stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity

Restructure solution layout by module

Browse Source
This commit is contained in:
master
2025-10-28 15:10:40 +02:00
parent 95daa159c4
commit d870da18ce
4103 changed files with 192899 additions and 187024 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
src/UI/StellaOps.UI/TASKS.md Normal file
View File

@@ -0,0 +1,95 @@
# UI Task Board (Sprints 13 & 19)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-POLICY-13-007 | TODO | UI Guild | POLICY-CORE-09-006, SCANNER-WEB-09-103 | Surface policy confidence metadata (band, age, quiet provenance) on preview and report views. | UI renders new columns/tooltips, accessibility and responsive checks pass, Cypress regression updated. |
| UI-AOC-19-001 | TODO | UI Guild | CONCELIER-WEB-AOC-19-001, EXCITITOR-WEB-AOC-19-001 | Add Sources dashboard tiles showing AOC pass/fail, recent violation codes, and ingest throughput per tenant. | Dashboard displays metrics from new endpoints, charts verified in e2e tests, accessibility checks pass. |
| UI-AOC-19-002 | TODO | UI Guild | UI-AOC-19-001 | Implement violation drill-down view highlighting offending document fields and provenance metadata. | Drill-down renders formatted JSON with highlights; copy-to-clipboard works; tests cover forbidden key cases. |
| UI-AOC-19-003 | TODO | UI Guild | UI-AOC-19-001, CLI-AOC-19-002 | Add "Verify last 24h" action triggering AOC verifier endpoint and surfacing CLI parity guidance. | Action wired to API, results rendered in toast/log panel, docs link to CLI usage, e2e test verifies flow. |
## Policy Engine v2 (Sprint 20)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-POLICY-20-001 | TODO | UI Guild | WEB-POLICY-20-001 | Ship Monaco-based policy editor with DSL syntax highlighting, inline diagnostics, and compliance checklist sidebar. | Editor renders DSL with token colors + lint; accessibility review passes; diagnostics surfaced from API compile endpoint in tests. |
| UI-POLICY-20-002 | TODO | UI Guild | UI-POLICY-20-001, WEB-POLICY-20-001, WEB-POLICY-20-002 | Build simulation panel showing before/after counts, severity deltas, and rule hit summaries with deterministic diff rendering. | Simulation view consumes API diff JSON, handles large datasets with virtualization, Cypress regression verifies charts/tables. |
| UI-POLICY-20-003 | TODO | UI Guild, Product Ops | UI-POLICY-20-001, AUTH-POLICY-27-001 | Implement submit/review/approve workflow with comments, approvals log, and RBAC checks aligned to new Policy Studio roles (`policy:author`/`policy:review`/`policy:approve`/`policy:operate`). | Workflow passes e2e tests, audit trail rendered, unauthorized roles blocked, docs linked from UI help. |
| UI-POLICY-20-004 | TODO | UI Guild, Observability Guild | WEB-POLICY-20-001, POLICY-ENGINE-20-006, POLICY-ENGINE-20-007 | Add run viewer dashboards (rule heatmap, VEX wins, suppressions) with filter/search and export. | Dashboards render aggregated metrics, export downloads CSV/JSON, accessibility/perf budgets met, telemetry charts validated. |
## Policy Studio RBAC Alignment (Sprint 27)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-POLICY-27-001 | TODO | UI Guild, Product Ops | AUTH-POLICY-27-001, UI-POLICY-20-003 | Update Console policy workspace RBAC guards, scope requests, and user messaging to reflect the new Policy Studio roles/scopes (`policy:author/review/approve/operate/audit/simulate`), including Cypress auth stubs and help text. | UI requests tokens with new scopes, unauthorized messaging references updated roles, Cypress/e2e tests cover scope failures, and help tooltips/docs links refreshed. |
> Heads-up: Authority & Gateway configs now reject the old `policy:write`/`policy:submit` scopes—Console policy flows will error until they request the new bundles.
