git.stella-ops.org

Author SHA1 Message Date

Author	SHA1	Message	Date
master	86f29d580c	feat(excititor): continuation — orchestrator test coverage + doc reconciliation Follow-up to commit `7efa424fe` (EXCITITOR-CFG-01/02/03). Captures the continuation edits that landed alongside/after the initial commit: - VexIngestOrchestrator.cs: additional effective-settings resolver hardening (+63 lines). - DefaultVexProviderRunner.cs: worker-path settings merge refinement. - VexIngestOrchestratorTests.cs (new): focused test coverage for the effective-settings + blocked-readiness path. - DefaultVexProviderRunnerTests.cs: corresponding worker-path coverage. - TASKS.md entries updated in both test projects. Docs reconciliation: - provider-credentials.md (new): operator credential-entry dossier mirroring the Concelier source-credentials.md pattern. - provider-control-plane.md: cross-link updates. - ops/connector-setup-guide.md: authoritative-inventory pointers updated to reference the new credential dossiers; microsoft-entra API-permission steps generalized to "your MSRC onboarding flow" (MSRC Security Updates API availability varies by tenant). - SPRINT_20260422_007 execution log appended. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 07:32:58 +03:00
master	7efa424fe2	feat(excititor): persisted provider configuration + blocked-readiness (EXCITITOR-CFG-01/02/03) Closes 3 of 4 tasks in SPRINT_20260422_007. EXCITITOR-CFG-04 (OCI binary-material handling) stays BLOCKED pending a secret-reference storage-model design decision — sprint header called that out as a scope boundary. Mirrors the SRC-CREDS pattern (commits `838257245` + earlier) to give Excititor VEX providers the same persisted-credentials + blocked- readiness contract that advisory sources now have. Persistence (EXCITITOR-CFG-01): - New vex.provider_settings table via embedded migration 007_vex_provider_settings.sql (auto-applied by AddStartupMigrations). Key: provider_id; columns: settings jsonb, updated_by, timestamps. - PostgresVexProviderSettingsStore (Dapper) + ProviderSettingsRow EfCore model + InMemoryVexProviderSettingsStore for tests. - IVexProviderSettingsStore + VexProviderSettingsRecord added to StellaOps.Excititor.Core/Storage. - Existing vex.providers row (trust, discovery, base_uris, enabled) untouched — additive only. API surface: - GET /excititor/providers/{id}/configuration → masked snapshot with fields: key, label, inputType, sensitive, required, value, hasValue, isSecretRetained, helpText, placeholder. Plaintext secrets never returned. - PUT /excititor/providers/{id}/configuration with { values, clearKeys }. Sensitive fields submitted blank are retained; clearKeys explicitly deletes. - Field schemas shipped for excititor:cisco / msrc / suse-rancher. Effective settings + readiness (EXCITITOR-CFG-02): - VexProviderConfigurationService.ComputeConfigurationFailure drives readiness. When persisted-enabled but missing required fields, the provider status reports blockingReasonCode=PROVIDER_CONFIG_REQUIRED (or PROVIDER_CONFIG_INVALID on validation failure), readiness=blocked. Configuration failures take priority over retry-backoff reasons so the actionable message surfaces first. - VexIngestOrchestrator.ValidateConnectorAsync + ExecuteRunAsync resolve effective settings from VexProviderRuntimeSettingsCache; same settings flow into DefaultVexProviderRunner (worker scheduled runs). Previously those paths validated against empty / schedule-only options. CLI + Web (EXCITITOR-CFG-03): - CLI: `stella vex providers configure <provider> [--set k=v] [--clear k] [--format text\|json]`. Aliases cisco/msrc/rancher → excititor:*. - Web: VexProviderManagementApi.getConfiguration / updateConfiguration +VexProviderConfigurationComponent (Angular standalone). Component renders masked-secret + clear toggles + required indicators + help/ placeholder. Routing intentionally minimal (no new route added) to avoid stepping on the parallel FE test agent. Tests: targeted xUnit via scripts/test-targeted-xunit.ps1: - VexProviderConfigurationServiceTests → Total: 8, Failed: 0 - ProviderManagementEndpointsTests regression → Total: 5, Failed: 0 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-22 23:44:21 +03:00
master	3871732765	feat(excititor+cli+web): VEX provider control plane — CLI + Web extensions (SPRINT_20260422_004) Continues the SPRINT_20260422_004_Concelier_full_connector_control_plane feature stream started in commit `5c1b59580` (Excititor provider management endpoints + contracts + service + tests). Adds the CLI + Web surfaces on top of that backend. CLI (src/Cli/): - CommandHandlers + BackendOperationsClient extended with provider management calls - ExcititorProviderSummary model added to the CLI's service models - NonCoreCliCommandModule wires the new commands; tests updated - TASKS.md entries synced Web console (src/Web/StellaOps.Web/): - New vex-provider-catalog.component + vex-provider-management.api client - advisory-source-catalog + advisory-vex-route-helpers extended to route users to the new VEX provider surface - integration-hub.routes.ts registers the new route - security-disposition-page.component.ts updated for the flow Excititor/Concelier docs + contracts: - docs/modules/excititor/operations/provider-control-plane.md — operator guide for the new control plane - docs/modules/excititor/README.md + docs/modules/concelier/{README, connectors}.md — cross-links + refs - ConfiguredAdvisorySourceService.cs — additional provider plumbing - StellaOps.Excititor.WebService/TASKS.md synced Sprint doc (docs/implplan/SPRINT_20260422_004_*.md) reflects the in-flight progress. This is external-stream work picked up during the 2026-04-22 session's closeout — bundling it now so the working tree is clean and main stays in sync with local feature-branch state. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-22 19:24:49 +03:00

