stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Refactor NuGet package handling across multiple CI runners and documentation. Update paths to use .nuget/packages instead of local-nugets. Enhance README files for clarity on usage and environment setup. Add script to automate the addition of test projects to the solution.

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-26 21:44:32 +02:00
parent 32f9581aa7
commit 335ff7da16
19 changed files with 93 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
StellaOps.Tests.slnx Normal file
View File

@@ -0,0 +1,2 @@
<Solution>
</Solution>

45
devops/scripts/add-test-projects.ps1 Normal file
View File

@@ -0,0 +1,45 @@
# add-test-projects.ps1 - Add all test projects to StellaOps.Tests.sln
# Sprint: SPRINT_20251226_007_CICD
$ErrorActionPreference = 'Continue'
$slnPath = "src\StellaOps.Tests.sln"
$srcPath = "src"
Write-Host "=== Adding test projects to StellaOps.Tests.sln ==="
Write-Host "Solution: $slnPath"
# Find all test project files
$testProjects = Get-ChildItem -Path $srcPath -Recurse -Filter "*Tests.csproj" |
Where-Object {
$_.Name -notlike "*Testing.csproj" -and
$_.Name -notlike "*TestKit.csproj" -and
$_.FullName -notlike "*node_modules*" -and
$_.FullName -notlike "*bin*" -and
$_.FullName -notlike "*obj*"
}
Write-Host "Found $($testProjects.Count) test projects"
$added = 0
$failed = 0
foreach ($proj in $testProjects) {
$relativePath = $proj.FullName.Replace((Get-Location).Path + "\", "")
Write-Host "Adding: $relativePath"
$result = dotnet sln $slnPath add $proj.FullName 2>&1
if ($LASTEXITCODE -eq 0) {
$added++
} else {
Write-Host " Failed: $result" -ForegroundColor Yellow
$failed++
}
}
Write-Host ""
Write-Host "=== Summary ==="
Write-Host "Added: $added"
Write-Host "Failed: $failed"
Write-Host "Total: $($testProjects.Count)"

5
devops/services/advisoryai-ci-runner/README.md
View File

@@ -11,12 +11,11 @@ Usage
Environment Environment
- Defaults: `DOTNET_CLI_TELEMETRY_OPTOUT=1`, `DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1`, `NUGET_PACKAGES=$REPO/.nuget/packages`. - Defaults: `DOTNET_CLI_TELEMETRY_OPTOUT=1`, `DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1`, `NUGET_PACKAGES=$REPO/.nuget/packages`.
- Sources default to `local-nugets` then the warmed cache; override via `NUGET_SOURCES` (semicolon-separated). - Sources default to `.nuget/packages`; override via `NUGET_SOURCES` (semicolon-separated).
- No external services required; tests are isolated/local. - No external services required; tests are isolated/local.
What it does What it does
1) Warm NuGet cache from `local-nugets/` into `$NUGET_PACKAGES` for air-gap parity. 1) `dotnet restore` + `dotnet build` on `src/AdvisoryAI/StellaOps.AdvisoryAI.sln` with `/bl`.
2) `dotnet restore` + `dotnet build` on `src/AdvisoryAI/StellaOps.AdvisoryAI.sln` with `/bl`.
3) Run the AdvisoryAI test project (`__Tests/StellaOps.AdvisoryAI.Tests`) with TRX output; optional `TEST_FILTER` env narrows scope. 3) Run the AdvisoryAI test project (`__Tests/StellaOps.AdvisoryAI.Tests`) with TRX output; optional `TEST_FILTER` env narrows scope.
4) Emit `summary.json` with artefact paths and SHA256s for reproducibility. 4) Emit `summary.json` with artefact paths and SHA256s for reproducibility.

