stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

wip: doctor/cli/docs/api to vector db consolidation; api hardening for descriptions, tenant, and scopes; migrations and conversions of all DALs to EF v10

Browse Source
This commit is contained in:
master
2026-02-23 15:30:50 +02:00
parent bd8fee6ed8
commit e746577380
1424 changed files with 81225 additions and 25251 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/Concelier/StellaOps.Concelier.WebService/Program.cs
View File

@@ -22,6 +22,7 @@ using StellaOps.Aoc.AspNetCore.Routing;
using StellaOps.Auth.Abstractions;
using StellaOps.Auth.Client;
using StellaOps.Auth.ServerIntegration;
using StellaOps.Auth.ServerIntegration.Tenancy;
using StellaOps.Concelier.Core.Aoc;
using StellaOps.Concelier.Core.Attestation;
using StellaOps.Concelier.Core.Diagnostics;
@@ -83,6 +84,10 @@ public partial class Program
private const string AdvisoryIngestPolicyName = "Concelier.Advisories.Ingest";
private const string AdvisoryReadPolicyName = "Concelier.Advisories.Read";
private const string AocVerifyPolicyName = "Concelier.Aoc.Verify";
private const string CanonicalReadPolicyName = "Concelier.Canonical.Read";
private const string CanonicalIngestPolicyName = "Concelier.Canonical.Ingest";
private const string InterestReadPolicyName = "Concelier.Interest.Read";
private const string InterestAdminPolicyName = "Concelier.Interest.Admin";
public const string TenantHeaderName = "X-Stella-Tenant";
public static async Task Main(string[] args)
@@ -824,6 +829,10 @@ builder.Services.AddAuthorization(options =>
options.AddStellaOpsScopePolicy(AdvisoryIngestPolicyName, StellaOpsScopes.AdvisoryIngest);
options.AddStellaOpsScopePolicy(AdvisoryReadPolicyName, StellaOpsScopes.AdvisoryRead);
options.AddStellaOpsScopePolicy(AocVerifyPolicyName, StellaOpsScopes.AdvisoryRead, StellaOpsScopes.AocVerify);
options.AddStellaOpsScopePolicy(CanonicalReadPolicyName, StellaOpsScopes.AdvisoryRead);
options.AddStellaOpsScopePolicy(CanonicalIngestPolicyName, StellaOpsScopes.AdvisoryIngest);
options.AddStellaOpsScopePolicy(InterestReadPolicyName, StellaOpsScopes.VulnView);
options.AddStellaOpsScopePolicy(InterestAdminPolicyName, StellaOpsScopes.AdvisoryIngest);
});
var pluginHostOptions = BuildPluginOptions(concelierOptions, builder.Environment.ContentRootPath);
@@ -831,6 +840,7 @@ builder.Services.RegisterPluginRoutines(builder.Configuration, pluginHostOptions
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddStellaOpsCors(builder.Environment, builder.Configuration);
builder.Services.AddStellaOpsTenantServices();
builder.TryAddStellaOpsLocalBinding("concelier");
var app = builder.Build();
@@ -898,6 +908,7 @@ if (authorityConfigured)
});
app.UseAuthorization();
app.UseStellaOpsTenantMiddleware();
}
// Stella Router integration
@@ -1019,7 +1030,7 @@ if (swaggerEnabled)
var orchestratorGroup = app.MapGroup("/internal/orch");
if (authorityConfigured)
{
orchestratorGroup.RequireAuthorization();
orchestratorGroup.RequireAuthorization(JobsPolicyName);
}
orchestratorGroup.MapPost("/registry", async (