master

86f29d580c

feat(excititor): continuation — orchestrator test coverage + doc reconciliation

Follow-up to commit 7efa424fe (EXCITITOR-CFG-01/02/03). Captures the
continuation edits that landed alongside/after the initial commit:

- VexIngestOrchestrator.cs: additional effective-settings resolver
  hardening (+63 lines).
- DefaultVexProviderRunner.cs: worker-path settings merge refinement.
- VexIngestOrchestratorTests.cs (new): focused test coverage for the
  effective-settings + blocked-readiness path.
- DefaultVexProviderRunnerTests.cs: corresponding worker-path coverage.
- TASKS.md entries updated in both test projects.

Docs reconciliation:
- provider-credentials.md (new): operator credential-entry dossier
  mirroring the Concelier source-credentials.md pattern.
- provider-control-plane.md: cross-link updates.
- ops/connector-setup-guide.md: authoritative-inventory pointers updated
  to reference the new credential dossiers; microsoft-entra API-permission
  steps generalized to "your MSRC onboarding flow" (MSRC Security Updates
  API availability varies by tenant).
- SPRINT_20260422_007 execution log appended.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 07:32:58 +03:00

master

7efa424fe2

feat(excititor): persisted provider configuration + blocked-readiness (EXCITITOR-CFG-01/02/03)

Closes 3 of 4 tasks in SPRINT_20260422_007. EXCITITOR-CFG-04 (OCI
binary-material handling) stays BLOCKED pending a secret-reference
storage-model design decision — sprint header called that out as a
scope boundary.

Mirrors the SRC-CREDS pattern (commits 838257245 + earlier) to give
Excititor VEX providers the same persisted-credentials + blocked-
readiness contract that advisory sources now have.

Persistence (EXCITITOR-CFG-01):
- New vex.provider_settings table via embedded migration
  007_vex_provider_settings.sql (auto-applied by AddStartupMigrations).
  Key: provider_id; columns: settings jsonb, updated_by, timestamps.
- PostgresVexProviderSettingsStore (Dapper) + ProviderSettingsRow EfCore
  model + InMemoryVexProviderSettingsStore for tests.
- IVexProviderSettingsStore + VexProviderSettingsRecord added to
  StellaOps.Excititor.Core/Storage.
- Existing vex.providers row (trust, discovery, base_uris, enabled)
  untouched — additive only.