4
devops/services/advisoryai-ci-runner/run-advisoryai-ci.sh
View File

@@ -14,13 +14,11 @@ mkdir -p "$logs_dir"
export DOTNET_CLI_TELEMETRY_OPTOUT=${DOTNET_CLI_TELEMETRY_OPTOUT:-1} export DOTNET_CLI_TELEMETRY_OPTOUT=${DOTNET_CLI_TELEMETRY_OPTOUT:-1}
export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=${DOTNET_SKIP_FIRST_TIME_EXPERIENCE:-1} export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=${DOTNET_SKIP_FIRST_TIME_EXPERIENCE:-1}
export NUGET_PACKAGES=${NUGET_PACKAGES:-$repo_root/.nuget/packages} export NUGET_PACKAGES=${NUGET_PACKAGES:-$repo_root/.nuget/packages}
export NUGET_SOURCES=${NUGET_SOURCES:-"$repo_root/local-nugets;$repo_root/.nuget/packages"} export NUGET_SOURCES=${NUGET_SOURCES:-"$repo_root/.nuget/packages"}
export TEST_FILTER=${TEST_FILTER:-""} export TEST_FILTER=${TEST_FILTER:-""}
export DOTNET_RESTORE_DISABLE_PARALLEL=${DOTNET_RESTORE_DISABLE_PARALLEL:-1} export DOTNET_RESTORE_DISABLE_PARALLEL=${DOTNET_RESTORE_DISABLE_PARALLEL:-1}
# Warm cache from local feed
mkdir -p "$NUGET_PACKAGES" mkdir -p "$NUGET_PACKAGES"
rsync -a "$repo_root/local-nugets/" "$NUGET_PACKAGES/" >/dev/null 2>&1 || true
# Restore sources # Restore sources
restore_sources=() restore_sources=()

2
devops/services/ci-110-runner/run-ci-110.sh
View File

@@ -14,7 +14,7 @@ ARTIFACT_ROOT="${ARTIFACT_ROOT:-"$ROOT/ops/devops/artifacts/ci-110/$TIMESTAMP"}"
LOG_DIR="$ARTIFACT_ROOT/logs" LOG_DIR="$ARTIFACT_ROOT/logs"
TRX_DIR="$ARTIFACT_ROOT/trx" TRX_DIR="$ARTIFACT_ROOT/trx"
NUGET_SOURCES_DEFAULT="$ROOT/local-nugets;$ROOT/.nuget/packages;https://api.nuget.org/v3/index.json" NUGET_SOURCES_DEFAULT="$ROOT/.nuget/packages;https://api.nuget.org/v3/index.json"
NUGET_SOURCES="${NUGET_SOURCES:-$NUGET_SOURCES_DEFAULT}" NUGET_SOURCES="${NUGET_SOURCES:-$NUGET_SOURCES_DEFAULT}"
export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1 export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1

5
devops/services/concelier-ci-runner/README.md
View File

@@ -12,12 +12,11 @@ Usage
Environment Environment
- Defaults: `DOTNET_CLI_TELEMETRY_OPTOUT=1`, `DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1`, `NUGET_PACKAGES=$REPO/.nuget/packages`. - Defaults: `DOTNET_CLI_TELEMETRY_OPTOUT=1`, `DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1`, `NUGET_PACKAGES=$REPO/.nuget/packages`.
- Uses local feed `local-nugets/` first, then NuGet.org (can be overridden via `NUGET_SOURCES`). - Uses `.nuget/packages` cache (can be overridden via `NUGET_SOURCES`).
- No external services required; Mongo2Go provides ephemeral Mongo for tests. - No external services required; Mongo2Go provides ephemeral Mongo for tests.
What it does What it does
1) Warm NuGet cache from `local-nugets/` into `$NUGET_PACKAGES` for offline/air-gap parity. 1) `dotnet restore` + `dotnet build` on `concelier-webservice.slnf` with `/bl`.
2) `dotnet restore` + `dotnet build` on `concelier-webservice.slnf` with `/bl`.
3) Run WebService and Storage.Mongo test projects with TRX output and without rebuild (`--no-build`). 3) Run WebService and Storage.Mongo test projects with TRX output and without rebuild (`--no-build`).
4) Emit a concise `summary.json` listing artefacts and SHA256s for reproducibility. 4) Emit a concise `summary.json` listing artefacts and SHA256s for reproducibility.

