feat: add PolicyPackSelectorComponent with tests and integration
- Implemented PolicyPackSelectorComponent for selecting policy packs. - Added unit tests for component behavior, including API success and error handling. - Introduced monaco-workers type declarations for editor workers. - Created acceptance tests for guardrails with stubs for AT1–AT10. - Established SCA Failure Catalogue Fixtures for regression testing. - Developed plugin determinism harness with stubs for PL1–PL10. - Added scripts for evidence upload and verification processes.
This commit is contained in:
StellaOps Bot
@@ -1,32 +1,12 @@
|
||||
# Implementor Guidelines (checklist draft)
|
||||
# Implementor Guidelines (Stub)
|
||||
|
||||
Reference: `docs/product-advisories/30-Nov-2025 - Implementor Guidelines for Stella Ops.md` (IG1–IG10) and Sprint 300 task IMPLEMENTOR-GAPS-300-018.
|
||||
Use with sprint task 18 (IMPLEMENTOR-GAPS-300-018).
|
||||
|
||||
## CI lint & docs linkage (IG7)
|
||||
- Require PRs to either touch referenced docs or set `docs: n/a` with justification.
|
||||
- Sample hook (to implement): `.git/hooks/pre-commit` invoking `scripts/lint-docs-touch.sh`.
|
||||
- Fail CI if sprint/AGENTS references are missing for the module being changed.
|
||||
|
||||
## Determinism & offline posture (IG2, IG3)
|
||||
- Default to offline/no-network; flag any outbound calls in tests.
|
||||
- Set deterministic env vars (`TZ=UTC`, `LC_ALL=C`, `PYTHONHASHSEED=0`, etc.).
|
||||
- Enforce pinned tool/DB versions and stable ordering in outputs.
|
||||
|
||||
## Secrets & provenance (IG5, IG9)
|
||||
- Run secret scan pre-commit/CI; forbid committing `.env`/keys.
|
||||
- DSSE/provenance required where predicates exist; verify signatures in CI when fixtures are present.
|
||||
|
||||
## Schema/versioning control (IG1)
|
||||
- Any schema change requires version bump + changelog entry; add canonical serialization tests.
|
||||
- Store schemas alongside fixtures where practical.
|
||||
|
||||
## Performance/quota (IG6)
|
||||
- Define perf budget per service (P95 latency/CPU/memory) and add smoke tests on reference profile.
|
||||
|
||||
## Boundaries & shared libs (IG8)
|
||||
- Document allowed shared libraries per module; add codeowners/analyzer rules to block cross-boundary calls.
|
||||
|
||||
## Evidence & documentation sync (IG10)
|
||||
- AGENTS files and sprint docs must link to this checklist; update both when rules change.
|
||||
|
||||
> Replace this draft with full scripts and enforcement once IMPLEMENTOR-GAPS-300-018 is executed.
|
||||
- Determinism/offline: pin toolchains, seeds, inputs.lock; no live network in examples.
|
||||
- Provenance: DSSE-sign schema and results; keep tenant scoping explicit.
|
||||
- Docs touch rule: enforce `docs:` tag (value or `docs: n/a`) in commits/PRs.
|
||||
- Boundary rules: respect module working directories and shared-lib allowlist.
|
||||
- Perf/quota: capture perf budgets and quota impacts when changing hot paths.
|
||||
- Versioning: schema changes require version bump and changelog note.
|
||||
- CI lint: `tools/lint/implementor-guidelines.sh` (stub) to be wired into CI; add to pre-commit or CI pipeline when wiring determinism checks.
|
||||
- Determinism checks: prefer UTC, sorted outputs, pinned seeds; add `inputs.lock` when adding new fixtures or packs.
|
||||
|
||||
Reference in New Issue
Block a user