more features checks. setup improvements
This commit is contained in:
master
@@ -1,40 +0,0 @@
|
||||
# AdvisoryAI Orchestrator (Chat + Workbench + Runs)
|
||||
|
||||
## Module
|
||||
AdvisoryAI
|
||||
|
||||
## Status
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
The AdvisoryAI module provides a chat orchestrator with session management, run tracking (with artifacts and events), and tool routing. Backend web service with chat and run endpoints is operational.
|
||||
|
||||
## Implementation Details
|
||||
- **Modules**: `src/AdvisoryAI/StellaOps.AdvisoryAI/`, `src/AdvisoryAI/StellaOps.AdvisoryAI.WebService/`, `src/AdvisoryAI/StellaOps.AdvisoryAI.Worker/`
|
||||
- **Key Classes**:
|
||||
- `AdvisoryPipelineOrchestrator` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Orchestration/AdvisoryPipelineOrchestrator.cs`) - main pipeline orchestrator coordinating task plans and execution
|
||||
- `AdvisoryPipelineExecutor` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Execution/AdvisoryPipelineExecutor.cs`) - executes advisory pipeline stages
|
||||
- `AdvisoryChatService` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Chat/Services/AdvisoryChatService.cs`) - chat session orchestration service
|
||||
- `ConversationService` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Chat/ConversationService.cs`) - manages conversation state and context
|
||||
- `RunService` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Runs/RunService.cs`) - tracks runs with artifacts and events
|
||||
- `InMemoryRunStore` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Runs/InMemoryRunStore.cs`) - in-memory storage for run data
|
||||
- `AdvisoryChatIntentRouter` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Chat/Routing/AdvisoryChatIntentRouter.cs`) - routes chat intents to appropriate handlers
|
||||
- `ChatEndpoints` (`src/AdvisoryAI/StellaOps.AdvisoryAI.WebService/Endpoints/ChatEndpoints.cs`) - REST endpoints for chat operations
|
||||
- `RunEndpoints` (`src/AdvisoryAI/StellaOps.AdvisoryAI.WebService/Endpoints/RunEndpoints.cs`) - REST endpoints for run tracking
|
||||
- `AdvisoryTaskWorker` (`src/AdvisoryAI/StellaOps.AdvisoryAI.Worker/Services/AdvisoryTaskWorker.cs`) - background worker processing advisory tasks
|
||||
- **Interfaces**: `IAdvisoryPipelineOrchestrator`, `IRunService`, `IRunStore`
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Submit a chat message via `ChatEndpoints` and verify `AdvisoryChatService` processes it with correct conversation context
|
||||
- [ ] Create a run via `RunEndpoints` and verify `RunService` tracks artifacts and events in `InMemoryRunStore`
|
||||
- [ ] Verify `AdvisoryChatIntentRouter` routes different intent types (explain, remediate, policy) to correct handlers
|
||||
- [ ] Verify `AdvisoryPipelineOrchestrator` creates and executes task plans with `AdvisoryPipelineExecutor`
|
||||
- [ ] Verify `AdvisoryTaskWorker` picks up queued tasks and processes them to completion
|
||||
- [ ] Verify conversation context is maintained across multiple messages in the same session via `ConversationService`
|
||||
|
||||
## Verification
|
||||
- Verified on 2026-02-11 via `run-001`.
|
||||
- Tier 0: `docs/qa/feature-checks/runs/advisoryai/advisoryai-orchestrator/run-001/tier0-source-check.json`
|
||||
- Tier 1: `docs/qa/feature-checks/runs/advisoryai/advisoryai-orchestrator/run-001/tier1-build-check.json`
|
||||
- Tier 2: `docs/qa/feature-checks/runs/advisoryai/advisoryai-orchestrator/run-001/tier2-api-check.json`
|
||||
@@ -1,44 +0,0 @@
|
||||
# AdvisoryAI Pipeline with Guardrails
|
||||
|
||||
## Module
|
||||
AdvisoryAI
|
||||
|
||||
## Status
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Full advisory AI pipeline with guardrails, chat interface, action execution, and idempotency handling. Includes retrieval, structured/vector retrievers, and SBOM context retrieval.