4
devops/services/concelier-ci-runner/run-concelier-ci.sh
View File

@@ -14,13 +14,11 @@ mkdir -p "$logs_dir"
export DOTNET_CLI_TELEMETRY_OPTOUT=${DOTNET_CLI_TELEMETRY_OPTOUT:-1} export DOTNET_CLI_TELEMETRY_OPTOUT=${DOTNET_CLI_TELEMETRY_OPTOUT:-1}
export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=${DOTNET_SKIP_FIRST_TIME_EXPERIENCE:-1} export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=${DOTNET_SKIP_FIRST_TIME_EXPERIENCE:-1}
export NUGET_PACKAGES=${NUGET_PACKAGES:-$repo_root/.nuget/packages} export NUGET_PACKAGES=${NUGET_PACKAGES:-$repo_root/.nuget/packages}
export NUGET_SOURCES=${NUGET_SOURCES:-"$repo_root/local-nugets;$repo_root/.nuget/packages"} export NUGET_SOURCES=${NUGET_SOURCES:-"$repo_root/.nuget/packages"}
export TEST_FILTER=${TEST_FILTER:-""} export TEST_FILTER=${TEST_FILTER:-""}
export DOTNET_RESTORE_DISABLE_PARALLEL=${DOTNET_RESTORE_DISABLE_PARALLEL:-1} export DOTNET_RESTORE_DISABLE_PARALLEL=${DOTNET_RESTORE_DISABLE_PARALLEL:-1}
# Warm NuGet cache from local feed for offline/airgap parity
mkdir -p "$NUGET_PACKAGES" mkdir -p "$NUGET_PACKAGES"
rsync -a "$repo_root/local-nugets/" "$NUGET_PACKAGES/" >/dev/null 2>&1 || true
# Restore with deterministic sources # Restore with deterministic sources
restore_sources=() restore_sources=()

5
devops/services/sbom-ci-runner/README.md
View File

@@ -13,12 +13,11 @@ Usage
Environment defaults Environment defaults
- `DOTNET_CLI_TELEMETRY_OPTOUT=1`, `DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1`, `DOTNET_RESTORE_DISABLE_PARALLEL=1` - `DOTNET_CLI_TELEMETRY_OPTOUT=1`, `DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1`, `DOTNET_RESTORE_DISABLE_PARALLEL=1`
- `NUGET_PACKAGES=$REPO/.nuget/packages` - `NUGET_PACKAGES=$REPO/.nuget/packages`
- `NUGET_SOURCES=$REPO/local-nugets;$REPO/.nuget/packages` - `NUGET_SOURCES=$REPO/.nuget/packages`
- `TEST_FILTER` empty (set to narrow tests) - `TEST_FILTER` empty (set to narrow tests)
What it does What it does
1) Warm NuGet cache from `local-nugets/` into `$NUGET_PACKAGES` for air-gap parity. 1) `dotnet restore` + `dotnet build` on `src/SbomService/StellaOps.SbomService.sln` with `/bl`.
2) `dotnet restore` + `dotnet build` on `src/SbomService/StellaOps.SbomService.sln` with `/bl`.
3) Run `StellaOps.SbomService.Tests` with TRX output (honors `TEST_FILTER`). 3) Run `StellaOps.SbomService.Tests` with TRX output (honors `TEST_FILTER`).
4) Produce `nuget-cache.hash` using sorted file name+size list hashed with sha256 (lightweight evidence of cache contents). 4) Produce `nuget-cache.hash` using sorted file name+size list hashed with sha256 (lightweight evidence of cache contents).
5) Emit `summary.json` with artefact paths and cache hash value. 5) Emit `summary.json` with artefact paths and cache hash value.

