Restructure solution layout by module

src/AirGap/StellaOps.AirGap.Importer/AGENTS.md

@@ -0,0 +1,16 @@
+# StellaOps AirGap Importer Guild Charter
+
+## Mission
+Deliver offline bundle verification and ingestion tooling for sealed environments, covering DSSE/TUF validation, catalog updates, and audit logging under the imposed rule.
+
+## Scope
+- TUF metadata verification, DSSE signature checks, Merkle root validation.
+- Import pipelines writing bundle catalogs, object-store layouts, and audit entries.
+- CLI + API surfaces for dry-run verification, import, and status queries.
+- Integration hooks for Conseiller, Excitator, Policy Engine, and Export Center.
+- Negative-case handling (tampering, expired signatures, root rotation) with operator guidance.
+
+## Definition of Done
+- Deterministic fixtures for valid/invalid bundles committed.
+- Integration tests prove catalog + object-store updates are idempotent.
+- Import audit trail viewable via API and timeline events.

src/AirGap/StellaOps.AirGap.Importer/TASKS.md

@@ -0,0 +1,19 @@
+# AirGap Importer Task Board — Epic 16: Air-Gapped Mode
+
+## Sprint 56 – Verification Primitives
+| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
+|----|--------|----------|------------|-------------|---------------|
+| AIRGAP-IMP-56-001 | TODO | AirGap Importer Guild | PROV-OBS-53-001 | Implement DSSE verification helpers, TUF metadata parser (`root.json`, `snapshot.json`, `timestamp.json`), and Merkle root calculator. | Verifier returns structured results; unit tests cover valid/invalid signatures and tampering scenarios. |
+| AIRGAP-IMP-56-002 | TODO | AirGap Importer Guild, Security Guild | AIRGAP-IMP-56-001 | Introduce root rotation policy validation (dual approval) and signer trust store management. | Rotation policy enforced; tests cover valid rotation and rollback; docs stub updated. |
+
+## Sprint 57 – Catalog & Storage Writes
+| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
+|----|--------|----------|------------|-------------|---------------|
+| AIRGAP-IMP-57-001 | TODO | AirGap Importer Guild | AIRGAP-IMP-56-001, DEVOPS-AIRGAP-56-002 | Write `bundle_catalog` and `bundle_items` repositories with RLS + deterministic migrations. | Catalog tables created; integration tests ensure tenant/global scoping; determinism check passes. |
+| AIRGAP-IMP-57-002 | TODO | AirGap Importer Guild, DevOps Guild | AIRGAP-IMP-57-001 | Implement object-store loader storing artifacts under tenant/global mirror paths with Zstandard decompression and checksum validation. | Import writes deduplicated objects; checksum mismatches raise errors; storage layout documented. |
+
+## Sprint 58 – Import Workflows
+| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
+|----|--------|----------|------------|-------------|---------------|
+| AIRGAP-IMP-58-001 | TODO | AirGap Importer Guild, CLI Guild | AIRGAP-IMP-57-002, CLI-AIRGAP-56-001 | Implement API (`POST /airgap/import`, `/airgap/verify`) and CLI commands wiring verification + catalog updates, including diff preview. | CLI/API share validation engine; diff preview surfaces metadata changes; audit entries recorded with trace IDs. |
+| AIRGAP-IMP-58-002 | TODO | AirGap Importer Guild, Observability Guild | AIRGAP-IMP-58-001, TELEMETRY-OBS-50-001 | Emit timeline events (`airgap.import.started|completed|failed`) and telemetry metrics (bundle bytes, duration, warnings). | Events/metrics validated in integration tests; docs cross-link to observability dashboards. |