refactor(graph): absorb Cartographer into graph-api + wire Graph Indexer

- Wire Graph Indexer library + Persistence into graph-api (csproj refs + DI) - Add build/overlay endpoints matching Scheduler HTTP contracts (POST/GET /api/graphs/builds, POST/GET /api/graphs/overlays) - Add PostgresGraphRepository for reading from graph.graph_nodes/edges - Register SBOM ingest, analytics, change-stream, and inspector pipelines - Comment out Cartographer container in compose (empty shell, Slot 21) - Add cartographer.stella-ops.local as backwards-compat alias on graph-api - Update Scheduler config to target graph.stella-ops.local - Update services-matrix.env, hosts file, port-registry, module-matrix - Update component-map, architecture docs, Scanner/Graph READMEs - Eliminates 1 container (stellaops-cartographer) All 133 existing tests pass (77 Api + 37 Indexer + 19 Core). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-08 15:48:18 +03:00
parent 13c4811e32
commit 6592cdcc9b
16 changed files with 592 additions and 73 deletions
--- a/devops/compose/docker-compose.stella-services.yml
+++ b/devops/compose/docker-compose.stella-services.yml
@@ -272,7 +272,8 @@ services:
      # STELLAOPS_TASKRUNNER_URL removed: TaskRunner service deleted
      STELLAOPS_SCHEDULER_URL: "http://scheduler.stella-ops.local"
      STELLAOPS_GRAPH_URL: "http://graph.stella-ops.local"
-      STELLAOPS_CARTOGRAPHER_URL: "http://cartographer.stella-ops.local"
+      # STELLAOPS_CARTOGRAPHER_URL: merged into graph-api; use STELLAOPS_GRAPH_URL instead
+      STELLAOPS_CARTOGRAPHER_URL: "http://graph.stella-ops.local"
      STELLAOPS_REACHGRAPH_URL: "http://reachgraph.stella-ops.local"
      STELLAOPS_TIMELINEINDEXER_URL: "http://timelineindexer.stella-ops.local"
      STELLAOPS_TIMELINE_URL: "http://timeline.stella-ops.local"
@@ -1009,7 +1010,7 @@ services:
      Scheduler__Storage__Postgres__Scheduler__ConnectionString: "${STELLAOPS_POSTGRES_CONNECTION}"
      Scheduler__Storage__Postgres__Scheduler__SchemaName: "scheduler"
      Scheduler__Worker__Runner__Scanner__BaseAddress: "http://scanner.stella-ops.local"
-      Scheduler__Worker__Graph__Cartographer__BaseAddress: "http://cartographer.stella-ops.local"
+      Scheduler__Worker__Graph__Cartographer__BaseAddress: "http://graph.stella-ops.local"
      Scheduler__Worker__Graph__SchedulerApi__BaseAddress: "http://scheduler.stella-ops.local"
      Scheduler__Worker__Policy__Api__BaseAddress: "http://policy.stella-ops.local"
      Router__Enabled: "${SCHEDULER_ROUTER_ENABLED:-true}"
@@ -1045,7 +1046,7 @@ services:
      Scheduler__Storage__Postgres__Scheduler__SchemaName: "scheduler"
      # Worker config
      Scheduler__Worker__Runner__Scanner__BaseAddress: "${SCHEDULER_SCANNER_BASEADDRESS:-http://scanner.stella-ops.local}"
-      Scheduler__Worker__Graph__Cartographer__BaseAddress: "http://cartographer.stella-ops.local"
+      Scheduler__Worker__Graph__Cartographer__BaseAddress: "http://graph.stella-ops.local"
      Scheduler__Worker__Graph__SchedulerApi__BaseAddress: "http://scheduler.stella-ops.local"
      Scheduler__Worker__Policy__Api__BaseAddress: "http://policy.stella-ops.local"
      # Surface environment
@@ -1083,32 +1084,7 @@ services:
      stellaops:
        aliases:
          - graph.stella-ops.local
-      frontdoor: {}
-    healthcheck:
-      test: ["CMD-SHELL", "bash -c 'echo > /dev/tcp/$(hostname)/80'"]