3
devops/services/sbom-ci-runner/run-sbom-ci.sh
View File

@@ -14,11 +14,10 @@ export DOTNET_CLI_TELEMETRY_OPTOUT=${DOTNET_CLI_TELEMETRY_OPTOUT:-1}
export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=${DOTNET_SKIP_FIRST_TIME_EXPERIENCE:-1} export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=${DOTNET_SKIP_FIRST_TIME_EXPERIENCE:-1}
export DOTNET_RESTORE_DISABLE_PARALLEL=${DOTNET_RESTORE_DISABLE_PARALLEL:-1} export DOTNET_RESTORE_DISABLE_PARALLEL=${DOTNET_RESTORE_DISABLE_PARALLEL:-1}
export NUGET_PACKAGES=${NUGET_PACKAGES:-$repo_root/.nuget/packages} export NUGET_PACKAGES=${NUGET_PACKAGES:-$repo_root/.nuget/packages}
export NUGET_SOURCES=${NUGET_SOURCES:-"$repo_root/local-nugets;$repo_root/.nuget/packages"} export NUGET_SOURCES=${NUGET_SOURCES:-"$repo_root/.nuget/packages"}
export TEST_FILTER=${TEST_FILTER:-""} export TEST_FILTER=${TEST_FILTER:-""}
mkdir -p "$NUGET_PACKAGES" mkdir -p "$NUGET_PACKAGES"
rsync -a "$repo_root/local-nugets/" "$NUGET_PACKAGES/" >/dev/null 2>&1 || true
restore_sources=() restore_sources=()
IFS=';' read -ra SRC_ARR <<< "$NUGET_SOURCES" IFS=';' read -ra SRC_ARR <<< "$NUGET_SOURCES"

5
devops/services/scanner-ci-runner/README.md
View File

@@ -11,12 +11,11 @@ Usage
Environment Environment
- Defaults: `DOTNET_CLI_TELEMETRY_OPTOUT=1`, `DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1`, `NUGET_PACKAGES=$REPO/.nuget/packages`. - Defaults: `DOTNET_CLI_TELEMETRY_OPTOUT=1`, `DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1`, `NUGET_PACKAGES=$REPO/.nuget/packages`.
- Sources: `NUGET_SOURCES` (semicolon-separated) defaults to `local-nugets` then warmed cache; no internet required when cache is primed. - Sources: `NUGET_SOURCES` (semicolon-separated) defaults to `.nuget/packages`; no internet required when cache is primed.
- `TEST_FILTER` can narrow tests (empty = all). - `TEST_FILTER` can narrow tests (empty = all).
What it does What it does
1) Warm NuGet cache from `local-nugets/` into `$NUGET_PACKAGES`. 1) `dotnet restore` + `dotnet build` on `src/Scanner/StellaOps.Scanner.sln` with `/bl`.
2) `dotnet restore` + `dotnet build` on `src/Scanner/StellaOps.Scanner.sln` with `/bl`.
3) Run Scanner test buckets (core/analyzers/web/worker) with TRX outputs; buckets can be adjusted via `TEST_FILTER` or script edits. 3) Run Scanner test buckets (core/analyzers/web/worker) with TRX outputs; buckets can be adjusted via `TEST_FILTER` or script edits.
4) Emit `summary.json` with artefact paths/hashes for reproducibility. 4) Emit `summary.json` with artefact paths/hashes for reproducibility.

