save checkpoint
This commit is contained in:
master
39
docs/features/checked/policy/unknowns-budget-dashboard.md
Normal file
39
docs/features/checked/policy/unknowns-budget-dashboard.md
Normal file
@@ -0,0 +1,39 @@
|
||||
# Unknowns budget dashboard (budgeted unknowns with policy thresholds)
|
||||
|
||||
## Module
|
||||
Policy
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Grey queue, SLA monitoring, unknown budget service, and budget constraint enforcer implement first-class unknowns management with policy thresholds.
|
||||
|
||||
## Implementation Details
|
||||
- **UnknownBudgetService**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownBudgetService.cs`
|
||||
- Budget CRUD operations: create, query, consume, replenish, status check
|
||||
- Per-type budget tracking across multiple unknown categories
|
||||
- **UnknownsBudgetEnforcer**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownsBudgetEnforcer.cs`
|
||||
- Constraint enforcement with Green/Yellow/Red/Exhausted thresholds
|
||||
- SLA monitoring: tracks unknown resolution against SLA targets
|
||||
- **UnknownRanker**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownRanker.cs`
|
||||
- Prioritizes unknowns by HOT/WARM/COLD/Negligible bands
|
||||
- Score = (Uncertainty * 50) + (ExploitPressure * 50)
|
||||
- Reason codes for triage: AnalyzerLimit, Reachability, Identity, Provenance, VexConflict, FeedGap, ConfigUnknown
|
||||
- **Grey queue models**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Models/`
|
||||
- UnknownItem with reason code, band assignment, score, and SLA tracking
|
||||
- BlastRadius (Dependents, NetFacing, Privilege)
|
||||
- **BudgetEndpoints**: `src/Policy/StellaOps.Policy.Engine/Endpoints/BudgetEndpoints.cs` -- budget dashboard API
|
||||
- **PolicyGateEvaluator**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs` -- uncertainty tier gate enforces budget thresholds
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Query budget dashboard; verify response includes per-type unknown counts, thresholds, and status
|
||||
- [ ] Verify HOT band unknowns appear first in priority queue
|
||||
- [ ] Verify SLA tracking: unknown exceeding SLA target flagged as overdue
|
||||
- [ ] Consume budget; verify dashboard updates with new consumption levels
|
||||
- [ ] Resolve unknowns; verify budget capacity replenished and dashboard reflects change
|
||||
- [ ] Verify reason codes in dashboard: AnalyzerLimit, Reachability, Identity, etc.
|
||||
- [ ] Query budget history; verify trendline shows consumption over time
|
||||
- [ ] Verify budget threshold transitions are logged for audit
|
||||
- [ ] Create budget with per-type limits (reachability=10, identity=5); verify independent tracking
|
||||
- [ ] Verify Exhausted status prevents new releases via PolicyGateEvaluator
|
||||
Reference in New Issue
Block a user