confirm scope prefixes once Export API routes are available. |
| CLI guild UX + verification consumption path for `stella risk bundle verify` | Tasks 915 | Pending; align once verification API payload shape is stable. |
| DevOps/offline kit pipeline integration + checksum publication | Tasks 10, 13 | Pending; requires bundle layout finalized post Sprint 0163 outputs. |
## Upcoming Checkpoints
- Kickoff after Sprint 0163 completion (date TBD).
## Action Tracker
| # | Action | Owner | Due (UTC) | Status |
| --- | --- | --- | --- | --- |
| 1 | Confirm ExportCenter II contracts delivered (planner/run schema, pack manifests) | Exporter Service Guild | 2025-12-02 | OPEN |
| 2 | Provide KMS envelope-handling pattern for age/AES-GCM encryption | Crypto/Platform Guild | 2025-12-04 | DONE (2025-11-30) — see `docs/modules/export-center/operations/kms-envelope-pattern.md` |
| 3 | Publish risk-bundle provider matrix and signing baseline for tasks 69/70 | Risk Bundle Export Guild | 2025-12-02 | OPEN |
| 4 | Author `src/ExportCenter/AGENTS.md` aligned to module dossier and sprint scope | Project/Tech Management | 2025-12-01 | DONE (2025-11-30) |
## Decisions & Risks
| Risk / Decision | Impact | Mitigation / Next Step | Status |
| --- | --- | --- | --- |
| ExportCenter II artifacts not yet available. | Blocks 35/36/37 chain. | Track delivery in Action 1; keep tasks BLOCKED until API/OAS + adapter schemas are published. | OPEN |
| Tenant scoping must stay deterministic/offline-safe. | Potential cross-tenant leakage. | Enforce scope prefixes and reuse Authority/Orchestrator tenant model; add tests in TEN-48-001. | OPEN |
| Encryption/KMS path for bundles. | Could stall 37-002 rollout. | Envelope pattern captured in `docs/modules/export-center/operations/kms-envelope-pattern.md`; adopt in implementation. | CLOSED |
| Risk bundle provider matrix/signing baseline missing. | Blocks 69/70 chain. | Capture provider list + signing posture in Action 3; keep tasks BLOCKED until published. | OPEN |
| ExportCenter AGENTS charter missing. | Blocks starting engineering work per charter. | AGENTS added on 2025-11-30; see `src/ExportCenter/AGENTS.md`. | CLOSED |
### Risk table
| Risk | Severity | Mitigation / Owner |
| --- | --- | --- |
| Sprint 0163 deliverables slip (API/OAS, planner schema, Trivy adapters). | High | Action 1 to track; hold Wave 1 tasks until contracts land. Owner: Exporter Service Guild. |
| Tenant scope misalignment with Authority/Orchestrator. | Medium | Validate prefixes once API routes drop; add integration tests in TEN-48-001. Owner: Exporter Service Guild. |
| Encryption provider guidance delayed. | Low | Mitigated by `docs/modules/export-center/operations/kms-envelope-pattern.md`; adopt pattern in 37-002. Owner: Crypto/Platform Guild. |
| Risk bundle provider matrix/signing posture not published. | Medium | Action 3 to gather matrix; keep Wave 3 blocked until received. Owner: Risk Bundle Export Guild. |
## Execution Log
| Date (UTC) | Update | Owner |
@@ -41,10 +87,8 @@
| 2025-11-08 | Sprint stub created; awaiting ExportCenter II completion. | Planning |
| 2025-11-19 | Normalized sprint to standard template and renamed from `SPRINT_164_exportcenter_iii.md` to `SPRINT_0164_0001_0001_exportcenter_iii.md`; content preserved. | Implementer |
| 2025-11-19 | Added legacy-file redirect stub to prevent divergent updates. | Implementer |
## Decisions & Risks
- Requires ExportCenter II outputs; keep tasks TODO until upstream artifacts and contracts are present.
- Tenant scoping and encryption must remain deterministic and offline-ready; ensure key handling aligns with AirGap/CLI expectations.
## Next Checkpoints
- Kickoff after Sprint 0163 completion (date TBD).
| 2025-11-30 | Aligned sprint to docs/implplan AGENTS template (Wave/Interlocks/Action tracker), refreshed Upcoming Checkpoints heading, and pre-filled interlock actions. | Project manager |
| 2025-11-30 | Authored `src/ExportCenter/AGENTS.md`; closed Action 4; tasks remain BLOCKED on Sprint 0163 outputs. | Implementer |
| 2025-11-30 | Corrected ExportCenter AGENTS status (file present); removed erroneous blocker/action. | Implementer |
| 2025-11-30 | Set Delivery Tracker tasks to BLOCKED pending Sprint 0163 artefacts; expanded interlocks/action tracker for gating signals. | Implementer |
| 2025-11-30 | Added KMS envelope-handling pattern doc and closed Action 2; encryption risk now covered. | Implementer |

69
docs/implplan/SPRINT_0165_0001_0001_timelineindexer.md
View File

@@ -19,26 +19,65 @@
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | TIMELINE-OBS-52-001 | BLOCKED (2025-11-25) | Waiting on orchestrator/notification event schema + EvidenceLocker digest schema | Timeline Indexer Guild (`src/TimelineIndexer/StellaOps.TimelineIndexer`) | Bootstrap service; Postgres migrations for `timeline_events`, `timeline_event_details`, `timeline_event_digests`; enable RLS scaffolding and deterministic migration scripts. |
| 2 | TIMELINE-OBS-52-002 | TODO | Depends on 52-001. | Timeline Indexer Guild | Implement event ingestion pipeline (NATS/Redis consumers) with ordering guarantees, dedupe `(event_id, tenant_id)`, trace-ID correlation, backpressure metrics. |
| 3 | TIMELINE-OBS-52-003 | TODO | Depends on 52-002. | Timeline Indexer Guild | Expose REST/gRPC APIs for timeline queries (`GET /timeline`, `/timeline/{id}`) with filters, pagination, tenant enforcement; provide OpenAPI + contract tests. |
| 4 | TIMELINE-OBS-52-004 | TODO | Depends on 52-003. | Timeline Indexer Guild · Security Guild | Finalize RLS policies, scope checks (`timeline:read`), audit logging; integration tests for cross-tenant isolation and legal hold markers. |
| 5 | TIMELINE-OBS-53-001 | TODO | Depends on 52-004 and EvidenceLocker bundle digest schema. | Timeline Indexer Guild · Evidence Locker Guild | Link timeline events to evidence bundle digests + attestation subjects; expose `/timeline/{id}/evidence` returning signed manifest references. |
| 1 | TIMELINE-OBS-52-001 | DONE (2025-11-30) | Postgres schema + RLS committed; evidence linkage table aligned to bundle contract | Timeline Indexer Guild (`src/TimelineIndexer/StellaOps.TimelineIndexer`) | Bootstrap service; Postgres migrations for `timeline_events`, `timeline_event_details`, `timeline_event_digests`; enable RLS scaffolding and deterministic migration scripts. |
| 2 | TIMELINE-OBS-52-002 | DOING (2025-11-30) | Ingestion worker + metrics + subscriber abstraction implemented; waiting on NATS/Redis subject/schema to bind transports | Timeline Indexer Guild | Implement event ingestion pipeline (NATS/Redis consumers) with ordering guarantees, dedupe `(event_id, tenant_id)`, trace-ID correlation, backpressure metrics. |
| 3 | TIMELINE-OBS-52-003 | BLOCKED (2025-11-30) | BLOCKED by 52-002; ingestion contract not defined yet. | Timeline Indexer Guild | Expose REST/gRPC APIs for timeline queries (`GET /timeline`, `/timeline/{id}`) with filters, pagination, tenant enforcement; provide OpenAPI + contract tests. |
| 4 | TIMELINE-OBS-52-004 | BLOCKED (2025-11-30) | Blocked by 52-003; upstream schema + RLS review pending. | Timeline Indexer Guild · Security Guild | Finalize RLS policies, scope checks (`timeline:read`), audit logging; integration tests for cross-tenant isolation and legal hold markers. |
| 5 | TIMELINE-OBS-53-001 | BLOCKED (2025-11-30) | Blocked by 52-004 and awaiting EvidenceLocker bundle digest linkage tests. | Timeline Indexer Guild · Evidence Locker Guild | Link timeline events to evidence bundle digests + attestation subjects; expose `/timeline/{id}/evidence` returning signed manifest references. |
## Wave Coordination
- Wave 1: TIMELINE-OBS-52 chain (service bootstrap → ingestion → APIs → RLS/policies).
- Wave 2: Evidence linkage (TIMELINE-OBS-53-001) after digest schema lands and RLS is approved.
## Wave Detail Snapshots
- Wave 1 deliverable: tenant-scoped timeline service with deterministic ingestion, pagination, and RLS/audit logging ready for Security review.
- Wave 2 deliverable: evidence linkage endpoint returning signed manifest references tied to EvidenceLocker digests/attestations.
## Interlocks
| Dependency | Impacts | Status / Next signal |
| --- | --- | --- |
| Orchestrator/Notifications event schema | Tasks 24 | Pending; required to finalize ingestion payload and API fields. |
| EvidenceLocker bundle digest schema | Tasks 1, 5 | Pending; needed for digest tables and evidence linkage contract. |
| Security/Compliance RLS review | Task 4 | Pending; schedule once RLS proposal is drafted. |
## Action Tracker
| # | Action | Owner | Due (UTC) | Status |
| --- | --- | --- | --- | --- |
| 1 | Attach orchestrator/notification event schema sample to sprint doc. | Timeline Indexer Guild | 2025-12-02 | OPEN |
| 2 | Obtain EvidenceLocker digest schema/sample manifest for linkage design. | Timeline Indexer Guild · Evidence Locker Guild | 2025-12-02 | OPEN |
| 3 | Draft RLS/migration proposal and route to Security/Compliance for approval. | Timeline Indexer Guild | 2025-12-04 | OPEN |
## Upcoming Checkpoints
- Schema drop ETA for orchestrator/notification events (TBD).
- EvidenceLocker digest schema publication (TBD).
- Security/Compliance review for RLS proposal (TBD).
## Decisions & Risks
| Risk / Decision | Impact | Mitigation / Next step | Status |
| --- | --- | --- | --- |
| Orchestrator/notification schemas not yet published. | Blocks ingestion and API field definitions (TIMELINE-OBS-52-002/003). | Track Action 1; keep tasks BLOCKED until schema attached. | OPEN |
| EvidenceLocker digest schema pending. | Blocks digest table shape and evidence linkage (TIMELINE-OBS-53-001). | Track Action 2; keep tasks BLOCKED. | OPEN |
| RLS review not scheduled. | Could delay production readiness of policies (TIMELINE-OBS-52-004). | Track Action 3; schedule with Security once draft ready. | OPEN |
| Baseline docs may change (`docs/modules/orchestrator/event-envelope.md`, `docs/modules/evidence-locker/prep/2025-11-24-evidence-locker-contract.md`). | Schema drift could invalidate migrations. | Monitor upstream doc updates; re-run schema diff before coding resumes. | OPEN |
### Risk table
| Risk | Severity | Mitigation / Owner |
| --- | --- | --- |
| Orchestrator/notification schema slip. | High | Action 1 to secure sample; keep Wave 1 blocked until delivered. Owner: Timeline Indexer Guild. |
| EvidenceLocker digest schema slip. | High | Action 2 to obtain schema; block evidence linkage until received. Owner: Timeline Indexer Guild · Evidence Locker Guild. |
| RLS review delayed. | Medium | Action 3 to draft and schedule review with Security/Compliance. Owner: Timeline Indexer Guild. |
| Schema drift after migrations drafted. | Medium | Re-run schema diff against upstream docs before coding resumes. Owner: Timeline Indexer Guild. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Implemented TimelineIngestionWorker with subscriber abstraction, session dedupe, and metrics counters; awaiting NATS/Redis subject schema to wire real transports. | Implementer |
| 2025-11-30 | Started TIMELINE-OBS-52-002: added ingestion service, Postgres store, and deterministic payload hashing; queue bindings pending schema alignment. | Implementer |
| 2025-11-30 | Normalized sprint to AGENTS template (Wave/Interlocks/Action tracker) while keeping prior content intact. | Implementer |
| 2025-11-30 | Completed TIMELINE-OBS-52-001: added Postgres schema/RLS migrations, DataSource + migration runner wiring; test run attempted for module but cancelled due to long solution restore—manual rerun needed. | Implementer |
| 2025-11-30 | Located orchestrator event envelope draft and Evidence Locker bundle contract; unblocked migrations and RLS design for TIMELINE-OBS-52-001 and started implementation. | Implementer |
| 2025-11-30 | Re-checked for orchestrator/notification schema and EvidenceLocker bundle digest; none landed in `docs/events` or `docs/modules/evidence-locker`, so keeping all tasks blocked. | Implementer |
| 2025-11-25 | Marked TIMELINE-OBS-52-001 BLOCKED: missing orchestrator/notification event schema and EvidenceLocker digest schema prevent drafting migrations/RLS. | Implementer |
| 2025-11-12 | Captured task snapshot and blockers; waiting on orchestrator/notifications schema and EvidenceLocker digest schema. | Planning |
| 2025-11-19 | Normalized sprint to standard template and renamed from `SPRINT_165_timelineindexer.md` to `SPRINT_0165_0001_0001_timelineindexer.md`; content preserved. | Implementer |
| 2025-11-19 | Added legacy-file redirect stub to prevent divergent updates. | Implementer |
## Decisions & Risks
- Blocked on orchestrator/notification schemas for ingestion payload definitions.
- Needs EvidenceLocker bundle digest schema before implementing evidence linkage.
- Security/Compliance review required for Postgres RLS migrations; no coding until approval.
- TIMELINE-OBS-52-001 specifically blocked on upstream schemas (orchestrator/notification events) and EvidenceLocker digest schema; cannot draft migrations/RLS without them.
## Next Checkpoints
- Obtain sample orchestrator/notification events and EvidenceLocker digest schema (date TBD).
- Draft migrations + RLS design and review with Security/Compliance.

6
docs/implplan/SPRINT_0201_0001_0001_cli_i.md
View File

@@ -56,8 +56,8 @@
## Action Tracker
| # | Action | Owner | Due (UTC) | Status |
| --- | --- | --- | --- | --- |
| 1 | Align CLI adoption scope with SPRINT_0208_0001_0001_sdk Wave B artifacts (SDKGEN-64-001) and schedule switch-over | DevEx/CLI Guild | 2025-12-10 | TODO |
| 2 | Obtain offline kit status contract + sample bundle for CLI-HK-201-002 | DevEx/CLI Guild · Offline Kit owner | 2025-11-27 | TODO |
| 1 | Align CLI adoption scope with SPRINT_0208_0001_0001_sdk Wave B artifacts (SDKGEN-64-001) and schedule switch-over | DevEx/CLI Guild | 2025-12-10 | BLOCKED (Awaiting Wave B SDK drops; SDKGEN-64-001 still TODO in Sprint 0208) |
| 2 | Obtain offline kit status contract + sample bundle for CLI-HK-201-002 | DevEx/CLI Guild · Offline Kit owner | 2025-11-27 | BLOCKED (No offline kit status bundle/contract delivered; waiting on Offline Kit owner) |
## Decisions & Risks
- `CLI-HK-201-002` remains blocked pending offline kit status contract and sample bundle.
@@ -65,6 +65,7 @@
- `CLI-AIAI-31-001/002/003` delivered; CLI advisory verbs (summarize/explain/remediate) now render to console and file with citations; no build blockers remain in this track.
- `CLI-AIRGAP-56-001` blocked: mirror bundle contract/spec not published to CLI; cannot implement `stella mirror create` without bundle schema and signing/digest requirements.
- `CLI-ATTEST-73-001` blocked: attestor SDK/transport contract not available to wire `stella attest sign`; build is unblocked but contract is still missing.
- Action tracker: adoption alignment waits on SDKGEN-64-001 Wave B drops (Sprint 0208); offline kit status sample not yet provided by Offline Kit owner.
- Full CLI test suite is long-running locally; targeted new advisory tests added. Recommend CI run `dotnet test src/Cli/__Tests/StellaOps.Cli.Tests/StellaOps.Cli.Tests.csproj` for confirmation.
## Execution Log
@@ -85,4 +86,5 @@
| 2025-11-24 | Added `stella advise explain` and `stella advise remediate` commands; stub backend now returns offline status; CLI advisory commands write output to console and file. `dotnet test` for `src/Cli/__Tests/StellaOps.Cli.Tests` passes (102/102). | DevEx/CLI Guild |
| 2025-11-24 | Added `stella advise batch` (multi-key runner) and new conflict/remediation tests. Partial local test runs attempted; full suite build is long—run `dotnet test src/Cli/__Tests/StellaOps.Cli.Tests/StellaOps.Cli.Tests.csproj` in CI for confirmation. | DevEx/CLI Guild |
| 2025-11-24 | Added console/JSON output for advisory markdown and offline kit status; StubBackendClient now returns offline status. `dotnet test` for `src/Cli/__Tests/StellaOps.Cli.Tests` passes (100/100), clearing the CLI-AIAI-31-001 build blocker. | DevEx/CLI Guild |
| 2025-11-30 | Action tracker updated: adoption alignment (Action 1) BLOCKED awaiting SDKGEN-64-001 Wave B drops in Sprint 0208; offline kit status sample (Action 2) BLOCKED pending contract/sample from Offline Kit owner. | DevEx/CLI Guild |
| 2025-11-24 | Verified advise batch implementation and marked CLI-AIAI-31-004 DONE; coverage via `HandleAdviseBatchAsync_RunsAllAdvisories` test. | DevEx/CLI Guild |

42
docs/implplan/SPRINT_0313_0001_0001_docs_modules_attestor.md Normal file
View File

@@ -0,0 +1,42 @@
# Sprint 0313 · Docs Modules · Attestor
## Topic & Scope
- Refresh Attestor module docs (README, architecture, implementation plan, runbooks) to match latest release notes and attestation samples.
- Add observability/runbook stub and TASKS mirror for status syncing.
- Keep sprint references aligned with normalized filename.
- **Working directory:** `docs/modules/attestor`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel once release/demo artefacts are available.
## Documentation Prerequisites
- `docs/modules/attestor/AGENTS.md`
- `docs/modules/attestor/README.md`
- `docs/modules/attestor/architecture.md`
- `docs/modules/attestor/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | ATTESTOR-DOCS-0001 | DONE (2025-11-05) | Validate README vs release notes. | Docs Guild (`docs/modules/attestor`) | Validate that `docs/modules/attestor/README.md` matches latest release notes and attestation samples. |
| 2 | ATTESTOR-OPS-0001 | BLOCKED (2025-11-30) | Waiting on next demo outputs to update runbooks/observability. | Ops Guild (`docs/modules/attestor`) | Review runbooks/observability assets after the next sprint demo and capture findings inline with sprint notes. |
| 3 | ATTESTOR-ENG-0001 | DONE (2025-11-27) | Readiness tracker added. | Module Team (`docs/modules/attestor`) | Cross-check implementation plan milestones against `/docs/implplan/SPRINT_*.md` and update module readiness checkpoints. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_313_docs_modules_attestor.md`; added compatibility stub. | Docs Guild |
| 2025-11-05 | Completed ATTESTOR-DOCS-0001 per release notes and samples. | Docs Guild |
| 2025-11-27 | Added readiness tracker to implementation plan (ATTESTOR-ENG-0001). | Module Team |
| 2025-11-30 | Added observability runbook stub + dashboard placeholder; ATTESTOR-OPS-0001 set to BLOCKED pending next demo outputs. | Ops Guild |
## Decisions & Risks
- Ops/runbook updates blocked until next Attestor demo provides observability evidence.
- Keep sprint and TASKS mirrored to avoid drift.
- Offline posture must be preserved; dashboards remain JSON importable.
## Next Checkpoints
- 2025-12-05 · Reassess Attestor demo outputs; if available, unblock ATTESTOR-OPS-0001 and update runbook/dashboard. Owner: Ops Guild.

42
docs/implplan/SPRINT_0314_0001_0001_docs_modules_authority.md Normal file
View File

@@ -0,0 +1,42 @@
# Sprint 0314 · Docs Modules · Authority
## Topic & Scope
- Refresh Authority module docs (README, architecture, implementation plan, runbooks) to reflect current OpTok/DPoP/mTLS posture, tenant scoping, and offline readiness.
- Stand up a TASKS board and mirror statuses with this sprint.
- Ensure observability/runbook references stay aligned with existing monitoring/Grafana assets.
- **Working directory:** `docs/modules/authority`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel once prerequisite docs are available.
## Documentation Prerequisites
- `docs/modules/authority/AGENTS.md`
- `docs/modules/authority/README.md`
- `docs/modules/authority/architecture.md`
- `docs/modules/authority/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | AUTHORITY-DOCS-0001 | DONE (2025-11-30) | Refresh module docs per latest OpTok/tenant scope posture. | Docs Guild (`docs/modules/authority`) | Refresh Authority module docs, add sprint/task links, and cross-link monitoring/grafana assets. |
| 2 | AUTHORITY-ENG-0001 | DONE (2025-11-27) | Sprint readiness tracker added. | Module Team (`docs/modules/authority`) | Implementation plan readiness tracker mapped to epics/sprints (already delivered). |
| 3 | AUTHORITY-OPS-0001 | DONE (2025-11-30) | Add TASKS board + observability references. | Ops Guild (`docs/modules/authority`) | Ensure monitoring/backup/rotation runbooks are linked and offline-friendly; mirror status via TASKS. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_314_docs_modules_authority.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed AUTHORITY-DOCS-0001: updated README latest updates, added sprint/TASKS links, and observability references. | Docs Guild |
| 2025-11-27 | AUTHORITY-ENG-0001 previously delivered: readiness tracker added to implementation plan. | Module Team |
| 2025-11-30 | Completed AUTHORITY-OPS-0001: created TASKS board and aligned monitoring/Grafana references. | Ops Guild |
## Decisions & Risks
- Offline posture must be preserved; dashboards stay JSON importable (no external datasources).
- Tenant-scope/Surface.Env/Surface.Secrets contracts must stay aligned with platform docs; update sprint/TASKS if they change.
- Keep sprint and TASKS mirrored to avoid drift.
## Next Checkpoints
- 2025-12-05 · Verify grafana-dashboard.json still matches current metrics contract; update runbooks if changes land. Owner: Ops Guild.

42
docs/implplan/SPRINT_0330_0001_0001_docs_modules_telemetry.md Normal file
View File

@@ -0,0 +1,42 @@
# Sprint 0330 · Docs Modules · Telemetry
## Topic & Scope
- Refresh telemetry module docs (README, architecture, implementation plan, runbooks) to reflect the current observability stack, storage isolation, and offline posture.
- Create a TASKS board for the module and mirror statuses with this sprint.
- Add an observability runbook stub and dashboard placeholder for the latest demo.
- **Working directory:** `docs/modules/telemetry`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; no blocking concurrency once prerequisite docs available.
## Documentation Prerequisites
- `docs/modules/telemetry/AGENTS.md`
- `docs/modules/telemetry/README.md`
- `docs/modules/telemetry/architecture.md`
- `docs/modules/telemetry/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | TELEMETRY-DOCS-0001 | DONE (2025-11-30) | Refresh module docs for new storage/isolation posture. | Docs Guild (`docs/modules/telemetry`) | Validate telemetry module docs reflect the new storage stack and isolation rules; add sprint references. |
| 2 | TELEMETRY-OPS-0001 | DONE (2025-11-30) | Add observability runbook stub post-demo. | Ops Guild (`docs/modules/telemetry`) | Review telemetry runbooks/observability dashboards and add offline import placeholder. |
| 3 | TELEMETRY-ENG-0001 | DONE (2025-11-30) | Mirror statuses with module board. | Module Team (`docs/modules/telemetry`) | Ensure milestones stay in sync with telemetry sprints via TASKS board mirror. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_330_docs_modules_telemetry.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed TELEMETRY-DOCS-0001: refreshed README latest updates and added sprint/task links. | Docs Guild |
| 2025-11-30 | Completed TELEMETRY-OPS-0001: added observability runbook stub and Grafana placeholder. | Ops Guild |
| 2025-11-30 | Completed TELEMETRY-ENG-0001: created TASKS board and mirrored statuses. | Module Team |
## Decisions & Risks
- Dashboards must remain offline-import friendly; avoid external data sources.
- Keep sprint and TASKS mirrored to prevent drift.
- Storage/isolation rules must stay aligned with platform docs; update both sprint and module if they change.
## Next Checkpoints
- 2025-12-05 · Populate Grafana panels once metrics contract finalizes; update runbook and sprint log. Owner: Ops Guild.