25
docs/ops/binary-prereqs.md
View File

@@ -1,27 +1,26 @@
# Binary Prerequisites & Offline Layout # Binary Prerequisites & Offline Layout
## Layout (authoritative) ## Layout (authoritative)
- `local-nugets/` — single source for NuGet: holds curated `.nupkg` and the restored packages cache in `local-nugets/packages/`; see `local-nugets/manifest.json` for hashes of the `.nupkg` inputs. - `.nuget/packages/` — NuGet package cache (configured via `nuget.config` `globalPackagesFolder`).
- `vendor/`pinned binaries/CLIs tracked via `vendor/manifest.json`. - `devops/manifests/`binary integrity manifests (e.g., `binary-plugins.manifest.json`).
- `offline/feeds/` — air-gap bundles (tarballs, OCI layers, SBOM packs) registered in `offline/feeds/manifest.json`. - `devops/offline/feeds/` — air-gap bundles (tarballs, OCI layers, SBOM packs) registered in `manifest.json`.
- Module-owned binaries (currently `plugins/`, `tools/`, `deploy/`, `ops/`) are tracked for integrity in `vendor/manifest.json` until relocated. - Module-owned binaries (currently `plugins/`, `tools/`, `deploy/`, `ops/`) are tracked for integrity in `devops/manifests/` until relocated.
## Adding or updating NuGet packages ## Adding or updating NuGet packages
1) Place `.nupkg` into `local-nugets/` and update `local-nugets/manifest.json` (use the manifest script in `scripts/` if available or recompute hashes manually). 1) Run `dotnet restore` which populates `.nuget/packages/` per the sources in `nuget.config`.
2) Run `dotnet restore --source local-nugets` (or set `OFFLINE=1`) to populate `.nuget/packages/`. 2) Never add new feeds to `nuget.config` without review; the configured sources are `nuget.org` and `stellaops` (internal feed).
3) Never add new feeds to `NuGet.config` without review; the default feed order is `local-nugets` first, then `nuget.org` for online builds. 3) For offline builds, pre-populate `.nuget/packages/` from a network-connected machine, then copy to the air-gapped environment.
## Adding other binaries ## Adding other binaries
1) Prefer building from source; if you must pin a binary, drop it under `vendor/` (or `offline/feeds/` for air-gap bundles) and append an entry with SHA-256, origin URL, version, and intended consumer. 1) Prefer building from source; if you must pin a binary, drop it under `devops/offline/` and append an entry with SHA-256, origin URL, version, and intended consumer.
2) For module-owned binaries (e.g., plugins), record the artefact in `vendor/manifest.json` until it can be rebuilt deterministically as part of CI. 2) For module-owned binaries (e.g., plugins), record the artefact in `devops/manifests/binary-plugins.manifest.json` until it can be rebuilt deterministically as part of CI.
## Automation & Integrity ## Automation & Integrity
- Run `scripts/update-binary-manifests.py` to refresh `local-nugets/manifest.json`, `vendor/manifest.json`, and `offline/feeds/manifest.json` after adding binaries. - Run `scripts/update-binary-manifests.py` to refresh manifests after adding binaries.
- Run `scripts/verify-binaries.sh` locally; CI executes it on every PR/branch to block binaries outside approved roots. - Run `scripts/verify-binaries.sh` locally; CI executes it on every PR/branch to block binaries outside approved roots.
- CI also re-runs the manifest generator and fails if the manifests would change—commit regenerated manifests as part of the change. - CI also re-runs the manifest generator and fails if the manifests would change—commit regenerated manifests as part of the change.
- Restore uses the single location: `dotnet restore --source local-nugets` with `globalPackagesFolder=local-nugets/packages` (configured in `NuGet.config`). Clean by removing `local-nugets/packages/` if needed. - NuGet restore uses `.nuget/packages/` as configured in `nuget.config`. Clean by removing `.nuget/packages/` if needed.
- For offline enforcement, set `OFFLINE=1` (CI should fail if it reaches `nuget.org` without `ALLOW_REMOTE=1`). - For offline enforcement, set `OFFLINE=1` (CI should fail if it reaches `nuget.org` without `ALLOW_REMOTE=1`).
## Housekeeping ## Housekeeping
- Do not resurrect `local-nuget/`; the single source of truth is `local-nugets/`. - Refresh manifests when binaries change and record the update in the current sprint's Execution Log.
- Refresh manifests when binaries change and record the update in the current sprints Execution Log.

