stabilizaiton work - projects rework for maintenanceability and ui livening
This commit is contained in:
master
@@ -13,7 +13,7 @@ This document provides comprehensive guidance for implementing the Smart-Diff an
|
||||
|
||||
1. [Architecture Overview](#architecture-overview)
|
||||
2. [Existing Component Inventory](#existing-component-inventory)
|
||||
3. [Angular 17 Patterns](#angular-17-patterns)
|
||||
3. [Angular 21 Patterns](#angular-21-patterns)
|
||||
4. [State Management](#state-management)
|
||||
5. [Visualization Techniques](#visualization-techniques)
|
||||
6. [Styling System](#styling-system)
|
||||
@@ -120,7 +120,7 @@ src/app/
|
||||
|
||||
---
|
||||
|
||||
## Angular 17 Patterns
|
||||
## Angular 21 Patterns
|
||||
|
||||
### Standalone Components
|
||||
|
||||
@@ -150,7 +150,7 @@ export class ExplainerStepComponent {
|
||||
|
||||
### Input/Output with Signals
|
||||
|
||||
Angular 17 signal-based inputs:
|
||||
Angular 21 signal-based inputs:
|
||||
|
||||
```typescript
|
||||
// Modern approach (preferred)
|
||||
@@ -178,7 +178,7 @@ export class MyComponent {
|
||||
|
||||
### Template Control Flow
|
||||
|
||||
Use new Angular 17 control flow syntax:
|
||||
Use Angular 21 built-in control flow syntax:
|
||||
|
||||
```typescript
|
||||
// In template
|
||||
|
||||
@@ -19,7 +19,7 @@ The Console presents operator dashboards for scans, policies, VEX evidence, runt
|
||||
- Support offline bundles with deterministic build outputs.
|
||||
|
||||
## Key components
|
||||
- Angular 17 workspace under `src/Web/StellaOps.Web`.
|
||||
- Angular 21 workspace under `src/Web/StellaOps.Web`.
|
||||
- Signals-based state management with `@ngrx/signals` store.
|
||||
- API client generator (`core/api`).
|
||||
|
||||
@@ -60,7 +60,7 @@ The Console presents operator dashboards for scans, policies, VEX evidence, runt
|
||||
- Epic 11 – Notifications Studio: notifications workspace with previews, audit trails (planned)
|
||||
|
||||
### Core Capabilities
|
||||
- Angular 17 workspace with signals-based state management (@ngrx/signals)
|
||||
- Angular 21 workspace with signals-based state management (@ngrx/signals)
|
||||
- Real-time status via SSE for ingestion, scanning, policy, exports
|
||||
- Authority integration: fresh-auth with DPoP-protected calls, scope enforcement
|
||||
- Accessibility compliance and offline bundle support
|
||||
|
||||
@@ -101,7 +101,7 @@ CONTROL PLANE / RELEASES / APPROVALS / SECURITY / EVIDENCE / OPERATIONS / SETTIN
|
||||
|
||||
---
|
||||
|
||||
## 4) Folder Structure (Angular 17+ Standalone)
|
||||
## 4) Folder Structure (Angular 21 Standalone)
|
||||
|
||||
```
|
||||
src/app/
|
||||
|
||||
@@ -22,13 +22,13 @@
|
||||
|
||||
## 1) Technology baseline
|
||||
|
||||
* **Framework**: Angular 17+ (Stand‑alone APIs / Signals), TypeScript 5.
|
||||
* **Framework**: Angular 21 (Stand‑alone APIs / Signals), TypeScript 5.9.
|
||||
* **Styling**: Tailwind CSS + headless component patterns; CSS variables for theming.
|
||||
* **Charts**: Lightweight SVG (uPlot or Apache ECharts via on‑demand import).
|
||||
* **State**: Angular **Signals** + `@ngrx/signals` store for cross‑page slices.
|
||||
* **Transport**: `fetch` + RxJS interop; **SSE** (EventSource) for progress streams.
|
||||
* **Build**: Angular CLI + Vite builder.
|
||||
* **Testing**: Jest + Testing Library, Playwright for e2e.
|
||||
* **Testing**: Vitest + Testing Library, Playwright for e2e.
|
||||
* **Packaging**: Containerized NGINX (immutable assets, ETag + content hashing).
|
||||
* **Observability docs**: runbook + Grafana JSON stub in `operations/observability.md` and `operations/dashboards/console-ui-observability.json` (offline import).