42
docs/implplan/SPRINT_0331_0001_0001_docs_modules_ui.md Normal file
View File

@@ -0,0 +1,42 @@
# Sprint 0331 · Docs Modules · UI
## Topic & Scope
- Refresh Console UI module docs (README, architecture, implementation plan, runbooks) so onboarding and operations reflect current roadmap and offline posture.
- Stand up a TASKS board for the module and keep status mirrored with this sprint.
- Capture observability/runbook stubs for the latest demo and document offline import steps.
- **Working directory:** `docs/modules/ui`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- No blocking concurrency; documentation-only refresh.
## Documentation Prerequisites
- `docs/modules/ui/AGENTS.md`
- `docs/modules/ui/README.md`
- `docs/modules/ui/architecture.md`
- `docs/modules/ui/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | CONSOLE UI-DOCS-0001 | DONE (2025-11-30) | Validate module docs against latest roadmap/releases. | Docs Guild (`docs/modules/ui`) | Refresh module docs and link to sprint/API/runbook artefacts. |
| 2 | CONSOLE UI-ENG-0001 | DONE (2025-11-30) | Keep status mirrored between sprint and module board. | Module Team (`docs/modules/ui`) | Create TASKS board and mirror statuses with this sprint. |
| 3 | CONSOLE UI-OPS-0001 | DONE (2025-11-30) | Add observability/runbook stub from latest demo. | Ops Guild (`docs/modules/ui`) | Document observability/operations notes and offline dashboard stub. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_331_docs_modules_ui.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed CONSOLE UI-DOCS-0001: refreshed README latest updates, added cross-links to observability runbook and sprint reference. | Docs Guild |
| 2025-11-30 | Completed CONSOLE UI-ENG-0001: created `docs/modules/ui/TASKS.md` and mirrored statuses. | Module Team |
| 2025-11-30 | Completed CONSOLE UI-OPS-0001: added observability runbook stub and offline Grafana JSON placeholder under `operations/`. | Ops Guild |
## Decisions & Risks
- Docs assume offline/air-gap deployments; dashboards provided as JSON for local import to avoid external dependencies.
- Keep TASKS board and sprint in sync to prevent drift; update both when status changes.
- Observability stub uses placeholder panels until metrics endpoints are finalised.
## Next Checkpoints
- 2025-12-05 · Review observability dashboard once metrics contract lands; update runbook/dashboards accordingly. Owner: Ops Guild.

42
docs/implplan/SPRINT_0332_0001_0001_docs_modules_vex_lens.md Normal file
View File

@@ -0,0 +1,42 @@
# Sprint 0332 · Docs Modules · VEX Lens
## Topic & Scope
- Refresh VEX Lens module docs (README, architecture, implementation plan, runbooks) with consensus workflow guidance and latest release links.
- Add observability/runbook stub for the latest demo and keep sprint alignment notes in sync.
- Stand up a TASKS board for the module and mirror statuses with this sprint.
- **Working directory:** `docs/modules/vex-lens`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- No blocking concurrency; documentation-only refresh.
## Documentation Prerequisites
- `docs/modules/vex-lens/AGENTS.md`
- `docs/modules/vex-lens/README.md`
- `docs/modules/vex-lens/architecture.md`
- `docs/modules/vex-lens/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | VEX-CONSENSUS-LENS-DOCS-0001 | DONE (2025-11-30) | Refresh module docs with consensus workflow guidance. | Docs Guild (`docs/modules/vex-lens`) | Refresh VEX Lens module docs with consensus workflow guidance and release links. |
| 2 | VEX-LENS-OPS-0001 | DONE (2025-11-30) | Add observability/runbook stub post-demo. | Ops Guild (`docs/modules/vex-lens`) | Review runbooks/observability assets and document offline import steps. |
| 3 | VEX-LENS-ENG-0001 | DONE (2025-11-30) | Mirror statuses with module board. | Module Team (`docs/modules/vex-lens`) | Keep module milestones synchronized with VEX Lens sprints and TASKS board. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_332_docs_modules_vex_lens.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed VEX-CONSENSUS-LENS-DOCS-0001: updated README latest updates and cross-links; added sprint/API/schema references. | Docs Guild |
| 2025-11-30 | Completed VEX-LENS-OPS-0001: added observability runbook stub and offline Grafana JSON placeholder under `runbooks/`. | Ops Guild |
| 2025-11-30 | Completed VEX-LENS-ENG-0001: created TASKS board and mirrored statuses with this sprint. | Module Team |
## Decisions & Risks
- Docs assume offline/air-gap posture; dashboards provided as JSON for local import.
- Keep TASKS board and sprint in sync to avoid drift; update both on status changes.
- Observability stub awaits finalized metrics contract; panels are placeholders until metrics land.
## Next Checkpoints
- 2025-12-05 · Populate Grafana panels once metrics contract finalizes; update runbook and sprint log. Owner: Ops Guild.

44
docs/implplan/SPRINT_0333_0001_0001_docs_modules_excititor.md Normal file
View File

@@ -0,0 +1,44 @@
# Sprint 0333 · Docs Modules · Excititor
## Topic & Scope
- Refresh Excititor module docs (README, architecture, implementation plan, runbooks) to match current consensus/linkset posture and offline evidence flows.
- Mirror statuses between this sprint and the module TASKS board.
- Capture observability/runbook evidence from latest demo and keep references to chunk API/OpenAPI once frozen.
- **Working directory:** `docs/modules/excititor`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel once API/CI artifacts are available.
## Documentation Prerequisites
- `docs/modules/excititor/AGENTS.md`
- `docs/modules/excititor/README.md`
- `docs/modules/excititor/architecture.md`
- `docs/modules/excititor/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | EXCITOR-DOCS-0001 | DONE (2025-11-07) | Validate README vs release notes. | Docs Guild (`docs/modules/excitor`) | Validate that `docs/modules/excitor/README.md` matches latest release notes and consensus beta notes. |
| 2 | EXCITOR-OPS-0001 | DONE (2025-11-07) | Checklist in `docs/modules/excitor/mirrors.md`. | Ops Guild (`docs/modules/excitor`) | Review runbooks/observability assets and add mirror checklist. |
| 3 | EXCITOR-ENG-0001 | DONE (2025-11-07) | Keep implementation plan aligned. | Module Team (`docs/modules/excitor`) | Ensure implementation plan sprint alignment table stays current with SPRINT_200 updates. |
| 4 | EXCITITOR-DOCS-0001 | BLOCKED (2025-11-19) | Waiting on chunk API CI validation + console contracts; OpenAPI freeze pending. | Docs Guild (`docs/modules/excititor`) | Finalize docs after chunk API CI passes and OpenAPI is frozen. |
| 5 | EXCITITOR-ENG-0001 | TODO | Mirror status via AGENTS workflow. | Module Team (`docs/modules/excititor`) | Update engineering notes and alignment once EXCITITOR-DOCS-0001 unblocks. |
| 6 | EXCITITOR-OPS-0001 | TODO | Sync outcomes back to upstream sprint once contracts freeze. | Ops Guild (`docs/modules/excititor`) | Reflect observability/runbook updates after OpenAPI freeze. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_333_docs_modules_excititor.md`; added compatibility stub. | Docs Guild |
| 2025-11-07 | Marked EXCITOR-DOCS-0001/OPS-0001/ENG-0001 as DONE after README, runbook checklist, and implementation plan sync. | Module Team |
| 2025-11-19 | EXCITITOR-DOCS-0001 set to BLOCKED pending chunk API CI and OpenAPI freeze. | Docs Guild |
## Decisions & Risks
- EXCITITOR-DOCS-0001 blocked on chunk API CI validation and OpenAPI freeze; downstream ops/eng tasks stay TODO until resolved.
- Mirror statuses in `docs/modules/excititor/TASKS.md` to avoid drift between sprint and module board.
- Offline posture must be maintained; dashboards should remain importable without external services.
## Next Checkpoints
- 2025-12-05 · Reassess chunk API CI and OpenAPI freeze; if green, unblock EXCITITOR-DOCS-0001 and propagate updates. Owner: Docs Guild.

44
docs/implplan/SPRINT_0334_0001_0001_docs_modules_vuln_explorer.md Normal file
View File

@@ -0,0 +1,44 @@
# Sprint 0334 · Docs Modules · Vuln Explorer
## Topic & Scope
- Refresh Vuln Explorer module docs (README, architecture, implementation plan, runbooks) to match current roadmap, VEX-first triage UX, and offline evidence/export flows.
- Add observability/runbook evidence from the latest demo and keep sprint alignment notes in sync with active Vuln Explorer deliveries.
- Ensure doc front doors link to supporting artefacts (OpenAPI draft, schemas, sprint plan, task board) for deterministic onboarding.
- **Working directory:** `docs/modules/vuln-explorer`.
## Dependencies & Concurrency
- Upstream context: Sprint 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- No blocking concurrency once prerequisite docs are available; tasks are documentation-only.
## Documentation Prerequisites
- `docs/modules/vuln-explorer/AGENTS.md`
- `docs/modules/vuln-explorer/README.md`
- `docs/modules/vuln-explorer/architecture.md`
- `docs/modules/vuln-explorer/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | VULNERABILITY-EXPLORER-DOCS-0001 | DONE (2025-11-30) | Validate module docs against latest roadmap/releases. | Docs Guild (`docs/modules/vuln-explorer`) | Validated module docs and added evidence links (OpenAPI draft, schemas, sprint references). |
| 2 | VULNERABILITY-EXPLORER-OPS-0001 | DONE (2025-11-30) | Gather observability outputs from latest demo. | Ops Guild (`docs/modules/vuln-explorer`) | Documented observability/runbook outputs and offline dashboard stub in module docs. |
| 3 | VULNERABILITY-EXPLORER-ENG-0001 | DONE (2025-11-30) | Sync sprint alignment notes across Vuln Explorer streams. | Module Team (`docs/modules/vuln-explorer`) | Synced sprint alignment notes and task mirrors across module docs and TASKS board. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template and renamed from `SPRINT_334_docs_modules_vuln_explorer.md` to `SPRINT_0334_0001_0001_docs_modules_vuln_explorer.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed VULNERABILITY-EXPLORER-DOCS-0001: refreshed README latest updates, observability references, architecture cross-links, and added sprint/API/schema evidence. | Docs Guild |
| 2025-11-30 | Completed VULNERABILITY-EXPLORER-OPS-0001: added offline observability runbook + dashboard stub (`runbooks/observability.md`, `runbooks/dashboards/vuln-explorer-observability.json`). | Ops Guild |
| 2025-11-30 | Completed VULNERABILITY-EXPLORER-ENG-0001: created module `TASKS.md` mirror and sprint alignment notes in implementation plan. | Module Team |
## Decisions & Risks
- Docs refresh depends on latest Vuln Explorer roadmap and demo artefacts; stale inputs risk inaccurate guidance.
- Observability/runbook updates must remain offline-friendly (no external dashboards).
- Maintain Aggregation-Only Contract references to avoid implying merge/consensus semantics in docs.
- Keep module `TASKS.md` and this sprint in lockstep to avoid drift; mirror updates when new doc work starts.
## Next Checkpoints
- 2025-12-02 · Confirm observability/demo artefacts and finalize runbook updates. Owner: Ops Guild.
- 2025-12-03 · Validate doc cross-links (OpenAPI, schemas, sprint references) and close VULNERABILITY-EXPLORER-DOCS-0001. Owner: Docs Guild.

42
docs/implplan/SPRINT_0335_0001_0001_docs_modules_zastava.md Normal file
View File

@@ -0,0 +1,42 @@
# Sprint 0335 · Docs Modules · Zastava
## Topic & Scope
- Refresh Zastava module docs (README, architecture, implementation plan, runbooks) to reflect current runtime posture, Surface.Env/Surface.Secrets adoption, and offline kit integration.
- Stand up a TASKS board and mirror statuses with this sprint.
- Add observability/runbook stub for the latest demo and keep links to Surface contracts.
- **Working directory:** `docs/modules/zastava`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- No blocking concurrency; documentation-only refresh.
## Documentation Prerequisites
- `docs/modules/zastava/AGENTS.md`
- `docs/modules/zastava/README.md`
- `docs/modules/zastava/architecture.md`
- `docs/modules/zastava/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | ZASTAVA-DOCS-0001 | DONE (2025-11-30) | Refresh module docs per latest Surface.Env/Surface.Secrets posture. | Docs Guild (`docs/modules/zastava`) | Refresh Zastava module docs with current runtime policy, Surface Env/Secrets notes, and offline kit hooks. |
| 2 | ZASTAVA-ENG-0001 | DONE (2025-11-30) | Mirror sprint ↔ TASKS status. | Module Team (`docs/modules/zastava`) | Create TASKS board and keep statuses in sync. |
| 3 | ZASTAVA-OPS-0001 | DONE (2025-11-30) | Add observability/runbook stub. | Ops Guild (`docs/modules/zastava`) | Document observability/runbook stub and offline dashboard JSON. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_335_docs_modules_zastava.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed ZASTAVA-DOCS-0001: refreshed README latest updates, added Surface Env/Secrets references, and sprint links. | Docs Guild |
| 2025-11-30 | Completed ZASTAVA-ENG-0001: created TASKS board; mirrored statuses. | Module Team |
| 2025-11-30 | Completed ZASTAVA-OPS-0001: added observability runbook stub and dashboard placeholder. | Ops Guild |
## Decisions & Risks
- Surface.Env/Surface.Secrets contracts must remain aligned with platform docs; update both sprint and TASKS if contracts shift.
- Offline-friendly dashboards only; avoid external dependencies.
- Keep sprint and TASKS mirrored to avoid drift.
## Next Checkpoints
- 2025-12-05 · Populate Grafana panels once metrics contract finalizes; update runbook + sprint log. Owner: Ops Guild.

17
docs/implplan/SPRINT_0513_0001_0001_public_reachability_benchmark.md
View File

@@ -28,12 +28,12 @@
| --- | --- | --- | --- | --- | --- |
| 1 | BENCH-REPO-513-001 | DONE (2025-11-29) | None; foundational. | Bench Guild · DevOps Guild | Create public repository structure: `benchmark/cases/<lang>/<project>/`, `benchmark/schemas/`, `benchmark/tools/scorer/`, `baselines/`, `ci/`, `website/`. Add LICENSE (Apache-2.0), README, CONTRIBUTING.md. |
| 2 | BENCH-SCHEMA-513-002 | DONE (2025-11-29) | Depends on 513-001. | Bench Guild | Define and publish schemas: `case.schema.yaml` (component, sink, label, evidence), `entrypoints.schema.yaml`, `truth.schema.yaml`, `submission.schema.json`. Include JSON Schema validation. |
| 3 | BENCH-CASES-JS-513-003 | TODO | Depends on 513-002. | Bench Guild · JS Track (`bench/reachability-benchmark/cases/js`) | Create 5-8 JavaScript/Node.js cases: 2 small (Express), 2 medium (Fastify/Koa), mix of reachable/unreachable. Include Dockerfiles, package-lock.json, unit test oracles, coverage output. |
| 4 | BENCH-CASES-PY-513-004 | TODO | Depends on 513-002. | Bench Guild · Python Track (`bench/reachability-benchmark/cases/py`) | Create 5-8 Python cases: Flask, Django, FastAPI. Include requirements.txt pinned, pytest oracles, coverage.py output. |
| 5 | BENCH-CASES-JAVA-513-005 | TODO | Depends on 513-002. | Bench Guild · Java Track (`bench/reachability-benchmark/cases/java`) | Create 5-8 Java cases: Spring Boot, Micronaut. Include pom.xml locked, JUnit oracles, JaCoCo coverage. |
| 3 | BENCH-CASES-JS-513-003 | DONE (2025-11-30) | Depends on 513-002. | Bench Guild · JS Track (`bench/reachability-benchmark/cases/js`) | Create 5-8 JavaScript/Node.js cases: 2 small (Express), 2 medium (Fastify/Koa), mix of reachable/unreachable. Include Dockerfiles, package-lock.json, unit test oracles, coverage output. Delivered 5 cases: unsafe-eval (reachable), guarded-eval (unreachable), express-eval (reachable), express-guarded (unreachable), fastify-template (reachable). |
| 4 | BENCH-CASES-PY-513-004 | DONE (2025-11-30) | Depends on 513-002. | Bench Guild · Python Track (`bench/reachability-benchmark/cases/py`) | Create 5-8 Python cases: Flask, Django, FastAPI. Include requirements.txt pinned, pytest oracles, coverage.py output. Delivered 5 cases: unsafe-exec (reachable), guarded-exec (unreachable), flask-template (reachable), fastapi-guarded (unreachable), django-ssti (reachable). |
| 5 | BENCH-CASES-JAVA-513-005 | DOING | Depends on 513-002. | Bench Guild · Java Track (`bench/reachability-benchmark/cases/java`) | Create 5-8 Java cases: Spring Boot, Micronaut. Include pom.xml locked, JUnit oracles, JaCoCo coverage. Progress: 2/5 seeded (`spring-deserialize` reachable, `spring-guarded` unreachable). Note: builds/tests pending until JDK available in runner. |
| 6 | BENCH-CASES-C-513-006 | TODO | Depends on 513-002. | Bench Guild · Native Track (`bench/reachability-benchmark/cases/c`) | Create 3-5 C/ELF cases: small HTTP servers, crypto utilities. Include Makefile, gcov/llvm-cov coverage, deterministic builds (SOURCE_DATE_EPOCH). |
| 7 | BENCH-BUILD-513-007 | TODO | Depends on 513-003 through 513-006. | Bench Guild · DevOps Guild | Implement `build_all.py` and `validate_builds.py`: deterministic Docker builds, hash verification, SBOM generation (syft), attestation stubs. |
| 8 | BENCH-SCORER-513-008 | TODO | Depends on 513-002. | Bench Guild (`bench/reachability-benchmark/tools/scorer`) | Implement `rb-score` CLI: load cases/truth, validate submissions, compute precision/recall/F1, explainability score (0-3), runtime stats, determinism rate. |
| 8 | BENCH-SCORER-513-008 | DONE (2025-11-30) | Depends on 513-002. | Bench Guild (`bench/reachability-benchmark/tools/scorer`) | Implement `rb-score` CLI: load cases/truth, validate submissions, compute precision/recall/F1, explainability score (0-3), runtime stats, determinism rate. |
| 9 | BENCH-EXPLAIN-513-009 | TODO | Depends on 513-008. | Bench Guild | Implement explainability scoring rules: 0=no context, 1=path with ≥2 nodes, 2=entry+≥3 nodes, 3=guards/constraints included. Unit tests for each level. |
| 10 | BENCH-BASELINE-SEMGREP-513-010 | TODO | Depends on 513-008 and cases. | Bench Guild | Semgrep baseline runner: `baselines/semgrep/run_case.sh`, rule config, output normalization to submission format. |
| 11 | BENCH-BASELINE-CODEQL-513-011 | TODO | Depends on 513-008 and cases. | Bench Guild | CodeQL baseline runner: database creation, reachability queries, output normalization. Document CodeQL license requirements. |
@@ -85,3 +85,12 @@
| 2025-11-27 | Sprint created from product advisory `24-Nov-2025 - Designing a Deterministic Reachability Benchmark.md`; 17 tasks defined across 5 waves. | Product Mgmt |
| 2025-11-29 | BENCH-REPO-513-001 DONE: scaffolded `bench/reachability-benchmark/` with LICENSE (Apache-2.0), NOTICE, README, CONTRIBUTING, .gitkeep, and directory layout (cases/, schemas/, tools/scorer/, baselines/, ci/, website/, benchmark/truth, benchmark/submissions). | Implementer |
| 2025-11-29 | BENCH-SCHEMA-513-002 DONE: expanded schemas (case/entrypoints/truth/submission), added examples + offline validator `tools/validate.py`, and pinned requirements for deterministic validation. | Implementer |
| 2025-11-30 | BENCH-SCORER-513-008 DONE: implemented `rb-score` CLI with schema validation, metrics (precision/recall/F1), explainability tiers, determinism check, JSON/text outputs, pinned deps, and pytest coverage. | Implementer |
| 2025-11-30 | Started BENCH-CASES-JS-513-003: added first JS case `cases/js/unsafe-eval` with deterministic build/test, traces/coverage, entrypoints, truth file `benchmark/truth/js-unsafe-eval.json`. | Implementer |
| 2025-11-30 | Progressed BENCH-CASES-JS-513-003: added `cases/js/guarded-eval` (feature-flagged sink, unreachable by default) with matching entrypoints and truth `benchmark/truth/js-guarded-eval.json`; both cases validated via `tools/validate.py` and build scripts produce deterministic artifacts. | Implementer |
| 2025-11-30 | Completed BENCH-CASES-JS-513-003: added `cases/js/express-eval`, `cases/js/express-guarded`, `cases/js/fastify-template` with matching entrypoints and truth files; all five JS cases validate against schemas and have deterministic build/test scripts. | Implementer |
| 2025-11-30 | Started BENCH-CASES-PY-513-004: added `cases/py/unsafe-exec` (reachable eval) and `cases/py/guarded-exec` (feature-flagged, unreachable by default) with entrypoints and truth files; both validate via `tools/validate.py` and deterministic build scripts. | Implementer |
| 2025-11-30 | Progressed BENCH-CASES-PY-513-004: added `cases/py/flask-template` (reachable template rendering) with entrypoints and truth `benchmark/truth/py-flask-template.json`; validated via `tools/validate.py` and deterministic build. | Implementer |
| 2025-11-30 | Progressed BENCH-CASES-PY-513-004: added `cases/py/fastapi-guarded` (unreachable unless ALLOW_EXEC=true) with entrypoints and truth `benchmark/truth/py-fastapi-guarded.json`; validated via `tools/validate.py` and deterministic build. | Implementer |
| 2025-11-30 | Completed BENCH-CASES-PY-513-004: added `cases/py/django-ssti` (reachable template rendering, autoescape off) with truth `benchmark/truth/py-django-ssti.json`; validated via `tools/validate.py` and deterministic build. | Implementer |
| 2025-11-30 | Started BENCH-CASES-JAVA-513-005: added `cases/java/spring-deserialize` (reachable) and `cases/java/spring-guarded` (unreachable by default) with entrypoints and truth files; schema validation passes. Build/test pending due to missing `javac` in runner—recorded as dependency for future CI. | Implementer |

2
docs/implplan/SPRINT_150_scheduling_automation.md
View File

@@ -9,7 +9,7 @@ This file now only tracks the scheduling & automation status snapshot. Active ba
| Wave | Guild owners | Shared prerequisites | Status | Notes |
| --- | --- | --- | --- | --- |
| 150.A Orchestrator | Orchestrator Service Guild · AirGap Policy/Controller Guilds · Observability Guild | Sprint 120.A AirGap; Sprint 130.A Scanner; Sprint 140.A Graph | TODO | Pending confirmation that Scanner surface artifacts are ready; keep job telemetry work prepped for fast start. |
| 150.B PacksRegistry | Packs Registry Guild · Exporter Guild · Security Guild | Sprint 120.A AirGap; Sprint 130.A Scanner; Sprint 140.A Graph | TODO | Blocked on Orchestrator tenancy scaffolding; specs are ready once 150.A flips to DOING. |
| 150.B PacksRegistry | Packs Registry Guild · Exporter Guild · Security Guild | Sprint 120.A AirGap; Sprint 130.A Scanner; Sprint 140.A Graph | DONE (2025-11-25) | Completed in `SPRINT_0154_0001_0001_packsregistry`; registry service, lifecycle, mirroring, and compliance dashboards shipped. |
| 150.C Scheduler | Scheduler WebService/Worker Guilds · Findings Ledger Guild · Observability Guild | Sprint 120.A AirGap; Sprint 130.A Scanner; Sprint 140.A Graph | TODO | Impact index improvements need Graph overlays; hold until 140.A status improves. |
| 150.D TaskRunner | Task Runner Guild · AirGap Guilds · Evidence Locker Guild | Sprint 120.A AirGap; Sprint 130.A Scanner; Sprint 140.A Graph | TODO | Execution engine upgrades staged; start once Orchestrator/Scheduler telemetry baselines exist. |

25
docs/implplan/SPRINT_152_orchestrator_ii.md
View File

@@ -1,24 +1,5 @@
# Sprint 152 - Scheduling & Automation · 150.A) Orchestrator.II
# Moved: Sprint 0152-0001-0002 · Orchestrator II (Scheduling & Automation)
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
This legacy filename is retained to avoid broken references. The canonical sprint now lives at `docs/implplan/SPRINT_0152_0001_0002_orchestrator_ii.md` following the standard naming/template. Do not edit tasks here; update the canonical file only.
[Scheduling & Automation] 150.A) Orchestrator.II
Depends on: Sprint 150.A - Orchestrator.I
Summary: Scheduling & Automation focus on Orchestrator (phase II).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
ORCH-SVC-32-002 | TODO | Implement scheduler DAG planner + dependency resolver, job state machine, and critical-path metadata without yet issuing control actions. Dependencies: ORCH-SVC-32-001. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-32-003 | TODO | Expose read-only REST APIs (sources, runs, jobs, DAG) with OpenAPI, validation, pagination, and tenant scoping. Dependencies: ORCH-SVC-32-002. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-32-004 | TODO | Implement WebSocket/SSE stream for job/run updates, emit structured metrics counters/histograms, and add health probes. Dependencies: ORCH-SVC-32-003. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-32-005 | TODO | Deliver worker claim/heartbeat/progress endpoints capturing artifact metadata/checksums and enforcing idempotency keys. Dependencies: ORCH-SVC-32-004. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-33-001 | TODO | Enable `sources test. Dependencies: ORCH-SVC-32-005. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-33-002 | TODO | Implement per-source/tenant adaptive token-bucket rate limiter, concurrency caps, and backpressure signals reacting to upstream 429/503. Dependencies: ORCH-SVC-33-001. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-33-003 | TODO | Add watermark/backfill manager with event-time windows, duplicate suppression, dry-run preview endpoint, and safety validations. Dependencies: ORCH-SVC-33-002. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-33-004 | TODO | Deliver dead-letter store, replay endpoints, and error classification surfaces with remediation hints + notification hooks. Dependencies: ORCH-SVC-33-003. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-34-001 | DONE | Implement quota management APIs, per-tenant SLO burn-rate computation, and alert budget tracking surfaced via metrics. Dependencies: ORCH-SVC-33-004. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-34-002 | DONE | Build audit log + immutable run ledger export with signed manifest support, including provenance chain to artifacts. Dependencies: ORCH-SVC-34-001. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-34-003 | TODO | Execute perf/scale validation (≥10k pending jobs, dispatch P95 <150ms) and add autoscaling hooks with health probes. Dependencies: ORCH-SVC-34-002. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-34-004 | TODO | Package orchestrator container, Helm overlays, offline bundle seeds, provenance attestations, and compliance checklist for GA. Dependencies: ORCH-SVC-34-003. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-35-101 | TODO | Register `export` job type with quotas/rate policies, expose telemetry, and ensure exporter workers heartbeat via orchestrator contracts. Dependencies: ORCH-SVC-34-004. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-36-101 | TODO | Capture distribution metadata and retention timestamps for export jobs, updating dashboards and SSE payloads. Dependencies: ORCH-SVC-35-101. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
ORCH-SVC-37-101 | TODO | Enable scheduled export runs, retention pruning hooks, and failure alerting tied to export job class. Dependencies: ORCH-SVC-36-101. | Orchestrator Service Guild (src/Orchestrator/StellaOps.Orchestrator)
Status recap (read-only): All ORCH-SVC-32/33/34/35/36/37 tasks are DONE in the canonical sprint document.

