stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

docs: module dossier + install/quickstart sync for truthful cutover sprints

Browse Source 
- API_CLI_REFERENCE.md, INSTALL_GUIDE.md, quickstart.md, architecture/integrations.md, dev/DEV_ENVIRONMENT_SETUP.md, integrations/LOCAL_SERVICES.md: reflect real-service wiring.
- docs/modules/**: module dossier updates across the modules touched by SPRINT_20260415_001..007 + SPRINT_20260416_003..017 + SPRINT_20260417_018..024 + SPRINT_20260418_025 + SPRINT_20260419_026.
- docs/features/checked/web/**: update feature notes where UI changed.
- docs/qa/feature-checks/runs/web/evidence-presentation-ux/: QA evidence artifacts.
- docs/setup/**, docs/technical/**: align with setup wizard contracts.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
2026-04-19 14:45:09 +03:00
parent ad62ba7f76
commit fdf95e0f46
67 changed files with 590 additions and 360 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
docs/modules/advisory-ai/architecture-detail.md
View File

@@ -49,6 +49,7 @@ Key stages:
| `GuardrailService` | Applies redaction filters, prompt allowlists, validation schemas, and DSSE sealing. | Shares configuration with Security Guild. |
| `ProfileRegistry` | Maps profile IDs to runtime implementations (local model, remote connector). | Enforces tenant consent and allowlists. |
| `AdvisoryOutputStore` | PostgreSQL table storing cached artefacts plus provenance manifest. | TTL defaults 24h; DSSE metadata optional. |
| `PostgresAiConsentStore` / `PostgresAiAttestationStore` | Durable runtime state for tenant consent and AI attestations. | Bound by `AddAdvisoryAiRuntimePersistence`; fail-fast outside Development/Testing when no DB is configured. |
| `AdvisoryPipelineWorker` | Background executor for queued jobs (future sprint once 004A wires queue). | Consumes `advisory.pipeline.execute` messages. |
## 3. Data contracts
@@ -132,6 +133,16 @@ Profile selection is controlled via Authority configuration (`advisoryAi.allowed
Cache misses trigger orchestration and inference; hits return stored artefacts immediately. TTL expiry removes entries unless `forceRefresh` has already regenerated them.
Additional live runtime tables:
| Table | Purpose |
|-------|---------|
| `advisoryai.ai_consents` | Authoritative per-tenant, per-user consent records for AI execution and remote-profile opt-in. |
| `advisoryai.ai_run_attestations` | Durable run-level attestation payloads, content digests, and optional signed envelopes. |
| `advisoryai.ai_claim_attestations` | Durable claim-level attestation payloads keyed by claim and linked back to their parent run. |
Runtime connection precedence for these tables is `AdvisoryAI:Storage:ConnectionString` -> `ConnectionStrings:Default` -> `Database:ConnectionString`. The web host auto-migrates this schema on startup and refuses live startup outside Development/Testing when no durable store is configured.
## 7. Telemetry & SLOs
Metrics (registered in Observability backlog):

9
docs/modules/advisory-ai/architecture.md
View File

@@ -107,6 +107,9 @@ All context references include `content_hash` and `source_id` enabling verifiabl
- `generated_at`, `model_id`, `profile` (Sovereign/FIPS etc.).
- `signatures` (optional DSSE if run in deterministic mode).
- Offline bundle format contains `summary.md`, `citations.json`, `context_manifest.json`, `signatures/`.
- Runtime consent and attestation state is now durable under `advisoryai.ai_consents`, `advisoryai.ai_run_attestations`, and `advisoryai.ai_claim_attestations`.
- The remaining mutable runtime state is also durable under `advisoryai.runtime_explanations`, `advisoryai.runtime_policy_intents`, `advisoryai.runtime_runs`, `advisoryai.advisory_chat_settings`, `advisoryai.conversations`, and `advisoryai.turns`.
- Runtime storage connection resolution is `AdvisoryAI:Storage:ConnectionString` -> `ConnectionStrings:Default` -> `Database:ConnectionString`; outside `Testing` the host fails fast instead of silently falling back to process-local consent, explanation, policy, run, conversation, or chat-settings state.
## 7) Profiles & sovereignty
@@ -136,9 +139,11 @@ All endpoints accept `profile` parameter (default `fips-local`) and return `outp
## 11) Hosting surfaces
- **WebService** exposes `/v1/advisory-ai/pipeline/{task}` to materialise plans and enqueue execution messages.
- **Worker** background service draining the advisory pipeline queue (file-backed stub) pending integration with shared transport.
- **WebService** - exposes `/v1/advisory-ai/pipeline/{task}` to materialise plans and enqueue execution messages.
- **Worker** - background service draining the advisory pipeline queue (file-backed stub) pending integration with shared transport.
- Both hosts register `AddAdvisoryAiCore`, which wires the SBOM context client, deterministic toolset, pipeline orchestrator, and queue metrics.
- `advisory-ai-web` registers `AddAdvisoryAiRuntimePersistence`, and `advisory-ai-worker` registers `AddAdvisoryAiCoreRuntimePersistence`; together those paths auto-migrate the `advisoryai` schema and bind durable PostgreSQL-backed consent, attestation, explanation replay, policy-intent, run, conversation, and chat-settings stores whenever runtime database configuration is present.
- In-memory runtime-state implementations are now reserved for explicit test harnesses or `Testing` fallback. Non-testing hosts fail fast when the runtime database contract is missing.
- SBOM base address + tenant metadata are configured via `AdvisoryAI:SbomBaseAddress` and propagated through `AddSbomContext`.
## 12) QA harness & determinism (Sprint 110 refresh)