stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

work work hard work

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-18 00:47:24 +02:00
parent dee252940b
commit b4235c134c
189 changed files with 9627 additions and 3258 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/ExportCenter/AGENTS.md
View File

@@ -24,6 +24,20 @@
- `docs/modules/export-center/operations/kms-envelope-pattern.md` (for 37-002 encryption/KMS)
- `docs/modules/export-center/operations/risk-bundle-provider-matrix.md` (for 69/70 risk bundle chain)
- Sprint file `docs/implplan/SPRINT_0164_0001_0001_exportcenter_iii.md`
- Offline triage bundle format: `docs/airgap/offline-bundle-format.md` (SPRINT_3603/3605)
## Offline Evidence Bundles & Cache (SPRINT_3603 / SPRINT_3605)
- Bundle format: `.stella.bundle.tgz` with DSSE-signed manifest and deterministic entry hashing (no external fetches required to verify).
- Core implementation (source of truth):
- `src/ExportCenter/StellaOps.ExportCenter/StellaOps.ExportCenter.Core/OfflineBundle/BundleManifest.cs`
- `src/ExportCenter/StellaOps.ExportCenter/StellaOps.ExportCenter.Core/OfflineBundle/BundlePredicate.cs`
- `src/ExportCenter/StellaOps.ExportCenter/StellaOps.ExportCenter.Core/OfflineBundle/OfflineBundlePackager.cs`
- Determinism requirements:
- All manifest entries and tarball paths must be sorted deterministically (ordinal string compare).
- Hash inputs must be canonical and stable; retrying packaging MUST yield identical bundle bytes when inputs are unchanged.
- Local evidence cache (offline-first, side-by-side with scan artefacts):
- `src/ExportCenter/StellaOps.ExportCenter/StellaOps.ExportCenter.Core/EvidenceCache/LocalEvidenceCacheService.cs`
- Cache manifests and enrichment queue must be deterministic and replay-safe.
## Working Agreements
- Enforce tenant scoping and RBAC on every API, worker fetch, and distribution path; no cross-tenant exports unless explicitly whitelisted and logged.

7
src/ExportCenter/StellaOps.ExportCenter/AGENTS.md
View File

@@ -20,6 +20,13 @@ Deliver the Export Center service described in Epic10. Provide reproducible,
## Required Reading
- `docs/modules/export-center/architecture.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/airgap/offline-bundle-format.md` (triage offline bundles)
## Contracts (Offline Triage Bundles)
- Offline triage bundles are `.stella.bundle.tgz` files with a DSSE-signed manifest and deterministic entry ordering.
- Source of truth code paths:
- `StellaOps.ExportCenter.Core/OfflineBundle/*` (bundle schema, predicate, packager)
- `StellaOps.ExportCenter.Core/EvidenceCache/*` (local evidence cache + enrichment queue)
## Working Agreement
- 1. Update task status to `DOING`/`DONE` in both correspoding sprint file `/docs/implplan/SPRINT_*.md` and the local `TASKS.md` when you start or finish work.

7
src/ExportCenter/TASKS.md Normal file
View File

@@ -0,0 +1,7 @@
# Export Center · Local Tasks
This file mirrors sprint work for the Export Center module.
| Task ID | Sprint | Status | Notes |
| --- | --- | --- | --- |
| `TRI-MASTER-0005` | `docs/implplan/SPRINT_3600_0001_0001_triage_unknowns_master.md` | DONE (2025-12-17) | Sync ExportCenter AGENTS with offline triage bundle (`.stella.bundle.tgz`) + local evidence cache contracts. |