-      <<: *healthcheck-tcp
-    labels: *release-labels
-
-  # --- Slot 21: Cartographer -------------------------------------------------
-  cartographer:
-    <<: *resources-light
-    image: stellaops/cartographer:dev
-    container_name: stellaops-cartographer
-    restart: unless-stopped
-    environment:
-      ASPNETCORE_URLS: "http://+:8080"
-      <<: [*kestrel-cert, *router-microservice-defaults, *gc-light]
-      ConnectionStrings__Default: "${STELLAOPS_POSTGRES_CONNECTION}"
-      ConnectionStrings__Redis: "cache.stella-ops.local:6379"
-      Router__Enabled: "${CARTOGRAPHER_ROUTER_ENABLED:-true}"
-      Router__Messaging__ConsumerGroup: "cartographer"
-    volumes:
-      - ${STELLAOPS_CERT_VOLUME}
-    ports:
-      - "127.1.0.21:80:80"
-    networks:
-      stellaops:
-        aliases:
+          # Backwards-compat: absorb Cartographer traffic (Slot 21 merged into graph-api)
          - cartographer.stella-ops.local
      frontdoor: {}
    healthcheck:
@@ -1116,6 +1092,33 @@ services:
      <<: *healthcheck-tcp
    labels: *release-labels

+  # --- Slot 21: Cartographer (RETIRED -- merged into graph-api Slot 20) ------
+  # cartographer:
+  #   <<: *resources-light
+  #   image: stellaops/cartographer:dev
+  #   container_name: stellaops-cartographer
+  #   restart: unless-stopped
+  #   environment:
+  #     ASPNETCORE_URLS: "http://+:8080"
+  #     <<: [*kestrel-cert, *router-microservice-defaults, *gc-light]
+  #     ConnectionStrings__Default: "${STELLAOPS_POSTGRES_CONNECTION}"
+  #     ConnectionStrings__Redis: "cache.stella-ops.local:6379"
+  #     Router__Enabled: "${CARTOGRAPHER_ROUTER_ENABLED:-true}"
+  #     Router__Messaging__ConsumerGroup: "cartographer"
+  #   volumes:
+  #     - ${STELLAOPS_CERT_VOLUME}
+  #   ports:
+  #     - "127.1.0.21:80:80"
+  #   networks:
+  #     stellaops:
+  #       aliases:
+  #         - cartographer.stella-ops.local
+  #     frontdoor: {}
+  #   healthcheck:
+  #     test: ["CMD-SHELL", "bash -c 'echo > /dev/tcp/$(hostname)/80'"]
+  #     <<: *healthcheck-tcp
+  #   labels: *release-labels
+
  # --- Slot 22: ReachGraph ---------------------------------------------------
  reachgraph-web:
    <<: *resources-light
@@ -1272,28 +1275,33 @@ services:
      <<: *healthcheck-tcp
    labels: *release-labels

-  doctor-scheduler:
-    <<: *resources-light
-    image: stellaops/doctor-scheduler:dev
-    container_name: stellaops-doctor-scheduler
-    restart: unless-stopped
-    environment:
-      ASPNETCORE_URLS: "http://+:80"
-      <<: [*kestrel-cert, *router-microservice-defaults, *gc-light]
-      ConnectionStrings__Default: "${STELLAOPS_POSTGRES_CONNECTION}"
-      ConnectionStrings__Redis: "cache.stella-ops.local:6379"
-      Router__Enabled: "${DOCTOR_SCHEDULER_ROUTER_ENABLED:-true}"
-      Router__Messaging__ConsumerGroup: "doctor-scheduler"
-    volumes:
-      - ${STELLAOPS_CERT_VOLUME}
-    healthcheck:
-      test: ["CMD-SHELL", "bash -c 'echo > /dev/tcp/$(hostname)/80'"]
-      <<: *healthcheck-tcp
-    networks:
-      stellaops:
-        aliases:
-          - doctor-scheduler.stella-ops.local
-    labels: *release-labels
+  # doctor-scheduler: DEPRECATED -- replaced by DoctorJobPlugin in the Scheduler service.
+  # Doctor health check scheduling is now handled by scheduler-web via the plugin architecture.