16
docs/implplan/SPRINT_154_packsregistry.md
View File

@@ -1,12 +1,8 @@
# Sprint 154 - Scheduling & Automation · 150.B) PacksRegistry
# Legacy redirect — Sprint 0154 Packs Registry
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
This sprint was renamed to `SPRINT_0154_0001_0001_packsregistry.md` on 2025-11-19 to match the standard format.
[Scheduling & Automation] 150.B) PacksRegistry
Depends on: Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph
Summary: Scheduling & Automation focus on PacksRegistry).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
PACKS-REG-41-001 | TODO | Implement registry service, migrations for `packs_index`, `parity_matrix`, provenance docs; support pack upload/list/get, signature verification, RBAC enforcement, and provenance manifest storage. | Packs Registry Guild (src/PacksRegistry/StellaOps.PacksRegistry)
PACKS-REG-42-001 | TODO | Add version lifecycle (promote/deprecate), tenant allowlists, provenance export, signature rotation, audit logs, and Offline Kit seed support. Dependencies: PACKS-REG-41-001. | Packs Registry Guild (src/PacksRegistry/StellaOps.PacksRegistry)
PACKS-REG-43-001 | TODO | Implement registry mirroring, pack signing policies, attestation integration, and compliance dashboards; integrate with Export Center. Dependencies: PACKS-REG-42-001. | Packs Registry Guild (src/PacksRegistry/StellaOps.PacksRegistry)
Please update the canonical file instead:
- `docs/implplan/SPRINT_0154_0001_0001_packsregistry.md`
Status, execution log, and task details are authoritative in the canonical file; this stub exists to avoid divergent edits in older links.

28
docs/implplan/SPRINT_157_taskrunner_i.md
View File

@@ -1,26 +1,4 @@
# Sprint 157 - Scheduling & Automation · 150.D) TaskRunner.I
# Deprecated Sprint File
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Scheduling & Automation] 150.D) TaskRunner.I
Depends on: Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph
Summary: Scheduling & Automation focus on TaskRunner (phase I).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
TASKRUN-41-001 | TODO | Bootstrap service, define migrations for `pack_runs`, `pack_run_logs`, `pack_artifacts`, implement run API (create/get/log stream), local executor, approvals pause, artifact capture, and provenance manifest generation. | Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-AIRGAP-56-001 | TODO | Enforce plan-time validation rejecting steps with non-allowlisted network calls in sealed mode and surface remediation errors. | Task Runner Guild, AirGap Policy Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-AIRGAP-56-002 | TODO | Add helper steps for bundle ingestion (checksum verification, staging to object store) with deterministic outputs. Dependencies: TASKRUN-AIRGAP-56-001. | Task Runner Guild, AirGap Importer Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-AIRGAP-57-001 | TODO | Refuse to execute plans when environment sealed=false but declared sealed install; emit advisory timeline events. Dependencies: TASKRUN-AIRGAP-56-002. | Task Runner Guild, AirGap Controller Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-AIRGAP-58-001 | TODO | Capture bundle import job transcripts, hashed inputs, and outputs into portable evidence bundles. Dependencies: TASKRUN-AIRGAP-57-001. | Task Runner Guild, Evidence Locker Guild (src/TaskRunner/StellaOps.TaskRunner)
> 2025-11-04: Resumed TASKRUN-42-001 — scoping execution engine upgrades (loops/conditionals/maxParallel), simulation mode, policy gate integration, and deterministic failure recovery.
> 2025-11-04: Worker/WebService wiring in place — execution graph honours `maxParallel`/`continueOnError`, retry windows persisted, and simulation API exposed.
> 2025-11-04: Continuing TASKRUN-42-001 — cleaning persistence anomalies, validating retry metadata, and wiring simulation preview into CLI surface.
> 2025-11-04: CLI command `stella task-runner simulate` wired to the new endpoint with JSON/table output modes.
TASKRUN-OAS-61-001 | TODO | Document Task Runner APIs (pack runs, logs, approvals) in service OAS, including streaming response schemas and examples. | Task Runner Guild, API Contracts Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-OAS-61-002 | TODO | Expose `GET /.well-known/openapi` returning signed spec metadata, build version, and ETag. Dependencies: TASKRUN-OAS-61-001. | Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-OAS-62-001 | TODO | Provide SDK examples for pack run lifecycle; ensure SDKs offer streaming log helpers and paginator wrappers. Dependencies: TASKRUN-OAS-61-002. | Task Runner Guild, SDK Generator Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-OAS-63-001 | TODO | Implement deprecation header support and Sunset handling for legacy pack APIs; emit notifications metadata. Dependencies: TASKRUN-OAS-62-001. | Task Runner Guild, API Governance Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-OBS-50-001 | TODO | Adopt telemetry core in Task Runner host + worker executors, ensuring step execution spans/logs include `trace_id`, `tenant_id`, `run_id`, and scrubbed command transcripts. | Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-OBS-51-001 | TODO | Emit metrics for step latency, retries, queue depth, sandbox resource usage; define SLOs for pack run completion and failure rate; surface burn-rate alerts to collector/Notifier. Dependencies: TASKRUN-OBS-50-001. | Task Runner Guild, DevOps Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-OBS-52-001 | TODO | Produce timeline events for pack runs (`pack.started`, `pack.step.completed`, `pack.failed`) containing evidence pointers and policy gate context. Provide dedupe + retry logic. Dependencies: TASKRUN-OBS-51-001. | Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-OBS-53-001 | TODO | Capture step transcripts, artifact manifests, environment digests, and policy approvals into evidence locker snapshots; ensure redaction + hash chain coverage. Dependencies: TASKRUN-OBS-52-001. | Task Runner Guild, Evidence Locker Guild (src/TaskRunner/StellaOps.TaskRunner)
This sprint was normalized and renamed to `docs/implplan/SPRINT_0157_0001_0001_taskrunner_i.md`.
Please update only the canonical file; this stub remains to prevent divergent edits. (Updated 2025-11-30.)

13
docs/implplan/SPRINT_158_taskrunner_ii.md
View File

@@ -1,12 +1,5 @@
# Sprint 158 - Scheduling & Automation · 150.D) TaskRunner.II
# Redirect Notice · Sprint 158
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
This sprint was normalized and renamed to `docs/implplan/SPRINT_0158_0001_0002_taskrunner_ii.md` (2025-11-19).
[Scheduling & Automation] 150.D) TaskRunner.II
Depends on: Sprint 150.D - TaskRunner.I
Summary: Scheduling & Automation focus on TaskRunner (phase II).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
TASKRUN-OBS-54-001 | TODO | Generate DSSE attestations for pack runs (subjects = produced artifacts) and expose verification API/CLI integration. Store references in timeline events. Dependencies: TASKRUN-OBS-53-001. | Task Runner Guild, Provenance Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-OBS-55-001 | TODO | Implement incident mode escalations (extra telemetry, debug artifact capture, retention bump) and align on automatic activation via SLO breach webhooks. Dependencies: TASKRUN-OBS-54-001. | Task Runner Guild, DevOps Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-TEN-48-001 | TODO | Require tenant/project context for every pack run, set DB/object-store prefixes, block egress when tenant restricted, and propagate context to steps/logs. | Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner)
Please edit the canonical file only. This legacy filename is retained to prevent divergent updates.

25
docs/implplan/SPRINT_164_exportcenter_iii.md
View File

@@ -1,24 +1,3 @@
# Sprint 164 - Export & Evidence · 160.B) ExportCenter.III
# Deprecated alias
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Export & Evidence] 160.B) ExportCenter.III
Depends on: Sprint 160.B - ExportCenter.II
Summary: Export & Evidence focus on ExportCenter (phase III).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
EXPORT-SVC-35-006 | TODO | Expose Export API (profiles, runs, download, SSE updates) with audit logging, concurrency controls, and viewer/operator RBAC integration. Dependencies: EXPORT-SVC-35-005. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-36-001 | TODO | Implement Trivy DB adapter (core) with schema mappings, version flag gating, and validation harness. Dependencies: EXPORT-SVC-35-006. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-36-002 | TODO | Add Trivy Java DB variant with shared manifest entries and adapter regression tests. Dependencies: EXPORT-SVC-36-001. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-36-003 | TODO | Build OCI distribution engine (manifests, descriptors, annotations) with registry auth support and retries. Dependencies: EXPORT-SVC-36-002. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-36-004 | TODO | Extend planner/run lifecycle for distribution targets (OCI/object storage) with idempotent metadata updates and retention timestamps. Dependencies: EXPORT-SVC-36-003. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-37-001 | TODO | Implement mirror delta adapter with base manifest comparison, change set generation, and content-addressed reuse. Dependencies: EXPORT-SVC-36-004. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-37-002 | TODO | Add bundle encryption (age/AES-GCM), key wrapping via KMS, and verification tooling for encrypted outputs. Dependencies: EXPORT-SVC-37-001. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-37-003 | TODO | Implement export scheduling (cron/event), retention pruning, retry idempotency, and failure classification. Dependencies: EXPORT-SVC-37-002. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-37-004 | TODO | Provide verification API to stream manifests/hashes, compute hash+signature checks, and return attest status for CLI/UI. Dependencies: EXPORT-SVC-37-003. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-SVC-43-001 | TODO | Integrate pack run manifests/artifacts into export bundles and CLI verification flows; expose provenance links. Dependencies: EXPORT-SVC-37-004. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
EXPORT-TEN-48-001 | TODO | Prefix artifacts/manifests with tenant/project, enforce scope checks, and prevent cross-tenant exports unless explicitly whitelisted; update provenance. | Exporter Service Guild (src/ExportCenter/StellaOps.ExportCenter)
RISK-BUNDLE-69-001 | TODO | Implement `stella export risk-bundle` job producing tarball with provider datasets, manifests, and DSSE signatures. | Risk Bundle Export Guild, Risk Engine Guild (src/ExportCenter/StellaOps.ExportCenter.RiskBundles)
RISK-BUNDLE-69-002 | TODO | Integrate bundle job into CI/offline kit pipelines with checksum publication. Dependencies: RISK-BUNDLE-69-001. | Risk Bundle Export Guild, DevOps Guild (src/ExportCenter/StellaOps.ExportCenter.RiskBundles)
RISK-BUNDLE-70-001 | TODO | Provide CLI `stella risk bundle verify` command to validate bundles before import. Dependencies: RISK-BUNDLE-69-002. | Risk Bundle Export Guild, CLI Guild (src/ExportCenter/StellaOps.ExportCenter.RiskBundles)
RISK-BUNDLE-70-002 | TODO | Publish `/docs/airgap/risk-bundles.md` detailing build/import/verification workflows. Dependencies: RISK-BUNDLE-70-001. | Risk Bundle Export Guild, Docs Guild (src/ExportCenter/StellaOps.ExportCenter.RiskBundles)
Sprint file was renamed to `SPRINT_0164_0001_0001_exportcenter_iii.md` for template compliance on 2025-11-19. Do not edit this file; update the canonical sprint instead.

13
docs/implplan/SPRINT_313_docs_modules_attestor.md
View File

@@ -1,12 +1,3 @@
# Sprint 313 - Documentation & Process · 200.C) Docs Modules Attestor
# Moved sprint file
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Documentation & Process] 200.C) Docs Modules Attestor
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
Summary: Documentation & Process focus on Docs Modules Attestor).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
ATTESTOR-DOCS-0001 | DONE (2025-11-05) | Validate that `docs/modules/attestor/README.md` matches the latest release notes and attestation samples. | Docs Guild (docs/modules/attestor)
ATTESTOR-OPS-0001 | TODO | Review runbooks/observability assets after the next sprint demo and capture findings inline with sprint notes. | Ops Guild (docs/modules/attestor)
ATTESTOR-ENG-0001 | DONE (2025-11-27) | Cross-check implementation plan milestones against `/docs/implplan/SPRINT_*.md` and update module readiness checkpoints. Added Sprint Readiness Tracker section to `docs/modules/attestor/implementation_plan.md` mapping 6 phases to 15+ sprint tasks with status and blocking items. | Module Team (docs/modules/attestor)
This sprint has been renamed to `SPRINT_0313_0001_0001_docs_modules_attestor.md` to comply with the standard template. Update any bookmarks accordingly.

13
docs/implplan/SPRINT_314_docs_modules_authority.md
View File

@@ -1,12 +1,3 @@
# Sprint 314 - Documentation & Process · 200.D) Docs Modules Authority
# Moved sprint file
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Documentation & Process] 200.D) Docs Modules Authority
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
Summary: Documentation & Process focus on Docs Modules Authority).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
AUTHORITY-DOCS-0001 | TODO | See ./AGENTS.md | Docs Guild (docs/modules/authority)
AUTHORITY-ENG-0001 | DONE (2025-11-27) | Update status via ./AGENTS.md workflow. Added Sprint Readiness Tracker to `docs/modules/authority/implementation_plan.md` mapping 4 epics to 10+ tasks across Sprints 100, 115, 143, 186, 401, 514. | Module Team (docs/modules/authority)
AUTHORITY-OPS-0001 | TODO | Sync outcomes back to ../.. | Ops Guild (docs/modules/authority)
This sprint has been renamed to `SPRINT_0314_0001_0001_docs_modules_authority.md` to comply with the standard template. Update any bookmarks accordingly.

14
docs/implplan/SPRINT_322_docs_modules_notify.md
View File

@@ -8,7 +8,15 @@ Summary: Documentation & Process focus on Docs Modules Notify).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
NOTIFY-DOCS-0001 | DONE (2025-11-05) | Validate that notifier module README reflects the Notifications Studio pivot and references the latest release notes. | Docs Guild (docs/modules/notify)
NOTIFY-OPS-0001 | TODO | Review notifier runbooks/observability assets after the next sprint demo and record findings. | Ops Guild (docs/modules/notify)
NOTIFY-OPS-0001 | BLOCKED (2025-11-30) | Await next notifier demo outputs to validate runbooks/observability; placeholder stub added. | Ops Guild (docs/modules/notify)
NOTIFY-ENG-0001 | DONE (2025-11-27) | Keep implementation milestones aligned with `/docs/implplan/SPRINT_171_notifier_i.md` onward. Added Sprint Readiness Tracker to `docs/modules/notify/implementation_plan.md` mapping 5 phases to 30+ sprint tasks across Sprints 0171, 0172, 0173. | Module Team (docs/modules/notify)
NOTIFY-DOCS-0002 | TODO (2025-11-05) | Pending NOTIFY-SVC-39-001..004 to document correlation/digests/simulation/quiet hours | Docs Guild (docs/modules/notify)
NOTIFY-OPS-0001 | TODO | Sync outcomes back to ../.. | Ops Guild (docs/modules/notify)
NOTIFY-DOCS-0002 | BLOCKED (2025-11-30) | Pending NOTIFY-SVC-39-001..004 to document correlation/digests/simulation/quiet hours. | Docs Guild (docs/modules/notify)
NOTIFY-OPS-0001 | BLOCKED (2025-11-30) | Mirror of Delivery Tracker; waiting on demo outputs. | Ops Guild (docs/modules/notify)
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-05 | Completed NOTIFY-DOCS-0001; README refreshed for Notifications Studio pivot + release notes. | Docs Guild |
| 2025-11-27 | Added sprint readiness tracker for notifier phases in implementation plan; marked NOTIFY-ENG-0001 DONE. | Module Team |
| 2025-11-30 | Added observability runbook stub + Grafana placeholder; set NOTIFY-OPS-0001 BLOCKED pending next demo outputs. | Ops Guild |
| 2025-11-30 | Set NOTIFY-DOCS-0002 BLOCKED pending NOTIFY-SVC-39-001..004 correlation/digests/simulation/quiet hours evidence. | Docs Guild |

15
docs/implplan/SPRINT_330_docs_modules_telemetry.md
View File

@@ -1,14 +1,3 @@
# Sprint 330 - Documentation & Process · 200.T) Docs Modules Telemetry
# Moved sprint file
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Documentation & Process] 200.T) Docs Modules Telemetry
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
Summary: Documentation & Process focus on Docs Modules Telemetry).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
TELEMETRY-DOCS-0001 | TODO | Validate that telemetry module docs reflect the new storage stack and isolation rules. | Docs Guild (docs/modules/telemetry)
TELEMETRY-OPS-0001 | TODO | Review telemetry runbooks/observability dashboards post-demo. | Ops Guild (docs/modules/telemetry)
TELEMETRY-ENG-0001 | TODO | Ensure milestones stay in sync with telemetry sprints in `docs/implplan`. | Module Team (docs/modules/telemetry)
TELEMETRY-ENG-0001 | TODO | Update status via ./AGENTS.md workflow | Module Team (docs/modules/telemetry)
TELEMETRY-OPS-0001 | TODO | Sync outcomes back to ../.. | Ops Guild (docs/modules/telemetry)
This sprint has been renamed to `SPRINT_0330_0001_0001_docs_modules_telemetry.md` to comply with the standard template. Update any links accordingly.

13
docs/implplan/SPRINT_331_docs_modules_ui.md
View File

@@ -1,12 +1,3 @@
# Sprint 331 - Documentation & Process · 200.U) Docs Modules Ui
# Moved sprint file
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Documentation & Process] 200.U) Docs Modules Ui
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
Summary: Documentation & Process focus on Docs Modules Ui).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
CONSOLE UI-DOCS-0001 | TODO | See ./AGENTS.md | Docs Guild (docs/modules/ui)
CONSOLE UI-ENG-0001 | TODO | Update status via ./AGENTS.md workflow | Module Team (docs/modules/ui)
CONSOLE UI-OPS-0001 | TODO | Sync outcomes back to ../.. | Ops Guild (docs/modules/ui)
This sprint has been renamed to `SPRINT_0331_0001_0001_docs_modules_ui.md` to meet the standard template. Update any links accordingly.

16
docs/implplan/SPRINT_332_docs_modules_vex_lens.md
View File

@@ -1,15 +1,3 @@
# Sprint 332 - Documentation & Process · 200.V) Docs Modules Vex Lens
# Moved sprint file
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Documentation & Process] 200.V) Docs Modules Vex Lens
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
Summary: Documentation & Process focus on Docs Modules Vex Lens).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
VEX-CONSENSUS-LENS-DOCS-0001 | TODO | Refresh VEX Lens module docs with consensus workflow guidance and recent release links. | Docs Guild (docs/modules/vex-lens)
VEX-LENS-OPS-0001 | TODO | Review VEX Lens runbooks/observability assets post-demo. | Ops Guild (docs/modules/vex-lens)
VEX-LENS-ENG-0001 | TODO | Keep module milestones synchronized with VEX Lens sprints listed under `/docs/implplan`. | Module Team (docs/modules/vex-lens)
VEX-CONSENSUS-LENS-DOCS-0002 | TODO (2025-11-05) | Pending DOCS-VEX-30-001..004 to add consensus doc cross-links | Docs Guild (docs/modules/vex-lens)
VEX-CONSENSUS-LENS-ENG-0001 | TODO | Sync into ../.. | Module Team (docs/modules/vex-lens)
VEX-CONSENSUS-LENS-OPS-0001 | TODO | Document outputs in ./README.md | Ops Guild (docs/modules/vex-lens)
This sprint has been renamed to `SPRINT_0332_0001_0001_docs_modules_vex_lens.md` for template compliance. Please update bookmarks accordingly.

16
docs/implplan/SPRINT_333_docs_modules_excititor.md
View File

@@ -1,15 +1,3 @@
# Sprint 333 - Documentation & Process · 200.W) Docs Modules Excititor
# Moved sprint file
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Documentation & Process] 200.W) Docs Modules Excititor
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
Summary: Documentation & Process focus on Docs Modules Excititor).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
EXCITOR-DOCS-0001 | DONE (2025-11-07) | Validate that `docs/modules/excitor/README.md` matches the latest release notes and consensus beta notes. | Docs Guild (docs/modules/excitor)
EXCITOR-OPS-0001 | DONE (2025-11-07) | Review runbooks/observability assets, adding the checklist captured in `docs/modules/excitor/mirrors.md`. | Ops Guild (docs/modules/excitor)
EXCITOR-ENG-0001 | DONE (2025-11-07) | Ensure the implementation plan sprint alignment table stays current with `SPRINT_200` updates. | Module Team (docs/modules/excitor)
EXCITITOR-DOCS-0001 | BLOCKED (2025-11-19) | Waiting on Excititor chunk API CI validation + console contracts; cannot finalize docs until tests pass and OpenAPI frozen. | Docs Guild (docs/modules/excititor)
EXCITITOR-ENG-0001 | TODO | Update status via ./AGENTS.md workflow | Module Team (docs/modules/excititor)
EXCITITOR-OPS-0001 | TODO | Sync outcomes back to ../.. | Ops Guild (docs/modules/excititor)
This sprint has been renamed to `SPRINT_0333_0001_0001_docs_modules_excititor.md` to comply with the standard template. Update any links accordingly.

15
docs/implplan/SPRINT_334_docs_modules_vuln_explorer.md
View File

@@ -1,14 +1,3 @@
# Sprint 334 - Documentation & Process · 200.X) Docs Modules Vuln Explorer
# Moved sprint file
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Documentation & Process] 200.X) Docs Modules Vuln Explorer
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
Summary: Documentation & Process focus on Docs Modules Vuln Explorer).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
VULNERABILITY-EXPLORER-DOCS-0001 | TODO | Validate Vuln Explorer module docs against latest roadmap/releases and add evidence links. | Docs Guild (docs/modules/vuln-explorer)
VULNERABILITY-EXPLORER-OPS-0001 | TODO | Review runbooks/observability assets after next demo. | Ops Guild (docs/modules/vuln-explorer)
VULNERABILITY-EXPLORER-ENG-0001 | TODO | Keep sprint alignment notes in sync with Vuln Explorer sprints. | Module Team (docs/modules/vuln-explorer)
VULNERABILITY-EXPLORER-ENG-0001 | TODO | Sync into ../.. | Module Team (docs/modules/vuln-explorer)
VULNERABILITY-EXPLORER-OPS-0001 | TODO | Document outputs in ./README.md | Ops Guild (docs/modules/vuln-explorer)
This sprint has been renamed to `SPRINT_0334_0001_0001_docs_modules_vuln_explorer.md` to align with the standard naming template. Please update any bookmarks accordingly.

13
docs/implplan/SPRINT_335_docs_modules_zastava.md
View File

@@ -1,12 +1,3 @@
# Sprint 335 - Documentation & Process · 200.Y) Docs Modules Zastava
# Moved sprint file
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Documentation & Process] 200.Y) Docs Modules Zastava
Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph, Sprint 150.A - Orchestrator, Sprint 160.A - EvidenceLocker, Sprint 170.A - Notifier, Sprint 180.A - Cli, Sprint 190.A - Ops Deployment
Summary: Documentation & Process focus on Docs Modules Zastava).
Task ID | State | Task description | Owners (Source)
--- | --- | --- | ---
ZASTAVA-DOCS-0001 | TODO | See ./AGENTS.md | Docs Guild (docs/modules/zastava)
ZASTAVA-ENG-0001 | TODO | Update status via ./AGENTS.md workflow | Module Team (docs/modules/zastava)
ZASTAVA-OPS-0001 | TODO | Sync outcomes back to ../.. | Ops Guild (docs/modules/zastava)
This sprint has been renamed to `SPRINT_0335_0001_0001_docs_modules_zastava.md` to align with the standard template. Please update any bookmarks accordingly.