|
||||
|
||||
## Implementation Details
|
||||
- **Modules**: `src/AdvisoryAi/StellaOps.AdvisoryAI/`, `src/AdvisoryAi/StellaOps.AdvisoryAI.Hosting/`
|
||||
- **Key Classes**:
|
||||
- `AdvisoryGuardrailPipeline` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Guardrails/AdvisoryGuardrailPipeline.cs`) - guardrail pipeline filtering AI inputs and outputs
|
||||
- `AdvisoryPipelineOrchestrator` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Orchestration/AdvisoryPipelineOrchestrator.cs`) - orchestrates pipeline stages with guardrail checks
|
||||
- `AdvisoryPipelineExecutor` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Execution/AdvisoryPipelineExecutor.cs`) - executes pipeline with pre/post guardrails
|
||||
- `AdvisoryStructuredRetriever` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Retrievers/AdvisoryStructuredRetriever.cs`) - retrieves structured advisory data
|
||||
- `AdvisoryVectorRetriever` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Retrievers/AdvisoryVectorRetriever.cs`) - vector-based semantic retrieval
|
||||
- `SbomContextRetriever` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Retrievers/SbomContextRetriever.cs`) - retrieves SBOM context for vulnerability analysis
|
||||
- `ActionExecutor` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/ActionExecutor.cs`) - executes AI-proposed actions
|
||||
- `IdempotencyHandler` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/IdempotencyHandler.cs`) - ensures idempotent action execution
|
||||
- `GuardrailAllowlistLoader` (`src/AdvisoryAi/StellaOps.AdvisoryAI.Hosting/GuardrailAllowlistLoader.cs`) - loads guardrail allowlists from configuration
|
||||
- `GuardrailPhraseLoader` (`src/AdvisoryAi/StellaOps.AdvisoryAI.Hosting/GuardrailPhraseLoader.cs`) - loads guardrail phrase filters
|
||||
- `AdvisoryAiGuardrailOptions` (`src/AdvisoryAi/StellaOps.AdvisoryAI.Hosting/AdvisoryAiGuardrailOptions.cs`) - guardrail configuration options
|
||||
- **Interfaces**: `IAdvisoryStructuredRetriever`, `IAdvisoryVectorRetriever`, `ISbomContextRetriever`, `IActionExecutor`, `IIdempotencyHandler`
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Submit a prompt through `AdvisoryGuardrailPipeline` and verify guardrails filter prohibited content before reaching LLM
|
||||
- [ ] Verify `AdvisoryStructuredRetriever` returns relevant CVE/advisory data for a given vulnerability query
|
||||
- [ ] Verify `AdvisoryVectorRetriever` performs semantic search and returns ranked results
|
||||
- [ ] Verify `SbomContextRetriever` enriches prompts with SBOM component context
|
||||
- [ ] Execute an action through `ActionExecutor` and verify `IdempotencyHandler` prevents duplicate execution
|
||||
- [ ] Verify `GuardrailAllowlistLoader` and `GuardrailPhraseLoader` correctly load and enforce content filters
|
||||
- [ ] Verify the full pipeline flow: retrieval -> guardrail check -> LLM inference -> output guardrail -> response
|
||||
|
||||
## Verification
|
||||
- Verified on 2026-02-11 via `run-001`.
|
||||
- Tier 0: `docs/qa/feature-checks/runs/advisoryai/advisoryai-pipeline-with-guardrails/run-001/tier0-source-check.json`
|
||||
- Tier 1: `docs/qa/feature-checks/runs/advisoryai/advisoryai-pipeline-with-guardrails/run-001/tier1-build-check.json`
|
||||
- Tier 2: `docs/qa/feature-checks/runs/advisoryai/advisoryai-pipeline-with-guardrails/run-001/tier2-integration-check.json`
|
||||
|
||||
|
||||
@@ -1,37 +0,0 @@
|
||||
# AI Action Policy Gate (K4 Lattice Governance for AI-Proposed Actions)
|
||||
|
||||
## Module
|
||||
AdvisoryAI
|
||||
|
||||
## Status
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Connects AI-proposed actions to the Policy Engine's K4 lattice for governance-aware automation. Moves beyond simple role checks to VEX-aware policy gates with approval workflows, idempotency tracking, and action audit ledger. Enables "AI that acts" with governance guardrails.
