feat: Implement Policy Engine Evaluation Service and Cache with unit tests

Temp commit to debug

docs/modules/devops/AGENTS.md

@@ -1,35 +1,35 @@
-# DevOps agent guide
-
-## Mission
-The DevOps module captures release, deployment, and migration playbooks that keep StellaOps deterministic across environments.
-
-## Key docs
-- [Module README](./README.md)
-- [Architecture](./architecture.md)
-- [Implementation plan](./implementation_plan.md)
-- [Task board](./TASKS.md)
-- [Task Runner simulation notes](./task-runner-simulation.md)
-
-## How to get started
-1. Open ../../implplan/SPRINTS.md and locate the stories referencing this module.
-2. Review ./TASKS.md for local follow-ups and confirm status transitions (TODO → DOING → DONE/BLOCKED).
-3. Read the architecture and README for domain context before editing code or docs.
-4. Coordinate cross-module changes in the main /AGENTS.md description and through the sprint plan.
-
-## Guardrails
-- Honour the Aggregation-Only Contract where applicable (see ../../ingestion/aggregation-only-contract.md).
-- Preserve determinism: sort outputs, normalise timestamps (UTC ISO-8601), and avoid machine-specific artefacts.
-- Keep Offline Kit parity in mind—document air-gapped workflows for any new feature.
-- Update runbooks/observability assets when operational characteristics change.
-## Required Reading
-- `docs/modules/devops/README.md`
-- `docs/modules/devops/architecture.md`
-- `docs/modules/devops/implementation_plan.md`
-- `docs/modules/platform/architecture-overview.md`
-
-## Working Agreement
-- 1. Update task status to `DOING`/`DONE` in both `docs/implplan/SPRINTS.md` and the local `TASKS.md` when you start or finish work.
-- 2. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
-- 3. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
-- 4. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
-- 5. Revert to `TODO` if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.
+# DevOps agent guide
+
+## Mission
+The DevOps module captures release, deployment, and migration playbooks that keep StellaOps deterministic across environments.
+
+## Key docs
+- [Module README](./README.md)
+- [Architecture](./architecture.md)
+- [Implementation plan](./implementation_plan.md)
+- [Task board](./TASKS.md)
+- [Task Runner simulation notes](./task-runner-simulation.md)
+
+## How to get started
+1. Open ../../implplan/SPRINTS.md and locate the stories referencing this module.
+2. Review ./TASKS.md for local follow-ups and confirm status transitions (TODO → DOING → DONE/BLOCKED).
+3. Read the architecture and README for domain context before editing code or docs.
+4. Coordinate cross-module changes in the main /AGENTS.md description and through the sprint plan.
+
+## Guardrails
+- Honour the Aggregation-Only Contract where applicable (see ../../ingestion/aggregation-only-contract.md).
+- Preserve determinism: sort outputs, normalise timestamps (UTC ISO-8601), and avoid machine-specific artefacts.
+- Keep Offline Kit parity in mind—document air-gapped workflows for any new feature.
+- Update runbooks/observability assets when operational characteristics change.
+## Required Reading
+- `docs/modules/devops/README.md`
+- `docs/modules/devops/architecture.md`
+- `docs/modules/devops/implementation_plan.md`
+- `docs/modules/platform/architecture-overview.md`
+
+## Working Agreement
+- 1. Update task status to `DOING`/`DONE` in both `docs/implplan/SPRINTS.md` and the local `TASKS.md` when you start or finish work.
+- 2. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
+- 3. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
+- 4. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
+- 5. Revert to `TODO` if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.