9
docs/implplan/SPRINT_503_ops_devops_i.md
View File

@@ -25,9 +25,9 @@ Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - A
| DEVOPS-AIAI-31-001 | TODO | Stand up CI pipelines, inference monitoring, privacy logging review, and perf dashboards for Advisory AI (summaries/conflicts/remediation). | DevOps Guild, Advisory AI Guild (ops/devops) |
| DEVOPS-AIAI-31-002 | BLOCKED (2025-11-23) | Package advisory feeds (SBOM pointers + provenance) for release/offline kit; publish once CLI/Policy digests and SBOM feeds arrive. | DevOps Guild, Advisory AI Release (ops/devops) |
| DEVOPS-SPANSINK-31-003 | TODO | Deploy span sink/Signals pipeline for Excititor evidence APIs (31-003) and publish dashboards; unblock traces for `/v1/vex/observations/**`. | DevOps Guild · Observability Guild (ops/devops) |
| DEVOPS-AIRGAP-56-001 | TODO | Ship deny-all egress policies for Kubernetes (NetworkPolicy/eBPF) and docker-compose firewall rules; provide verification script for sealed mode. | DevOps Guild (ops/devops) |
| DEVOPS-AIRGAP-56-002 | TODO | Provide import tooling for bundle staging: checksum validation, offline object-store loader scripts, removable media guidance. Dependencies: DEVOPS-AIRGAP-56-001. | DevOps Guild, AirGap Importer Guild (ops/devops) |
| DEVOPS-AIRGAP-56-003 | TODO | Build Bootstrap Pack pipeline bundling images/charts, generating checksums, and publishing manifest for offline transfer. Dependencies: DEVOPS-AIRGAP-56-002. | DevOps Guild, Container Distribution Guild (ops/devops) |
| DEVOPS-AIRGAP-56-001 | DONE (2025-11-30) | Ship deny-all egress policies for Kubernetes (NetworkPolicy/eBPF) and docker-compose firewall rules; provide verification script for sealed mode. | DevOps Guild (ops/devops) |
| DEVOPS-AIRGAP-56-002 | DONE (2025-11-30) | Provide import tooling for bundle staging: checksum validation, offline object-store loader scripts, removable media guidance. Dependencies: DEVOPS-AIRGAP-56-001. | DevOps Guild, AirGap Importer Guild (ops/devops) |
| DEVOPS-AIRGAP-56-003 | DONE (2025-11-30) | Build Bootstrap Pack pipeline bundling images/charts, generating checksums, and publishing manifest for offline transfer. Dependencies: DEVOPS-AIRGAP-56-002. | DevOps Guild, Container Distribution Guild (ops/devops) |
| DEVOPS-AIRGAP-57-001 | TODO | Automate Mirror Bundle creation jobs with dual-control approvals, artifact signing, and checksum publication. Dependencies: DEVOPS-AIRGAP-56-003. | DevOps Guild, Mirror Creator Guild (ops/devops) |
| DEVOPS-AIRGAP-57-002 | BLOCKED (2025-11-18) | Waiting on upstream DEVOPS-AIRGAP-57-001 (mirror bundle automation) to provide artifacts/endpoints for sealed-mode CI; no sealed fixtures available to exercise tests. | DevOps Guild, Authority Guild (ops/devops) |
| DEVOPS-AIRGAP-58-001 | TODO | Provide local SMTP/syslog container templates and health checks for sealed environments; integrate into Bootstrap Pack. Dependencies: DEVOPS-AIRGAP-57-002. | DevOps Guild, Notifications Guild (ops/devops) |
@@ -54,6 +54,9 @@ Depends on: Sprint 100.A - Attestor, Sprint 110.A - AdvisoryAI, Sprint 120.A - A
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Completed DEVOPS-AIRGAP-56-003: added Bootstrap Pack builder scripts (`build_bootstrap_pack.py`, `build_bootstrap_pack.sh`) producing manifest and checksums for images/charts/extras; docs updated in `ops/devops/airgap/README.md`. | DevOps |
| 2025-11-30 | Completed DEVOPS-AIRGAP-56-002: added bundle staging/import tooling (`bundle_stage_import.py`, `stage-bundle.sh`, README) under `ops/devops/airgap/` with checksum validation and evidence report output. | DevOps |
| 2025-11-30 | Completed DEVOPS-AIRGAP-56-001: added K8s deny-all egress NetworkPolicy, compose DOCKER-USER guard script, and verification harness for Docker/Kubernetes under `ops/devops/airgap/`. | DevOps |
| 2025-11-25 | Delivered Concelier CI runner harness (`ops/devops/concelier-ci-runner/run-concelier-ci.sh`) with warmed NuGet cache + TRX/binlogs; artefacts land under `ops/devops/artifacts/concelier-ci/<ts>`. | DevOps |
| 2025-11-25 | Local execution of the runner still hits MSBuild worker shutdown on this host (MSB4242); script is ready, but a clean CI agent should be used to produce TRX/binlogs. | DevOps |
| 2025-11-23 | Normalised sprint toward template (sections added); added DEVOPS-CONCELIER-CI-24-101, DEVOPS-SCANNER-CI-11-001, DEVOPS-SBOM-23-001 to absorb CI/restore blockers from module sprints. | Project Mgmt |

4
docs/implplan/archived/all-tasks.md
View File

@@ -1046,7 +1046,7 @@ Consolidated task ledger for everything under `docs/implplan/archived/` (sprints
| docs/implplan/archived/updates/tasks.md | Sprint 41 — CLI Parity & Task Packs Phase 1 | CLI-PARITY-41-001 | TODO | Deliver parity command groups (`policy`, `sbom`, `vuln`, `vex`, `advisory`, `export`, `orchestrator`) with JSON/table outputs and `--explain`. | DevEx/CLI Guild | Path: src/Cli/StellaOps.Cli | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 41 — CLI Parity & Task Packs Phase 1 | CLI-PARITY-41-002 | TODO | Implement `notify`, `aoc`, `auth` command groups, idempotency keys, completions, and parity matrix export. | DevEx/CLI Guild | Path: src/Cli/StellaOps.Cli | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 41 — CLI Parity & Task Packs Phase 1 | ORCH-SVC-41-101 | TODO | Register `pack-run` job type, integrate logs/artifacts, expose pack run metadata. | Orchestrator Service Guild | Path: src/Orchestrator/StellaOps.Orchestrator | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 41 — CLI Parity & Task Packs Phase 1 | PACKS-REG-41-001 | TODO | Implement packs index API, signature verification, provenance storage, and RBAC. | Packs Registry Guild | Path: src/PacksRegistry/StellaOps.PacksRegistry | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 41 — CLI Parity & Task Packs Phase 1 | PACKS-REG-41-001 | DONE (2025-11-25) | Implement packs index API, signature verification, provenance storage, and RBAC. | Packs Registry Guild | Path: src/PacksRegistry/StellaOps.PacksRegistry | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 41 — CLI Parity & Task Packs Phase 1 | TASKRUN-41-001 | TODO | Bootstrap Task Runner service, migrations, run API, local executor, approvals pause, artifact capture. | Task Runner Guild | Path: src/TaskRunner/StellaOps.TaskRunner | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | DOCS-CLI-42-001 | TODO | Publish `/docs/modules/cli/guides/parity-matrix.md`, `/cli/commands/*.md`, `/docs/task-packs/spec.md` (imposed rule). | Docs Guild | Path: docs | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | DEVOPS-CLI-42-001 | TODO | Add CLI golden output tests, parity diff automation, and pack run CI harness. | DevOps Guild | Path: ops/devops | 2025-10-19 |
@@ -1054,7 +1054,7 @@ Consolidated task ledger for everything under `docs/implplan/archived/` (sprints
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | CLI-PARITY-41-001..002 | TODO | Close parity gaps for Notifications, Policy Studio advanced features, SBOM graph, Vuln Explorer; parity matrix green. | DevEx/CLI Guild | Path: src/Cli/StellaOps.Cli | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | LEDGER-PACKS-42-001 | TODO | Expose snapshot/time-travel APIs for CLI offline mode and pack simulation. | Findings Ledger Guild | Path: src/Findings/StellaOps.Findings.Ledger | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | ORCH-SVC-42-101 | TODO | Stream pack run logs via SSE/WS, expose artifact manifests, enforce pack run quotas. | Orchestrator Service Guild | Path: src/Orchestrator/StellaOps.Orchestrator | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | PACKS-REG-42-001 | TODO | Support pack version lifecycle, tenant allowlists, provenance export, signature rotation. | Packs Registry Guild | Path: src/PacksRegistry/StellaOps.PacksRegistry | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | PACKS-REG-42-001 | DONE (2025-11-25) | Support pack version lifecycle, tenant allowlists, provenance export, signature rotation. | Packs Registry Guild | Path: src/PacksRegistry/StellaOps.PacksRegistry | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | POLICY-ENGINE-42-201 | TODO | Provide stable rationale IDs/APIs for CLI `--explain` and pack policy gates. | Policy Guild | Path: src/Policy/StellaOps.Policy.Engine | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 42 — CLI Parity & Task Packs Phase 2 | TASKRUN-42-001 | TODO | Add loops, conditionals, `maxParallel`, outputs, simulation mode, policy gates in Task Runner. | Task Runner Guild | Path: src/TaskRunner/StellaOps.TaskRunner | 2025-10-19 |
| docs/implplan/archived/updates/tasks.md | Sprint 43 — CLI Parity & Task Packs Phase 3 | DOCS-PACKS-43-001 | TODO | Publish `/docs/task-packs/authoring-guide.md`, `/registry.md`, `/runbook.md`, `/security/pack-signing-and-rbac.md`, `/operations/cli-release-and-packaging.md` (imposed rule). | Docs Guild | Path: docs | 2025-10-19 |

6
docs/implplan/archived/updates/tasks.md
View File

@@ -1083,7 +1083,7 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
| Sprint 41 | CLI Parity & Task Packs Phase 1 | src/Cli/StellaOps.Cli | TODO | DevEx/CLI Guild | CLI-PARITY-41-001 | Deliver parity command groups (`policy`, `sbom`, `vuln`, `vex`, `advisory`, `export`, `orchestrator`) with JSON/table outputs and `--explain`. |
| Sprint 41 | CLI Parity & Task Packs Phase 1 | src/Cli/StellaOps.Cli | TODO | DevEx/CLI Guild | CLI-PARITY-41-002 | Implement `notify`, `aoc`, `auth` command groups, idempotency keys, completions, and parity matrix export. |
| Sprint 41 | CLI Parity & Task Packs Phase 1 | src/Orchestrator/StellaOps.Orchestrator | TODO | Orchestrator Service Guild | ORCH-SVC-41-101 | Register `pack-run` job type, integrate logs/artifacts, expose pack run metadata. |
| Sprint 41 | CLI Parity & Task Packs Phase 1 | src/PacksRegistry/StellaOps.PacksRegistry | TODO | Packs Registry Guild | PACKS-REG-41-001 | Implement packs index API, signature verification, provenance storage, and RBAC. |
| Sprint 41 | CLI Parity & Task Packs Phase 1 | src/PacksRegistry/StellaOps.PacksRegistry | DONE (2025-11-25) | Packs Registry Guild | PACKS-REG-41-001 | Implement packs index API, signature verification, provenance storage, and RBAC. |
| Sprint 41 | CLI Parity & Task Packs Phase 1 | src/TaskRunner/StellaOps.TaskRunner | TODO | Task Runner Guild | TASKRUN-41-001 | Bootstrap Task Runner service, migrations, run API, local executor, approvals pause, artifact capture. |
| Sprint 42 | CLI Parity & Task Packs Phase 2 | docs | TODO | Docs Guild | DOCS-CLI-42-001 | Publish `/docs/modules/cli/guides/parity-matrix.md`, `/cli/commands/*.md`, `/docs/task-packs/spec.md` (imposed rule). |
| Sprint 42 | CLI Parity & Task Packs Phase 2 | ops/devops | TODO | DevOps Guild | DEVOPS-CLI-42-001 | Add CLI golden output tests, parity diff automation, and pack run CI harness. |
@@ -1091,7 +1091,7 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
| Sprint 42 | CLI Parity & Task Packs Phase 2 | src/Cli/StellaOps.Cli | TODO | DevEx/CLI Guild | CLI-PARITY-41-001..002 | Close parity gaps for Notifications, Policy Studio advanced features, SBOM graph, Vuln Explorer; parity matrix green. |
| Sprint 42 | CLI Parity & Task Packs Phase 2 | src/Findings/StellaOps.Findings.Ledger | TODO | Findings Ledger Guild | LEDGER-PACKS-42-001 | Expose snapshot/time-travel APIs for CLI offline mode and pack simulation. |
| Sprint 42 | CLI Parity & Task Packs Phase 2 | src/Orchestrator/StellaOps.Orchestrator | TODO | Orchestrator Service Guild | ORCH-SVC-42-101 | Stream pack run logs via SSE/WS, expose artifact manifests, enforce pack run quotas. |
| Sprint 42 | CLI Parity & Task Packs Phase 2 | src/PacksRegistry/StellaOps.PacksRegistry | TODO | Packs Registry Guild | PACKS-REG-42-001 | Support pack version lifecycle, tenant allowlists, provenance export, signature rotation. |
| Sprint 42 | CLI Parity & Task Packs Phase 2 | src/PacksRegistry/StellaOps.PacksRegistry | DONE (2025-11-25) | Packs Registry Guild | PACKS-REG-42-001 | Support pack version lifecycle, tenant allowlists, provenance export, signature rotation. |
| Sprint 42 | CLI Parity & Task Packs Phase 2 | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-ENGINE-42-201 | Provide stable rationale IDs/APIs for CLI `--explain` and pack policy gates. |
| Sprint 42 | CLI Parity & Task Packs Phase 2 | src/TaskRunner/StellaOps.TaskRunner | TODO | Task Runner Guild | TASKRUN-42-001 | Add loops, conditionals, `maxParallel`, outputs, simulation mode, policy gates in Task Runner. |
| Sprint 43 | CLI Parity & Task Packs Phase 3 | docs | TODO | Docs Guild | DOCS-PACKS-43-001 | Publish `/docs/task-packs/authoring-guide.md`, `/registry.md`, `/runbook.md`, `/security/pack-signing-and-rbac.md`, `/operations/cli-release-and-packaging.md` (imposed rule). |
@@ -1099,7 +1099,7 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
| Sprint 43 | CLI Parity & Task Packs Phase 3 | src/Authority/StellaOps.Authority | TODO | Authority Core & Security Guild | AUTH-PACKS-41-001 | Enforce pack signing policies, approval RBAC, CLI token scopes for CI headless runs. |
| Sprint 43 | CLI Parity & Task Packs Phase 3 | src/Cli/StellaOps.Cli | TODO | DevEx/CLI Guild | CLI-PACKS-42-001 | Deliver advanced pack features (approvals pause/resume, remote streaming, secret injection), localization, man pages. |
| Sprint 43 | CLI Parity & Task Packs Phase 3 | src/ExportCenter/StellaOps.ExportCenter | TODO | Exporter Service Guild | EXPORT-SVC-35-005, PACKS-REG-41-001 | Integrate pack run manifests into export bundles and CLI verify flows. |
| Sprint 43 | CLI Parity & Task Packs Phase 3 | src/PacksRegistry/StellaOps.PacksRegistry | TODO | Packs Registry Guild | PACKS-REG-42-001 | Enforce pack signing policies, audit trails, registry mirroring, Offline Kit support. |
| Sprint 43 | CLI Parity & Task Packs Phase 3 | src/PacksRegistry/StellaOps.PacksRegistry | DONE (2025-11-25) | Packs Registry Guild | PACKS-REG-42-001 | Enforce pack signing policies, audit trails, registry mirroring, Offline Kit support. |
| Sprint 43 | CLI Parity & Task Packs Phase 3 | src/TaskRunner/StellaOps.TaskRunner | TODO | Task Runner Guild | TASKRUN-42-001 | Implement approvals workflow, notifications integration, remote artifact uploads, chaos resilience. |
| Sprint 44 | Containerized Distribution Phase 1 | docs | TODO | Docs Guild | DOCS-INSTALL-44-001 | Publish install overview + Compose Quickstart docs (imposed rule). |
| Sprint 44 | Containerized Distribution Phase 1 | ops/deployment | TODO | Deployment Guild | COMPOSE-44-001 | Deliver Quickstart Compose stack with seed data and quickstart script. |

7
docs/implplan/blocked_tree.md
View File

@@ -1,4 +1,4 @@
# Blocked Task Dependency Tree (as of 2025-11-25)
# Blocked Task Dependency Tree (as of 2025-11-30)
- Concelier ingestion & Link-Not-Merge
- MIRROR-CRT-56-001 (DONE; thin bundle v1 sample + hashes published)
@@ -29,7 +29,10 @@
- VEX Lens chain (Sprint 0129)
- VEXLENS-30-001 blocked: normalization schema, issuer directory inputs, and API governance guidance not published.
- TaskRunner chain (Sprint 0157)
- TASKRUN-41-001 blocked: TaskRunner architecture/API contract and upstream Sprint 120/130/140 inputs not published; downstream airgap/OAS/OBS tasks inherit the block.
- TASKRUN-41-001 DONE (2025-11-30): contract implemented (run API, storage indexes, approvals, provenance manifest). Downstream airgap/OAS/OBS tasks now wait only on control-flow/policy spec addendum.
- TASKRUN-OBS-54-001 BLOCKED (2025-11-30): waiting on TASKRUN-OBS-53-001 timeline/attestation schema from Sprint 0157.
- TASKRUN-OBS-55-001 BLOCKED (2025-11-30): depends on 54-001.
- TASKRUN-TEN-48-001 BLOCKED (2025-11-30): tenancy policy/RLS-egress contract not yet published; also waits for Sprint 0157 close-out.
- CONCELIER-VULN-29-004 <- CONCELIER-VULN-29-001
- CONCELIER-ORCH-32-001 (needs CI/clean runner) -> 32-002 -> 33-001 -> 34-001
- CONCELIER mirror/export chain

