stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

docs(implplan): add DOCS cutover plan sprint, archive FE integration-hub sprint

Browse Source 
Adds SPRINT_20260415_001_DOCS_real_service_cutover_plan tracking the doc
work needed to finalize the no-mocks / real-service migration.

Archives SPRINT_20260415_002_FE_integration_hub_truthful_status_and_button_styling
— both tasks complete (truthful integration status + button styling fix
landed in the earlier Web UI commit).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
2026-04-15 11:27:31 +03:00
parent 07e227fdb7
commit c01ce36b62
11 changed files with 1324 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

144
docs/implplan/SPRINT_20260415_001_DOCS_real_service_cutover_plan.md Normal file
View File

@@ -0,0 +1,144 @@
# Sprint 20260415-001 - Real Service Cutover Plan
## Topic & Scope
- Produce the repo-wide implementation plan for replacing remaining live in-memory, stub, and mock backend bindings with real runtime services.
- Group the remaining work into parallel module workstreams so implementation can proceed without cross-module ambiguity.
- Define, for each workstream, the current fake runtime bindings, the target real backend, migration/config prerequisites, and the proof lane required before closure.
- Working directory: `docs/implplan`.
- Expected evidence: sprint task definitions, module cutover inventory, subagent findings, and file-level handoff references for implementation sprints.
## Dependencies & Concurrency
- Upstream reference: `docs-archived/implplan/SPRINT_20260410_001_Web_runtime_no_mocks_real_backend.md` captures the completed Policy/Graph patterns, live proof harnesses, and accepted verification shape for no-mock runtime cutovers.
- Shared dependency rules apply across all workstreams: PostgreSQL-backed ownership must auto-migrate on startup; Valkey/object storage may be used only where the module contract already requires them.
- Safe parallelism: the workstreams below can be analyzed independently, but implementation sequencing must account for shared attestation, identity, and scheduler contracts.
## Documentation Prerequisites
- `docs/README.md`
- `docs/ARCHITECTURE_OVERVIEW.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/modules/policy/architecture.md`
- `docs/modules/scanner/architecture.md`
- `docs/modules/signals/architecture.md`
- `docs/modules/platform/architecture.md`
- `docs/modules/jobengine/architecture.md`
- `docs/modules/concelier/architecture.md`
## Delivery Tracker
### REALPLAN-001 - Freeze the remaining live fake-backend inventory
Status: DOING
Dependency: none
Owners: Project Manager
Task description:
- Capture the authoritative inventory of live `Program.cs` registrations and runtime composition roots that still bind to `InMemory*`, `Stub*`, or mock backend implementations.
- Separate true system-of-record violations from acceptable process-local caches so downstream implementation work is not polluted by false positives.
- Record the module grouping and wave priority that all subsequent workstreams will follow.
Completion criteria:
- [ ] The inventory names every remaining live runtime fake-backend binding with exact file references.
- [ ] Every item is assigned to exactly one workstream below.
- [ ] Known non-goals and acceptable transient caches are explicitly called out.
### REALPLAN-002 - Policy and attestation-adjacent runtime cleanup plan
Status: TODO
Dependency: REALPLAN-001
Owners: Project Manager, Developer
Task description:
- Produce the cutover plan for remaining Policy runtime fakes and closely coupled attestation/verdict dependencies: `src/Policy/`, `src/Attestor/`, and `src/Findings/` bindings that still route to in-memory stores or stub Rekor/VEX adapters.
- The plan must identify which bindings need real persisted ownership, which require live external adapters behind truthful failure modes, and which can remain ephemeral caches.
- The output must define the implementation slices, schema/migration work, config flags, and live proof harnesses required to retire the remaining fake backends.
Completion criteria:
- [ ] Remaining Policy/attestation fake bindings are enumerated with target real implementations.
- [ ] Required migrations, runtime config, and upstream dependencies are listed.
- [ ] Verification plan includes focused tests plus live proof expectations where the contract is externally visible.
### REALPLAN-003 - Notify and Notifier real-service cutover plan
Status: TODO
Dependency: REALPLAN-001
Owners: Project Manager, Developer
Task description:
- Produce the cutover plan for `src/Notify/` and `src/Notifier/`, including notification routing, subscription, audit, delivery history, and worker/web-service coordination that still depends on in-memory stores.
- The plan must specify the durable ownership model, queueing/dispatch model, and whether existing module libraries can be reused or new persistence packages are required.
- Include the end-to-end proof lane needed to show that message submission, persistence, worker processing, and status surfaces all operate against real runtime state.
Completion criteria:
- [ ] All remaining Notify/Notifier fake backends are mapped to durable service replacements.
- [ ] Storage, queueing, and migration requirements are explicit.
- [ ] The proof lane covers submit, persist, dispatch, and readback behavior.
### REALPLAN-004 - Scheduler, PacksRegistry, and Registry producer-path cutover plan
Status: TODO
Dependency: REALPLAN-001
Owners: Project Manager, Developer
Task description:
- Produce the cutover plan for `src/JobEngine/` and `src/Registry/` runtime fakes, especially scheduler runs, graph jobs, policy run summaries, resolver jobs, packs registry storage, and token-service rule storage.
- The plan must reconcile which services should own persisted job state, which can depend on shared scheduler infrastructure, and how startup migrations and live proof harnesses will be applied across web-service and worker boundaries.
