Align AOC tasks for Excititor and Concelier
This commit is contained in:
master
root
@@ -1,34 +1,34 @@
|
||||
# StellaOps Registry Token Service
|
||||
|
||||
The registry module issues scoped pull tokens for mirrored container registries while enforcing plan and licence constraints.
|
||||
|
||||
## Responsibilities
|
||||
- Validate Authority-issued OpToks and tenant scopes before issuance.
|
||||
- Mint time-bound registry tokens and record issuance ledgers.
|
||||
- Expose revocation and audit endpoints for security teams.
|
||||
- Integrate with Offline Kit for deterministic token manifests.
|
||||
|
||||
## Key components
|
||||
- `StellaOps.Registry.TokenService` minimal API host.
|
||||
- Mongo-backed issuance ledger.
|
||||
- Tests under `src/Registry/__Tests`.
|
||||
|
||||
## Integrations & dependencies
|
||||
- Authority for identity & scope verification.
|
||||
- Export Center/Offline Kit for distribution.
|
||||
- DevOps runbooks for deployment and rotation.
|
||||
|
||||
## Operational notes
|
||||
- Operational guide at ./operations/token-service.md.
|
||||
- Telemetry dashboards pending (see ../../TASKS.md).
|
||||
|
||||
## Related resources
|
||||
- ./operations/token-service.md
|
||||
|
||||
## Backlog references
|
||||
- DEVOPS-REGISTRY items in ../../TASKS.md (future work).
|
||||
- Registry automation stories tracked in src/Registry/TASKS.md if present.
|
||||
|
||||
## Epic alignment
|
||||
- **Epic 10 – Export Center:** provide signed, auditable registry token bundles for mirror distribution.
|
||||
- **Epic 14 – Identity & Tenancy:** enforce tenant-aware scopes, PoE alignment, and revocation policies.
|
||||
# StellaOps Registry Token Service
|
||||
|
||||
The registry module issues scoped pull tokens for mirrored container registries while enforcing plan and licence constraints.
|
||||
|
||||
## Responsibilities
|
||||
- Validate Authority-issued OpToks and tenant scopes before issuance.
|
||||
- Mint time-bound registry tokens and record issuance ledgers.
|
||||
- Expose revocation and audit endpoints for security teams.
|
||||
- Integrate with Offline Kit for deterministic token manifests.
|
||||
|
||||
## Key components
|
||||
- `StellaOps.Registry.TokenService` minimal API host.
|
||||
- Mongo-backed issuance ledger.
|
||||
- Tests under `src/Registry/__Tests`.
|
||||
|
||||
## Integrations & dependencies
|
||||
- Authority for identity & scope verification.
|
||||
- Export Center/Offline Kit for distribution.
|
||||
- DevOps runbooks for deployment and rotation.
|
||||
|
||||
## Operational notes
|
||||
- Operational guide at ./operations/token-service.md.
|
||||
- Telemetry dashboards pending (see ../../TASKS.md).
|
||||
|
||||
## Related resources
|
||||
- ./operations/token-service.md
|
||||
|
||||
## Backlog references
|
||||
- DEVOPS-REGISTRY items in ../../TASKS.md (future work).
|
||||
- Registry automation stories tracked in src/Registry/TASKS.md if present.
|
||||
|
||||
## Epic alignment
|
||||
- **Epic 10 – Export Center:** provide signed, auditable registry token bundles for mirror distribution.
|
||||
- **Epic 14 – Identity & Tenancy:** enforce tenant-aware scopes, PoE alignment, and revocation policies.
|
||||
|
||||
Reference in New Issue
Block a user