68
docs/implplan/tasks-all.md
View File

@@ -52,7 +52,7 @@
| 34-101 | DONE | 2025-11-22 | SPRINT_0120_0000_0001_policy_reasoning | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | 29-009 | LEDGER-29-009 | PLLG0104 |
| 401-004 | BLOCKED | 2025-11-25 | SPRINT_0401_0001_0001_reachability_evidence_chain | Replay Core Guild | `src/__Libraries/StellaOps.Replay.Core` | Signals facts stable (SGSI0101) | Blocked: awaiting SGSI0101 runtime facts + CAS policy from GAP-REP-004 | RPRC0101 |
| BENCH-DETERMINISM-401-057 | DONE (2025-11-27) | 2025-11-27 | SPRINT_0512_0001_0001_bench | Bench Guild · Signals Guild · Policy Guild | src/Bench/StellaOps.Bench/Determinism | Determinism harness + mock scanner; manifests/results generated; CI workflow `bench-determinism` enforces threshold; defaults to 10 runs; supports frozen feed manifests via DET_EXTRA_INPUTS; offline runner available. | Feed-freeze hash + SBOM/VEX bundle list (SPRINT_0401) | |
| 41-001 | BLOCKED | 2025-11-25 | SPRINT_157_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | — | Awaiting TaskRunner architecture/API contract; upstream Sprint 120/130/140 inputs | ORTR0101 |
| 41-001 | DONE (2025-11-30) | 2025-11-30 | SPRINT_157_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | — | Contract implemented per `docs/modules/taskrunner/architecture.md`; run API/storage/provenance ready. | ORTR0101 |
| 44-001 | BLOCKED | 2025-11-25 | SPRINT_501_ops_deployment_i | Deployment Guild · DevEx Guild (ops/deployment) | ops/deployment | — | Waiting on consolidated service list/version pins from upstream module releases (mirrors Compose-44-001 block) | DVDO0103 |
| 44-002 | BLOCKED | 2025-11-25 | SPRINT_501_ops_deployment_i | Deployment Guild (ops/deployment) | ops/deployment | 44-001 | Blocked until 44-001 unblocks | DVDO0103 |
| 44-003 | BLOCKED | 2025-11-25 | SPRINT_501_ops_deployment_i | Deployment Guild · Docs Guild (ops/deployment) | ops/deployment | 44-002 | Blocked until 44-002 unblocks | DVDO0103 |
@@ -1321,9 +1321,9 @@
| PACKS-42-001 | TODO | | SPRINT_0121_0001_0001_policy_reasoning | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Provide snapshot/time-travel APIs and digestable exports for Task Pack simulation + CLI offline mode. | PLLG0103 | PKLD0101 |
| PACKS-43-001 | DONE | 2025-11-09 | SPRINT_100_identity_signing | Packs Guild · Authority Guild | src/Authority/StellaOps.Authority | Finalized Pack release 43 (signing, release notes, artefacts). | AUTH-PACKS-41-001; TASKRUN-42-001; ORCH-SVC-42-101 | PACK0101 |
| PACKS-43-002 | TODO | | SPRINT_508_ops_offline_kit | Offline Kit Guild, Packs Registry Guild (ops/offline-kit) | ops/offline-kit | Bundle packs registry artifacts, runbooks, and verification docs into Offline Kit release 43. | OFFLINE-37-001 | OFFK0101 |
| PACKS-REG-41-001 | TODO | | SPRINT_154_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Implement registry API/storage, version lifecycle, provenance export. | ORCH-SVC-42-101 | PKRG0101 |
| PACKS-REG-42-001 | TODO | | SPRINT_154_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Add tenant allowlists, signature rotation, audit logs, Offline Kit seed support. | PACKS-REG-41-001 | PKRG0101 |
| PACKS-REG-43-001 | TODO | | SPRINT_154_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Implement mirroring, pack signing policies, compliance dashboards, Export Center integration. | PACKS-REG-42-001 | PKRG0101 |
| PACKS-REG-41-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0154_0001_0001_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Implement registry API/storage, version lifecycle, provenance export. | ORCH-SVC-42-101 | PKRG0101 |
| PACKS-REG-42-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0154_0001_0001_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Add tenant allowlists, signature rotation, audit logs, Offline Kit seed support. | PACKS-REG-41-001 | PKRG0101 |
| PACKS-REG-43-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0154_0001_0001_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Implement mirroring, pack signing policies, compliance dashboards, Export Center integration. | PACKS-REG-42-001 | PKRG0101 |
| PARITY-41-001 | TODO | | SPRINT_203_cli_iii | DevEx/CLI Guild | src/Cli/StellaOps.Cli | Ensure CLI HTTP client propagates `traceparent` headers for all commands, prints correlation IDs on failure, and records trace IDs in verbose logs. | NOWB0101 | CLPR0101 |
| PARITY-41-002 | TODO | | SPRINT_203_cli_iii | DevEx/CLI Guild | src/Cli/StellaOps.Cli | Add parity tests ensuring CLI outputs match notifier/web error formats and capture verification docs. | PARITY-41-001 | CLPR0101 |
| PLATFORM-DOCS-0001 | TODO | | SPRINT_324_docs_modules_platform | Docs Guild | docs/modules/platform | Refresh architecture/gov doc per new sprint planning rules. | execution-waves.md | DOPF0101 |
@@ -1933,23 +1933,23 @@
| SYMS-CLIENT-401-012 | TODO | | SPRINT_0401_0001_0001_reachability_evidence_chain | Symbols Guild · Scanner Guild | `src/Symbols/StellaOps.Symbols.Client`, `src/Scanner/StellaOps.Scanner.Symbolizer` | Ship `StellaOps.Symbols.Client` SDK (resolve/upload APIs, platform key derivation for ELF/PDB/Mach-O/JVM/Node, disk LRU cache) and integrate with Scanner.Symbolizer/runtime probes (ref. `docs/specs/SYMBOL_MANIFEST_v1.md`). | Depends on #3 | RBSY0101 |
| SYMS-INGEST-401-013 | TODO | | SPRINT_0401_0001_0001_reachability_evidence_chain | Symbols Guild · DevOps Guild | `src/Symbols/StellaOps.Symbols.Ingestor.Cli`, `docs/specs/SYMBOL_MANIFEST_v1.md` | Build `symbols ingest` CLI to emit DSSE-signed `SymbolManifest v1`, upload blobs, and register Rekor entries; document GitLab/Gitea pipeline usage. | Needs manifest updates from #1 | RBSY0101 |
| SYMS-SERVER-401-011 | TODO | | SPRINT_0401_0001_0001_reachability_evidence_chain | Symbols Guild | `src/Symbols/StellaOps.Symbols.Server` | Deliver `StellaOps.Symbols.Server` (REST+gRPC) with DSSE-verified uploads, Mongo/MinIO storage, tenant isolation, and deterministic debugId indexing; publish health/manifest APIs (spec: `docs/specs/SYMBOL_MANIFEST_v1.md`). | Depends on #5 | RBSY0101 |
| TASKRUN-41-001 | BLOCKED | 2025-11-25 | SPRINT_0157_0001_0002_taskrunner_blockers | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Bootstrap service, define migrations for `pack_runs`, `pack_run_logs`, `pack_artifacts`, implement run API (create/get/log stream), local executor, approvals pause, artifact capture, and provenance manifest generation. | Missing TaskRunner architecture/API contracts; needs Sprint 120/130/140 inputs | ORTR0101 |
| TASKRUN-AIRGAP-56-001 | TODO | | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · AirGap Policy Guild | src/TaskRunner/StellaOps.TaskRunner | Enforce plan-time validation rejecting steps with non-allowlisted network calls in sealed mode and surface remediation errors. | TASKRUN-41-001 | ORTR0101 |
| TASKRUN-AIRGAP-56-002 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · AirGap Importer Guild | src/TaskRunner/StellaOps.TaskRunner | Add helper steps for bundle ingestion (checksum verification, staging to object store) with deterministic outputs. Dependencies: TASKRUN-AIRGAP-56-001. | TASKRUN-AIRGAP-56-001 | ORTR0101 |
| TASKRUN-AIRGAP-57-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · AirGap Controller Guild | src/TaskRunner/StellaOps.TaskRunner | Refuse to execute plans when environment sealed=false but declared sealed install; emit advisory timeline events. Dependencies: TASKRUN-AIRGAP-56-002. | TASKRUN-AIRGAP-56-002 | ORTR0101 |
| TASKRUN-AIRGAP-58-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · Evidence Locker Guild | src/TaskRunner/StellaOps.TaskRunner | Capture bundle import job transcripts, hashed inputs, and outputs into portable evidence bundles. Dependencies: TASKRUN-AIRGAP-57-001. | TASKRUN-AIRGAP-57-001 | ORTR0101 |
| TASKRUN-41-001 | BLOCKED (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0002_taskrunner_blockers | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Bootstrap service, define migrations for `pack_runs`, `pack_run_logs`, `pack_artifacts`, implement run API (create/get/log stream), local executor, approvals pause, artifact capture, and provenance manifest generation. | Missing TaskRunner architecture/API contract (Sprints 120/130/140). | ORTR0101 |
| TASKRUN-AIRGAP-56-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · AirGap Policy Guild | src/TaskRunner/StellaOps.TaskRunner | Enforce plan-time validation rejecting steps with non-allowlisted network calls in sealed mode and surface remediation errors. | TASKRUN-41-001 | ORTR0101 |
| TASKRUN-AIRGAP-56-002 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · AirGap Importer Guild | src/TaskRunner/StellaOps.TaskRunner | Add helper steps for bundle ingestion (checksum verification, staging to object store) with deterministic outputs. | TASKRUN-AIRGAP-56-001 | ORTR0101 |
| TASKRUN-AIRGAP-57-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · AirGap Controller Guild | src/TaskRunner/StellaOps.TaskRunner | Refuse to execute plans when environment sealed=false but declared sealed install; emit advisory timeline events. | TASKRUN-AIRGAP-56-002 | ORTR0101 |
| TASKRUN-AIRGAP-58-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · Evidence Locker Guild | src/TaskRunner/StellaOps.TaskRunner | Capture bundle import job transcripts, hashed inputs, and outputs into portable evidence bundles. | TASKRUN-AIRGAP-57-001 | ORTR0101 |
| TASKRUN-42-001 | BLOCKED (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild (`src/TaskRunner/StellaOps.TaskRunner`) | src/TaskRunner/StellaOps.TaskRunner | Execution engine enhancements (loops/conditionals/maxParallel), simulation mode, policy gate integration, deterministic failure recovery. Blocked: loop/conditional semantics and policy-gate evaluation contract not published. | | ORTR0102 |
| TASKRUN-OAS-61-001 | TODO | | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · API Contracts Guild | src/TaskRunner/StellaOps.TaskRunner | Document Task Runner APIs (pack runs, logs, approvals) in service OAS, including streaming response schemas and examples. | TASKRUN-41-001 | ORTR0101 |
| TASKRUN-OAS-61-002 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Expose `GET /.well-known/openapi` returning signed spec metadata, build version, and ETag. Dependencies: TASKRUN-OAS-61-001. | TASKRUN-OAS-61-001 | ORTR0101 |
| TASKRUN-OAS-62-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · SDK Generator Guild | src/TaskRunner/StellaOps.TaskRunner | Provide SDK examples for pack run lifecycle; ensure SDKs offer streaming log helpers and paginator wrappers. Dependencies: TASKRUN-OAS-61-002. | TASKRUN-OAS-61-002 | ORTR0102 |
| TASKRUN-OAS-63-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · API Governance Guild | src/TaskRunner/StellaOps.TaskRunner | Implement deprecation header support and Sunset handling for legacy pack APIs; emit notifications metadata. Dependencies: TASKRUN-OAS-62-001. | TASKRUN-OAS-62-001 | ORTR0102 |
| TASKRUN-OAS-61-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · API Contracts Guild | src/TaskRunner/StellaOps.TaskRunner | Document Task Runner APIs (pack runs, logs, approvals) in service OAS, including streaming response schemas and examples. | TASKRUN-41-001 | ORTR0101 |
| TASKRUN-OAS-61-002 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Expose `GET /.well-known/openapi` returning signed spec metadata, build version, and ETag. | TASKRUN-OAS-61-001 | ORTR0101 |
| TASKRUN-OAS-62-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · SDK Generator Guild | src/TaskRunner/StellaOps.TaskRunner | Provide SDK examples for pack run lifecycle; ensure SDKs offer streaming log helpers and paginator wrappers. | TASKRUN-OAS-61-002 | ORTR0102 |
| TASKRUN-OAS-63-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · API Governance Guild | src/TaskRunner/StellaOps.TaskRunner | Implement deprecation header support and Sunset handling for legacy pack APIs; emit notifications metadata. | TASKRUN-OAS-62-001 | ORTR0102 |
| TASKRUN-OBS-50-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Adopt telemetry core in Task Runner host + worker executors, ensuring step execution spans/logs include `trace_id`, `tenant_id`, `run_id`, and scrubbed command transcripts. | ORTR0101 telemetry hooks | ORTR0102 |
| TASKRUN-OBS-51-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · DevOps Guild | src/TaskRunner/StellaOps.TaskRunner | Emit metrics for step latency, retries, queue depth, sandbox resource usage; define SLOs for pack run completion and failure rate; surface burn-rate alerts to collector/Notifier. Dependencies: TASKRUN-OBS-50-001. | TASKRUN-OBS-50-001 | ORTR0102 |
| TASKRUN-OBS-52-001 | BLOCKED (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Produce timeline events for pack runs (`pack.started`, `pack.step.completed`, `pack.failed`) containing evidence pointers and policy gate context. Provide dedupe + retry logic. Blocked: timeline event schema and evidence-pointer contract not published. Dependencies: TASKRUN-OBS-51-001. | TASKRUN-OBS-50-001 | ORTR0102 |
| TASKRUN-OBS-53-001 | BLOCKED (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · Evidence Locker Guild | src/TaskRunner/StellaOps.TaskRunner | Capture step transcripts, artifact manifests, environment digests, and policy approvals into evidence locker snapshots; ensure redaction + hash chain coverage. Blocked: waiting on timeline schema/evidence-pointer contract (OBS-52-001). Dependencies: TASKRUN-OBS-52-001. | TASKRUN-OBS-52-001 | ORTR0102 |
| TASKRUN-OBS-54-001 | TODO | | SPRINT_158_taskrunner_ii | Task Runner Guild · Provenance Guild | src/TaskRunner/StellaOps.TaskRunner | Generate DSSE attestations for pack runs (subjects = produced artifacts) and expose verification API/CLI integration. Store references in timeline events. Dependencies: TASKRUN-OBS-53-001. | TASKRUN-OBS-53-001 | ORTR0102 |
| TASKRUN-OBS-55-001 | TODO | | SPRINT_158_taskrunner_ii | Task Runner Guild · DevOps Guild | src/TaskRunner/StellaOps.TaskRunner | Implement incident mode escalations (extra telemetry, debug artifact capture, retention bump) and align on automatic activation via SLO breach webhooks. Dependencies: TASKRUN-OBS-54-001. | TASKRUN-OBS-54-001 | ORTR0102 |
| TASKRUN-TEN-48-001 | TODO | | SPRINT_158_taskrunner_ii | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Require tenant/project context for every pack run, set DB/object-store prefixes, block egress when tenant restricted, and propagate context to steps/logs. | TASKRUN-AIRGAP-58-001 | ORTR0101 |
| TASKRUN-OBS-52-001 | BLOCKED (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Produce timeline events for pack runs (`pack.started`, `pack.step.completed`, `pack.failed`) containing evidence pointers and policy gate context. Provide dedupe + retry logic. Blocked: timeline event schema and evidence-pointer contract not published. | TASKRUN-OBS-51-001 | ORTR0102 |
| TASKRUN-OBS-53-001 | BLOCKED (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · Evidence Locker Guild | src/TaskRunner/StellaOps.TaskRunner | Capture step transcripts, artifact manifests, environment digests, and policy approvals into evidence locker snapshots; ensure redaction + hash chain coverage. Blocked: waiting on timeline schema/evidence-pointer contract (OBS-52-001). | TASKRUN-OBS-52-001 | ORTR0102 |
| TASKRUN-OBS-54-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0158_0001_0002_taskrunner_ii | Task Runner Guild · Provenance Guild | src/TaskRunner/StellaOps.TaskRunner | Generate DSSE attestations for pack runs (subjects = produced artifacts) and expose verification API/CLI integration. Store references in timeline events. | TASKRUN-OBS-53-001 | ORTR0102 |
| TASKRUN-OBS-55-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0158_0001_0002_taskrunner_ii | Task Runner Guild · DevOps Guild | src/TaskRunner/StellaOps.TaskRunner | Implement incident mode escalations (extra telemetry, debug artifact capture, retention bump) and align on automatic activation via SLO breach webhooks. | TASKRUN-OBS-54-001 | ORTR0102 |
| TASKRUN-TEN-48-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0158_0001_0002_taskrunner_ii | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Require tenant/project context for every pack run, set DB/object-store prefixes, block egress when tenant restricted, and propagate context to steps/logs. | TASKRUN-OBS-53-001; Tenancy policy contract | ORTR0101 |
| TELEMETRY-DOCS-0001 | TODO | | SPRINT_330_docs_modules_telemetry | Docs Guild | docs/modules/telemetry | Validate that telemetry module docs reflect the new storage stack and isolation rules. | Ops checklist from DVDO0103 | DOTL0101 |
| TELEMETRY-DOCS-0001 | TODO | | SPRINT_330_docs_modules_telemetry | Docs Guild | docs/modules/telemetry | Validate that telemetry module docs reflect the new storage stack and isolation rules. | Ops checklist from DVDO0103 | DOTL0101 |
| TELEMETRY-ENG-0001 | TODO | | SPRINT_330_docs_modules_telemetry | Module Team | docs/modules/telemetry | Ensure milestones stay in sync with telemetry sprints in `docs/implplan`. | TLTY0101 API review | DOTL0101 |
@@ -2264,7 +2264,7 @@
| 31-009 | DONE | 2025-11-12 | SPRINT_110_ingestion_evidence | Advisory AI Guild | src/AdvisoryAI/StellaOps.AdvisoryAI | — | — | ADAI0101 |
| 34-101 | DONE | 2025-11-22 | SPRINT_0120_0000_0001_policy_reasoning | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | 29-009 | LEDGER-29-009 | PLLG0104 |
| 401-004 | BLOCKED | 2025-11-25 | SPRINT_0401_0001_0001_reachability_evidence_chain | Replay Core Guild | `src/__Libraries/StellaOps.Replay.Core` | Signals facts stable (SGSI0101) | Blocked: awaiting SGSI0101 runtime facts + CAS policy from GAP-REP-004 | RPRC0101 |
| 41-001 | BLOCKED | 2025-11-25 | SPRINT_157_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | — | Awaiting TaskRunner architecture/API contract; upstream Sprint 120/130/140 inputs | ORTR0101 |
| 41-001 | TODO | 2025-11-30 | SPRINT_157_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | — | Contract landed via product advisory 2025-11-29; implement per `docs/modules/taskrunner/architecture.md`. | ORTR0101 |
| 44-001 | TODO | | SPRINT_501_ops_deployment_i | Deployment Guild · DevEx Guild (ops/deployment) | ops/deployment | — | — | DVDO0103 |
| 44-002 | TODO | | SPRINT_501_ops_deployment_i | Deployment Guild (ops/deployment) | ops/deployment | 44-001 | 44-001 | DVDO0103 |
| 44-003 | TODO | | SPRINT_501_ops_deployment_i | Deployment Guild · Docs Guild (ops/deployment) | ops/deployment | 44-002 | 44-002 | DVDO0103 |
@@ -3535,9 +3535,9 @@
| PACKS-42-001 | TODO | | SPRINT_0121_0001_0001_policy_reasoning | Findings Ledger Guild | src/Findings/StellaOps.Findings.Ledger | Provide snapshot/time-travel APIs, digestable exports for pack simulation + CLI offline mode. | Needs ORSC0104 event IDs | |
| PACKS-43-001 | DONE | 2025-11-09 | SPRINT_100_identity_signing | Packs Guild · Authority Guild | src/Authority/StellaOps.Authority | Canonical pack bundle + docs for release 43. | AUTH-PACKS-41-001; TASKRUN-42-001; ORCH-SVC-42-101 | |
| PACKS-43-002 | TODO | | SPRINT_508_ops_offline_kit | Offline Kit Guild, Packs Registry Guild (ops/offline-kit) | ops/offline-kit | | | |
| PACKS-REG-41-001 | TODO | | SPRINT_154_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Implement registry service, migrations for `packs_index`, `parity_matrix`, provenance docs; support pack upload/list/get, signature verification, RBAC enforcement, and provenance manifest storage. | Needs ORSC0104 event feeds | |
| PACKS-REG-42-001 | TODO | | SPRINT_154_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Add version lifecycle (promote/deprecate), tenant allowlists, provenance export, signature rotation, audit logs, and Offline Kit seed support. Dependencies: PACKS-REG-41-001. | Depends on 41-001 | |
| PACKS-REG-43-001 | TODO | | SPRINT_154_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Implement registry mirroring, pack signing policies, attestation integration, and compliance dashboards; integrate with Export Center. Dependencies: PACKS-REG-42-001. | Needs 42-001 | |
| PACKS-REG-41-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0154_0001_0001_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Implement registry service, migrations for `packs_index`, `parity_matrix`, provenance docs; support pack upload/list/get, signature verification, RBAC enforcement, and provenance manifest storage. | Needs ORSC0104 event feeds | |
| PACKS-REG-42-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0154_0001_0001_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Add version lifecycle (promote/deprecate), tenant allowlists, provenance export, signature rotation, audit logs, and Offline Kit seed support. Dependencies: PACKS-REG-41-001. | Depends on 41-001 | |
| PACKS-REG-43-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0154_0001_0001_packsregistry | Packs Registry Guild | src/PacksRegistry/StellaOps.PacksRegistry | Implement registry mirroring, pack signing policies, attestation integration, and compliance dashboards; integrate with Export Center. Dependencies: PACKS-REG-42-001. | Needs 42-001 | |
| PARITY-41-001 | TODO | | SPRINT_203_cli_iii | DevEx/CLI Guild | src/Cli/StellaOps.Cli | Propagate `traceparent`/correlation IDs across CLI commands and verbose output. | Needs NOWB0101 gateway trace headers | |
| PARITY-41-002 | TODO | | SPRINT_203_cli_iii | DevEx/CLI Guild | src/Cli/StellaOps.Cli | Add parity tests + docs ensuring CLI error output matches web/notify formats. | Depends on 41-001 | |
| PLATFORM-DOCS-0001 | TODO | | SPRINT_324_docs_modules_platform | Docs Guild | docs/modules/platform | See ./AGENTS.md | Needs updated wave list | |
@@ -4145,22 +4145,22 @@
| SYMS-CLIENT-401-012 | TODO | | SPRINT_0401_0001_0001_reachability_evidence_chain | Symbols Guild · Scanner Guild | `src/Symbols/StellaOps.Symbols.Client`, `src/Scanner/StellaOps.Scanner.Symbolizer` | Ship `StellaOps.Symbols.Client` SDK (resolve/upload APIs, platform key derivation for ELF/PDB/Mach-O/JVM/Node, disk LRU cache) and integrate with Scanner.Symbolizer/runtime probes (ref. `docs/specs/SYMBOL_MANIFEST_v1.md`). | Depends on #3 | RBSY0101 |
| SYMS-INGEST-401-013 | TODO | | SPRINT_0401_0001_0001_reachability_evidence_chain | Symbols Guild · DevOps Guild | `src/Symbols/StellaOps.Symbols.Ingestor.Cli`, `docs/specs/SYMBOL_MANIFEST_v1.md` | Build `symbols ingest` CLI to emit DSSE-signed `SymbolManifest v1`, upload blobs, and register Rekor entries; document GitLab/Gitea pipeline usage. | Needs manifest updates from #1 | RBSY0101 |
| SYMS-SERVER-401-011 | TODO | | SPRINT_0401_0001_0001_reachability_evidence_chain | Symbols Guild | `src/Symbols/StellaOps.Symbols.Server` | Deliver `StellaOps.Symbols.Server` (REST+gRPC) with DSSE-verified uploads, Mongo/MinIO storage, tenant isolation, and deterministic debugId indexing; publish health/manifest APIs (spec: `docs/specs/SYMBOL_MANIFEST_v1.md`). | Depends on #5 | RBSY0101 |
| TASKRUN-41-001 | BLOCKED | 2025-11-25 | SPRINT_0157_0001_0002_taskrunner_blockers | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Bootstrap service, define migrations for `pack_runs`, `pack_run_logs`, `pack_artifacts`, implement run API (create/get/log stream), local executor, approvals pause, artifact capture, and provenance manifest generation. | Missing TaskRunner architecture/API contracts; needs Sprint 120/130/140 inputs | ORTR0101 |
| TASKRUN-AIRGAP-56-001 | TODO | | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · AirGap Policy Guild | src/TaskRunner/StellaOps.TaskRunner | Enforce plan-time validation rejecting steps with non-allowlisted network calls in sealed mode and surface remediation errors. | TASKRUN-41-001 | ORTR0101 |
| TASKRUN-AIRGAP-56-002 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · AirGap Importer Guild | src/TaskRunner/StellaOps.TaskRunner | Add helper steps for bundle ingestion (checksum verification, staging to object store) with deterministic outputs. Dependencies: TASKRUN-AIRGAP-56-001. | TASKRUN-AIRGAP-56-001 | ORTR0101 |
| TASKRUN-AIRGAP-57-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · AirGap Controller Guild | src/TaskRunner/StellaOps.TaskRunner | Refuse to execute plans when environment sealed=false but declared sealed install; emit advisory timeline events. Dependencies: TASKRUN-AIRGAP-56-002. | TASKRUN-AIRGAP-56-002 | ORTR0101 |
| TASKRUN-AIRGAP-58-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · Evidence Locker Guild | src/TaskRunner/StellaOps.TaskRunner | Capture bundle import job transcripts, hashed inputs, and outputs into portable evidence bundles. Dependencies: TASKRUN-AIRGAP-57-001. | TASKRUN-AIRGAP-57-001 | ORTR0101 |
| TASKRUN-OAS-61-001 | TODO | | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · API Contracts Guild | src/TaskRunner/StellaOps.TaskRunner | Document Task Runner APIs (pack runs, logs, approvals) in service OAS, including streaming response schemas and examples. | TASKRUN-41-001 | ORTR0101 |
| TASKRUN-OAS-61-002 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Expose `GET /.well-known/openapi` returning signed spec metadata, build version, and ETag. Dependencies: TASKRUN-OAS-61-001. | TASKRUN-OAS-61-001 | ORTR0101 |
| TASKRUN-OAS-62-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · SDK Generator Guild | src/TaskRunner/StellaOps.TaskRunner | Provide SDK examples for pack run lifecycle; ensure SDKs offer streaming log helpers and paginator wrappers. Dependencies: TASKRUN-OAS-61-002. | TASKRUN-OAS-61-002 | ORTR0102 |
| TASKRUN-OAS-63-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · API Governance Guild | src/TaskRunner/StellaOps.TaskRunner | Implement deprecation header support and Sunset handling for legacy pack APIs; emit notifications metadata. Dependencies: TASKRUN-OAS-62-001. | TASKRUN-OAS-62-001 | ORTR0102 |
| TASKRUN-41-001 | TODO | 2025-11-30 | SPRINT_0157_0001_0002_taskrunner_blockers | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Bootstrap service, define migrations for `pack_runs`, `pack_run_logs`, `pack_artifacts`, implement run API (create/get/log stream), local executor, approvals pause, artifact capture, and provenance manifest generation. | Contract available via `docs/product-advisories/29-Nov-2025 - Task Pack Orchestration and Automation.md` and `docs/modules/taskrunner/architecture.md`. | ORTR0101 |
| TASKRUN-AIRGAP-56-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · AirGap Policy Guild | src/TaskRunner/StellaOps.TaskRunner | Enforce plan-time validation rejecting steps with non-allowlisted network calls in sealed mode and surface remediation errors. | TASKRUN-41-001 | ORTR0101 |
| TASKRUN-AIRGAP-56-002 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · AirGap Importer Guild | src/TaskRunner/StellaOps.TaskRunner | Add helper steps for bundle ingestion (checksum verification, staging to object store) with deterministic outputs. | TASKRUN-AIRGAP-56-001 | ORTR0101 |
| TASKRUN-AIRGAP-57-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · AirGap Controller Guild | src/TaskRunner/StellaOps.TaskRunner | Refuse to execute plans when environment sealed=false but declared sealed install; emit advisory timeline events. | TASKRUN-AIRGAP-56-002 | ORTR0101 |
| TASKRUN-AIRGAP-58-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · Evidence Locker Guild | src/TaskRunner/StellaOps.TaskRunner | Capture bundle import job transcripts, hashed inputs, and outputs into portable evidence bundles. | TASKRUN-AIRGAP-57-001 | ORTR0101 |
| TASKRUN-OAS-61-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · API Contracts Guild | src/TaskRunner/StellaOps.TaskRunner | Document Task Runner APIs (pack runs, logs, approvals) in service OAS, including streaming response schemas and examples. | TASKRUN-41-001 | ORTR0101 |
| TASKRUN-OAS-61-002 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Expose `GET /.well-known/openapi` returning signed spec metadata, build version, and ETag. | TASKRUN-OAS-61-001 | ORTR0101 |
| TASKRUN-OAS-62-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · SDK Generator Guild | src/TaskRunner/StellaOps.TaskRunner | Provide SDK examples for pack run lifecycle; ensure SDKs offer streaming log helpers and paginator wrappers. | TASKRUN-OAS-61-002 | ORTR0102 |
| TASKRUN-OAS-63-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · API Governance Guild | src/TaskRunner/StellaOps.TaskRunner | Implement deprecation header support and Sunset handling for legacy pack APIs; emit notifications metadata. | TASKRUN-OAS-62-001 | ORTR0102 |
| TASKRUN-OBS-50-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Adopt telemetry core in Task Runner host + worker executors, ensuring step execution spans/logs include `trace_id`, `tenant_id`, `run_id`, and scrubbed command transcripts. | ORTR0101 telemetry hooks | ORTR0102 |
| TASKRUN-OBS-51-001 | DONE (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · DevOps Guild | src/TaskRunner/StellaOps.TaskRunner | Emit metrics for step latency, retries, queue depth, sandbox resource usage; define SLOs for pack run completion and failure rate; surface burn-rate alerts to collector/Notifier. Dependencies: TASKRUN-OBS-50-001. | TASKRUN-OBS-50-001 | ORTR0102 |
| TASKRUN-OBS-52-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Produce timeline events for pack runs (`pack.started`, `pack.step.completed`, `pack.failed`) containing evidence pointers and policy gate context. Provide dedupe + retry logic. Dependencies: TASKRUN-OBS-51-001. | TASKRUN-OBS-50-001 | ORTR0102 |
| TASKRUN-OBS-53-001 | TODO | | SPRINT_157_taskrunner_i | Task Runner Guild · Evidence Locker Guild | src/TaskRunner/StellaOps.TaskRunner | Capture step transcripts, artifact manifests, environment digests, and policy approvals into evidence locker snapshots; ensure redaction + hash chain coverage. Dependencies: TASKRUN-OBS-52-001. | TASKRUN-OBS-52-001 | ORTR0102 |
| TASKRUN-OBS-52-001 | BLOCKED (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Produce timeline events for pack runs (`pack.started`, `pack.step.completed`, `pack.failed`) containing evidence pointers and policy gate context. Provide dedupe + retry logic. Blocked: timeline event schema and evidence-pointer contract not published. | TASKRUN-OBS-51-001 | ORTR0102 |
| TASKRUN-OBS-53-001 | BLOCKED (2025-11-25) | 2025-11-25 | SPRINT_0157_0001_0001_taskrunner_i | Task Runner Guild · Evidence Locker Guild | src/TaskRunner/StellaOps.TaskRunner | Capture step transcripts, artifact manifests, environment digests, and policy approvals into evidence locker snapshots; ensure redaction + hash chain coverage. Blocked: waiting on timeline schema/evidence-pointer contract (OBS-52-001). | TASKRUN-OBS-52-001 | ORTR0102 |
| TASKRUN-OBS-54-001 | TODO | | SPRINT_158_taskrunner_ii | Task Runner Guild · Provenance Guild | src/TaskRunner/StellaOps.TaskRunner | Generate DSSE attestations for pack runs (subjects = produced artifacts) and expose verification API/CLI integration. Store references in timeline events. Dependencies: TASKRUN-OBS-53-001. | TASKRUN-OBS-53-001 | ORTR0102 |
| TASKRUN-OBS-55-001 | TODO | | SPRINT_158_taskrunner_ii | Task Runner Guild · DevOps Guild | src/TaskRunner/StellaOps.TaskRunner | Implement incident mode escalations (extra telemetry, debug artifact capture, retention bump) and align on automatic activation via SLO breach webhooks. Dependencies: TASKRUN-OBS-54-001. | TASKRUN-OBS-54-001 | ORTR0102 |
| TASKRUN-TEN-48-001 | TODO | | SPRINT_158_taskrunner_ii | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Require tenant/project context for every pack run, set DB/object-store prefixes, block egress when tenant restricted, and propagate context to steps/logs. | TASKRUN-AIRGAP-58-001 | ORTR0101 |
| TASKRUN-TEN-48-001 | BLOCKED (2025-11-30) | 2025-11-30 | SPRINT_0158_0001_0002_taskrunner_ii | Task Runner Guild | src/TaskRunner/StellaOps.TaskRunner | Require tenant/project context for every pack run, set DB/object-store prefixes, block egress when tenant restricted, and propagate context to steps/logs. | TASKRUN-OBS-53-001; Tenancy policy contract | ORTR0101 |
| TELEMETRY-DOCS-0001 | TODO | | SPRINT_330_docs_modules_telemetry | Docs Guild | docs/modules/telemetry | Validate that telemetry module docs reflect the new storage stack and isolation rules. | Ops checklist from DVDO0103 | DOTL0101 |
| TELEMETRY-DOCS-0001 | TODO | | SPRINT_330_docs_modules_telemetry | Docs Guild | docs/modules/telemetry | Validate that telemetry module docs reflect the new storage stack and isolation rules. | Ops checklist from DVDO0103 | DOTL0101 |
| TELEMETRY-ENG-0001 | TODO | | SPRINT_330_docs_modules_telemetry | Module Team | docs/modules/telemetry | Ensure milestones stay in sync with telemetry sprints in `docs/implplan`. | TLTY0101 API review | DOTL0101 |

5
docs/key-features.md
View File

@@ -37,6 +37,11 @@ Each card is a fast read pairing the headline capability with the evidence that
- **Evidence:** `docs/market/competitive-landscape.md` distils a 15-vendor comparison; `03_VISION.md` lists moats; `docs/reachability/lead.md` details the reachability proof moat.
- **Why it matters:** Clear differentiation guides roadmap and sales; keeps us focused on replayable, sovereign, and explainable security.
## 8. Deterministic Task Packs (2025-11)
- **What it is:** TaskRunner executes declarative Task Packs with plan-hash binding, approvals, sealed-mode enforcement, and DSSE evidence bundles.
- **Evidence:** Product advisory `docs/product-advisories/29-Nov-2025 - Task Pack Orchestration and Automation.md`; architecture contract in `docs/modules/taskrunner/architecture.md`; runbook/spec in `docs/task-packs/*.md`.
- **Why it matters:** Security teams get auditable, air-gap-friendly automation with human approvals and provable provenance, reusing the same workflows online or offline.
### Explore Further
- Walk the first deployment in [quickstart.md](quickstart.md).
- Dive into architectural flows in [high-level-architecture.md](high-level-architecture.md).