2
src/Authority/__Libraries/StellaOps.Authority.Storage.Postgres/AGENTS.md
View File

@@ -17,7 +17,7 @@ Deliver PostgreSQL-backed persistence for Authority (tenants, users, roles, perm
## Working Agreement ## Working Agreement
- Update related sprint rows in `docs/implplan/SPRINT_*.md` when work starts/finishes; keep statuses `TODO → DOING → DONE/BLOCKED`. - Update related sprint rows in `docs/implplan/SPRINT_*.md` when work starts/finishes; keep statuses `TODO → DOING → DONE/BLOCKED`.
- Keep migrations idempotent and deterministic (stable ordering, UTC timestamps). Use curated NuGet cache at `local-nugets/`; no external feeds. - Keep migrations idempotent and deterministic (stable ordering, UTC timestamps). Use NuGet cache at `.nuget/packages/`; no external feeds beyond those in `nuget.config`.
- Align schema and repository contracts to `docs/db/SPECIFICATION.md`; mirror any contract/schema change into that spec and the sprints Decisions & Risks. - Align schema and repository contracts to `docs/db/SPECIFICATION.md`; mirror any contract/schema change into that spec and the sprints Decisions & Risks.
- Tests live in `src/Authority/__Tests/StellaOps.Authority.Storage.Postgres.Tests`; maintain deterministic Testcontainers config (fixed image tag, seeded data) and cover all repositories plus determinism of token/refresh generation. - Tests live in `src/Authority/__Tests/StellaOps.Authority.Storage.Postgres.Tests`; maintain deterministic Testcontainers config (fixed image tag, seeded data) and cover all repositories plus determinism of token/refresh generation.
- Use `StellaOps.Cryptography` abstractions for password/hash handling; never log secrets or hashes. Ensure transaction boundaries and retries follow `docs/db/RULES.md`. - Use `StellaOps.Cryptography` abstractions for password/hash handling; never log secrets or hashes. Ensure transaction boundaries and retries follow `docs/db/RULES.md`.

2
src/Concelier/Directory.Build.props
View File

@@ -10,7 +10,7 @@
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.14.0" /> <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.14.0" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="10.0.0" /> <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="10.0.0" />
<PackageReference Include="xunit" Version="2.9.3" /> <PackageReference Include="xunit" Version="2.9.3" />
<PackageReference Include="xunit.runner.visualstudio" Version="3.0.1" /> <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2" />
<PackageReference Include="Microsoft.Extensions.TimeProvider.Testing" Version="10.0.0" /> <PackageReference Include="Microsoft.Extensions.TimeProvider.Testing" Version="10.0.0" />
<ProjectReference Include="$(MSBuildThisFileDirectory)..\__Tests\__Libraries\StellaOps.Concelier.Testing\StellaOps.Concelier.Testing.csproj" <ProjectReference Include="$(MSBuildThisFileDirectory)..\__Tests\__Libraries\StellaOps.Concelier.Testing\StellaOps.Concelier.Testing.csproj"
Condition="Exists('$(MSBuildThisFileDirectory)..\__Tests\__Libraries\StellaOps.Concelier.Testing\StellaOps.Concelier.Testing.csproj')" /> Condition="Exists('$(MSBuildThisFileDirectory)..\__Tests\__Libraries\StellaOps.Concelier.Testing\StellaOps.Concelier.Testing.csproj')" />

2
src/ExportCenter/AGENTS.md
View File

@@ -48,7 +48,7 @@
- Cross-module changes (Authority/Orchestrator/CLI) only when sprint explicitly covers them; log in Decisions & Risks. - Cross-module changes (Authority/Orchestrator/CLI) only when sprint explicitly covers them; log in Decisions & Risks.
## Coding & Observability Standards ## Coding & Observability Standards
- Target **.NET 10** with curated `local-nugets/`; Npgsql driver for PostgreSQL; ORAS/OCI client where applicable. - Target **.NET 10**; Npgsql driver for PostgreSQL; ORAS/OCI client where applicable.
- Metrics under `StellaOps.ExportCenter.*`; tag `tenant`, `profile`, `adapter`, `result`; document new counters/histograms. - Metrics under `StellaOps.ExportCenter.*`; tag `tenant`, `profile`, `adapter`, `result`; document new counters/histograms.
- Logs structured, no PII; include `runId`, `tenant`, `profile`, `adapter`, `correlationId`; map phases (`plan`, `resolve`, `adapter`, `manifest`, `sign`, `distribute`). - Logs structured, no PII; include `runId`, `tenant`, `profile`, `adapter`, `correlationId`; map phases (`plan`, `resolve`, `adapter`, `manifest`, `sign`, `distribute`).
- SSE/telemetry events must be deterministic and replay-safe; backpressure aware. - SSE/telemetry events must be deterministic and replay-safe; backpressure aware.