## Graph Explorer v1 (Sprint 21)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-GRAPH-21-001 | TODO | UI Guild | WEB-GRAPH-21-001, AUTH-GRAPH-21-001 | Align Graph Explorer auth configuration with new `graph:*` scopes; consume scope identifiers from shared `StellaOpsScopes` exports (via generated SDK/config) instead of hard-coded strings. | UI requests graph tokens using shared scope constants; configuration docs updated; Cypress auth stub updated accordingly. |
## Link-Not-Merge v1 (Sprint 22)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-LNM-22-001 | TODO | UI Guild, Policy Guild | SCANNER-LNM-21-002, WEB-LNM-21-001 | Build Evidence panel showing policy decision with advisory observations/linksets side-by-side, conflict badges, AOC chain, and raw doc download links. Docs `DOCS-LNM-22-005` waiting on delivered UI for screenshots + flows. | Panel renders multiple sources; conflict badges accessible; e2e tests cover high-volume linksets. |
| UI-LNM-22-002 | TODO | UI Guild | UI-LNM-22-001 | Implement filters (source, severity bucket, conflict-only, CVSS vector presence) and pagination/lazy loading for large linksets. Docs depend on finalized filtering UX. | Filters respond within 500 ms; virtualization validated; unit/e2e tests added. |
| UI-LNM-22-003 | TODO | UI Guild, Excititor Guild | UI-LNM-22-001, WEB-LNM-21-002 | Add VEX tab with status/justification summaries, conflict indicators, and export actions. Required for `DOCS-LNM-22-005` coverage of VEX evidence tab. | VEX tab displays multiple observations; exports produce zipped OSV/CycloneDX; tests updated. |
| UI-LNM-22-004 | TODO | UI Guild | UI-LNM-22-001 | Provide permalink + copy-to-clipboard for selected component/linkset/policy combination; ensure high-contrast theme support. | Permalink reproduces state; accessibility audit passes; telemetry events logged. |
## StellaOps Console (Sprint 23)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-CONSOLE-23-001 | DONE (2025-10-31) | UI Guild & Security Guild | AUTH-CONSOLE-23-002 | Integrate Authority console endpoints (`/console/tenants`, `/console/profile`, `/console/token/introspect`) into UI session state, decode tenant/scopes claims, and expose signals for components. | Console session store fetches context on login, tenant header enforcement confirmed, unit tests cover store/service, and errors surface through state flags. |
> 2025-10-31: Added authority console API client, session store/service, and access token metadata parsing in `AuthorityAuthService`. Signals expose tenant/scopes, and unit tests cover happy/error paths.
| UI-CONSOLE-23-002 | DONE (2025-10-31) | UI Guild | UI-CONSOLE-23-001 | Build console profile view showing user identity, fresh-auth status, token metadata, and tenant catalog with refresh + tenant switch actions. | Component renders data from store, refresh action wired to API, accessibility checks pass, and component tests cover loading/error states. |
> 2025-10-31: Delivered `ConsoleProfileComponent`, hooked into navigation/header indicators, and styled cards for profile/token/tenant catalog with refresh + tenant switching.
## Policy Engine + Editor v1 (Sprint 23)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-POLICY-23-001 | TODO | UI Guild, Policy Guild | WEB-POLICY-23-001 | Deliver Policy Editor workspace with pack list, revision history, and scoped metadata cards. | Editor lists packs/revisions; navigation accessible; tests cover RBAC states. |
| UI-POLICY-23-002 | TODO | UI Guild | UI-POLICY-23-001 | Implement YAML editor with schema validation, lint diagnostics, and live canonicalization preview. | YAML editor surfaces inline errors sourced from compiler; keyboard shortcuts and accessibility verified. |
| UI-POLICY-23-003 | TODO | UI Guild | UI-POLICY-23-001, WEB-POLICY-23-003 | Build guided rule builder (source preferences, severity mapping, VEX precedence, exceptions) with preview JSON output. | Guided builder generates valid SPL, diff view matches YAML; tests cover rule permutations. |
| UI-POLICY-23-004 | TODO | UI Guild | UI-POLICY-23-001, WEB-POLICY-23-002, POLICY-GATEWAY-18-002..003 | Add review/approval workflow UI: checklists, comments, two-person approval indicator, scope scheduling. | Workflow screens complete; approval restrictions enforced; e2e tests cover approval -> activation. |
| UI-POLICY-23-005 | TODO | UI Guild | UI-POLICY-23-001, WEB-POLICY-23-003 | Integrate simulator panel (SBOM/component/advisory selection), run diff vs active policy, show explain tree and overlays. | Simulation results render diff/projection; explain tree interactive; performance <1s for sample data. |