15
docs/modules/attestor/README.md
View File

@@ -2,8 +2,10 @@
Attestor converts signed DSSE evidence from the Signer into transparency-log proofs and verifiable reports for every downstream surface (Policy Engine, Export Center, CLI, Console, Scheduler). It is the trust backbone that proves SBOM, scan, VEX, and policy artefacts were signed, witnessed, and preserved without tampering.
## Latest updates (2025-10-19)
- Platform Events refresh published canonical `attestor.logged@1` samples under `docs/events/samples/` and validated schemas (`docs/updates/2025-10-18-docs-guild.md`, `docs/updates/2025-10-19-docs-guild.md`). Consumers should align verification workflows and tests with those sample envelopes.
## Latest updates (2025-11-30)
- Sprint tracker `docs/implplan/SPRINT_0313_0001_0001_docs_modules_attestor.md` and module `TASKS.md` added to mirror status.
- Observability runbook stub + dashboard placeholder added under `operations/` (offline import) pending next demo outputs.
- Platform Events samples (2025-10-18/19) remain the current canonical `attestor.logged@1`; keep verification workflows aligned.
## Why it exists
- **Evidence first:** organisations need portable, verifiable attestations that prove build provenance, SBOM availability, policy verdicts, and VEX statements.
@@ -44,10 +46,11 @@ All predicates capture subjects, issuer metadata, policy context, materials, opt
- Export Center packages attestation bundles (`stella export attestation-bundle`) for Offline Kit delivery.
- Transparency logs can be mirrored; offline mode records gaps and provides compensating controls.
## Observability & performance
- Metrics: `attestor_submission_total`, `attestor_verify_seconds`, `attestor_cache_hit_ratio`, `attestor_rekor_latency_seconds`.
- Logs capture tenant, issuer, subject digests, Rekor UUID, proof status, and policy verdict.
- Performance target: ≥1000 envelopes/minute per worker with cached verification, batched operations, and concurrency controls.
## Observability & performance
- Metrics: `attestor_submission_total`, `attestor_verify_seconds`, `attestor_cache_hit_ratio`, `attestor_rekor_latency_seconds`.
- Logs capture tenant, issuer, subject digests, Rekor UUID, proof status, and policy verdict.
- Performance target: ≥1000 envelopes/minute per worker with cached verification, batched operations, and concurrency controls.
- Observability assets: `operations/observability.md` and `operations/dashboards/attestor-observability.json` (offline import).
## Key integrations
- Signer (DSSE source), Authority (scopes & tenancy), Export Center (attestation bundles), Policy Engine (verification policies), Scanner/Excititor (subject evidence), Notify (key rotation & verification alerts), Observability stack (dashboards/alerts).

9
docs/modules/attestor/TASKS.md Normal file
View File

@@ -0,0 +1,9 @@
# Attestor · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| ATTESTOR-DOCS-0001 | DONE (2025-11-05) | Docs Guild | README aligned with latest release notes and attestation samples. |
| ATTESTOR-OPS-0001 | BLOCKED (2025-11-30) | Ops Guild | Await next demo outputs; observability runbook stub added. |
| ATTESTOR-ENG-0001 | DONE (2025-11-27) | Module Team | Implementation plan readiness tracker added. |
> Keep this table in lockstep with `docs/implplan/SPRINT_0313_0001_0001_docs_modules_attestor.md` (TODO/DOING/DONE/BLOCKED updates go to both files).

6
docs/modules/attestor/operations/dashboards/attestor-observability.json Normal file
View File

@@ -0,0 +1,6 @@
{
"_note": "Placeholder Grafana dashboard stub for Attestor. Replace panels when metrics endpoints are available; keep offline-import friendly.",
"schemaVersion": 39,
"title": "Attestor Observability (stub)",
"panels": []
}

39
docs/modules/attestor/operations/observability.md Normal file
View File

@@ -0,0 +1,39 @@
# Attestor observability runbook (stub · 2025-11-29 demo)
## Dashboards (offline import)
- Grafana JSON: `docs/modules/attestor/operations/dashboards/attestor-observability.json` (import locally; no external data sources assumed).
- Planned panels: signing latency p95/p99, verification failure rate, transparency log submission lag, key rotation age, DSSE verification errors, queue depth/backlog, and attestation bundle size histogram.
## Key metrics
- `attestor_sign_latency_seconds_bucket` — signing latency per request.
- `attestor_verify_failures_total{reason}` — verification failures.
- `attestor_tlog_submission_latency_seconds_bucket` — transparency log latency.
- `attestor_key_rotation_age_seconds` — time since last rotation.
- `attestor_queue_backlog` — pending attestation jobs.
- `attestor_bundle_size_bytes_bucket` — bundle size distribution.
## Logs & traces
- Correlate by `correlationId`, `attestationId`, `tenant`, `keyId`. Include `policyVersion`, `tlogIndex`, and `rekorUrl` where applicable.
- Traces disabled by default for air-gap; enable by pointing OTLP exporter to on-prem collector.
## Health/diagnostics
- `/health/liveness` and `/health/readiness` check signer availability, tlog reachability, and storage.
- `/status` exposes build version, commit, feature flags; verify against offline bundle manifest.
- Verification probe: `POST /api/attestations/verify` with sample bundle once demo outputs land.
## Alert hints
- Signing latency p99 > 1s.
- Verification failure spikes.
- Transparency log submission lag > 10s.
- Key rotation age exceeding policy threshold.
- Queue backlog above configured threshold.
## Offline verification steps
1) Import Grafana JSON locally; point to Prometheus scrape labeled `attestor`.
2) Run sample verification once demo bundle available and confirm metrics/logs emit locally.
3) Fetch `/status` and compare commit/version to offline bundle manifest.
## Evidence locations
- Sprint tracker: `docs/implplan/SPRINT_0313_0001_0001_docs_modules_attestor.md`.
- Module docs: `README.md`, `architecture.md`, `implementation_plan.md`.
- Dashboard stub: `operations/dashboards/attestor-observability.json`.

1
docs/modules/authority/AGENTS.md
View File

@@ -8,6 +8,7 @@ Authority is the platform OIDC/OAuth2 control plane that mints short-lived, send
- [Architecture](./architecture.md)
- [Implementation plan](./implementation_plan.md)
- [Task board](./TASKS.md)
- [Observability runbook](./operations/monitoring.md) and Grafana JSON (offline import)
## How to get started
1. Open sprint file `/docs/implplan/SPRINT_*.md` and locate the stories referencing this module.

26
docs/modules/authority/README.md
View File

@@ -2,7 +2,12 @@
Authority is the platform OIDC/OAuth2 control plane that mints short-lived, sender-constrained operational tokens (OpToks) for every StellaOps service and tool.
## Responsibilities
## Latest updates (2025-11-30)
- Sprint tracker `docs/implplan/SPRINT_0314_0001_0001_docs_modules_authority.md` and module `TASKS.md` added to mirror status.
- Monitoring/observability references consolidated; Grafana JSON remains offline import (`operations/grafana-dashboard.json`).
- Prior content retained: OpTok/DPoP/mTLS responsibilities, backup/restore, key rotation.
## Responsibilities
- Expose device-code, auth-code, and client-credential flows with DPoP or mTLS binding.
- Manage signing keys, JWKS rotation, and PoE integration for plan enforcement.
- Emit structured audit events and enforce tenant-aware scope policies.
@@ -18,16 +23,17 @@ Authority is the platform OIDC/OAuth2 control plane that mints short-lived, send
- CLI/UI for login flows and token management.
- Scheduler/Scanner for machine-to-machine scope enforcement.
## Operational notes
- MongoDB for tenant, client, and token state.
- Key material in KMS/HSM with rotation runbooks (see ./operations/key-rotation.md).
- Grafana/Prometheus dashboards for auth latency/issuance.
## Operational notes
- MongoDB for tenant, client, and token state.
- Key material in KMS/HSM with rotation runbooks (`operations/key-rotation.md`).
- Monitoring runbook (`operations/monitoring.md`) and offline-import Grafana JSON (`operations/grafana-dashboard.json`).
## Related resources
- ./operations/backup-restore.md
- ./operations/key-rotation.md
- ./operations/monitoring.md
- ./operations/grafana-dashboard.json
## Related resources
- ./operations/backup-restore.md
- ./operations/key-rotation.md
- ./operations/monitoring.md
- ./operations/grafana-dashboard.json
- Sprint/status mirrors: `docs/implplan/SPRINT_0314_0001_0001_docs_modules_authority.md`, `docs/modules/authority/TASKS.md`
## Backlog references
- DOCS-SEC-62-001 (scope hardening doc) in ../../TASKS.md.

9
docs/modules/authority/TASKS.md Normal file
View File

@@ -0,0 +1,9 @@
# Authority · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| AUTHORITY-DOCS-0001 | DONE (2025-11-30) | Docs Guild | README/architecture refreshed; sprint + monitoring links added. |
| AUTHORITY-ENG-0001 | DONE (2025-11-27) | Module Team | Readiness tracker in implementation_plan mapped to epics/sprints. |
| AUTHORITY-OPS-0001 | DONE (2025-11-30) | Ops Guild | TASKS board created; monitoring/grafana references aligned; offline-friendly. |
> Keep this table in lockstep with `docs/implplan/SPRINT_0314_0001_0001_docs_modules_authority.md` (TODO/DOING/DONE/BLOCKED updates go to both files).

25
docs/modules/authority/implementation_plan.md
View File

@@ -16,16 +16,21 @@
- **Epic 14 Identity & Tenancy:** implement tenant isolation, RBAC hierarchies, audit trails, and PoE integration.
- Track additional work (DOCS-SEC-62-001, AUTH-POLICY-20-001/002) in ../../TASKS.md and src/Authority/**/TASKS.md.
## Coordination
- Review ./AGENTS.md before picking up new work.
- Sync with cross-cutting teams noted in `/docs/implplan/SPRINT_*.md`.
- Update this plan whenever scope, dependencies, or guardrails change.
---
## Sprint readiness tracker
> Last updated: 2025-11-27 (AUTHORITY-ENG-0001)
## Coordination
- Review ./AGENTS.md before picking up new work.
- Sync with cross-cutting teams noted in `/docs/implplan/SPRINT_*.md`.
- Update this plan whenever scope, dependencies, or guardrails change.
## Sprint alignment (2025-11-30)
- Docs refresh tracked in `docs/implplan/SPRINT_0314_0001_0001_docs_modules_authority.md`; statuses mirrored in `docs/modules/authority/TASKS.md`.
- Observability assets remain in `operations/monitoring.md` with Grafana JSON `operations/grafana-dashboard.json` (offline import).
- Authority readiness tracker (AUTHORITY-ENG-0001) delivered 2025-11-27; future updates should adjust both sprint and TASKS.
---
## Sprint readiness tracker
> Last updated: 2025-11-27 (AUTHORITY-ENG-0001)
This section maps epic milestones to implementation sprints and tracks readiness checkpoints.

5
docs/modules/excititor/README.md
View File

@@ -2,7 +2,10 @@
Excititor converts heterogeneous VEX feeds into raw observations and linksets that honour the Aggregation-Only Contract.
## Latest updates (2025-11-05)
## Latest updates (2025-11-30)
- Sprint tracker `docs/implplan/SPRINT_0333_0001_0001_docs_modules_excititor.md` and module `TASKS.md` added to mirror status.
- Observability/runbook assets remain in `operations/observability.md` and `observability/` (timeline, locker manifests); dashboards stay offline-import friendly.
- Prior updates (2025-11-05): Link-Not-Merge readiness and consensus beta note (`../../updates/2025-11-05-excitor-consensus-beta.md`), observability guide additions, DSSE packaging guidance, and Policy/CLI follow-ups tracked in SPRINT_200.
- Link-Not-Merge readiness: release note [Excitor consensus beta](../../updates/2025-11-05-excitor-consensus-beta.md) captures how Excititor feeds power the Excititor consensus beta (sample payload in [consensus JSON](../../vex/consensus-json.md)).
- Added [observability guide](operations/observability.md) describing the evidence metrics emitted by `EXCITITOR-AIAI-31-003` (request counters, statement histogram, signature status, guard violations) so Ops/Lens can alert on misuse.
- README now points policy/UI teams to the upcoming consensus integration work.

12
docs/modules/excititor/TASKS.md Normal file
View File

@@ -0,0 +1,12 @@
# Excititor · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| EXCITOR-DOCS-0001 | DONE (2025-11-07) | Docs Guild | README aligned to consensus beta release notes. |
| EXCITOR-OPS-0001 | DONE (2025-11-07) | Ops Guild | Runbooks/observability checklist added (`mirrors.md`). |
| EXCITOR-ENG-0001 | DONE (2025-11-07) | Module Team | Implementation plan alignment with SPRINT_200 updates. |
| EXCITITOR-DOCS-0001 | BLOCKED (2025-11-19) | Docs Guild | Await chunk API CI validation + OpenAPI freeze before finalizing docs. |
| EXCITITOR-ENG-0001 | TODO | Module Team | Update engineering notes once chunk API/OpenAPI unblock. |
| EXCITITOR-OPS-0001 | TODO | Ops Guild | Sync observability/runbook updates after OpenAPI freeze. |
> Keep this table in lockstep with `docs/implplan/SPRINT_0333_0001_0001_docs_modules_excititor.md` (TODO/DOING/DONE/BLOCKED updates go to both files).

15
docs/modules/excititor/implementation_plan.md
View File

@@ -20,12 +20,15 @@
- Sync with cross-cutting teams noted in `/docs/implplan/SPRINT_*.md`.
- Update this plan whenever scope, dependencies, or guardrails change.
## Sprint alignment (2025-11-07)
## Sprint alignment (2025-11-30)
| Sprint task | State (SPRINT_200) | Notes |
| Sprint task | State (SPRINT_0333_0001_0001_docs_modules_excititor) | Notes |
| --- | --- | --- |
| EXCITITOR-DOCS-0001 | DONE | README release alignment + consensus beta references refreshed (DSSE/export guidance). |
| EXCITITOR-ENG-0001 | DONE | Implementation plan now mirrors `SPRINT_200_documentation_process.md` through this table. |
| EXCITITOR-OPS-0001 | DONE | Runbook/observability checklist added to `docs/modules/excititor/mirrors.md`. |
| EXCITOR-DOCS-0001 | DONE | README release alignment + consensus beta references refreshed (DSSE/export guidance). |
| EXCITOR-ENG-0001 | DONE | Implementation plan mirrored to sprint status; TASKS board created. |
| EXCITOR-OPS-0001 | DONE | Runbook/observability checklist added to `mirrors.md`. |
| EXCITITOR-DOCS-0001 | BLOCKED | Waiting on chunk API CI validation + OpenAPI freeze. |
| EXCITITOR-ENG-0001 | TODO | Will update engineering notes once DOCS unblock. |
| EXCITITOR-OPS-0001 | TODO | Sync observability/runbook updates after OpenAPI freeze. |
See `/docs/implplan/SPRINT_200_documentation_process.md` for the canonical status table.
See `/docs/implplan/SPRINT_0333_0001_0001_docs_modules_excititor.md` for the canonical status table.

47
docs/modules/export-center/operations/kms-envelope-pattern.md Normal file
View File

@@ -0,0 +1,47 @@
# Export Center KMS Envelope Pattern (age + AES-GCM)
Status: Adopted for Sprint 0164-0001-0001 (ExportCenter III)
Scope: Defines deterministic envelope handling for mirror bundle encryption (`EXPORT-SVC-37-002`) and general export signing. Applies to worker path and verification docs.
## Key hierarchy
- **Content key (DEK):** 32-byte random generated per export run. Used for AES-256-GCM over encrypted payloads (`/data` subtree for mirror; optional for others).
- **Nonce:** 12-byte random per file; stored alongside ciphertext; derive Additional Authenticated Data (AAD) as `{runId}:{relativePath}` to bind file path and run.
- **Wrapping keys:**
- **age recipients** (preferred for offline): each tenant can list one or more age public keys. DEK is wrapped once per recipient using age X25519. Store `recipient`, `wrappedKey` (base64), and optional `keyId` in provenance.
- **KMS envelope** (Authority/HSM): DEK wrapped with tenant-scoped KMS key alias `export/envelope`. Store `kmsKeyId` (authority URI or external ARN) and `wrappedKey` (base64) plus KMS-provided `algorithm`.
## Write path (worker)
1) Generate DEK (32 bytes) per run; zeroize after use.
2) For each encrypted file, derive AAD = `{runId}:{relativePath}`; encrypt with AES-256-GCM (nonce per file). Store `nonce` and `ciphertext`.
3) Wrap DEK for all configured recipients:
- age: `age --encrypt --recipient <pub>` over DEK bytes → base64.
- KMS: `Encrypt`/`WrapKey` with `KeyId=export/envelope` and `EncryptionContext={runId,tenant}` → base64.
4) Record wrapping metadata in `provenance.json` under `environment.encryption.recipients[]` preserving deterministic order (age recipients lexicographically by `recipient`, then KMS entries by `kmsKeyId`).
5) Include `encryption.mode` (`age` or `aes-gcm+kms`), `aadFormat`, and `nonceFormat` in provenance for verification tooling.
## Read/verification path
1) Select a recipient entry that matches available keys (age private key or KMS key).
2) Unwrap DEK:
- age: `age --decrypt` → DEK bytes.
- KMS: `Decrypt`/`UnwrapKey` with same encryption context.
3) For each encrypted file, recompute AAD from `{runId}:{relativePath}`, decrypt with AES-256-GCM using stored `nonce`, verify tag.
4) Recompute SHA-256 of decrypted payload and compare with `export.json` entries.
## Determinism & offline posture
- Recipient lists and wrapped keys are ordered deterministically to keep `provenance.json` hashes stable across retries.
- age path works fully offline; KMS path requires Authority/HSM availability but stores all metadata to allow later decryption once KMS is reachable.
- Use fixed casing and field names: `mode`, `recipients[] {type, recipient|kmsKeyId, wrappedKey, keyId?}` and `aadFormat`.
## Testing notes
- Add regression cases that encrypt/decrypt fixtures with both age and KMS paths, asserting identical manifest/provenance hashes across reruns.
- Ensure decryption fails when AAD does not match expected `{runId}:{relativePath}` (prevents path swapping).
- Keep tests air-gap friendly: mock KMS wrapper with deterministic stub keys.
## Rollout guidance
- Default to age recipients for Offline Kit deployments; enable KMS wrapping where Authority/HSM is reachable.
- Configuration knobs:
- `ExportCenter:Encryption:Mode` = `age` | `kms`
- `ExportCenter:Encryption:Recipients` = list of age public keys
- `ExportCenter:Encryption:KmsKeyId` = tenant-specific key alias (when using KMS)
- Documented verification commands should reference this pattern (update CLI/Console guides when payloads change).

19
docs/modules/export-center/operations/runbook.md
View File

@@ -11,15 +11,16 @@ The Export Center packages StellaOps evidence and policy overlays into reproduci
- Runbook execution for recovery, retention, and compliance.
- Coordination with DevOps validation (cosign + `trivy module db import` smoke tests).
Related documentation:
- `docs/modules/export-center/overview.md`
- `docs/modules/export-center/architecture.md`
- `docs/modules/export-center/profiles.md`
- `docs/modules/export-center/trivy-adapter.md`
- `docs/modules/export-center/mirror-bundles.md`
- `docs/modules/export-center/api.md`
- `docs/modules/export-center/cli.md`
Related documentation:
- `docs/modules/export-center/overview.md`
- `docs/modules/export-center/architecture.md`
- `docs/modules/export-center/profiles.md`
- `docs/modules/export-center/trivy-adapter.md`
- `docs/modules/export-center/mirror-bundles.md`
- `docs/modules/export-center/api.md`
- `docs/modules/export-center/cli.md`
- `docs/modules/export-center/operations/kms-envelope-pattern.md`
## 2. Contacts & tooling

1
docs/modules/notify/AGENTS.md
View File

@@ -8,6 +8,7 @@ Notify evaluates operator-defined rules against platform events and dispatches c
- [Architecture](./architecture.md)
- [Implementation plan](./implementation_plan.md)
- [Task board](./TASKS.md)
- [Observability runbook](./operations/observability.md) (offline import friendly)
## How to get started
1. Open sprint file `/docs/implplan/SPRINT_*.md` and locate the stories referencing this module.

6
docs/modules/notify/README.md
View File

@@ -2,6 +2,11 @@
Notify (Notifications Studio) converts platform events into tenant-scoped alerts with deterministic delivery, offline parity, and a full audit trail. The service is split between the reusable tooling in `src/Notify/*` and the runtime host in `src/Notifier/*` (decision recorded 2025-11-02) so downstream systems can embed the rules engine without inheriting the Studio UI.
## Latest updates (2025-11-30)
- Sprint tracker `docs/implplan/SPRINT_322_docs_modules_notify.md` and module `TASKS.md` added to mirror status.
- Observability runbook stub and Grafana placeholder added under `operations/` (offline import); finalize after next demo.
- NOTIFY-DOCS-0002 remains blocked pending NOTIFY-SVC-39-001..004 outputs (correlation/digests/simulation/quiet hours).
## Scope & responsibilities
- Apply tenant-scoped rules to events from Scanner, Scheduler, VEX Lens, Attestor, Task Runner, and Zastava.
- Render channel-specific payloads (Slack, Teams, Email, webhook) using deterministic templates with localisation safeguards.
@@ -40,6 +45,7 @@ Status for these items is tracked in `src/Notifier/StellaOps.Notifier/TASKS.md`
- Schema fixtures live in `./resources/schemas`; event and delivery samples live in `./resources/samples` for contract tests and UI mocks.
- Offline Kit bundles ship plug-ins, default templates, and seed rules; update manifests under `ops/offline-kit/` when connectors change.
- Dashboards and alert references depend on `DEVOPS-NOTIFY-39-002`; coordinate before renaming metrics or labels.
- Observability assets: `operations/observability.md` and `operations/dashboards/notify-observability.json` (offline import).
- When releasing new rule or connector features, mirror guidance into `docs/notifications/*.md` and checklists in `docs/updates/2025-10-29-notify-docs.md` until the follow-ups are closed.
## Epic alignment

10
docs/modules/notify/TASKS.md Normal file
View File

@@ -0,0 +1,10 @@
# Notify · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| NOTIFY-DOCS-0001 | DONE (2025-11-05) | Docs Guild | README refreshed for Notifications Studio pivot + release notes. |
| NOTIFY-OPS-0001 | BLOCKED (2025-11-30) | Ops Guild | Await next demo outputs; observability runbook stub added. |
| NOTIFY-ENG-0001 | DONE (2025-11-27) | Module Team | Implementation plan readiness tracker aligned with SPRINT_171..173. |
| NOTIFY-DOCS-0002 | BLOCKED (2025-11-30) | Docs Guild | Pending NOTIFY-SVC-39-001..004 correlation/digests/simulation/quiet hours evidence. |
> Keep this table in lockstep with `docs/implplan/SPRINT_322_docs_modules_notify.md` (TODO/DOING/DONE/BLOCKED updates go to both files).

