stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
docs/features/checked/taskrunner/sealed-mode-install-enforcer.md Normal file
View File

@@ -0,0 +1,30 @@
# Sealed-Mode Install Enforcer (Air-Gap Support)
## Module
TaskRunner
## Status
IMPLEMENTED
## Description
Enforcer for sealed/air-gap mode that ensures task pack installations comply with offline constraints and logs all install actions for audit.
## Implementation Details
- **Enforcer interface**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Core/AirGap/ISealedInstallEnforcer.cs` -- sealed mode enforcement contract
- **Enforcer implementation**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Core/AirGap/SealedInstallEnforcer.cs` -- validates installations comply with offline constraints
- **Enforcement result**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Core/AirGap/SealedInstallEnforcementResult.cs` -- result model for enforcement checks
- **Sealed mode status**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Core/AirGap/SealedModeStatus.cs` -- current sealed mode state
- **Sealed requirements**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Core/AirGap/SealedRequirements.cs` -- requirements for sealed mode compliance
- **Audit logger**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Core/AirGap/ISealedInstallAuditLogger.cs` -- audit logging for install actions
- **Air-gap status provider**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Core/AirGap/IAirGapStatusProvider.cs` -- checks if system is in air-gap mode
- **HTTP status provider**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Infrastructure/AirGap/HttpAirGapStatusProvider.cs` -- HTTP-based air-gap status check
- **Bundle ingestion executor**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Infrastructure/Execution/BundleIngestionStepExecutor.cs` -- air-gap bundle ingestion step
- **Tests**: `src/TaskRunner/StellaOps.TaskRunner/StellaOps.TaskRunner.Tests/SealedInstallEnforcerTests.cs`, `BundleIngestionStepExecutorTests.cs`
- **Source**: Feature matrix scan
## E2E Test Plan
- [ ] Verify enforcer blocks network-dependent installations in sealed mode
- [ ] Test sealed mode status detection via HTTP provider
- [ ] Verify audit logger records all install actions in sealed mode
- [ ] Test bundle ingestion step works in offline environment
- [ ] Verify enforcement result reports compliance violations