stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity

Restructure solution layout by module
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details

Browse Source
This commit is contained in:
root
2025-10-28 15:10:40 +02:00
parent 4e3e575db5
commit 68da90a11a
4103 changed files with 192899 additions and 187024 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
docs/updates/2025-10-27-orch-operator-scope.md
View File

@@ -1,15 +1,15 @@
# 2025-10-27 — Orchestrator operator scope & audit metadata
## Summary
- Introduced the `orch:operate` scope and `Orch.Operator` role in Authority to unlock Orchestrator control actions while keeping read-only access under `Orch.Viewer`.
- Authority now enforces `operator_reason` and `operator_ticket` parameters on `/token` requests that include `orch:operate`; missing values yield `invalid_request` and no token is issued.
- Client credentials audit events capture both fields (`request.reason`, `request.ticket`), giving SecOps traceability for every control action.
## Next steps
| Team | Follow-up | Target |
|------|-----------|--------|
| Console Guild | Wire UI control panels to request `operator_reason`/`operator_ticket` when exchanging tokens for orchestrator actions. | Sprint 23 stand-up |
| CLI Guild | Add flags to `stella orch` subcommands to pass reason/ticket metadata before enabling mutations. | Sprint 23 stand-up |
| Orchestrator Service | Enforce presence of `X-Stella-Reason`/`X-Stella-Ticket` (or equivalent metadata) on mutate endpoints and align audit logging. | ORCH-SVC-33-001 implementation |
# 2025-10-27 — Orchestrator operator scope & audit metadata
## Summary
- Introduced the `orch:operate` scope and `Orch.Operator` role in Authority to unlock Orchestrator control actions while keeping read-only access under `Orch.Viewer`.
- Authority now enforces `operator_reason` and `operator_ticket` parameters on `/token` requests that include `orch:operate`; missing values yield `invalid_request` and no token is issued.
- Client credentials audit events capture both fields (`request.reason`, `request.ticket`), giving SecOps traceability for every control action.
## Next steps
| Team | Follow-up | Target |
|------|-----------|--------|
| Console Guild | Wire UI control panels to request `operator_reason`/`operator_ticket` when exchanging tokens for orchestrator actions. | Sprint 23 stand-up |
| CLI Guild | Add flags to `stella orch` subcommands to pass reason/ticket metadata before enabling mutations. | Sprint 23 stand-up |
| Orchestrator Service | Enforce presence of `X-Stella-Reason`/`X-Stella-Ticket` (or equivalent metadata) on mutate endpoints and align audit logging. | ORCH-SVC-33-001 implementation |