git.stella-ops.org

stella-ops.org/git.stella-ops.org

Fork 0

Commit Graph

Author	SHA1	Message	Date
master	9586006404	Update journey notes: 21 fixed, 2 remaining, 2 product gaps identified All medium fixes verified on live stack: - Registry search: returns empty (no mock data) — confirmed - Post-seal guidance: "What's next?" panel shows on release creation - User ID display: truncated to "User 209d1257..." - Mirror generate: shows failure status with retry guidance - Wizard error handling: already implemented (was incorrectly logged) Audit log remains at 0 events — this is a product gap, not a UI issue. Services need to emit audit events (write path missing across modules). MapAuditEndpoints() only exposes the query interface. Topology wizard step 5 (Agent) is an expected fresh-install blocker. Final score: 21 fixed, 2 low-priority UI issues, 2 product gaps. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-16 10:49:12 +02:00
master	c13e47dbcb	Update journey notes: topology steps 1-4 working, plan for next phases - Topology wizard steps 1-4 all succeed on fresh install - Step 5 (Agent) is a natural blocker — no agents on fresh compose setup - Updated fix count: 16 fixed, 5 remaining - Added detailed journey resumption plan covering 4 phases: Phase 1 (immediate): skip agent, verify audit, honest registry search Phase 2: real deployment with Zot registry + scanner Phase 3: policy & evidence testing Phase 4: operational testing Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-16 09:51:29 +02:00
master	4e07f7bd72	Complete first-time user journey notes — full fresh install walkthrough Documented the complete journey from fresh install through: - Login, dashboard, integrations (Harbor + GitHub App) - Advisory sources (42 curated, 54 healthy) - Mirror domain creation (14 sources, signing) - Topology wizard (blocked at auth passthrough) - Release creation (sealed end-to-end with mock component) - Approvals queue, security posture, policy studio - Evidence/audit, doctor diagnostics 22 findings total (12 fixed, 10 tracked): - Critical: ReverseProxy auth passthrough (#13), audit log empty (#20) - High: Mock registry search in releases (#22) - Medium: No post-seal guidance (#21), silent failures, user ID hashes Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-16 08:19:10 +02:00

Author

SHA1

Message

Date

master

9586006404

Update journey notes: 21 fixed, 2 remaining, 2 product gaps identified

All medium fixes verified on live stack:
- Registry search: returns empty (no mock data) — confirmed
- Post-seal guidance: "What's next?" panel shows on release creation
- User ID display: truncated to "User 209d1257..."
- Mirror generate: shows failure status with retry guidance
- Wizard error handling: already implemented (was incorrectly logged)

Audit log remains at 0 events — this is a product gap, not a UI issue.
Services need to emit audit events (write path missing across modules).
MapAuditEndpoints() only exposes the query interface.

Topology wizard step 5 (Agent) is an expected fresh-install blocker.

Final score: 21 fixed, 2 low-priority UI issues, 2 product gaps.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-16 10:49:12 +02:00

master

c13e47dbcb

Update journey notes: topology steps 1-4 working, plan for next phases

- Topology wizard steps 1-4 all succeed on fresh install
- Step 5 (Agent) is a natural blocker — no agents on fresh compose setup
- Updated fix count: 16 fixed, 5 remaining
- Added detailed journey resumption plan covering 4 phases:
  Phase 1 (immediate): skip agent, verify audit, honest registry search
  Phase 2: real deployment with Zot registry + scanner
  Phase 3: policy & evidence testing
  Phase 4: operational testing

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-16 09:51:29 +02:00

master

4e07f7bd72

Complete first-time user journey notes — full fresh install walkthrough

Documented the complete journey from fresh install through:
- Login, dashboard, integrations (Harbor + GitHub App)
- Advisory sources (42 curated, 54 healthy)
- Mirror domain creation (14 sources, signing)
- Topology wizard (blocked at auth passthrough)
- Release creation (sealed end-to-end with mock component)
- Approvals queue, security posture, policy studio
- Evidence/audit, doctor diagnostics

22 findings total (12 fixed, 10 tracked):
- Critical: ReverseProxy auth passthrough (#13), audit log empty (#20)
- High: Mock registry search in releases (#22)
- Medium: No post-seal guidance (#21), silent failures, user ID hashes

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-16 08:19:10 +02:00

3 Commits