4
src/Graph/AGENTS.md
View File

@@ -24,7 +24,7 @@
- Default to deterministic ordering for streams/exports; manifest checksums required for `graphml/csv/ndjson` exports. - Default to deterministic ordering for streams/exports; manifest checksums required for `graphml/csv/ndjson` exports.
- Timestamps: UTC ISO-8601; avoid wall-clock in tests. - Timestamps: UTC ISO-8601; avoid wall-clock in tests.
- Snapshot/export roots configurable via `STELLAOPS_GRAPH_SNAPSHOT_DIR` or `SbomIngestOptions.SnapshotRootDirectory`. - Snapshot/export roots configurable via `STELLAOPS_GRAPH_SNAPSHOT_DIR` or `SbomIngestOptions.SnapshotRootDirectory`.
- Offline posture: no external calls beyond allowlisted feeds; prefer cached schemas and local nugets in `local-nugets/`. - Offline posture: no external calls beyond allowlisted feeds; prefer cached schemas in `.nuget/packages/`.
## Data & Environment ## Data & Environment
- Storage is currently in-memory (MongoDB dependency removed); persistent backing store to be added in a follow-up sprint. - Storage is currently in-memory (MongoDB dependency removed); persistent backing store to be added in a follow-up sprint.
@@ -53,7 +53,7 @@
- If a required contract/doc is missing or stale, mark the affected task BLOCKED in the sprint and log under Decisions & Risks; do not pause work waiting for live answers. - If a required contract/doc is missing or stale, mark the affected task BLOCKED in the sprint and log under Decisions & Risks; do not pause work waiting for live answers.
## Run/Test Commands (examples) ## Run/Test Commands (examples)
- Restore: `dotnet restore src/Graph/StellaOps.Graph.Api/StellaOps.Graph.Api.csproj --source ../local-nugets` - Restore: `dotnet restore src/Graph/StellaOps.Graph.Api/StellaOps.Graph.Api.csproj`
- Build: `dotnet build src/Graph/StellaOps.Graph.Api/StellaOps.Graph.Api.csproj -c Release` - Build: `dotnet build src/Graph/StellaOps.Graph.Api/StellaOps.Graph.Api.csproj -c Release`
- Tests: `dotnet test src/Graph/__Tests/StellaOps.Graph.Indexer.Tests/StellaOps.Graph.Indexer.Tests.csproj` - Tests: `dotnet test src/Graph/__Tests/StellaOps.Graph.Indexer.Tests/StellaOps.Graph.Indexer.Tests.csproj`
- Lint/style: follow repo-wide analyzers in `Directory.Build.props` / `.editorconfig`. - Lint/style: follow repo-wide analyzers in `Directory.Build.props` / `.editorconfig`.