| UI-POLICY-23-006 | TODO | UI Guild | UI-POLICY-23-005 | Implement explain view linking to evidence overlays and exceptions; provide export to JSON/PDF. | Explain view accessible; exports generated; analytics instrumented. |
## Graph & Vuln Explorer v1 (Sprint 24)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-GRAPH-24-001 | TODO | UI Guild, SBOM Service Guild | WEB-GRAPH-24-001 | Build Graph Explorer canvas with layered/radial layouts, virtualization, zoom/pan, and scope toggles; initial render <1.5s for sample asset. | Canvas meets perf budget; automated tests cover navigation; accessibility validation done. |
| UI-GRAPH-24-002 | TODO | UI Guild, Policy Guild | UI-GRAPH-24-001, WEB-GRAPH-24-001, WEB-VEX-30-007 | Implement overlays (Policy, Evidence, License, Exposure), simulation toggle, path view, and SBOM diff/time-travel with accessible tooltips/AOC indicators. | Overlays + simulation toggle respond <250 ms; path view/diff export validated; accessibility tests cover keyboard + contrast; e2e covers overlay combos. |
| UI-GRAPH-24-003 | TODO | UI Guild | UI-GRAPH-24-001 | Deliver filters/search panel with facets, saved views, permalinks, and share modal. | Filters update view <250ms; saved view persisted; permalinks reproduce state. |
| UI-GRAPH-24-004 | TODO | UI Guild | UI-GRAPH-24-001 | Add side panels (Details, What-if, History) with upgrade simulation integration and SBOM diff viewer. | Simulation results display diff + policy impact; history shows added/removed nodes; tests cover flows. |
| UI-GRAPH-24-006 | TODO | UI Guild, Accessibility Guild | UI-GRAPH-24-001..005 | Ensure accessibility (keyboard nav, screen reader labels, contrast), add hotkeys (`f`,`e`,`.`), and analytics instrumentation. | Accessibility audit passes; hotkeys documented; telemetry events captured. |
## Exceptions v1 (Sprint 25)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-EXC-25-001 | TODO | UI Guild, Governance Guild | WEB-EXC-25-001 | Build Exception Center (list + kanban) with filters, sorting, workflow transitions, and audit views. | Exception Center functional; state transitions via UI; accessibility validated. |
| UI-EXC-25-002 | TODO | UI Guild | UI-EXC-25-001 | Implement exception creation wizard with scope preview, justification templates, timebox guardrails. | Wizard enforces scope/timebox; previews impacted items; tests cover validation. |
| UI-EXC-25-003 | TODO | UI Guild | UI-EXC-25-001, WEB-EXC-25-002 | Add inline exception drafting/proposing from Vulnerability Explorer and Graph detail panels with live simulation. | Inline flows produce drafts; preview shows policy delta; telemetry instrumented. |
| UI-EXC-25-004 | TODO | UI Guild | UI-EXC-25-001 | Surface exception badges, countdown timers, and explain integration across Graph/Vuln Explorer and policy views. | Badges visible with SR labels; countdown updates; explain drawer shows exception info. |
| UI-EXC-25-005 | TODO | UI Guild, Accessibility Guild | UI-EXC-25-001..004 | Add keyboard shortcuts (`x`,`a`,`r`) and ensure screen-reader messaging for approvals/revocations. | Shortcuts functional; accessibility audit passes. |
## Reachability v1 (Sprint 26)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-SIG-26-001 | TODO | UI Guild, Signals Guild | WEB-SIG-26-001 | Add reachability columns/badges to Vulnerability Explorer with filters and tooltips. | Columns render with virtualization; filters update under 250 ms; badges accessible. |
| UI-SIG-26-002 | TODO | UI Guild | UI-SIG-26-001, WEB-SIG-26-002 | Enhance Why drawer with call path visualization, reachability timeline, and evidence list. | Drawer displays call path breadcrumb; copyable details; tests cover states. |
| UI-SIG-26-003 | TODO | UI Guild | UI-GRAPH-24-001, WEB-SIG-26-002 | Add reachability overlay halos/time slider to SBOM Graph along with state legend. | Overlay toggles; time slider compares snapshots; performance budget met. |
| UI-SIG-26-004 | TODO | UI Guild | WEB-SIG-26-003 | Build Reachability Center view showing asset coverage, missing sensors, and stale facts. | Center lists assets with metrics; missing sensors highlighted; accessibility validated. |
## Orchestrator Dashboard (Sprint 32)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| UI-ORCH-32-001 | TODO | UI Guild, Console Guild | AUTH-ORCH-32-001, ORCH-SVC-32-003 | Update Console RBAC mappings to surface `Orch.Viewer`, request `orch:read` scope in token flows, and gate dashboard access/messaging accordingly. | Console role catalogue includes `Orch.Viewer`; auth helpers use shared scope constant; dashboard routes enforce scope and show actionable guidance; e2e tests cover authorized/unauthorized flows. |
> 2025-10-31: Authority minted `orch:read` scope; ensure Console UX aligns before orchestrator dashboards ship.