1
docs/modules/notify/architecture.md
View File

@@ -384,6 +384,7 @@ Authority signs ack tokens using keys configured under `notifications.ackTokens`
* `notify.sent_total{channel}` / `notify.failed_total{channel,code}`
* `notify.delivery_latency_seconds{channel}` (endtoend)
* **Tracing**: spans `ingest`, `match`, `render`, `send`; correlation id = `eventId`.
- Runbook + dashboard stub (offline import): `operations/observability.md`, `operations/dashboards/notify-observability.json` (to be populated after next demo).
**SLO targets**

19
docs/modules/notify/implementation_plan.md
View File

@@ -56,13 +56,18 @@
- **Security:** RBAC tests, tenant isolation, secret reference validation, DSSE signature verification.
- **Offline:** export/import round-trips, Offline Kit deployment, manual delivery replay.
## Definition of done
- Notify service, workers, connectors, Console/CLI, observability, and Offline Kit assets shipped with documentation and runbooks.
- Compliance checklist appended to docs; ./TASKS.md and ../../TASKS.md updated with progress.
---
## Sprint readiness tracker
## Definition of done
- Notify service, workers, connectors, Console/CLI, observability, and Offline Kit assets shipped with documentation and runbooks.
- Compliance checklist appended to docs; ./TASKS.md and ../../TASKS.md updated with progress.
## Sprint alignment (2025-11-30)
- Docs sprint: `docs/implplan/SPRINT_322_docs_modules_notify.md`; statuses mirrored in `docs/modules/notify/TASKS.md`.
- Observability evidence stub: `operations/observability.md` and `operations/dashboards/notify-observability.json` (to be populated after next demo outputs).
- NOTIFY-DOCS-0002 remains blocked pending NOTIFY-SVC-39-001..004 (correlation/digests/simulation/quiet hours); keep sprint/TASKS synced when those land.
---
## Sprint readiness tracker
> Last updated: 2025-11-27 (NOTIFY-ENG-0001)

6
docs/modules/notify/operations/dashboards/notify-observability.json Normal file
View File

@@ -0,0 +1,6 @@
{
"_note": "Placeholder Grafana dashboard stub for Notify. Replace panels when metrics endpoints are available; keep offline-import friendly.",
"schemaVersion": 39,
"title": "Notify Observability (stub)",
"panels": []
}

38
docs/modules/notify/operations/observability.md Normal file
View File

@@ -0,0 +1,38 @@
# Notify observability runbook (stub · 2025-11-29 demo)
## Dashboards (offline import)
- Grafana JSON: `docs/modules/notify/operations/dashboards/notify-observability.json` (import locally; no external data sources assumed).
- Planned panels: enqueue/dequeue rate, delivery latency p95/p99, channel error rate, retry/dead-letter counts, rule evaluation latency, tenant isolation breaches (should stay 0), and notification simulation outcomes.
## Key metrics
- `notify_enqueue_total{channel}` — notifications enqueued by channel.
- `notify_delivery_latency_seconds_bucket{channel}` — delivery latency per channel.
- `notify_delivery_failures_total{channel,reason}` — failed deliveries.
- `notify_retry_total{channel}` and `notify_deadletter_total{channel}` — retries and dead letters.
- `notify_rule_eval_duration_seconds_bucket` — rule evaluation latency.
- `notify_simulation_total{result}` — simulation outcomes when quiet hours/correlation rules applied.
## Logs & traces
- Correlate by `notificationId`, `ruleId`, `tenant`, `channel`. Include `quietHoursApplied`, `correlationKey`, `retries` fields.
- Traces disabled by default for air-gap; enable by pointing OTLP exporter to on-prem collector.
## Health/diagnostics
- `/health/liveness` and `/health/readiness` check queue backend reachability and channel provider credentials.
- `/status` exposes build version, commit, feature flags; verify against offline bundle manifest.
- Simulation probe: `/api/notify/simulate` with sample rule set to validate correlation/digest wiring once NOTIFY-SVC-39-001..004 land.
## Alert hints
- Delivery latency p99 > 1.5s for email/webhook channels.
- Dead-letter queue growth > threshold.
- Rule evaluation latency p99 > 500ms.
- Correlation/quiet-hours simulation failures once enabled.
## Offline verification steps
1) Import Grafana JSON locally; point to Prometheus scrape labeled `notify`.
2) Run `stella notify simulate --rules samples/rules.yaml --dry-run` (once available) and ensure metrics/logs emit locally.
3) Fetch `/status` and compare commit/version to offline bundle manifest.
## Evidence locations
- Sprint tracker: `docs/implplan/SPRINT_322_docs_modules_notify.md`.
- Module docs: `README.md`, `architecture.md`, `implementation_plan.md`.
- Dashboard stub: `operations/dashboards/notify-observability.json`.

6
docs/modules/orchestrator/README.md
View File

@@ -2,8 +2,10 @@
The Orchestrator schedules, observes, and recovers ingestion and analysis jobs across the StellaOps platform.
## Latest updates (2025-11-18)
- Job leasing now flows through the Task Runner bridge: allocations carry idempotency keys, lease durations, and retry hints; workers acknowledge via claim/ack and emit heartbeats.
## Latest updates (2025-11-30)
- OpenAPI discovery published at `/.well-known/openapi` with `openapi/orchestrator.json`; includes pagination/idempotency/error-envelope examples and version headers.
- Legacy job detail/summary endpoints now emit `Deprecation` + `Link` headers pointing to the stable replacements.
- Job leasing flows through the Task Runner bridge: allocations carry idempotency keys, lease durations, and retry hints; workers acknowledge via claim/ack and emit heartbeats.
- Event envelopes remain interim pending ORCH-SVC-37-101; include provenance (tenant/project, job type, correlationId, task runner id) in all notifier events.
- Authority `orch:quota` / `orch:backfill` scopes require reason/ticket audit fields; include them in runbooks and dashboard overrides.

3
docs/modules/orchestrator/TASKS.md
View File

@@ -5,5 +5,8 @@
| ORCH-DOCS-0001 | DONE | Docs Guild | README updated with leasing / task runner bridge notes and interim envelope guidance. |
| ORCH-ENG-0001 | DONE | Module Team | Sprint references normalized; notes synced to doc sprint. |
| ORCH-OPS-0001 | DONE | Ops Guild | Runbook impacts captured in README; follow-up to update ops docs. |
| ORCH-OAS-61-001 | DONE | Orchestrator Service Guild | OpenAPI spec drafted for orchestrator endpoints with pagination/idempotency/error envelopes (2025-11-30). |
| ORCH-OAS-61-002 | DONE | Orchestrator Service Guild | `/.well-known/openapi` discovery endpoint aligned to runtime build metadata (2025-11-30). |
| ORCH-OAS-63-001 | DONE | Orchestrator Service Guild | Legacy job endpoints emit `Deprecation` + `Link` headers; doc metadata updated (2025-11-30). |
Status rules: mirror changes in `docs/implplan/SPRINT_0323_0001_0001_docs_modules_orchestrator.md`; use TODO → DOING → DONE/BLOCKED; add brief note if pausing.

5
docs/modules/orchestrator/architecture.md
View File

@@ -38,8 +38,9 @@
- `POST /api/limits/throttle` — apply throttle (requires elevated scope).
- `GET /api/dashboard/metrics` — aggregated metrics for Console dashboards.
- Event envelope draft (`docs/modules/orchestrator/event-envelope.md`) defines notifier/webhook/SSE payloads with idempotency keys, provenance, and task runner metadata for job/pack-run events.
All responses include deterministic timestamps, job digests, and DSSE signature fields for offline reconciliation.
- OpenAPI discovery: `/.well-known/openapi` exposes `/openapi/orchestrator.json` (OAS 3.1) with pagination/idempotency/error-envelope examples; legacy job detail/summary endpoints now ship `Deprecation` + `Link` headers that point to their replacements.
All responses include deterministic timestamps, job digests, and DSSE signature fields for offline reconciliation.
## 5) Observability

87
docs/modules/taskrunner/architecture.md Normal file
View File

@@ -0,0 +1,87 @@
# TaskRunner Architecture (v1)
> Canonical contract for TaskRunner delivery scoped by SPRINT_0157_0001_0002 (TaskRunner Blockers) and SPRINT_0157_0001_0001 (TaskRunner I). Anchored in product advisory **"29-Nov-2025 - Task Pack Orchestration and Automation"** and the Task Pack runbook/spec (`docs/task-packs/*.md`).
## 1. Purpose and Scope
- Execute Task Packs deterministically with approvals, sealed-mode enforcement, and evidence capture.
- Provide API/CLI surface for pack submission, status, logs, approvals, artifacts, and cancellation.
- Produce provenance: DSSE attestation + evidence bundle for every completed run.
- Operate offline/air-gapped with plan-hash binding and sealed-mode network allowlists.
## 2. Components
- **WebService** (`StellaOps.TaskRunner.WebService`) - HTTP API, plan hash validation, SSE log streaming, approval endpoints.
- **Worker** (`StellaOps.TaskRunner.Worker`) - run orchestration, retries/backoff, artifact capture, attestation generation.
- **Core** (`StellaOps.TaskRunner.Core`) - execution graph builder, simulation engine, step state machine, policy/approval gate abstractions.
- **Infrastructure** (`StellaOps.TaskRunner.Infrastructure`) - storage adapters (Mongo, file), artifact/object store clients, evidence bundle writer.
## 3. Execution Phases
1. **Plan** - parse manifest, validate schema, resolve inputs/secrets, build execution graph, compute canonical `planHash` (SHA-256 over normalised graph).
2. **Simulation (optional)** - dry-run graph; emit determinstic preview with approvals/policy gates highlighted.
3. **Execution** - verify runtime graph matches `planHash`; execute steps honoring `maxParallel`, `continueOnError`, `map`/`parallel` semantics; stream logs/events.
4. **Evidence** - capture artifacts + transcripts, emit DSSE attestation binding `planHash`, inputs/outputs, steps, and timestamps; expose artifact listings via API for post-run retrieval.
## 4. API Surface (v1)
- `POST /api/runs` (`packs.run`) - submit pack run; requires manifest/version, inputs, tenant context; returns `runId` + `planHash`.
- `GET /api/runs/{runId}` (`packs.read`) - run status (graph, attempts, pending gates).
- `GET /api/runs/{runId}/logs` (`packs.read`) - SSE stream of ordered log events.
- `GET /api/runs/{runId}/artifacts` (`packs.read`) - list captured artifacts with digests/paths.
- `POST /api/runs/{runId}/approve` (`packs.approve`) - record approval gate decision (requires Authority token claims `pack_run_id`, `pack_gate_id`, `pack_plan_hash`).
- `POST /api/runs/{runId}/cancel` (`packs.run`) - cancel active run.
- TODO (Phase II): `GET /.well-known/openapi` (TASKRUN-OAS-61-002) after OAS publication.
## 5. Data Model (Mongo, mirrors migration doc)
- **pack_runs**: `_id`, `planHash`, `plan`, `failurePolicy`, `requestedAt`, `createdAt`, `updatedAt`, `steps[]`, `tenantId`.
- **pack_run_logs**: `_id`, `runId`, `sequence` (monotonic), `timestamp` (UTC), `level`, `eventType`, `message`, `stepId?`, `metadata`.
- **pack_artifacts**: `_id`, `runId`, `name`, `type`, `sourcePath?`, `storedPath?`, `status`, `notes?`, `capturedAt`.
- Indexes as defined in `docs/modules/taskrunner/migrations/pack-run-collections.md`.
## 6. Step Types and Semantics
- `run` - module invocation; declares `inputs`/`outputs`.
- `parallel` - executes nested `steps[]`; honors `maxParallel`.
- `map` - expands items into child steps (`stepId[index]::templateId`).
- `gate.approval` - human approval checkpoint; enforces TTL/required count; pauses run until satisfied or expired.
- `gate.policy` - Policy Engine evaluation; `failAction` decides halt vs. continue.
## 7. Determinism, Air-Gap, and Security
- Plan hash binding: runtime graph must equal planned graph; mismatch aborts run.
- All timestamps UTC ISO-8601; ordered logs via `(runId, sequence)` unique index.
- Secrets never logged; evidence bundles store only redacted metadata.
- Sealed mode: reject non-allowlisted network calls; approvals can be processed offline via request/response bundles.
- RBAC scopes: `packs.read`, `packs.write`, `packs.run`, `packs.approve`.
- Approval enforcement: service rejects approval decisions when provided `planHash` does not match stored run state (protects against stale/forged tokens).
## 8. Evidence & Attestation
- DSSE attestation payload (`payloadType`: `application/vnd.stellaops.pack-run+json`) includes `runId`, `packName/version`, `planHash`, input/output digests, step statuses, `completedAt`.
- Evidence bundle contents: signed manifest, inputs (redacted), outputs, transcripts, DSSE attestation; optional Rekor anchoring when online.
## 9. Observability (Phase I delivered)
- Metrics: step latency, retries, queue depth, resource usage (`TASKRUN-OBS-50/51-001` DONE).
- Pending: timeline events (`TASKRUN-OBS-52-001`), evidence snapshots (`TASKRUN-OBS-53-001`), attestations (`TASKRUN-OBS-54-001`), incident mode (`TASKRUN-OBS-55-001`).
## 10. Integration Points
- **Authority** - approval tokens, scope validation, sealed-vault secrets.
- **Policy Engine** - `gate.policy` decisions, policy context in evidence.
- **Export Center** - evidence bundles and manifests for offline/air-gapped export.
- **Orchestrator/CLI** - submission + resume flows; SSE log consumption.
## 11. Configuration (Mongo example)
```json
\"TaskRunner\": {
\"Storage\": {
\"Mode\": \"mongo\",
\"Mongo\": {
\"ConnectionString\": \"mongodb://127.0.0.1:27017/taskrunner\",
\"Database\": \"taskrunner\",
\"RunsCollection\": \"pack_runs\",
\"LogsCollection\": \"pack_run_logs\",
\"ArtifactsCollection\": \"pack_artifacts\",
\"ApprovalsCollection\": \"pack_run_approvals\"
}
}
}
```
## 12. References
- Product advisory: `docs/product-advisories/29-Nov-2025 - Task Pack Orchestration and Automation.md`.
- Task Pack spec + authoring + runbook: `docs/task-packs/spec.md`, `docs/task-packs/authoring-guide.md`, `docs/task-packs/runbook.md`.
- Migration detail: `docs/modules/taskrunner/migrations/pack-run-collections.md`.

1
docs/modules/telemetry/AGENTS.md
View File

@@ -15,6 +15,7 @@ Telemetry module captures deployment and operations guidance for the shared obse
- [Architecture](./architecture.md)
- [Implementation plan](./implementation_plan.md)
- [Task board](./TASKS.md)
- [Observability runbook](./operations/observability.md) (offline import friendly)
## How to get started
1. Open sprint file `/docs/implplan/SPRINT_*.md` and locate the stories referencing this module.

8
docs/modules/telemetry/README.md
View File

@@ -2,7 +2,12 @@
Telemetry module captures deployment and operations guidance for the shared observability stack (collectors, storage, dashboards).
## Responsibilities
## Latest updates (2025-11-30)
- Sprint tracker `docs/implplan/SPRINT_0330_0001_0001_docs_modules_telemetry.md` and module `TASKS.md` added to mirror status.
- Observability runbook stub + dashboard placeholder added under `operations/` (offline import).
- Storage/isolation posture references updated; align with platform docs.
## Responsibilities
- Deploy and operate OpenTelemetry collectors for StellaOps services.
- Provide storage configuration for Prometheus/Tempo/Loki stacks.
- Document smoke tests and offline bootstrapping steps.
@@ -22,6 +27,7 @@ Telemetry module captures deployment and operations guidance for the shared obse
- Smoke script references (../../ops/devops/telemetry).
- Bundle packaging instructions in ops/devops/telemetry.
- Sprint 23 console security sign-off (2025-10-27) added the `console-security.json` Grafana board and burn-rate alert pack—ensure environments import the updated dashboards/alerts referenced in `docs/updates/2025-10-27-console-security-signoff.md`.
- Observability assets for this sprint: `operations/observability.md` and `operations/dashboards/telemetry-observability.json` (offline import).
## Related resources
- ./operations/collector.md

9
docs/modules/telemetry/TASKS.md Normal file
View File

@@ -0,0 +1,9 @@
# Telemetry · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| TELEMETRY-DOCS-0001 | DONE (2025-11-30) | Docs Guild | README/architecture refreshed for storage/isolation posture; sprint links added. |
| TELEMETRY-OPS-0001 | DONE (2025-11-30) | Ops Guild | Observability runbook stub + Grafana placeholder added under `operations/`. |
| TELEMETRY-ENG-0001 | DONE (2025-11-30) | Module Team | TASKS board created; statuses mirrored with `docs/implplan/SPRINT_0330_0001_0001_docs_modules_telemetry.md`. |
> Keep this table in lockstep with the sprint Delivery Tracker (TODO/DOING/DONE/BLOCKED updates go to both files).

13
docs/modules/telemetry/implementation_plan.md
View File

@@ -58,7 +58,12 @@
- **Security:** redaction verification, RBAC/tenant scoping, sealed-mode tests, signed config verification.
- **Offline:** capture bundles, transfer, replay, compliance attestation.
## Definition of done
- Collector profiles, storage backends, incident mode, dashboards, CLI, and offline kit delivered with telemetry and documentation.
- Runbooks and SOC handoff packages published; compliance checklists appended.
- ./TASKS.md and ../../TASKS.md updated; imposed rule statements confirmed in documentation.
## Definition of done
- Collector profiles, storage backends, incident mode, dashboards, CLI, and offline kit delivered with telemetry and documentation.
- Runbooks and SOC handoff packages published; compliance checklists appended.
- ./TASKS.md and ../../TASKS.md updated; imposed rule statements confirmed in documentation.
## Sprint alignment (2025-11-30)
- Docs refresh tracked in `docs/implplan/SPRINT_0330_0001_0001_docs_modules_telemetry.md`; statuses mirrored in `docs/modules/telemetry/TASKS.md`.
- Observability evidence lives in `operations/observability.md` with Grafana JSON stub under `operations/dashboards/`.
- Keep future doc/ops updates mirrored across sprint, TASKS, and module front doors to avoid drift.

6
docs/modules/telemetry/operations/dashboards/telemetry-observability.json Normal file
View File

@@ -0,0 +1,6 @@
{
"_note": "Placeholder Grafana dashboard stub for Telemetry. Replace panels when metrics endpoints are available; keep offline-import friendly.",
"schemaVersion": 39,
"title": "Telemetry Observability (stub)",
"panels": []
}

38
docs/modules/telemetry/operations/observability.md Normal file
View File

@@ -0,0 +1,38 @@
# Telemetry observability runbook (stub · 2025-11-29 demo)
## Dashboards (offline import)
- Grafana JSON: `docs/modules/telemetry/operations/dashboards/telemetry-observability.json` (import locally; no external data sources assumed).
- Planned panels: collector uptime, scrape errors, ingestion/backlog per tenant, storage retention headroom, query latency p95/p99, and OTLP export errors.
## Key metrics
- `telemetry_collector_uptime_seconds` — per-collector uptime.
- `telemetry_scrape_failures_total{job}` — scrape failures per job.
- `telemetry_ingest_backlog` — queued spans/logs/metrics awaiting storage.
- `telemetry_storage_retention_percent_used` — storage utilization against retention budget.
- `telemetry_query_latency_seconds_bucket{route}` — API/query latency.
- `telemetry_otlp_export_failures_total{signal}` — OTLP export failures by signal.
## Logs & traces
- Correlate by `trace_id` and `tenant`; include `collector_id`, `pipeline`, `exporter` fields.
- Traces disabled by default for air-gap; enable by setting OTLP endpoints to on-prem collectors.
## Health/diagnostics
- `/health/liveness` and `/health/readiness` (collector + storage gateway) check exporter reachability and disk headroom.
- `/status` exposes build version, commit, feature flags; verify against offline bundle manifest.
- Storage probe: `GET /api/storage/usage` (if available) to confirm retention headroom; otherwise rely on Prometheus metrics.
## Alert hints
- OTLP export failures > 0 over 5m.
- Ingest backlog above threshold (configurable per tenant/workload).
- Query latency p99 > 1s for `/api/query` routes.
- Storage utilization > 85% of retention budget.
## Offline verification steps
1) Import Grafana JSON locally; point to Prometheus scrape labeled `telemetry`.
2) Run collector smoke: push sample OTLP spans/logs/metrics to local collector and confirm metrics emit in Prometheus.
3) Fetch `/status` and compare commit/version to offline bundle manifest.
## Evidence locations
- Sprint tracker: `docs/implplan/SPRINT_0330_0001_0001_docs_modules_telemetry.md`.
- Module docs: `README.md`, `architecture.md`, `implementation_plan.md`.
- Dashboard stub: `operations/dashboards/telemetry-observability.json`.

22
docs/modules/ui/README.md
View File

@@ -2,7 +2,11 @@
The Console presents operator dashboards for scans, policies, VEX evidence, runtime posture, and admin workflows.
## Responsibilities
## Latest updates (2025-11-30)
- Docs refreshed per `docs/implplan/SPRINT_0331_0001_0001_docs_modules_ui.md`; added observability runbook stub and TASKS mirror.
- Access-control guidance from 2025-11-03 remains valid; ensure Authority scopes are verified before enabling uploads.
## Responsibilities
- Render real-time status for ingestion, scanning, policy, and exports via SSE.
- Provide policy editor, SBOM explorer, and advisory views with accessibility compliance.
- Integrate with Authority for fresh-auth and scope enforcement.
@@ -18,14 +22,16 @@ The Console presents operator dashboards for scans, policies, VEX evidence, runt
- Authority for DPoP-protected calls.
- Telemetry streams for observability dashboards.
## Operational notes
- Auth smoke tests in ./operations/auth-smoke.md.
- Console architecture doc for layout and SSE fan-out.
- Accessibility and security guides in ../../ui/ & ../../security/.
## Operational notes
- Auth smoke tests in `operations/auth-smoke.md`.
- Observability runbook + dashboard stub in `operations/observability.md` and `operations/dashboards/console-ui-observability.json` (offline import).
- Console architecture doc for layout and SSE fan-out.
- Accessibility and security guides in ../../ui/ & ../../security/.
## Related resources
- ./operations/auth-smoke.md
- ./console-architecture.md
## Related resources
- ./operations/auth-smoke.md
- ./operations/observability.md
- ./console-architecture.md
## Backlog references
- DOCS-CONSOLE-23-001 … DOCS-CONSOLE-23-003 baseline (done).

9
docs/modules/ui/TASKS.md Normal file
View File

@@ -0,0 +1,9 @@
# Console UI · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| CONSOLE UI-DOCS-0001 | DONE (2025-11-30) | Docs Guild | README/architecture updated; sprint links and observability references added. |
| CONSOLE UI-ENG-0001 | DONE (2025-11-30) | Module Team | TASKS board created; statuses mirrored with `docs/implplan/SPRINT_0331_0001_0001_docs_modules_ui.md`. |
| CONSOLE UI-OPS-0001 | DONE (2025-11-30) | Ops Guild | Observability runbook stub + Grafana JSON placeholder added under `operations/`. |
> Keep this table in lockstep with the sprint Delivery Tracker (TODO/DOING/DONE/BLOCKED updates go to both places).

5
docs/modules/ui/architecture.md
View File

@@ -28,8 +28,9 @@
* **State**: Angular **Signals** + `@ngrx/signals` store for crosspage slices.
* **Transport**: `fetch` + RxJS interop; **SSE** (EventSource) for progress streams.
* **Build**: Angular CLI + Vite builder.
* **Testing**: Jest + Testing Library, Playwright for e2e.
* **Packaging**: Containerized NGINX (immutable assets, ETag + content hashing).
* **Testing**: Jest + Testing Library, Playwright for e2e.
* **Packaging**: Containerized NGINX (immutable assets, ETag + content hashing).
* **Observability docs**: runbook + Grafana JSON stub in `operations/observability.md` and `operations/dashboards/console-ui-observability.json` (offline import).
---

19
docs/modules/ui/implementation_plan.md
View File

@@ -16,10 +16,15 @@
- **Epic 6 Vulnerability Explorer:** surface triage dashboards, findings ledger, and audit exports.
- **Epic 8 Advisory AI:** integrate advisory summaries and remediation hints with strict provenance.
- **Epic 9 Orchestrator Dashboard:** expose job/source monitoring controls.
- **Epic 11 Notifications Studio:** provide notifications workspace with previews and audit trails.
- Track supporting tasks (e.g., DOCS-CONSOLE-23-001, CONSOLE-OBS-52-001) in ../../TASKS.md.
## Coordination
- Review ./AGENTS.md before picking up new work.
- Sync with cross-cutting teams noted in `/docs/implplan/SPRINT_*.md`.
- Update this plan whenever scope, dependencies, or guardrails change.
- **Epic 11 Notifications Studio:** provide notifications workspace with previews and audit trails.
- Track supporting tasks (e.g., DOCS-CONSOLE-23-001, CONSOLE-OBS-52-001) in ../../TASKS.md.
## Coordination
- Review ./AGENTS.md before picking up new work.
- Sync with cross-cutting teams noted in `/docs/implplan/SPRINT_*.md`.
- Update this plan whenever scope, dependencies, or guardrails change.
## Sprint alignment (2025-11-30)
- Current doc refresh tracked in `docs/implplan/SPRINT_0331_0001_0001_docs_modules_ui.md`; statuses mirrored in `docs/modules/ui/TASKS.md`.
- Observability evidence for latest demo lives in `operations/observability.md` with Grafana JSON stub under `operations/dashboards/`.
- Keep future doc/ops changes mirrored across sprint, TASKS, and module front doors to prevent drift.

6
docs/modules/ui/operations/dashboards/console-ui-observability.json Normal file
View File

@@ -0,0 +1,6 @@
{
"_note": "Placeholder Grafana dashboard stub for Console UI. Replace panels when metrics endpoints are wired; keep offline-import friendly.",
"schemaVersion": 39,
"title": "Console UI Observability (stub)",
"panels": []
}

38
docs/modules/ui/operations/observability.md Normal file
View File

@@ -0,0 +1,38 @@
# Console UI observability runbook (stub · 2025-11-29 demo)
## Dashboards (offline import)
- Grafana JSON: `docs/modules/ui/operations/dashboards/console-ui-observability.json` (import locally; no external data sources assumed).
- Panels to include: API latency (p95/p99), error rate, WebSocket/SSE connection count, asset load time, bundle size budget, Core Web Vitals (LCP/FID/CLS), and triage view render time.
## Key metrics
- `console_ui_http_request_duration_seconds_bucket{route}` — API call latency.
- `console_ui_http_requests_total{status}` — error rate tracking.
- `console_ui_websocket_connections` — active live session count.
- `console_ui_bundle_bytes{chunk}` — bundle size by chunk (ensures offline kit budget).
- `console_ui_core_web_vitals{metric}` — LCP/FID/CLS gauges.
- `console_ui_export_duration_seconds_bucket` — export trigger to download completion.
## Logs & traces
- Correlate by `correlationId` (propagated from API) and `tenant`. Include `feature` (triage, findings, policy) and `route` fields.
- Traces disabled by default for air-gap; enable by pointing OTLP endpoint to on-prem collector and setting `Telemetry:ExportEnabled=true`.
## Health/diagnostics
- `/health/liveness` and `/health/readiness` (UI backend) must return 200; readiness checks asset storage + API gateway reachability.
- `/status` exposes build version, commit, feature flags; ensure it matches the offline bundle manifest when shipping sealed kits.
- Frontend self-check: open `/health/ui` to verify core bundles are reachable and integrity hashes match manifest.
## Alert hints
- p99 API latency > 1s for `/api/findings` or `/api/policy`.
- SSE/WS disconnect rate > 2% over 5m window.
- Bundle size > 3.5 MB for main chunk after gzip (offline kit budget breach).
- Core Web Vitals: LCP > 2.5s, CLS > 0.1 on internal demo dataset.
## Offline verification steps
1) Import Grafana JSON locally; point to Prometheus scrape labeled `console-ui`.
2) Run `npm run build -- --configuration=production` (or offline kit build) and verify bundle hashes against manifest used by `/health/ui`.
3) Fetch `/status` and compare commit/version to the static asset manifest embedded in the offline kit.
## Evidence locations
- Sprint tracker: `docs/implplan/SPRINT_0331_0001_0001_docs_modules_ui.md`.
- Module front doors: `README.md`, `architecture.md`, `implementation_plan.md`.
- Dashboard stub: `operations/dashboards/console-ui-observability.json`.