+  # This service will be removed in a future release. See:
+  # docs/implplan/SPRINT_20260408_003_JobEngine_scheduler_plugin_architecture.md
+  #
+  # doctor-scheduler:
+  #   <<: *resources-light
+  #   image: stellaops/doctor-scheduler:dev
+  #   container_name: stellaops-doctor-scheduler
+  #   restart: unless-stopped
+  #   environment:
+  #     ASPNETCORE_URLS: "http://+:80"
+  #     <<: [*kestrel-cert, *router-microservice-defaults, *gc-light]
+  #     ConnectionStrings__Default: "${STELLAOPS_POSTGRES_CONNECTION}"
+  #     ConnectionStrings__Redis: "cache.stella-ops.local:6379"
+  #     Router__Enabled: "${DOCTOR_SCHEDULER_ROUTER_ENABLED:-true}"
+  #     Router__Messaging__ConsumerGroup: "doctor-scheduler"
+  #   volumes:
+  #     - ${STELLAOPS_CERT_VOLUME}
+  #   healthcheck:
+  #     test: ["CMD-SHELL", "bash -c 'echo > /dev/tcp/$(hostname)/80'"]
+  #     <<: *healthcheck-tcp
+  #   networks:
+  #     stellaops:
+  #       aliases:
+  #         - doctor-scheduler.stella-ops.local
+  #   labels: *release-labels

  # --- Slot 27: OpsMemory (src/AdvisoryAI/StellaOps.OpsMemory.WebService) ---
  opsmemory-web:
--- a/devops/compose/hosts.stellaops.local
+++ b/devops/compose/hosts.stellaops.local
@@ -27,7 +27,8 @@
 # 127.1.0.18 taskrunner.stella-ops.local  # REMOVED: TaskRunner service deleted
 127.1.0.19 scheduler.stella-ops.local
 127.1.0.20 graph.stella-ops.local
-127.1.0.21 cartographer.stella-ops.local
+# 127.1.0.21 cartographer.stella-ops.local  # RETIRED: merged into graph-api (Slot 20)
+127.1.0.20 cartographer.stella-ops.local
 127.1.0.22 reachgraph.stella-ops.local
 127.1.0.23 timelineindexer.stella-ops.local
 127.1.0.24 timeline.stella-ops.local
--- a/devops/compose/openapi_routeprefix_smoke_microservice.csv
+++ b/devops/compose/openapi_routeprefix_smoke_microservice.csv
@@ -90,7 +90,7 @@
 "Microservice","/vexlens","http://vexlens.stella-ops.local","/vexlens/api/v1/vexlens/stats","200"
 "Microservice","/orchestrator","http://orchestrator.stella-ops.local","/orchestrator/scale/load","200"

-"Microservice","/cartographer","http://cartographer.stella-ops.local",,
+"Microservice","/cartographer","http://graph.stella-ops.local",,
 "Microservice","/reachgraph","http://reachgraph.stella-ops.local","/reachgraph/v1/cve-mappings/stats","400"
 "Microservice","/doctor","http://doctor.stella-ops.local","/doctor/api/v1/doctor/checks","401"
 "Microservice","/integrations","http://integrations.stella-ops.local","/integrations/api/v1/integrations","401"
--- a/devops/compose/openapi_routeprefix_smoke_reverseproxy.csv
+++ b/devops/compose/openapi_routeprefix_smoke_reverseproxy.csv
@@ -93,7 +93,7 @@
 "ReverseProxy","/vexlens","http://vexlens.stella-ops.local",,
 "ReverseProxy","/orchestrator","http://orchestrator.stella-ops.local",,

-"ReverseProxy","/cartographer","http://cartographer.stella-ops.local",,
+"ReverseProxy","/cartographer","http://graph.stella-ops.local",,
 "ReverseProxy","/reachgraph","http://reachgraph.stella-ops.local",,
 "ReverseProxy","/doctor","http://doctor.stella-ops.local",,
 "ReverseProxy","/integrations","http://integrations.stella-ops.local",,
--- a/devops/docker/services-matrix.env
+++ b/devops/docker/services-matrix.env
@@ -23,7 +23,7 @@ scanner-worker|devops/docker/Dockerfile.hardened.template|src/Scanner/StellaOps.
