stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Align AOC tasks for Excititor and Concelier

Browse Source
This commit is contained in:
master
2025-10-31 18:50:15 +02:00
committed by root
parent 9e6d9fbae8
commit 8da4e12a90
334 changed files with 35528 additions and 34546 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
docs/modules/signer/README.md
View File

@@ -1,30 +1,30 @@
# StellaOps Signer
Signer validates callers, enforces Proof-of-Entitlement, and produces signed DSSE bundles for SBOMs, reports, and exports.
## Responsibilities
- Enforce plan quotas and PoE before signing artifacts.
- Support keyless and keyful signing backends.
- Emit DSSE payloads consumed by Attestor and downstream bundles.
- Maintain audit trails for all signing operations.
## Key components
- `StellaOps.Signer` service host.
- Crypto providers under `StellaOps.Cryptography.*`.
## Integrations & dependencies
- Authority for OpTok validation.
- Attestor for transparency logging.
- Export Center and CLI for artifact signing flows.
## Operational notes
- Key management via Authority/DevOps runbooks.
- Metrics for signing latency/throttle states.
- Offline kit integration for signature verification.
## Backlog references
- SIG docs/tasks in ../../TASKS.md (e.g., DOCS-SIG-26-006).
## Epic alignment
- **Epic 10 Export Center:** provide signing pipelines, cosign interoperability, and provenance manifests for bundle promotion.
- **Epic 19 Attestor Console:** supply DSSE payloads and Proof-of-Entitlement enforcement feeding attestation workflows described in `docs/modules/attestor/`.
# StellaOps Signer
Signer validates callers, enforces Proof-of-Entitlement, and produces signed DSSE bundles for SBOMs, reports, and exports.
## Responsibilities
- Enforce plan quotas and PoE before signing artifacts.
- Support keyless and keyful signing backends.
- Emit DSSE payloads consumed by Attestor and downstream bundles.
- Maintain audit trails for all signing operations.
## Key components
- `StellaOps.Signer` service host.
- Crypto providers under `StellaOps.Cryptography.*`.
## Integrations & dependencies
- Authority for OpTok validation.
- Attestor for transparency logging.
- Export Center and CLI for artifact signing flows.
## Operational notes
- Key management via Authority/DevOps runbooks.
- Metrics for signing latency/throttle states.
- Offline kit integration for signature verification.
## Backlog references
- SIG docs/tasks in ../../TASKS.md (e.g., DOCS-SIG-26-006).
## Epic alignment
- **Epic 10 Export Center:** provide signing pipelines, cosign interoperability, and provenance manifests for bundle promotion.
- **Epic 19 Attestor Console:** supply DSSE payloads and Proof-of-Entitlement enforcement feeding attestation workflows described in `docs/modules/attestor/`.