|
||||
|
||||
## Implementation Details
|
||||
- **Modules**: `src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/`
|
||||
- **Key Classes**:
|
||||
- `ActionPolicyGate` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/ActionPolicyGate.cs`) - evaluates AI-proposed actions against K4 lattice policy rules
|
||||
- `ActionRegistry` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/ActionRegistry.cs`) - registry of available AI actions with metadata and policy requirements
|
||||
- `ActionExecutor` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/ActionExecutor.cs`) - executes approved actions with policy gate checks
|
||||
- `ActionAuditLedger` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/ActionAuditLedger.cs`) - immutable audit trail of all action decisions and executions
|
||||
- `ApprovalWorkflowAdapter` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/ApprovalWorkflowAdapter.cs`) - integrates with approval workflows for gated actions
|
||||
- `IdempotencyHandler` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/IdempotencyHandler.cs`) - ensures actions are not duplicated
|
||||
- `ActionDefinition` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Actions/ActionDefinition.cs`) - defines an action's capabilities, constraints, and policy metadata
|
||||
- **Interfaces**: `IActionPolicyGate`, `IActionRegistry`, `IActionExecutor`, `IActionAuditLedger`, `IApprovalWorkflowAdapter`, `IIdempotencyHandler`, `IGuidGenerator`
|
||||
- **Source**: SPRINT_20260109_011_004_BE_policy_action_integration.md
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Register an action in `ActionRegistry` and verify `ActionPolicyGate` evaluates it against K4 lattice policy rules
|
||||
- [ ] Submit an action requiring approval and verify `ApprovalWorkflowAdapter` creates an approval request
|
||||
- [ ] Execute a gated action after approval and verify `ActionAuditLedger` records the decision, approval, and execution
|
||||
- [ ] Submit a duplicate action and verify `IdempotencyHandler` prevents re-execution
|
||||
- [ ] Submit an action that violates policy and verify `ActionPolicyGate` rejects it with a policy violation reason
|
||||
- [ ] Verify `ActionDefinition` metadata (risk level, required approvals, allowed scopes) is enforced during gate evaluation
|
||||
## Verification
|
||||
- Verified on 2026-02-11 via `run-002`.
|
||||
- Tier 0: `docs/qa/feature-checks/runs/advisoryai/ai-action-policy-gate/run-002/tier0-source-check.json`
|
||||
- Tier 1: `docs/qa/feature-checks/runs/advisoryai/ai-action-policy-gate/run-002/tier1-build-check.json`
|
||||
- Tier 2: `docs/qa/feature-checks/runs/advisoryai/ai-action-policy-gate/run-002/tier2-integration-check.json`
|
||||
|
||||
@@ -1,34 +0,0 @@
|
||||
# AI Codex / Zastava Companion
|
||||
|
||||
## Module
|
||||
AdvisoryAI
|
||||
|
||||
## Status
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Companion explanation feature that combines AdvisoryAI evidence-grounded explanations with runtime signals (for example Zastava observer signals) and exposes an API endpoint for companion explain generation.
|
||||
|
||||
## Implementation Details
|
||||
- **Companion Service**: `src/AdvisoryAI/StellaOps.AdvisoryAI/Explanation/CodexZastavaCompanionService.cs`
|
||||
- `ICodexCompanionService` contract and deterministic `CodexZastavaCompanionService` implementation.
|
||||
- Normalizes and deduplicates runtime signals, computes deterministic companion hash, and returns companion summary/highlights.
|
||||
- **Web Endpoint Registration**: `src/AdvisoryAI/StellaOps.AdvisoryAI.WebService/Program.cs`
|
||||
- Registers `ICodexCompanionService` and maps `POST /v1/advisory-ai/companion/explain`.
|
||||
- **API Contracts**: `src/AdvisoryAI/StellaOps.AdvisoryAI.WebService/Contracts/CompanionExplainContracts.cs`
|
||||
- `CompanionExplainRequest`, `CompanionExplainResponse`, runtime-signal request/response contracts, and domain mapping.
