stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity

feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details

Browse Source 
- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys.
- Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations.
- Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.
This commit is contained in:
master
2025-10-31 14:33:05 +02:00
parent 240e8ff25d
commit 9e5e958d42
312 changed files with 6399 additions and 3319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
docs/technical/interfaces/README.md Normal file
View File

@@ -0,0 +1,48 @@
# Interfaces, Contracts & Schemas
Specifications covering APIs, data contracts, event envelopes, and enforcement models.
## External & Internal APIs
- [../09_API_CLI_REFERENCE.md](../../09_API_CLI_REFERENCE.md) canonical REST and CLI surface (scan, policy, auth, health).
- [../api/policy.md](../../api/policy.md) Policy Engine REST endpoints.
- Module APIs: see relevant module architecture docs (e.g., [../../modules/export-center/api.md](../../modules/export-center/api.md)).
## Policy & Decisioning
- [../policy/overview.md](../../policy/overview.md) Policy Engine fundamentals.
- [../policy/dsl.md](../../policy/dsl.md) `stella-dsl@1` grammar.
- [../policy/lifecycle.md](../../policy/lifecycle.md) creation, promotion, approval flows.
- [../policy/runs.md](../../policy/runs.md) execution orchestrations.
- [../policy/exception-effects.md](../../policy/exception-effects.md) waiver semantics.
- [../policy/gateway.md](../../policy/gateway.md) gateway service contract.
- [../60_POLICY_TEMPLATES.md](../../60_POLICY_TEMPLATES.md) YAML/Rego samples.
## Data Schemas & Storage Contracts
- [../11_DATA_SCHEMAS.md](../../11_DATA_SCHEMAS.md) MongoDB/Redis/document shapes.
- JSON schemas under [../schemas/](../../schemas/) policy diff, explain trace, run request, run status, preview sample, report sample.
- [../../modules/scanner/architecture.md](../../modules/scanner/architecture.md) SBOM cache and scan job contracts.
- [../../scanner-core-contracts.md](../../scanner-core-contracts.md) shared scanner DTOs.
## Events & Messaging
- [../events/README.md](../../events/README.md) event catalogue (`scanner.scan.completed@1`, `scheduler.rescan.delta@1`, etc.).
- Payload schemas in [../events/*.json](../../events/) and samples in [../events/samples/](../../events/samples/).
- [../observability/policy.md](../../observability/policy.md) and [../observability/ui-telemetry.md](../../observability/ui-telemetry.md) telemetry event guidance.
## Ingestion & Evidence Contracts
- [../ingestion/aggregation-only-contract.md](../../ingestion/aggregation-only-contract.md) Aggregation-Only Contract reference.
- [../aoc/aoc-guardrails.md](../../aoc/aoc-guardrails.md) guardrails checklist.
- [../advisories/aggregation.md](../../advisories/aggregation.md) advisory observation schema.
- [../vex/aggregation.md](../../vex/aggregation.md) VEX observation schema.
- [../../modules/concelier/operations/connectors/](../../modules/concelier/operations/connectors/) connector-specific payload notes.
## Identity, Quota & Licence Enforcement
- [../license-jwt-quota.md](../../license-jwt-quota.md) offline quota token design.
- [../30_QUOTA_ENFORCEMENT_FLOW1.md](../../30_QUOTA_ENFORCEMENT_FLOW1.md) enforcement sequence diagram.
- [../33_333_QUOTA_OVERVIEW.md](../../33_333_QUOTA_OVERVIEW.md) free tier policy.
- [../30_QUOTA_ENFORCEMENT_FLOW1.md](../../30_QUOTA_ENFORCEMENT_FLOW1.md) and [../33_333_QUOTA_OVERVIEW.md](../../33_333_QUOTA_OVERVIEW.md) pair with [../29_LEGAL_FAQ_QUOTA.md](../../29_LEGAL_FAQ_QUOTA.md) for legal framing.
- [../../modules/authority/architecture.md](../../modules/authority/architecture.md) OpTok issuance & validation contracts.
- [../../modules/registry/architecture.md](../../modules/registry/architecture.md) token service scope and audit requirements.
## Transparency & Attestation
- [../../modules/attestor/architecture.md](../../modules/attestor/architecture.md) DSSE/Rekor bundle contracts.
- [../../modules/signer/architecture.md](../../modules/signer/architecture.md) signing workflow contracts.
- [../../modules/export-center/provenance-and-signing.md](../../modules/export-center/provenance-and-signing.md) export bundle evidence artefacts.