|
||||
|
||||
@@ -178,18 +178,18 @@ Each feature folder builds as a **standalone route** (lazy loaded). All HTTP sha
|
||||
- Kernel/privilege preflight checks for eBPF/ETW observers.
|
||||
- Helm and systemd install templates.
|
||||
- Agent download and registration flow.
|
||||
* **Models**: `integration.models.ts` defines `IntegrationDraft`, `IntegrationProvider`, `WizardStep`, `PreflightCheck`, `AuthMethod`, and provider constants.
|
||||
|
||||
### 3.12 Advisor (Ask Stella)
|
||||
|
||||
* **Chat panel** scoped to the current artifact, CVE, or release, with citations and evidence chips.
|
||||
* **Citations and Evidence** drawer lists object refs (SBOM, VEX, scan IDs) and hashes.
|
||||
* **Action confirmation** modal required for any tool action; disabled when policy denies.
|
||||
* **Budget indicators** show quota or token budget exhaustion with retry hints.
|
||||
|
||||
---
|
||||
|
||||
## 4) Auth, sessions & RBAC
|
||||
* **Models**: `integration.models.ts` defines `IntegrationDraft`, `IntegrationProvider`, `WizardStep`, `PreflightCheck`, `AuthMethod`, and provider constants.
|
||||
|
||||
### 3.12 Advisor (Ask Stella)
|
||||
|
||||
* **Chat panel** scoped to the current artifact, CVE, or release, with citations and evidence chips.
|
||||
* **Citations and Evidence** drawer lists object refs (SBOM, VEX, scan IDs) and hashes.
|
||||
* **Action confirmation** modal required for any tool action; disabled when policy denies.
|
||||
* **Budget indicators** show quota or token budget exhaustion with retry hints.
|
||||
|
||||
---
|
||||
|
||||
## 4) Auth, sessions & RBAC
|
||||
|
||||
### 4.1 OIDC flow
|
||||
|
||||
|
||||
@@ -32,13 +32,13 @@ The console is implemented in `src/Web/StellaOps.Web`, an Angular 17 workspace
|
||||
| `src/app/core/api` | Typed API clients for Console gateway (`/console/*`) and downstream services. | DTOs for Scanner, Notify, Concelier exporters; fetch-based clients with abort signals. |
|
||||
| `src/app/core/config` | Runtime configuration loader (`/config.json`), feature flag gating. | Supports air-gap overrides and injects API base URLs, Authority issuer/client. |
|
||||
| `src/app/features/*` | Route-level shells (auth bootstrap, scans detail, notifications inbox, Trivy DB settings). | Each feature is a standalone module with lazy loading and Angular Signals state. |
|
||||
| `src/app/testing` | Fixtures and harnesses used in unit tests and storybook-like previews. | Deterministic data used for Playwright and Jest scenarios. |
|
||||
| `src/app/testing` | Fixtures and harnesses used in unit tests and storybook-like previews. | Deterministic data used for Playwright and Vitest scenarios. |
|
||||
|
||||
Workspace characteristics:
|
||||
|
||||
- **Toolchain:** Node 20.11+, npm 10.2+, Angular CLI 17.3. `npm run ci:install` primes dependencies without network audits; `scripts/verify-chromium.js` ensures headless Chromium availability for Karma.
|
||||
- **Toolchain:** Node 20.11+, npm 10.2+, Angular CLI 21.1. `npm run ci:install` primes dependencies without network audits; `scripts/verify-chromium.js` ensures headless Chromium availability for Playwright e2e.
|
||||
- **Build budgets:** `angular.json` enforces 500 KB warning / 1 MB error for initial bundle and 2 KB warning / 4 KB error per component stylesheet. Output hashing (`outputHashing: all`) keeps assets cache-safe.
|
||||
- **Testing:** Karma + Jasmine for unit tests, Playwright for e2e with dev server autotuning. CI (`DEVOPS-CONSOLE-23-001`) runs Lighthouse against the production bundle.
|
||||
- **Testing:** Vitest for unit tests, Playwright for e2e with dev server autotuning. CI (`DEVOPS-CONSOLE-23-001`) runs Lighthouse against the production bundle.
|
||||
- **Runtime config:** `/config.json` merged at bootstrap; gateways can rewrite it on the fly to avoid rebuilding for environment changes.
|
||||
|
||||
---
|
||||
|
||||
Reference in New Issue
Block a user