1
docs/modules/vex-lens/AGENTS.md
View File

@@ -8,6 +8,7 @@ VEX Lens computes deterministic consensus across conflicting VEX statements whil
- [Architecture](./architecture.md)
- [Implementation plan](./implementation_plan.md)
- [Task board](./TASKS.md)
- [Observability runbook](./runbooks/observability.md) (offline import friendly)
## How to get started
1. Review ./architecture.md for consensus algorithm, trust model, and export contracts.

6
docs/modules/vex-lens/README.md
View File

@@ -27,6 +27,10 @@ VEX Lens produces a deterministic, provenance-rich consensus view of VEX stateme
- `VEXLENS-30-005..007` — expose consensus APIs and export flows, aligning docs with future `/docs/vex/consensus-*.md` deliverables.
- `DOCS-VEX-30-001..004` — broader documentation set (overview, algorithm, API) tracked in `docs/TASKS.md`; update this README again once those artefacts merge.
## Latest updates (2025-11-30)
- Docs refresh per `docs/implplan/SPRINT_0332_0001_0001_docs_modules_vex_lens.md`; added observability runbook stub and TASKS mirror.
- Observability assets: `runbooks/observability.md` and `runbooks/dashboards/vex-lens-observability.json` (offline import).
## Integrations & dependencies
- **Excititor** supplies signature-verified VEX observations and issuer hints.
- **Policy Engine** consumes consensus verdicts for suppression/waiver logic and exposes trust controls to operators.
@@ -44,7 +48,7 @@ VEX Lens produces a deterministic, provenance-rich consensus view of VEX stateme
- [`architecture.md`](architecture.md) — implementation-ready blueprint covering inputs, algorithm, APIs, storage, observability, and exports.
- [`implementation_plan.md`](implementation_plan.md) — phased delivery roadmap and acceptance criteria.
- [`../../vex/aggregation.md`](../../vex/aggregation.md) — Aggregation-Only Contract boundaries for VEX ingestion and downstream consumers.
- Sprint tracking in `docs/implplan/SPRINT_200_documentation_process.md` and module engineering tasks in `src/VexLens/StellaOps.VexLens/TASKS.md`.
- Sprint tracking in `docs/implplan/SPRINT_0332_0001_0001_docs_modules_vex_lens.md`; module engineering tasks in `src/VexLens/StellaOps.VexLens/TASKS.md`; doc TASKS mirror in `docs/modules/vex-lens/TASKS.md`.
## Epic alignment
- Epic7 — VEX Consensus Lens: deterministic VEX adjudication, issuer directory, consensus exports.

9
docs/modules/vex-lens/TASKS.md Normal file
View File

@@ -0,0 +1,9 @@
# VEX Lens · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| VEX-CONSENSUS-LENS-DOCS-0001 | DONE (2025-11-30) | Docs Guild | README/architecture refresh with consensus workflow and release links; sprint references added. |
| VEX-LENS-OPS-0001 | DONE (2025-11-30) | Ops Guild | Observability runbook stub + Grafana JSON placeholder added under `runbooks/`. |
| VEX-LENS-ENG-0001 | DONE (2025-11-30) | Module Team | TASKS board created; statuses mirrored with `docs/implplan/SPRINT_0332_0001_0001_docs_modules_vex_lens.md`. |
> Keep this table in lockstep with the sprint Delivery Tracker (TODO/DOING/DONE/BLOCKED updates go to both places).

21
docs/modules/vex-lens/architecture.md
View File

@@ -71,13 +71,14 @@ All responses include provenance fields (`consensus_digest`, `derived_from`, DSS
- Recompute jobs run via Orchestrator; deterministic ordering ensures identical results for the same input set.
- Jobs produce SRM-style manifests for recomputation verification.
## 7) Observability
- Metrics: `vex_consensus_conflicts_total`, `vex_consensus_latency_seconds`, `vex_consensus_recompute_seconds{reason}`.
- Logs: include `artifactId`, `advisoryKey`, `issuer`, `status`, `trustTier`.
- Traces: `consensus.group`, `consensus.join`, `consensus.persist` spans.
## 8) Offline & export
- Bundle format: `consensus.jsonl`, `conflicts.jsonl`, `manifest.json`, `signatures/`. Each record references raw statement digests and trust metadata.
- Export Center uses the bundle for mirror profiles; CLI supports `stella vex consensus export` mirroring the API.
## 7) Observability
- Metrics: `vex_consensus_conflicts_total`, `vex_consensus_latency_seconds`, `vex_consensus_recompute_seconds{reason}`.
- Logs: include `artifactId`, `advisoryKey`, `issuer`, `status`, `trustTier`.
- Traces: `consensus.group`, `consensus.join`, `consensus.persist` spans.
- Runbook + dashboard stub (offline import): `runbooks/observability.md`, `runbooks/dashboards/vex-lens-observability.json`.
## 8) Offline & export
- Bundle format: `consensus.jsonl`, `conflicts.jsonl`, `manifest.json`, `signatures/`. Each record references raw statement digests and trust metadata.
- Export Center uses the bundle for mirror profiles; CLI supports `stella vex consensus export` mirroring the API.

5
docs/modules/vex-lens/implementation_plan.md
View File

@@ -61,3 +61,8 @@
- Lens service, issuer directory, API/CLI/Console components deployed with telemetry and runbooks.
- Documentation set (overview, algorithm, issuer directory, API, console, policy trust) updated with imposed rule statements.
- ./TASKS.md and ../../TASKS.md reflect current status; Offline Kit parity confirmed.
## Sprint alignment (2025-11-30)
- Docs refresh tracked in `docs/implplan/SPRINT_0332_0001_0001_docs_modules_vex_lens.md`; statuses mirrored in `docs/modules/vex-lens/TASKS.md`.
- Observability evidence lives in `runbooks/observability.md` with Grafana JSON stub under `runbooks/dashboards/`.
- Keep future doc/ops updates mirrored across sprint, TASKS, and module front doors to avoid drift.

6
docs/modules/vex-lens/runbooks/dashboards/vex-lens-observability.json Normal file
View File

@@ -0,0 +1,6 @@
{
"_note": "Placeholder Grafana dashboard stub for VEX Lens. Replace panels when metrics endpoints are available; keep offline-import friendly.",
"schemaVersion": 39,
"title": "VEX Lens Observability (stub)",
"panels": []
}

38
docs/modules/vex-lens/runbooks/observability.md Normal file
View File

@@ -0,0 +1,38 @@
# VEX Lens observability runbook (stub · 2025-11-29 demo)
## Dashboards (offline import)
- Grafana JSON: `docs/modules/vex-lens/runbooks/dashboards/vex-lens-observability.json` (import locally; no external data sources assumed).
- Planned panels: consensus latency, conflict backlog, recompute duration, issuer trust changes, export job success rate, and DSSE verification failures.
## Key metrics
- `vex_consensus_latency_seconds_bucket` — latency from observation intake to consensus write.
- `vex_conflict_queue_depth` — size of unresolved conflict queue.
- `vex_recompute_duration_seconds_bucket{reason}` — recompute times by trigger (issuer update, policy knob, ingestion delta).
- `vex_export_duration_seconds_bucket` — export job runtime.
- `vex_dsse_verification_failures_total` — failed attestations during export/ingest.
- `vex_consensus_conflicts_total{reason}` — conflict counts by reason (status disagreement, scope mismatch, missing provenance).
## Logs & traces
- Correlate by `correlationId`, `artifactKey`, `advisoryKey`, and `issuer`. Include `trustTier`, `weightBefore`, `weightAfter`, and `justification` fields for audits.
- Traces disabled by default for air-gap; enable by setting `Telemetry:ExportEnabled=true` and pointing OTLP endpoint to on-prem collector.
## Health/diagnostics
- `/health/liveness` and `/health/readiness` (service) must return 200; readiness checks Mongo + cache + event bus reachability.
- `/status` exposes build version, commit, feature flags; verify it matches offline bundle manifest.
- Export self-check: run `stella vex export --format json --manifest out/manifest.json` and validate hashes against manifest entries.
## Alert hints
- Consensus latency p99 > 1.5s over 5m.
- Conflict queue depth > 500 for any tenant.
- DSSE verification failures > 0 in a 10m window.
- Export failure rate > 2% over 10m.
## Offline verification steps
1) Import Grafana JSON locally; point to Prometheus scrape labeled `vex-lens`.
2) Run export CLI above and verify `manifest.json` hashes via `jq -r '.files[].sha256'`.
3) Fetch `/status` and confirm commit/version match the exported manifest and offline kit bundle metadata.
## Evidence locations
- Sprint tracker: `docs/implplan/SPRINT_0332_0001_0001_docs_modules_vex_lens.md`.
- Module docs: `README.md`, `architecture.md`, `implementation_plan.md`.
- Dashboard stub: `runbooks/dashboards/vex-lens-observability.json`.

15
docs/modules/vuln-explorer/README.md
View File

@@ -2,8 +2,10 @@
Vulnerability Explorer delivers policy-aware triage, investigation, and reporting surfaces for effective findings.
## Latest updates (2025-11-03)
- Access controls refresh introduced attachment signing tokens and updated scope guidance (`docs/updates/2025-11-03-vuln-explorer-access-controls.md`). Ensure operator runbooks reference the new Authority scopes (`authority-scopes.md`) and security checklist before enabling attachment uploads.
## Latest updates (2025-11-30)
- Documentation refresh aligned to sprint 0334: added observability/runbook snapshot and cross-links to OpenAPI draft (`./api.md`) and schemas in `architecture.md`.
- New offline-friendly observability runbook at `runbooks/observability.md` plus stub Grafana JSON in `runbooks/dashboards/`.
- Retained 2025-11-03 access-control changes; verify Authority scopes before enabling attachment uploads (`docs/updates/2025-11-03-vuln-explorer-access-controls.md`).
## Responsibilities
- Present policy-evaluated findings with advisory, VEX, SBOM, and runtime context.
@@ -22,10 +24,11 @@ Vulnerability Explorer delivers policy-aware triage, investigation, and reportin
- Scheduler for remediation/verification jobs.
- Notify for triage notifications.
## Operational notes
- Audit logging per Epic 6 requirements.
- Offline-ready CSV/PDF exports with deterministic hashes.
- Dashboards for MTTR and triage throughput.
## Operational notes
- Audit logging per Epic 6 requirements.
- Offline-ready CSV/PDF exports with deterministic hashes.
- Dashboards for MTTR and triage throughput.
- Observability runbook and dashboard stub: see `runbooks/observability.md` and `runbooks/dashboards/vuln-explorer-observability.json` (import locally).
## Epic alignment
- Epic 6: Vulnerability Explorer.

9
docs/modules/vuln-explorer/TASKS.md Normal file
View File

@@ -0,0 +1,9 @@
# Vuln Explorer · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| VULNERABILITY-EXPLORER-DOCS-0001 | DONE (2025-11-30) | Docs Guild | README/architecture updated; OpenAPI/schema/sprint links added; runbook evidence captured. |
| VULNERABILITY-EXPLORER-OPS-0001 | DONE (2025-11-30) | Ops Guild | Observability runbook + dashboard stub added; health/alert guidance documented. |
| VULNERABILITY-EXPLORER-ENG-0001 | DONE (2025-11-30) | Module Team | Sprint alignment notes added to implementation_plan; task mirror created. |
> Status must mirror `/docs/implplan/SPRINT_0334_0001_0001_docs_modules_vuln_explorer.md` (DOING/DONE/BLOCKED updates go to both files).

1
docs/modules/vuln-explorer/architecture.md
View File

@@ -55,6 +55,7 @@ CLI mirrors these endpoints (`stella findings list|view|update|export`). Console
- Logs: structured with `findingId`, `artifactId`, `advisory`, `policyVersion`, `actor`, `actionType`.
- Audit exports: `audit_log.jsonl` appended whenever state changes; offline bundles include signed audit log and manifest.
- Compliance: accepted risk requires dual approval and stores justification plus expiry reminders (raised through Notify).
- Runbook and dashboard stub for demo snapshot: `runbooks/observability.md` and `runbooks/dashboards/vuln-explorer-observability.json` (offline import).
## 6) Identity & access integration

5
docs/modules/vuln-explorer/implementation_plan.md
View File

@@ -68,3 +68,8 @@
- Services, UI/CLI, integrations, exports, and observability deployed with runbooks and Offline Kit parity.
- Documentation suite (overview, using-console, API, CLI, findings ledger, policy mapping, VEX/SBOM integration, telemetry, security, runbooks, install) updated with imposed rule statement.
- ./TASKS.md and ../../TASKS.md reflect active progress; compliance checklists appended where required.
## Sprint alignment (2025-11-30)
- Docs refresh tracked in `docs/implplan/SPRINT_0334_0001_0001_docs_modules_vuln_explorer.md` (Docs/OPS/ENG streams).
- Observability runbook evidence lives under `runbooks/observability.md` with stub dashboard JSON for offline demos.
- API/OpenAPI references: `api.md` and `openapi/vuln-explorer.v1.yaml` are the current contract drafts; keep Console/CLI generators synced to these.

6
docs/modules/vuln-explorer/runbooks/dashboards/vuln-explorer-observability.json Normal file
View File

@@ -0,0 +1,6 @@
{
"_note": "Placeholder Grafana dashboard stub for offline import. Populate with panel definitions when metrics endpoints are available; see runbooks/observability.md for expected panels.",
"schemaVersion": 39,
"title": "Vuln Explorer Observability (stub)",
"panels": []
}

38
docs/modules/vuln-explorer/runbooks/observability.md Normal file
View File

@@ -0,0 +1,38 @@
# Vuln Explorer observability runbook (demo snapshot · 2025-11-29)
## Dashboards (offline-friendly)
- Grafana JSON: `docs/modules/vuln-explorer/runbooks/dashboards/vuln-explorer-observability.json` (import locally; no external data sources assumed).
- Panels: projection lag, open findings by severity/tenant, accepted-risk ageing, API 5xx rate, export duration p95, ledger replay backlog.
## Key metrics
- `vuln_projection_lag_seconds{tenant}` seconds between latest ledger event and projector head.
- `vuln_findings_open_total{severity,tenant}` count of open findings by severity.
- `vuln_export_duration_seconds_bucket` histogram for export job runtime.
- `vuln_projection_backlog_total` queued events awaiting projection.
- `vuln_triage_actions_total{type}` immutable triage actions (assign, comment, risk_accept, remediation_note).
- `vuln_api_request_duration_seconds_bucket{route}` API latency for `GET /v1/findings*` and `POST /v1/reports`.
## Logs & traces
- Correlate by `correlationId` and `findingId`. Structured fields: `tenant`, `advisoryKey`, `policyVersion`, `projectId`, `route`.
- Trace exemplar anchors: `traceparent` headers are copied into logs; exporters stay disabled by default for air-gap. Enable by setting `Telemetry:ExportEnabled=true` and pointing to on-prem Tempo/Jaeger.
## Health/diagnostics
- `/health/liveness` and `/health/readiness` (HTTP 200 expected; readiness checks Mongo + cache reachability).
- `/status` returns build version, git commit, and enabled features; safe for anonymous fetch in sealed environments.
- Ledger replay check: `GET /v1/findings?projectionMode=verify` emits `X-Vuln-Projection-Head` for quick consistency probes.
## Alert hints (wire to local Alertmanager or watchdog)
- Projection lag > 120s for any tenant.
- API p99 latency > 800ms for `GET /v1/findings` or `POST /v1/reports`.
- Export failure rate > 2% over 10m window.
- Accepted-risk approaching expiry within 7d (emit Notify event `vuln.accepted_risk.expiring`).
## Offline verification steps
1) Import Grafana JSON locally and point to Prometheus scrape job `vuln-explorer`.
2) Run `stella vuln export --format json --manifest out/manifest.json` and validate hashes using `jq -r '.files[].sha256'` against generated bundle.
3) Use `curl -s "$BASEURL/status" | jq '{commit,version,features}'` to confirm expected build metadata matches the exported bundle manifest.
## Evidence locations
- Sprint alignment: `docs/implplan/SPRINT_0334_0001_0001_docs_modules_vuln_explorer.md`.
- API contract draft: `docs/modules/vuln-explorer/api.md` and OpenAPI at `docs/modules/vuln-explorer/openapi/vuln-explorer.v1.yaml`.
- Schema references: `docs/modules/vuln-explorer/architecture.md` (ledger model, VEX decision schemas).

1
docs/modules/zastava/AGENTS.md
View File

@@ -15,6 +15,7 @@ Zastava monitors running workloads, verifies supply chain posture, and enforces
- [Architecture](./architecture.md)
- [Implementation plan](./implementation_plan.md)
- [Task board](./TASKS.md)
- [Observability runbook](./operations/observability.md) (offline import friendly)
## How to get started
1. Open sprint file `/docs/implplan/SPRINT_*.md` and locate the stories referencing this module.

15
docs/modules/zastava/README.md
View File

@@ -2,7 +2,12 @@
Zastava monitors running workloads, verifies supply chain posture, and enforces runtime policy via Kubernetes admission webhooks.
## Responsibilities
## Latest updates (2025-11-30)
- Sprint tracker `docs/implplan/SPRINT_0335_0001_0001_docs_modules_zastava.md` and module `TASKS.md` added to mirror status.
- Observability runbook stub + dashboard placeholder added under `operations/` (offline import).
- Surface.Env/Surface.Secrets adoption remains pending platform contracts; align with platform docs before enabling sealed mode.
## Responsibilities
- Observe node/container activity and emit runtime events.
- Validate signatures, SBOM presence, and backend verdicts before allowing containers.
- Buffer and replay events during disconnections.
@@ -18,10 +23,10 @@ Zastava monitors running workloads, verifies supply chain posture, and enforces
- Scanner/Scheduler for remediation triggers.
- Notify/UI for runtime alerts and dashboards.
## Operational notes
- Runbook ./operations/runtime.md with Grafana/Prometheus assets.
- Offline kit assets bundling webhook charts.
- DPoP/mTLS rotation guidance shared with Authority.
## Operational notes
- Runbook `./operations/observability.md` (stub) plus dashboard placeholder `./operations/dashboards/zastava-observability.json`.
- Legacy runtime runbook assets remain under ./operations if present; keep offline kit bundles deterministic.
- DPoP/mTLS rotation guidance shared with Authority.
## Related resources
- ./operations/runtime.md

9
docs/modules/zastava/TASKS.md Normal file
View File

@@ -0,0 +1,9 @@
# Zastava · TASKS (status mirror)
| Task ID | Status | Owner(s) | Notes / Evidence |
| --- | --- | --- | --- |
| ZASTAVA-DOCS-0001 | DONE (2025-11-30) | Docs Guild | README/architecture refreshed; Surface Env/Secrets and sprint links added. |
| ZASTAVA-ENG-0001 | DONE (2025-11-30) | Module Team | TASKS board created; statuses mirrored with `docs/implplan/SPRINT_0335_0001_0001_docs_modules_zastava.md`. |
| ZASTAVA-OPS-0001 | DONE (2025-11-30) | Ops Guild | Observability runbook stub + Grafana JSON placeholder added under `operations/`. |
> Keep this table in lockstep with the sprint Delivery Tracker (TODO/DOING/DONE/BLOCKED updates go to both places).

23
docs/modules/zastava/architecture.md
View File

@@ -486,11 +486,20 @@ webhooks:
---
## 15) Roadmap
* **eBPF** option for syscall/library load tracing (kernellevel, optin).
* **Windows containers** support (ETW providers, loaded modules).
* **Network posture** checks: listening ports vs policy.
* **Live **usedbyentrypoint** synthesis**: send compact bitset diff to backend to tighten Usage view.
* **Admission dryrun** dashboards (simulate block lists before enforcing).
## 15) Roadmap
* **eBPF** option for syscall/library load tracing (kernellevel, optin).
* **Windows containers** support (ETW providers, loaded modules).
* **Network posture** checks: listening ports vs policy.
* **Live **usedbyentrypoint** synthesis**: send compact bitset diff to backend to tighten Usage view.
* **Admission dryrun** dashboards (simulate block lists before enforcing).
---
## 16) Observability (stub)
- Runbook + dashboard placeholder for offline import: `operations/observability.md`, `operations/dashboards/zastava-observability.json`.
- Metrics to surface: admission latency p95/p99, allow/deny counts, Surface.Env miss rate, Surface.Secrets failures, Surface.FS cache freshness, drift events.
- Health endpoints: `/health/liveness`, `/health/readiness`, `/status`, `/surface/fs/cache/status` (see runbook).
- Alert hints: deny spikes, latency > 800ms p99, cache freshness lag > 10m, any secrets failure.

13
docs/modules/zastava/implementation_plan.md
View File

@@ -13,7 +13,12 @@
- ZASTAVA runtime tasks in ../../TASKS.md.
- Webhook smoke tests tracked in src/Zastava/**/TASKS.md.
## Coordination
- Review ./AGENTS.md before picking up new work.
- Sync with cross-cutting teams noted in `/docs/implplan/SPRINT_*.md`.
- Update this plan whenever scope, dependencies, or guardrails change.
## Coordination
- Review ./AGENTS.md before picking up new work.
- Sync with cross-cutting teams noted in `/docs/implplan/SPRINT_*.md`.
- Update this plan whenever scope, dependencies, or guardrails change.
## Sprint alignment (2025-11-30)
- Docs refresh tracked in `docs/implplan/SPRINT_0335_0001_0001_docs_modules_zastava.md`; statuses mirrored in `docs/modules/zastava/TASKS.md`.
- Observability evidence lives in `operations/observability.md` with Grafana JSON stub under `operations/dashboards/`.
- Surface.Env/Surface.Secrets contracts remain dependencies; align with platform docs before enabling sealed mode.

6
docs/modules/zastava/operations/dashboards/zastava-observability.json Normal file
View File

@@ -0,0 +1,6 @@
{
"_note": "Placeholder Grafana dashboard stub for Zastava. Replace panels when metrics endpoints are available; keep offline-import friendly.",
"schemaVersion": 39,
"title": "Zastava Observability (stub)",
"panels": []
}

38
docs/modules/zastava/operations/observability.md Normal file
View File

@@ -0,0 +1,38 @@
# Zastava observability runbook (stub · 2025-11-29 demo)
## Dashboards (offline import)
- Grafana JSON: `docs/modules/zastava/operations/dashboards/zastava-observability.json` (import locally; no external data sources assumed).
- Planned panels: admission decision rate, webhook latency p95/p99, cache freshness (Surface.FS), Surface.Env key misses, Secrets fetch failures, policy violation counts, and drift events.
## Key metrics
- `zastava_admission_latency_seconds_bucket{webhook}` — admission webhook latency.
- `zastava_admission_decisions_total{result}` — allow/deny counts.
- `zastava_surface_env_miss_total` — Surface.Env key misses.
- `zastava_surface_secrets_failures_total{reason}` — secret retrieval failures.
- `zastava_surface_fs_cache_freshness_seconds` — cache age vs Scanner surface metadata.
- `zastava_drift_events_total{type}` — drift detections by category.
## Logs & traces
- Correlate by `correlationId`, `tenant`, `cluster`, and `admissionId`. Include `policyVersion`, `surfaceEnvProfile`, and `secretsProvider` fields.
- Traces disabled by default for air-gap; enable via `Telemetry:ExportEnabled=true` pointing to on-prem collector.
## Health/diagnostics
- `/health/liveness` and `/health/readiness` (webhook + observer) check cache reachability, Secrets provider connectivity, and policy fetch.
- `/status` exposes build version, commit, feature flags; verify against offline bundle manifest.
- Cache probe: `GET /surface/fs/cache/status` returns freshness and hash for cached surfaces.
## Alert hints
- Admission latency p99 > 800ms.
- Deny rate spike > 5% over 10m without policy change.
- Surface.Env miss rate > 1% or Secrets failure > 0 over 10m.
- Cache freshness > 10m behind Scanner surface metadata.
## Offline verification steps
1) Import Grafana JSON locally; point to Prometheus scrape labeled `zastava`.
2) Replay a sealed admission bundle and verify `/status` + cache probe hashes match the manifest in the offline kit.
3) Run webhook smoke (`kubectl apply --dry-run=server -f samples/admission-request.yaml`) and confirm metrics increment locally.
## Evidence locations
- Sprint tracker: `docs/implplan/SPRINT_0335_0001_0001_docs_modules_zastava.md`.
- Module docs: `README.md`, `architecture.md`, `implementation_plan.md`.
- Dashboard stub: `operations/dashboards/zastava-observability.json`.