docs/modules/devops/README.md

@@ -1,42 +1,42 @@
-# StellaOps DevOps
-
-The DevOps module captures release, deployment, and migration playbooks that keep StellaOps deterministic across environments.
-
-## Responsibilities
-- Maintain CI pipelines, signing workflows, and release packaging steps.
-- Operate shared runbooks for launch readiness, upgrades, and NuGet previews.
-- Provide offline kit assembly instructions and tooling integration.
-- Wrap observability/telemetry bootstrap flows for platform teams.
-
-## Key components
-- Runbooks under ./runbooks/ (launch, deployment, nuget).
-- Migration guidance under ./migrations/.
-- Architecture overview bridging CI/CD & infrastructure concerns.
-
-## Integrations & dependencies
-- Ops pipelines (Gitea, GitHub Actions) and artifact registries.
-- Authority/Signer for supply chain signing.
-- Telemetry stack bootstrap scripts.
-
-## Operational notes
-- Offline bundle packaging guidance in docs/modules/export-center/operations/runbook.md.
-- Dashboards for launch cutover rehearsals.
-- Coordination with Security for enforced guardrails.
-
-## Related resources
-- ./runbooks/launch-readiness.md
-- ./runbooks/launch-cutover.md
-- ./runbooks/deployment-upgrade.md
-- ./runbooks/nuget-preview-bootstrap.md
-- ./migrations/semver-style.md
-- ./task-runner-simulation.md
-
-## Backlog references
-- DEVOPS-LAUNCH-18-001 / 18-900 runbooks in ../../TASKS.md.
-- Telemetry bootstrap automation tracked in `ops/devops/TASKS.md`.
-
-## Epic alignment
-- **Epic 1 – AOC enforcement:** bake AOC verifier steps, CI guards, and schema validation into pipelines.
-- **Epic 9 – Orchestrator Dashboard:** support operational dashboards, job recovery runbooks, and rate-limit governance.
-- **Epic 10 – Export Center:** manage signing workflows, Offline Kit packaging, and release promotion for exports.
-- **Epic 15 – Observability & Forensics:** coordinate telemetry deployment, evidence retention, and forensic automation.
+# StellaOps DevOps
+
+The DevOps module captures release, deployment, and migration playbooks that keep StellaOps deterministic across environments.
+
+## Responsibilities
+- Maintain CI pipelines, signing workflows, and release packaging steps.
+- Operate shared runbooks for launch readiness, upgrades, and NuGet previews.
+- Provide offline kit assembly instructions and tooling integration.
+- Wrap observability/telemetry bootstrap flows for platform teams.
+
+## Key components
+- Runbooks under ./runbooks/ (launch, deployment, nuget).
+- Migration guidance under ./migrations/.
+- Architecture overview bridging CI/CD & infrastructure concerns.
+
+## Integrations & dependencies
+- Ops pipelines (Gitea, GitHub Actions) and artifact registries.
+- Authority/Signer for supply chain signing.
+- Telemetry stack bootstrap scripts.
+
+## Operational notes
+- Offline bundle packaging guidance in docs/modules/export-center/operations/runbook.md.
+- Dashboards for launch cutover rehearsals.
+- Coordination with Security for enforced guardrails.
+
+## Related resources
+- ./runbooks/launch-readiness.md
+- ./runbooks/launch-cutover.md
+- ./runbooks/deployment-upgrade.md
+- ./runbooks/nuget-preview-bootstrap.md
+- ./migrations/semver-style.md
+- ./task-runner-simulation.md
+
+## Backlog references
+- DEVOPS-LAUNCH-18-001 / 18-900 runbooks in ../../TASKS.md.
+- Telemetry bootstrap automation tracked in `ops/devops/TASKS.md`.
+
+## Epic alignment
+- **Epic 1 – AOC enforcement:** bake AOC verifier steps, CI guards, and schema validation into pipelines.
+- **Epic 9 – Orchestrator Dashboard:** support operational dashboards, job recovery runbooks, and rate-limit governance.
+- **Epic 10 – Export Center:** manage signing workflows, Offline Kit packaging, and release promotion for exports.
+- **Epic 15 – Observability & Forensics:** coordinate telemetry deployment, evidence retention, and forensic automation.