API surface:
- GET /excititor/providers/{id}/configuration → masked snapshot with
  fields: key, label, inputType, sensitive, required, value, hasValue,
  isSecretRetained, helpText, placeholder. Plaintext secrets never
  returned.
- PUT /excititor/providers/{id}/configuration with { values, clearKeys }.
  Sensitive fields submitted blank are retained; clearKeys explicitly
  deletes.
- Field schemas shipped for excititor:cisco / msrc / suse-rancher.

Effective settings + readiness (EXCITITOR-CFG-02):
- VexProviderConfigurationService.ComputeConfigurationFailure drives
  readiness. When persisted-enabled but missing required fields, the
  provider status reports blockingReasonCode=PROVIDER_CONFIG_REQUIRED
  (or PROVIDER_CONFIG_INVALID on validation failure), readiness=blocked.
  Configuration failures take priority over retry-backoff reasons so the
  actionable message surfaces first.
- VexIngestOrchestrator.ValidateConnectorAsync + ExecuteRunAsync resolve
  effective settings from VexProviderRuntimeSettingsCache; same
  settings flow into DefaultVexProviderRunner (worker scheduled runs).
  Previously those paths validated against empty / schedule-only options.

CLI + Web (EXCITITOR-CFG-03):
- CLI: `stella vex providers configure <provider> [--set k=v] [--clear k]
  [--format text|json]`. Aliases cisco/msrc/rancher → excititor:*.
- Web: VexProviderManagementApi.getConfiguration / updateConfiguration
  +VexProviderConfigurationComponent (Angular standalone). Component
  renders masked-secret + clear toggles + required indicators + help/
  placeholder. Routing intentionally minimal (no new route added) to
  avoid stepping on the parallel FE test agent.

Tests: targeted xUnit via scripts/test-targeted-xunit.ps1:
- VexProviderConfigurationServiceTests → Total: 8, Failed: 0
- ProviderManagementEndpointsTests regression → Total: 5, Failed: 0

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-22 23:44:21 +03:00

master

3871732765

feat(excititor+cli+web): VEX provider control plane — CLI + Web extensions (SPRINT_20260422_004)

Continues the SPRINT_20260422_004_Concelier_full_connector_control_plane
feature stream started in commit 5c1b59580 (Excititor provider management
endpoints + contracts + service + tests). Adds the CLI + Web surfaces on
top of that backend.

CLI (src/Cli/**):
- CommandHandlers + BackendOperationsClient extended with provider
  management calls
- ExcititorProviderSummary model added to the CLI's service models
- NonCoreCliCommandModule wires the new commands; tests updated
- TASKS.md entries synced

Web console (src/Web/StellaOps.Web/**):
- New vex-provider-catalog.component + vex-provider-management.api client
- advisory-source-catalog + advisory-vex-route-helpers extended to route
  users to the new VEX provider surface
- integration-hub.routes.ts registers the new route
- security-disposition-page.component.ts updated for the flow

Excititor/Concelier docs + contracts:
- docs/modules/excititor/operations/provider-control-plane.md — operator
  guide for the new control plane
- docs/modules/excititor/README.md + docs/modules/concelier/{README,
  connectors}.md — cross-links + refs
- ConfiguredAdvisorySourceService.cs — additional provider plumbing
- StellaOps.Excititor.WebService/TASKS.md synced

Sprint doc (docs/implplan/SPRINT_20260422_004_*.md) reflects the
in-flight progress.

This is external-stream work picked up during the 2026-04-22 session's
closeout — bundling it now so the working tree is clean and main stays
in sync with local feature-branch state.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-22 19:24:49 +03:00

3 Commits