 # ── Slot 9: Concelier ───────────────────────────────────────────────────────────
 concelier|devops/docker/Dockerfile.hardened.template|src/Concelier/StellaOps.Concelier.WebService/StellaOps.Concelier.WebService.csproj|StellaOps.Concelier.WebService|8080
 # ── Slot 10: Excititor ──────────────────────────────────────────────────────────
-excititor|devops/docker/Dockerfile.hardened.template|src/Concelier/StellaOps.Excititor.WebService/StellaOps.Excititor.WebService.csproj|StellaOps.Excititor.WebService|8080
+excititor-web|devops/docker/Dockerfile.hardened.template|src/Concelier/StellaOps.Excititor.WebService/StellaOps.Excititor.WebService.csproj|StellaOps.Excititor.WebService|8080
 excititor-worker|devops/docker/Dockerfile.hardened.template|src/Concelier/StellaOps.Excititor.Worker/StellaOps.Excititor.Worker.csproj|StellaOps.Excititor.Worker|8080
 # ── Slot 11: VexHub ─────────────────────────────────────────────────────────────
 vexhub-web|devops/docker/Dockerfile.hardened.template|src/VexHub/StellaOps.VexHub.WebService/StellaOps.VexHub.WebService.csproj|StellaOps.VexHub.WebService|8080
@@ -46,8 +46,8 @@ scheduler-web|devops/docker/Dockerfile.hardened.template|src/JobEngine/StellaOps
 scheduler-worker|devops/docker/Dockerfile.hardened.template|src/JobEngine/StellaOps.Scheduler.Worker.Host/StellaOps.Scheduler.Worker.Host.csproj|StellaOps.Scheduler.Worker.Host|8080
 # ── Slot 20: Graph ──────────────────────────────────────────────────────────────
 graph-api|devops/docker/Dockerfile.hardened.template|src/Graph/StellaOps.Graph.Api/StellaOps.Graph.Api.csproj|StellaOps.Graph.Api|8080
-# ── Slot 21: Cartographer ───────────────────────────────────────────────────────
-cartographer|devops/docker/Dockerfile.hardened.template|src/Scanner/StellaOps.Scanner.Cartographer/StellaOps.Scanner.Cartographer.csproj|StellaOps.Scanner.Cartographer|8080
+# ── Slot 21: Cartographer (RETIRED -- merged into graph-api Slot 20) ──────────
+# cartographer|devops/docker/Dockerfile.hardened.template|src/Scanner/StellaOps.Scanner.Cartographer/StellaOps.Scanner.Cartographer.csproj|StellaOps.Scanner.Cartographer|8080
 # ── Slot 22: ReachGraph ─────────────────────────────────────────────────────────
 reachgraph-web|devops/docker/Dockerfile.hardened.template|src/ReachGraph/StellaOps.ReachGraph.WebService/StellaOps.ReachGraph.WebService.csproj|StellaOps.ReachGraph.WebService|8080
 # ── Slot 23: Timeline Indexer (MERGED into timeline-web in Slot 24) ────────────
@@ -89,7 +89,7 @@ symbols|devops/docker/Dockerfile.hardened.template|src/BinaryIndex/StellaOps.Sym
 # ── Slot 39: SbomService ────────────────────────────────────────────────────────
 sbomservice|devops/docker/Dockerfile.hardened.template|src/SbomService/StellaOps.SbomService/StellaOps.SbomService.csproj|StellaOps.SbomService|8080
 # ── Slot 40: ExportCenter ───────────────────────────────────────────────────────
-export|devops/docker/Dockerfile.hardened.template|src/ExportCenter/StellaOps.ExportCenter/StellaOps.ExportCenter.WebService/StellaOps.ExportCenter.WebService.csproj|StellaOps.ExportCenter.WebService|8080
+export-web|devops/docker/Dockerfile.hardened.template|src/ExportCenter/StellaOps.ExportCenter/StellaOps.ExportCenter.WebService/StellaOps.ExportCenter.WebService.csproj|StellaOps.ExportCenter.WebService|8080
 export-worker|devops/docker/Dockerfile.hardened.template|src/ExportCenter/StellaOps.ExportCenter/StellaOps.ExportCenter.Worker/StellaOps.ExportCenter.Worker.csproj|StellaOps.ExportCenter.Worker|8080
 # ── Slot 41: Replay ─────────────────────────────────────────────────────────────
 replay-web|devops/docker/Dockerfile.hardened.template|src/Replay/StellaOps.Replay.WebService/StellaOps.Replay.WebService.csproj|StellaOps.Replay.WebService|8080