- Capture cross-module sequencing so producer paths are made real before downstream consumers depend on them.
Completion criteria:
- [ ] Scheduler/PacksRegistry/Registry fake bindings are mapped to real ownership and persistence layers.
- [ ] Cross-service sequencing and shared dependency assumptions are documented.
- [ ] Verification includes producer submission, worker execution, and persisted result/status proof.
### REALPLAN-005 - Scanner, Signals, ReachGraph, and SBOM runtime data-plane cutover plan
Status: TODO
Dependency: REALPLAN-001
Owners: Project Manager, Developer
Task description:
- Produce the cutover plan for `src/Scanner/`, `src/Signals/`, `src/ReachGraph/`, and `src/SbomService/` runtime fakes that still keep scan coordination, policy snapshots, reachability facts, overlays, uploads, metadata, or graph/runtime adapters in process memory.
- The plan must distinguish between canonical stores, derived projections, and caches, and must identify where existing persistence libraries already exist but are not yet wired into live hosts.
- Include the integration-test and end-to-end evidence needed to prove that uploaded evidence, derived projections, and query surfaces survive process restarts and resolve from real stores.
Completion criteria:
- [ ] All Scanner/Signals/ReachGraph/SBOM fake runtime bindings are classified by ownership type.
- [ ] Each fake binding has a target persistence or adapter strategy and migration plan.
- [ ] Proof requirements cover ingest, projection/materialization, and read/query behavior after restart.
### REALPLAN-006 - BinaryIndex, Platform, Doctor, AdvisoryAI, and AirGap runtime cutover plan
Status: TODO
Dependency: REALPLAN-001
Owners: Project Manager, Developer
Task description:
- Produce the cutover plan for `src/BinaryIndex/`, `src/Platform/`, `src/Doctor/`, `src/AdvisoryAI/`, and `src/AirGap/` bindings that still use in-memory repositories or process-local state for runtime behavior.
- The plan must call out where the correct target is durable persistence versus a truthful external-service adapter, especially for AI consent/attestation, report storage, platform read models, and time-anchor state.
- Include the operational proof shape for each surface so UI/API-visible behavior can be validated against restarted services and real stored state.
Completion criteria:
- [ ] Each module family has a concrete target backend strategy for every remaining fake binding.
- [ ] External-adapter versus durable-store decisions are justified.
- [ ] Verification requirements include API/UI proof where the user-facing contract depends on persisted state.
### REALPLAN-007 - Concelier and Excititor remaining runtime cutover plan
Status: TODO
Dependency: REALPLAN-001
Owners: Project Manager, Developer
Task description:
- Produce the cutover plan for remaining `src/Concelier/` and `src/Excititor/` runtime fakes, including overlay stores, VEX attestation stores, general in-memory storage registration, and lease handling that still bypasses durable service behavior.
- The plan must keep the Aggregation-Only Contract intact: immutable raw fact ownership remains unchanged, while fake derived/runtime stores are replaced with truthful persisted ownership or explicit unsupported modes.
- Include the regression surface that must be protected so ingestion, lease coordination, and downstream overlay consumers continue to behave deterministically.
Completion criteria:
- [ ] Remaining Concelier/Excititor fake backends are enumerated with target real replacements.
- [ ] AOC constraints and non-goals are explicitly recorded.
- [ ] Proof requirements include ingestion, lease coordination, and downstream read behavior.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2026-04-15 | Sprint created to coordinate repo-wide replacement of remaining live in-memory/stub/mock backend bindings with real runtime services. | Project Manager |
| 2026-04-15 | Dispatched explorer workstreams: REALPLAN-002 `Tesla`, REALPLAN-003 `Aristotle`, REALPLAN-004 `Epicurus`, REALPLAN-005 `Euclid`, REALPLAN-006 `Kierkegaard`, REALPLAN-007 `Halley`. | Project Manager |
## Decisions & Risks
- Decision: this coordination sprint owns planning only. Implementation work must land in module-owned sprints once each workstream returns a concrete cutover plan.
- Decision: work is grouped into seven parallel planning streams to keep the repository-wide cleanup tractable without losing module ownership.
- Decision: a binding is in scope only if it is active in a live host runtime path. Test doubles and clearly non-authoritative process-local caches are not closure blockers unless they leak into user-visible behavior.
- Risk: some `InMemory*` types are compatibility caches rather than canonical stores. Each workstream must explicitly classify ownership before proposing persistence work.
- Risk: several modules likely need new persistence libraries or startup migrations; implementation cannot proceed safely until schema ownership is explicit.
- Risk: shared attestation, scheduler, and identity adapters may create cross-workstream dependencies that force wave sequencing even if analysis is parallel.
- Reference inventory snapshot from initial scan: remaining live fake-backend bindings were detected in `Notify`, `Notifier`, `Scheduler`, `PacksRegistry`, `Registry.TokenService`, `Scanner`, `Signals`, `ReachGraph`, `SbomService`, `BinaryIndex`, `Platform`, `Doctor`, `AdvisoryAI`, `AirGap.Time`, `Concelier`, `Excititor`, `Attestor/Signer`, `Findings`, and parts of `Policy`.
## Next Checkpoints
- Dispatch explorer subagents for REALPLAN-002 through REALPLAN-007 and capture their findings back into this sprint.
- Convert each completed workstream into one or more implementation sprints owned by the relevant module.
- Prioritize the first execution wave after planning based on shared infrastructure leverage and end-user impact.