consolidation of some of the modules, localization fixes, product advisories work, qa work

2026-03-05 03:54:22 +02:00
parent 7bafcc3eef
commit 8e1cb9448d
3878 changed files with 72600 additions and 46861 deletions
--- a/docs/modules/advisory-ai/architecture.md
+++ b/docs/modules/advisory-ai/architecture.md
@@ -96,7 +96,7 @@ All context references include `content_hash` and `source_id` enabling verifiabl
  - Registered via `AddAdvisoryDeterministicToolset` for reuse across orchestrator, CLI, and services.
 - **Orchestration pipeline** — see `orchestration-pipeline.md` for prerequisites, task breakdown, and cross-guild responsibilities before wiring the execution flows.
 - **Planned extensions** — NEVRA/EVR comparators, ecosystem-specific normalisers, dependency chain scorers (AIAI-31-003 scope).
- Exposed via internal interfaces to allow orchestrator/toolchain reuse; all helpers stay side-effect free and deterministic for golden testing.
+- Exposed via internal interfaces to allow jobengine/toolchain reuse; all helpers stay side-effect free and deterministic for golden testing.

 ## 6) Output persistence

@@ -165,3 +165,57 @@ All endpoints accept `profile` parameter (default `fips-local`) and return `outp
 - **Offline parity.** Local model profiles are the default; remote inference is opt-in and blocked in sealed mode.

 See `docs/modules/advisory-ai/chat-interface.md` and `docs-archived/product/advisories/13-Jan-2026 - Controlled Conversational Interface.md`.
+
+## 15) OpsMemory (Operational Memory and RAG)
+
+> Consolidated from `src/OpsMemory/` into `src/AdvisoryAI/` (Sprint 213, 2026-03-04).
+> Archived docs: `docs-archived/modules/opsmemory/`.
+
+### Overview
+
+OpsMemory provides a decision ledger for security operations learning. It captures the complete lifecycle of a security decision -- from situation context through action taken to eventual outcome -- enabling playbook suggestions for future similar situations.
+
+### Source layout (post-consolidation)
+
+- **Library:** `src/AdvisoryAI/__Libraries/StellaOps.OpsMemory/` -- core domain: models, similarity vectors, playbook suggestion engine, storage abstractions.
+- **WebService:** `src/AdvisoryAI/StellaOps.OpsMemory.WebService/` -- HTTP API (`/api/v1/opsmemory/*`), auth, Swagger, health checks. Deploys as its own container (`opsmemory-web`).
+- **Tests:** `src/AdvisoryAI/__Tests/StellaOps.OpsMemory.Tests/` -- unit (similarity vectors, playbook suggestions, context enrichers, chat provider) and integration (Postgres store with Testcontainers).
+
+### Key components
+
+| Component | Purpose |
+|-----------|---------|
+| `SimilarityVectorGenerator` | 50-dimensional feature vectors from CVE, severity, reachability, EPSS/CVSS, component type, context tags |
+| `PlaybookSuggestionService` | Confidence-ranked suggestions from historical decisions |
+| `OutcomeTrackingService` | Records decision outcomes for feedback loop |
+| `PostgresOpsMemoryStore` | Postgres storage with array-based cosine similarity (no pgvector dependency) |
+| `OpsMemoryChatProvider` | Chat integration for conversational playbook queries |
+| `OpsMemoryContextEnricher` | Enriches AdvisoryAI context packs with operational memory |
+
+### API surface
+
+| Method | Path | Description |
+|--------|------|-------------|
+| POST | `/api/v1/opsmemory/decisions` | Record a new decision |
+| GET | `/api/v1/opsmemory/decisions/{id}` | Get decision details |
+| POST | `/api/v1/opsmemory/decisions/{id}/outcome` | Record outcome |
+| GET | `/api/v1/opsmemory/suggestions` | Get playbook suggestions |
+| GET | `/api/v1/opsmemory/decisions` | Query past decisions |
+| GET | `/api/v1/opsmemory/stats` | Get statistics |
+
+### Database
+
+OpsMemory uses the shared Postgres instance with an `opsmemory` schema. No EF Core migrations -- schema is managed via raw SQL (`CREATE TABLE opsmemory.decisions ...`). Tenant isolation is enforced at the query level.
+
+Connection contract (Sprint 312 remediation):
+- Connection resolution precedence: `ConnectionStrings:OpsMemory` -> `ConnectionStrings:Default`.
+- In non-development environments, missing DB configuration is a startup error (fail-fast).
+- Localhost fallback is limited to development-only workflows.
+
+### Dependencies
+
+- `StellaOps.Findings.Ledger` (upstream library)
+- `StellaOps.Auth.ServerIntegration` (authentication)
+- `StellaOps.Determinism.Abstractions` (deterministic time/GUID providers)
+- `StellaOps.Localization` (i18n)
+- AdvisoryAI core references OpsMemory via ProjectReference for context enrichment