up the blokcing tasks
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Manifest Integrity / Validate Schema Integrity (push) Has been cancelled
Manifest Integrity / Validate Contract Documents (push) Has been cancelled
Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled
Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled
Manifest Integrity / Verify Merkle Roots (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Risk Bundle CI / risk-bundle-build (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled
Risk Bundle CI / publish-checksums (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Manifest Integrity / Validate Schema Integrity (push) Has been cancelled
Manifest Integrity / Validate Contract Documents (push) Has been cancelled
Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled
Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled
Manifest Integrity / Verify Merkle Roots (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Risk Bundle CI / risk-bundle-build (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled
Risk Bundle CI / publish-checksums (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
This commit is contained in:
StellaOps Bot
@@ -0,0 +1,140 @@
|
||||
# BLOCKED Tasks Dependency Tree — Resolved Items Archive
|
||||
|
||||
> **Archive Date:** 2025-12-05
|
||||
> **Purpose:** Historical record of blockers resolved during Wave C unblocking work
|
||||
|
||||
---
|
||||
|
||||
## Resolved Blockers Summary
|
||||
|
||||
### Specification Contracts Created (2025-12-04)
|
||||
|
||||
| Schema File | Unblocked Tasks | Description |
|
||||
|------------|-----------------|-------------|
|
||||
| `vex-normalization.schema.json` | 11 tasks (VEX Lens 30-00x) | Normalized VEX format |
|
||||
| `timeline-event.schema.json` | 10+ tasks (Task Runner OBS) | Timeline event + evidence pointer |
|
||||
| `mirror-bundle.schema.json` | 8 tasks (CLI AirGap) | Air-gap mirror bundle format |
|
||||
| `provenance-feed.schema.json` | 6 tasks (SGSI0101 Signals) | Runtime facts ingestion |
|
||||
| `attestor-transport.schema.json` | 4 tasks (CLI Attestor) | Attestor SDK transport |
|
||||
| `api-baseline.schema.json` | 6 tasks (APIG0101 DevPortal) | API governance baseline |
|
||||
| `ledger-airgap-staleness.schema.json` | 5 tasks (LEDGER-AIRGAP) | Staleness tracking |
|
||||
| `graph-platform.schema.json` | 2 tasks (CAGR0101 Bench) | Graph platform contract |
|
||||
| `php-analyzer-bootstrap.schema.json` | 1 task | PHP analyzer bootstrap |
|
||||
| `scanner-surface.schema.json` | 1 task | Scanner task contract |
|
||||
|
||||
**Total tasks unblocked by specifications: ~61**
|
||||
|
||||
---
|
||||
|
||||
### CLI Compile Failures (Resolved 2025-12-04)
|
||||
|
||||
All CLI compilation issues were resolved. Key changes:
|
||||
- Created `StellaOpsTokenClientExtensions.cs` compatibility shims
|
||||
- Updated 8 service files for new Auth.Client API
|
||||
- Fixed CommandFactory.cs argument order
|
||||
- Updated PolicyDiagnostic model
|
||||
|
||||
**Build Result:** 0 errors, 8 warnings (non-blocking)
|
||||
|
||||
---
|
||||
|
||||
### Policy Studio Wave C (Resolved 2025-12-05)
|
||||
|
||||
Infrastructure created:
|
||||
- 11 policy scopes in `scopes.ts`
|
||||
- 7 policy guards in `auth.guard.ts`
|
||||
- Monaco language definition (`stella-dsl.language.ts`)
|
||||
- Policy API client (`policy-api.service.ts`)
|
||||
- 30+ TypeScript domain models
|
||||
|
||||
**10 tasks unblocked:** UI-POLICY-20-001 through UI-POLICY-23-006
|
||||
|
||||
---
|
||||
|
||||
### VEX Lens Chain (Resolved 2025-12-04)
|
||||
|
||||
Root blocker `VEX normalization + issuer directory specs` resolved.
|
||||
|
||||
**11 tasks unblocked:** VEXLENS-30-001 through VEXLENS-30-011
|
||||
|
||||
---
|
||||
|
||||
### Task Runner Observability Chain (Resolved 2025-12-04)
|
||||
|
||||
Root blocker `Timeline event schema` resolved.
|
||||
|
||||
**Tasks unblocked:**
|
||||
- TASKRUN-OBS-52-001, 53-001 (Sprint 0157)
|
||||
- TASKRUN-OBS-54-001, 55-001 (Sprint 0158)
|
||||
- ORCH-OBS-52-001, 54-001 (Sprint 0151)
|
||||
|
||||
---
|
||||
|
||||
### LEDGER-AIRGAP Chain (Resolved 2025-12-04)
|
||||
|
||||
Root blocker `ledger-airgap-staleness.schema.json` resolved.
|
||||
|
||||
**Tasks unblocked:**
|
||||
- LEDGER-AIRGAP-56-002, 57-001, 58-001 (Sprint 0120)
|
||||
- ORCH-AIRGAP-56-002 (Sprint 0151)
|
||||
|
||||
---
|
||||
|
||||
### Build Verification (2025-12-04)
|
||||
|
||||
**Confirmed:**
|
||||
- CLI builds: ✅ 0 errors
|
||||
- Scanner analyzers (PHP/Java/Ruby/Node/Python): ✅ All build
|
||||
- Disk space: ✅ 54GB available (not a blocker)
|
||||
|
||||
---
|
||||
|
||||
### Other Resolved Blockers
|
||||
|
||||
| Blocker | Resolution Date | Notes |
|
||||
|---------|-----------------|-------|
|
||||
| POLICY-20-001 | 2025-11-25 | Linkset APIs implemented |
|
||||
| AUTH-TEN-47-001 | 2025-11-19 | Tenant scope contract created |
|
||||
| WEB-POLICY-20-004 | 2025-12-04 | Rate limiting added |
|
||||
| CAGR0101 Graph platform | 2025-12-04 | Schema created |
|
||||
| Shared signals library | 2025-12-04 | StellaOps.Signals.Contracts created |
|
||||
| VERSION_MATRIX.md | 2025-12-04 | Service version matrix created |
|
||||
|
||||
---
|
||||
|
||||
### Object Storage Contract (Resolved 2025-12-05)
|
||||
|
||||
Root blocker `Object storage contract for raw payloads` resolved.
|
||||
|
||||
**Infrastructure created:**
|
||||
- `docs/schemas/object-storage.schema.json` - S3-compatible object storage contract
|
||||
- Defines `ObjectPointer`, `ProvenanceMetadata`, `MigrationRecord`, `PayloadReference`
|
||||
- Supports MinIO/S3 endpoints, deterministic pointers, GridFS migration tracking
|
||||
|
||||
**Tasks unblocked:**
|
||||
- CONCELIER-LNM-21-103-DEV (object storage migration)
|
||||
- Downstream chain: 21-201, 21-202, 21-203
|
||||
|
||||
---
|
||||
|
||||
### Concelier LNM Chain Status Sync (2025-12-05)
|
||||
|
||||
Fixed `tasks-all.md` sync issue - following tasks were already DONE but marked BLOCKED/TODO:
|
||||
- CONCELIER-LNM-21-003: DONE (2025-11-22)
|
||||
- CONCELIER-LNM-21-004: DONE (2025-11-27)
|
||||
- CONCELIER-LNM-21-005: DONE (2025-11-27)
|
||||
- CONCELIER-LNM-21-101: DONE (2025-11-27)
|
||||
- CONCELIER-LNM-21-102: DONE (2025-11-28)
|
||||
|
||||
---
|
||||
|
||||
## Cross-Reference
|
||||
|
||||
This archive supersedes resolved sections from:
|
||||
- Section 8.1 CLI Compile Failures
|
||||
- Section 8.2 Build Verification
|
||||
- Section 8.3 Specification Contracts Created
|
||||
- Section 8.4 Policy Studio Wave C
|
||||
- VEX Lens Chain (Section 3)
|
||||
- Task Runner Observability (Section 7.3)
|
||||
- LEDGER-AIRGAP staleness (Section 13)
|
||||
@@ -1137,7 +1137,7 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 48 | Authority-Backed Scopes & Tenancy Phase 2 | src/Notifier/StellaOps.Notifier | TODO | Notifications Service Guild | NOTIFY-TEN-48-001 | Tenant-scope notification rules, incidents, and outbound channels; update storage schemas. |
|
||||
| Sprint 48 | Authority-Backed Scopes & Tenancy Phase 2 | src/Orchestrator/StellaOps.Orchestrator | TODO | Orchestrator Service Guild | ORCH-TEN-48-001 | Stamp jobs with tenant/project, set DB session context, and reject jobs without context. |
|
||||
| Sprint 48 | Authority-Backed Scopes & Tenancy Phase 2 | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-TEN-48-001 | Add `tenant_id`/`project_id` to policy data, enable Postgres RLS, and expose rationale IDs with tenant context. |
|
||||
| Sprint 48 | Authority-Backed Scopes & Tenancy Phase 2 | src/TaskRunner/StellaOps.TaskRunner | TODO | Task Runner Guild | TASKRUN-TEN-48-001 | Propagate tenant/project to all steps, enforce object store prefix, and validate before execution. |
|
||||
| Sprint 48 | Authority-Backed Scopes & Tenancy Phase 2 | src/TaskRunner/StellaOps.TaskRunner | DONE (2025-12-10) | Task Runner Guild | TASKRUN-TEN-48-001 | Propagate tenant/project to all steps, enforce object store prefix, and validate before execution. |
|
||||
| Sprint 48 | Authority-Backed Scopes & Tenancy Phase 2 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-TEN-48-001 | Enforce tenant context through persistence (DB GUC, object store prefix), add request annotations, and emit audit events. |
|
||||
| Sprint 49 | Authority-Backed Scopes & Tenancy Phase 3 | docs | TODO | Docs Guild | DOCS-TEN-49-001 | Publish `/docs/modules/cli/guides/authentication.md`, `/docs/api/authentication.md`, `/docs/policy/examples/abac-overlays.md`, `/docs/install/configuration-reference.md` updates (imposed rule). |
|
||||
| Sprint 49 | Authority-Backed Scopes & Tenancy Phase 3 | ops/devops | TODO | DevOps Guild | DEVOPS-TEN-49-001 | Implement audit log pipeline, monitor scope usage, chaos tests for JWKS outage, and tenant load/perf tests. |
|
||||
@@ -1194,10 +1194,10 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/Orchestrator/StellaOps.Orchestrator | TODO | Orchestrator Service Guild | ORCH-OBS-52-001 | Emit job lifecycle timeline events with tenant/project metadata. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-OBS-52-001 | Emit policy decision timeline events with rule summaries and trace IDs. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TaskRunner/StellaOps.TaskRunner | TODO | Task Runner Guild | TASKRUN-OBS-52-001 | Emit pack run timeline events and dedupe logic. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TimelineIndexer/StellaOps.TimelineIndexer | TODO | Timeline Indexer Guild | TIMELINE-OBS-52-001 | Bootstrap timeline indexer service and schema with RLS scaffolding. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TimelineIndexer/StellaOps.TimelineIndexer | TODO | Timeline Indexer Guild | TIMELINE-OBS-52-002 | Implement event ingestion pipeline with ordering and dedupe. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TimelineIndexer/StellaOps.TimelineIndexer | TODO | Timeline Indexer Guild | TIMELINE-OBS-52-003 | Expose timeline query APIs with tenant filters and pagination. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TimelineIndexer/StellaOps.TimelineIndexer | TODO | Security Guild | TIMELINE-OBS-52-004 | Finalize RLS + scope enforcement and audit logging for timeline reads. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TimelineIndexer/StellaOps.TimelineIndexer | DONE (2025-12-03) | Timeline Indexer Guild | TIMELINE-OBS-52-001 | Bootstrap timeline indexer service and schema with RLS scaffolding. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TimelineIndexer/StellaOps.TimelineIndexer | DONE (2025-12-03) | Timeline Indexer Guild | TIMELINE-OBS-52-002 | Implement event ingestion pipeline with ordering and dedupe. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TimelineIndexer/StellaOps.TimelineIndexer | DONE (2025-12-03) | Timeline Indexer Guild | TIMELINE-OBS-52-003 | Expose timeline query APIs with tenant filters and pagination. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/TimelineIndexer/StellaOps.TimelineIndexer | DONE (2025-12-03) | Security Guild | TIMELINE-OBS-52-004 | Finalize RLS + scope enforcement and audit logging for timeline reads. |
|
||||
| Sprint 52 | Observability & Forensics Phase 3 – Timeline & Decision Logs | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-OBS-52-001 | Provide trace/log proxy endpoints bridging to timeline + log store. |
|
||||
| Sprint 53 | Observability & Forensics Phase 4 – Evidence Locker | docs | TODO | Docs Guild | DOCS-CLI-FORENSICS-53-001 | Document `stella forensic` CLI workflows with sample bundles. |
|
||||
| Sprint 53 | Observability & Forensics Phase 4 – Evidence Locker | docs | DONE (2025-11-26) | Docs Guild | DOCS-FORENSICS-53-001 | Publish `/docs/forensics/evidence-locker.md` covering bundles, WORM, legal holds. |
|
||||
@@ -1216,7 +1216,7 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 53 | Observability & Forensics Phase 4 – Evidence Locker | src/Orchestrator/StellaOps.Orchestrator | TODO | Orchestrator Service Guild | ORCH-OBS-53-001 | Attach job capsules + manifests to evidence locker snapshots. |
|
||||
| Sprint 53 | Observability & Forensics Phase 4 – Evidence Locker | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-OBS-53-001 | Build evaluation evidence bundles (inputs, rule traces, engine version). |
|
||||
| Sprint 53 | Observability & Forensics Phase 4 – Evidence Locker | src/TaskRunner/StellaOps.TaskRunner | TODO | Task Runner Guild | TASKRUN-OBS-53-001 | Capture step transcripts and manifests into evidence bundles. |
|
||||
| Sprint 53 | Observability & Forensics Phase 4 – Evidence Locker | src/TimelineIndexer/StellaOps.TimelineIndexer | TODO | Timeline Indexer Guild | TIMELINE-OBS-53-001 | Link timeline events to evidence bundle digests and expose evidence lookup endpoint. |
|
||||
| Sprint 53 | Observability & Forensics Phase 4 – Evidence Locker | src/TimelineIndexer/StellaOps.TimelineIndexer | DONE (2025-12-10) | Timeline Indexer Guild | TIMELINE-OBS-53-001 | Link timeline events to evidence bundle digests and expose evidence lookup endpoint. |
|
||||
| Sprint 54 | Observability & Forensics Phase 5 – Provenance & Verification | docs | DONE (2025-11-26) | Docs Guild | DOCS-FORENSICS-53-002 | Publish `/docs/forensics/provenance-attestation.md` covering signing + verification. |
|
||||
| Sprint 54 | Observability & Forensics Phase 5 – Provenance & Verification | ops/devops | TODO | DevOps Guild | DEVOPS-OBS-54-001 | Manage provenance signing infrastructure (KMS keys, timestamp authority) and CI verification. |
|
||||
| Sprint 54 | Observability & Forensics Phase 5 – Provenance & Verification | src/Cli/StellaOps.Cli | TODO | DevEx/CLI Guild | CLI-FORENSICS-54-001 | Implement `stella forensic verify` command verifying bundles + signatures. |
|
||||
@@ -1234,7 +1234,7 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 54 | Observability & Forensics Phase 5 – Provenance & Verification | src/Provenance/StellaOps.Provenance.Attestation | TODO | Provenance Guild | PROV-OBS-53-002 | Build signer abstraction (cosign/KMS/offline) with policy enforcement. |
|
||||
| Sprint 54 | Observability & Forensics Phase 5 – Provenance & Verification | src/Provenance/StellaOps.Provenance.Attestation | TODO | Provenance Guild | PROV-OBS-54-001 | Deliver verification library validating DSSE signatures + Merkle roots. |
|
||||
| Sprint 54 | Observability & Forensics Phase 5 – Provenance & Verification | src/Provenance/StellaOps.Provenance.Attestation | TODO | Provenance Guild, DevEx/CLI Guild | PROV-OBS-54-002 | Package provenance verification tool for CLI integration and offline use. |
|
||||
| Sprint 54 | Observability & Forensics Phase 5 – Provenance & Verification | src/TaskRunner/StellaOps.TaskRunner | TODO | Task Runner Guild | TASKRUN-OBS-54-001 | Generate pack run attestations and link to timeline/evidence. |
|
||||
| Sprint 54 | Observability & Forensics Phase 5 – Provenance & Verification | src/TaskRunner/StellaOps.TaskRunner | DONE (2025-12-06) | Task Runner Guild | TASKRUN-OBS-54-001 | Generate pack run attestations and link to timeline/evidence. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | docs | TODO | Docs Guild | DOCS-RUNBOOK-55-001 | Publish `/docs/runbooks/incidents.md` covering activation, escalation, and verification checklist. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | ops/devops | TODO | DevOps Guild | DEVOPS-OBS-55-001 | Automate incident mode activation via SLO alerts, retention override management, and reset job. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | src/Authority/StellaOps.Authority | DOING (2025-11-01) | Authority Core & Security Guild | AUTH-OBS-55-001 | Enforce `obs:incident` scope with fresh-auth requirement and audit export for toggles. |
|
||||
@@ -1249,7 +1249,7 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | src/Notifier/StellaOps.Notifier | TODO | Notifications Service Guild | NOTIFY-OBS-55-001 | Send incident mode start/stop notifications with quick links to evidence/timeline. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | src/Orchestrator/StellaOps.Orchestrator | TODO | Orchestrator Service Guild | ORCH-OBS-55-001 | Increase telemetry + evidence capture during incident mode and emit activation events. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-OBS-55-001 | Capture full rule traces + retention bump on incident activation with timeline events. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | src/TaskRunner/StellaOps.TaskRunner | TODO | Task Runner Guild | TASKRUN-OBS-55-001 | Capture extra debug data + notifications for incident mode runs. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | src/TaskRunner/StellaOps.TaskRunner | DONE (2025-12-06) | Task Runner Guild | TASKRUN-OBS-55-001 | Capture extra debug data and notifications for incident mode runs. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | src/Telemetry/StellaOps.Telemetry.Core | TODO | Observability Guild | TELEMETRY-OBS-55-001 | Implement incident mode sampling toggle API with activation audit trail. |
|
||||
| Sprint 55 | Observability & Forensics Phase 6 – Incident Mode | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-OBS-55-001 | Deliver `/obs/incident-mode` control endpoints with audit + retention previews. |
|
||||
| Sprint 56 | Air-Gapped Mode Phase 1 – Sealing Foundations | docs | TODO | Docs Guild | DOCS-AIRGAP-56-001 | Publish `/docs/airgap/overview.md`. |
|
||||
|
||||
Reference in New Issue
Block a user