|
||||
- **Behavioral Tests**:
|
||||
- `src/AdvisoryAI/__Tests/StellaOps.AdvisoryAI.Companion.Tests/CodexZastavaCompanionServiceTests.cs`
|
||||
- `src/AdvisoryAI/__Tests/StellaOps.AdvisoryAI.Companion.Tests/CompanionExplainEndpointTests.cs`
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Submit companion explain request without scopes and verify the endpoint returns `403`.
|
||||
- [ ] Submit companion explain request with `advisory:companion` scope and verify mapped request + companion response payload.
|
||||
- [ ] Submit companion explain request where companion service rejects input and verify endpoint returns `400`.
|
||||
- [ ] Verify deterministic companion hash for permuted/deduplicated runtime signal inputs.
|
||||
|
||||
## Verification
|
||||
- Verified on 2026-02-11 via `run-002`.
|
||||
- Tier 0: `docs/qa/feature-checks/runs/advisoryai/ai-codex-zastava-companion/run-002/tier0-source-check.json`
|
||||
- Tier 1: `docs/qa/feature-checks/runs/advisoryai/ai-codex-zastava-companion/run-002/tier1-build-check.json`
|
||||
- Tier 2: `docs/qa/feature-checks/runs/advisoryai/ai-codex-zastava-companion/run-002/tier2-integration-check.json`
|
||||
@@ -1,37 +0,0 @@
|
||||
# Deterministic AI Artifact Replay
|
||||
|
||||
## Module
|
||||
AdvisoryAI
|
||||
|
||||
## Status
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Deterministic replay infrastructure for AI artifacts including replay manifests, prompt template versioning, and input artifact hashing for reproducible AI outputs.
|
||||
|
||||
## Implementation Details
|
||||
- **Modules**: `src/AdvisoryAI/StellaOps.AdvisoryAI/Replay/`, `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/`
|
||||
- **Key Classes**:
|
||||
- `AIArtifactReplayer` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Replay/AIArtifactReplayer.cs`) - replays AI artifacts with deterministic inputs for verification
|
||||
- `ReplayInputArtifact` (`src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/ReplayInputArtifact.cs`) - input artifact model with content-addressed hashing
|
||||
- `ReplayPromptTemplate` (`src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/ReplayPromptTemplate.cs`) - versioned prompt templates for replay
|
||||
- `ReplayResult` (`src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/ReplayResult.cs`) - replay execution result with comparison data
|
||||
- `ReplayVerificationResult` (`src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/ReplayVerificationResult.cs`) - verification of replay output against original
|
||||
- `ReplayStatus` (`src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/ReplayStatus.cs`) - replay status tracking
|
||||
- `DeterministicHashVectorEncoder` (`src/AdvisoryAI/StellaOps.AdvisoryAI/Vectorization/DeterministicHashVectorEncoder.cs`) - deterministic hash-based vector encoding for reproducibility
|
||||
- **Interfaces**: None (uses concrete replay pipeline)
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Record an AI inference run and verify `AIArtifactReplayer` can replay it with identical inputs
|
||||
- [ ] Verify `ReplayInputArtifact` computes content-addressed hashes that match across replay invocations
|
||||
- [ ] Verify `ReplayPromptTemplate` versioning: replay with a v1 template produces the same output as the original v1 run
|
||||
- [ ] Verify `ReplayVerificationResult` detects differences when the replay output diverges from the original
|
||||
- [ ] Verify `DeterministicHashVectorEncoder` produces identical vectors for identical inputs across runs
|
||||
- [ ] Verify replay with temperature=0 and fixed seed produces bit-identical outputs for supported providers
|
||||
|
||||
## Verification
|
||||
- Verified on 2026-02-11 via `run-001`.
|
||||
- Tier 0: `docs/qa/feature-checks/runs/advisoryai/deterministic-ai-artifact-replay/run-001/tier0-source-check.json`
|
||||
- Tier 1: `docs/qa/feature-checks/runs/advisoryai/deterministic-ai-artifact-replay/run-001/tier1-build-check.json`
|
||||
- Tier 2: `docs/qa/feature-checks/runs/advisoryai/deterministic-ai-artifact-replay/run-001/tier2-integration-check.json`
|
||||
Reference in New Issue
Block a user