2
src/Notify/AGENTS.md
View File

@@ -13,7 +13,7 @@ Deliver and operate the Notify module across WebService, Worker, and storage lay
## Working Agreement ## Working Agreement
- Update sprint rows in `docs/implplan/SPRINT_*.md` with TODO → DOING → DONE/BLOCKED as work progresses; log blockers in **Decisions & Risks**. - Update sprint rows in `docs/implplan/SPRINT_*.md` with TODO → DOING → DONE/BLOCKED as work progresses; log blockers in **Decisions & Risks**.
- Offline/deterministic posture: stable ordering, UTC timestamps, idempotent migrations; use curated NuGet cache `local-nugets/`. - Offline/deterministic posture: stable ordering, UTC timestamps, idempotent migrations; use NuGet cache `.nuget/packages/`.
- Storage: keep schema/tests aligned to `notify` schema; when running tests locally ensure Docker/WSL integration for Testcontainers. - Storage: keep schema/tests aligned to `notify` schema; when running tests locally ensure Docker/WSL integration for Testcontainers.
- Testing: prefer integration suites under `src/Notify/__Tests/StellaOps.Notify.Storage.Postgres.Tests`; add coverage for new repositories or state transitions; keep results under `out/test-results/` when capturing evidence. - Testing: prefer integration suites under `src/Notify/__Tests/StellaOps.Notify.Storage.Postgres.Tests`; add coverage for new repositories or state transitions; keep results under `out/test-results/` when capturing evidence.
- Cross-module edits require explicit sprint note; otherwise stay within `src/Notify/**` and shared libraries listed in module docs. - Cross-module edits require explicit sprint note; otherwise stay within `src/Notify/**` and shared libraries listed in module docs.

2
src/Notify/__Libraries/StellaOps.Notify.Storage.Postgres/AGENTS.md
View File

@@ -13,7 +13,7 @@ Deliver PostgreSQL-backed persistence for Notify (channels, rules, templates, de
## Working Agreement ## Working Agreement
- Update related sprint rows in `docs/implplan/SPRINT_*.md` when starting/finishing work; keep statuses `TODO → DOING → DONE/BLOCKED`. - Update related sprint rows in `docs/implplan/SPRINT_*.md` when starting/finishing work; keep statuses `TODO → DOING → DONE/BLOCKED`.
- Follow deterministic/offline posture: stable ordering, UTC timestamps, idempotent migrations; use the curated NuGet cache at `local-nugets/`. - Follow deterministic/offline posture: stable ordering, UTC timestamps, idempotent migrations; use NuGet cache at `.nuget/packages/`.
- Keep schema/migrations aligned with `docs/db/SPECIFICATION.md`; add/extend tests under this project to cover repository contracts against PostgreSQL. - Keep schema/migrations aligned with `docs/db/SPECIFICATION.md`; add/extend tests under this project to cover repository contracts against PostgreSQL.
- Mirror any contract change (schema, repository signatures, DI wiring) into the appropriate docs (`docs/db/SPECIFICATION.md`, module architecture) and note it in sprint Decisions & Risks. - Mirror any contract change (schema, repository signatures, DI wiring) into the appropriate docs (`docs/db/SPECIFICATION.md`, module architecture) and note it in sprint Decisions & Risks.
- Coordinate with `StellaOps.Notify.Engine` and channel connectors for behavioural changes; avoid cross-module edits unless the sprint explicitly allows and logs them. - Coordinate with `StellaOps.Notify.Engine` and channel connectors for behavioural changes; avoid cross-module edits unless the sprint explicitly allows and logs them.

2
src/Policy/__Libraries/StellaOps.Policy.AuthSignals/StellaOps.Policy.AuthSignals.csproj
View File

@@ -7,7 +7,7 @@
<Company>StellaOps</Company> <Company>StellaOps</Company>
<Version>0.1.0-alpha</Version> <Version>0.1.0-alpha</Version>
<Description>Shared Policy/Authority/Signals contracts for advisory signals.</Description> <Description>Shared Policy/Authority/Signals contracts for advisory signals.</Description>
<PackageOutputPath>../../../../local-nugets</PackageOutputPath> <PackageOutputPath>../../../../.nuget/packages</PackageOutputPath>
<IncludeSymbols>false</IncludeSymbols> <IncludeSymbols>false</IncludeSymbols>
<IncludeSource>false</IncludeSource> <IncludeSource>false</IncludeSource>
</PropertyGroup> </PropertyGroup>

14
src/StellaOps.Tests.sln Normal file
View File

@@ -0,0 +1,14 @@
Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 17
VisualStudioVersion = 17.0.31903.59
MinimumVisualStudioVersion = 10.0.40219.1
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal