stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Update docs, sprint plans, and compose configuration

Browse Source 
Add 12 new sprint files (Integrations, Graph, JobEngine, FE, Router,
AdvisoryAI), archive completed scheduler UI sprint, update module
architecture docs (router, graph, jobengine, web, integrations),
and add Gitea entrypoint script for local dev.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
2026-04-06 08:53:50 +03:00
parent 8e823792a3
commit 50abd2137f
36 changed files with 1723 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
docs/architecture/integrations.md
View File

@@ -253,6 +253,46 @@ All operations log with:
- `operation`: comment, status, check_run
- `prNumber` / `commitSha`: Target reference
## Current Catalog Contract
The live Integration Catalog contract is served by the Integrations WebService and is the source of truth for provider discovery and resource discovery.
### Provider Metadata
- `GET /api/v1/integrations/providers` returns `ProviderInfo[]` with `name`, `type`, `provider`, `isTestOnly`, `supportsDiscovery`, and `supportedResourceTypes`.
- Test-only providers are hidden by default. `GET /api/v1/integrations/providers?includeTestOnly=true` exposes providers such as `InMemory` for explicit test/dev workflows.
- Built-in provider coverage now includes Harbor, Docker Registry, GitLab Container Registry, GitHub App, Gitea, GitLab Server, GitLab CI, Jenkins, Nexus, Vault, Consul, eBPF Agent, the `S3Compatible` object-storage provider, feed mirror providers (`StellaOpsMirror`, `NvdMirror`, `OsvMirror`), and the hidden test-only `InMemory` plugin.
### Discovery
- `POST /api/v1/integrations/{id}/discover` accepts:
```json
{
"resourceType": "repositories",
"filter": {
"namePattern": "team/*"
}
}
```
- Successful responses return `DiscoverIntegrationResponse` with the normalized `resourceType`, the ordered `supportedResourceTypes`, and the discovered `resources`.
- Unsupported discovery requests return `400 Bad Request` with the supported resource types for that provider.
- Missing or cross-tenant integration IDs return `404 Not Found`.
### Discovery-Capable Providers
- OCI registries: `repositories`, `tags`
- SCM: `projects`, `repositories`
- CI/CD: `jobs`, `pipelines`
- Feed mirror, object-storage, and secrets/runtime providers currently expose health/test flows only
### Credential Resolution
- Integration secrets are supplied as AuthRef URIs such as `authref://vault/gitlab#access-token`
- The runtime resolver is Vault-backed; there is no product-path stub resolver in the shipped service
- Registry connectors accept bearer tokens and `username:password` or `username:token` secrets for Basic auth-compatible registries
## Related Documentation
- [CI/CD Gate Flow](../../flows/10-cicd-gate-flow.md)