docs: add service README.md files + update AGENTS.md decisions

- Create README.md for 25+ service modules with container info, API surface, storage - Document attestor-tileproxy separation rationale (air-gap network isolation) - Document opsmemory-advisoryai separation rationale (resource isolation, blast radius) - Update Timeline AGENTS.md with merged indexer info Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-08 13:45:03 +03:00
parent 59ba757eaa
commit 59e7f25d96
31 changed files with 553 additions and 8 deletions
--- a/src/EvidenceLocker/README.md
+++ b/src/EvidenceLocker/README.md
@@ -0,0 +1,17 @@
+# EvidenceLocker
+
+**Container(s):** stellaops-evidence-locker-web, stellaops-evidence-locker-worker
+**Slot:** 6  |  **Port:** 8080  |  **Consumer Group:** evidencelocker
+**Resource Tier:** light
+
+## Purpose
+The Evidence Locker provides write-once, tamper-evident storage for release evidence artifacts (scan results, attestations, policy verdicts, approval records). It supports optional cryptographic signing (ES256), quota enforcement, snapshot queries, and multi-material evidence bundles. The worker handles background evidence processing tasks.
+
+## API Surface
+- `evidencelocker` (via Router) — evidence material upload (write-once), retrieval, snapshot queries, health checks, observability endpoints
+
+## Storage
+PostgreSQL (via `EvidenceLocker:Database:ConnectionString`); file-system object store (`/data/evidence`) or configurable backend; Valkey for cache
+
+## Background Workers
+- Evidence Locker worker — background evidence processing, integrity verification