stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
1,152 Commits 1 Branch 0 Tags
f8e4bf65fb271420b06b1f2d4afba8ec1656a860
Commit Graph

110 Commits

Author SHA1 Message Date
master
f8e4bf65fb Stabilize web test lane warning cleanup 2026-04-06 00:51:15 +03:00
master
da76d6e93e Add topology auth policies + journey findings notes 
Concelier:
- Register Topology.Read, Topology.Manage, Topology.Admin authorization
  policies mapped to OrchRead/OrchOperate/PlatformContextRead/IntegrationWrite
  scopes. Previously these policies were referenced by endpoints but never
  registered, causing System.InvalidOperationException on every topology
  API call.

Gateway routes:
- Simplified targets/environments routes (removed specific sub-path routes,
  use catch-all patterns instead)
- Changed environments base route to JobEngine (where CRUD lives)
- Changed to ReverseProxy type for all topology routes

KNOWN ISSUE (not yet fixed):
- ReverseProxy routes don't forward the gateway's identity envelope to
  Concelier. The regions/targets/bindings endpoints return 401 because
  hasPrincipal=False — the gateway authenticates the user but doesn't
  pass the identity to the backend via ReverseProxy. Microservice routes
  use Valkey transport which includes envelope headers. Topology endpoints
  need either: (a) Valkey transport registration in Concelier, or
  (b) Concelier configured to accept raw bearer tokens on ReverseProxy paths.
  This is an architecture-level fix.

Journey findings collected so far:
- Integration wizard (Harbor + GitHub App): works end-to-end
- Advisory Check All: fixed (parallel individual checks)
- Mirror domain creation: works, generate-immediately fails silently
- Topology wizard Step 1 (Region): blocked by auth passthrough issue
- Topology wizard Step 2 (Environment): POST to JobEngine needs verify
- User ID resolution: raw hashes shown everywhere

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-16 08:12:39 +02:00
master
28932d4a85 Document local CLI setup and harden live search suggestions 2026-03-07 03:12:40 +02:00
master
8e1cb9448d consolidation of some of the modules, localization fixes, product advisories work, qa work 2026-03-05 03:54:22 +02:00
master
b07d27772e search and ai stabilization work, localization stablized. 2026-02-24 23:29:36 +02:00
master
e746577380 wip: doctor/cli/docs/api to vector db consolidation; api hardening for descriptions, tenant, and scopes; migrations and conversions of all DALs to EF v10 2026-02-23 15:30:50 +02:00
master
bd8fee6ed8 stela ops usage fixes roles propagation and timoeut, one account to support multi tenants, migrations consolidation, search to support documentation, doctor and open api vector db search 2026-02-22 19:27:54 +02:00
master
a29f438f53 setup and mock fixes 2026-02-21 20:14:23 +02:00
master
1edce73165 mock data 2026-02-21 19:10:28 +02:00
master
cf5b72974f save checkpoint 2026-02-11 01:32:14 +02:00
master
4bdc298ec1 partly or unimplemented features - now implemented 2026-02-09 08:53:51 +02:00
master
5d5e80b2e4 stabilize tests 2026-02-01 21:37:40 +02:00
master
55744f6a39 tests fixes and some product advisories tunes ups 2026-01-30 07:57:43 +02:00
master
644887997c test fixes and new product advisories work 2026-01-28 02:30:48 +02:00
master
82caceba56 tests fixes 2026-01-27 08:23:42 +02:00
master
6e687b523a fix tests. new product advisories enhancements 2026-01-25 19:11:36 +02:00
master
c70e83719e finish off sprint advisories and sprints 2026-01-24 00:12:43 +02:00
master
726d70dc7f tests fixes and sprints work 2026-01-22 19:08:46 +02:00
master
c32fff8f86 license switch agpl -> busl1, sprints work, new product advisories 2026-01-20 15:32:20 +02:00
master
17419ba7c4 doctor enhancements, setup, enhancements, ui functionality and design consolidation and , test projects fixes , product advisory attestation/rekor and delta verfications enhancements 2026-01-19 09:02:59 +02:00
master
da27b9faa9 release orchestration strengthening 2026-01-17 21:32:08 +02:00
master
702a27ac83 synergy moats product advisory implementations 2026-01-17 01:32:20 +02:00
master
77ff029205 todays product advirories implemented 2026-01-16 23:30:47 +02:00
master
c3a6269d55 new two advisories and sprints work on them 2026-01-16 18:44:34 +02:00
master
4ca3ce8fb4 sprints completion. new product advisories prepared 2026-01-16 16:30:03 +02:00
master
88a85cdd92 old sprints work, new sprints for exposing functionality via cli, improve code_of_conduct and other agents instructions 2026-01-15 18:38:18 +02:00
master
95d5898650 audit notes work completed, test fixes work (95% done), new sprints, new data sources setup and configuration 2026-01-14 10:48:00 +02:00
master
d7be6ba34b audit, advisories and doctors/setup work 2026-01-13 18:53:39 +02:00
master
b8868a5f13 audit work, doctors work 2026-01-12 23:39:07 +02:00
master
9330c64349 sln build fix (again), tests fixes, audit work and doctors work 2026-01-12 22:15:51 +02:00
master
9873f80830 release orchestrator v1 draft and build fixes 2026-01-12 12:24:17 +02:00
master
7f7eb8b228 Complete batch 012 (golden set diff) and 013 (advisory chat), fix build errors 
Sprints completed:
- SPRINT_20260110_012_* (golden set diff layer - 10 sprints)
- SPRINT_20260110_013_* (advisory chat - 4 sprints)

Build fixes applied:
- Fix namespace conflicts with Microsoft.Extensions.Options.Options.Create
- Fix VexDecisionReachabilityIntegrationTests API drift (major rewrite)
- Fix VexSchemaValidationTests FluentAssertions method name
- Fix FixChainGateIntegrationTests ambiguous type references
- Fix AdvisoryAI test files required properties and namespace aliases
- Add stub types for CveMappingController (ICveSymbolMappingService)
- Fix VerdictBuilderService static context issue

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-11 10:09:07 +02:00
master
701eb6b21c sprints work 2026-01-10 11:15:28 +02:00
master
608a7f85c0 audit work, fixed StellaOps.sln warnings/errors, fixed tests, sprints work, new advisories 2026-01-07 18:50:11 +02:00
StellaOps Bot
ab364c6032 sprints and audit work 2026-01-07 09:43:12 +02:00
StellaOps Bot
05833e0af2 Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org 2026-01-06 21:03:06 +02:00
master
4789027317 docs consolidation and others 2026-01-06 19:07:48 +02:00
StellaOps Bot
37e11918e0 save progress 2026-01-06 09:42:20 +02:00
master
d7bdca6d97 docs consolidation, big sln build fixes, new advisories and sprints/tasks 2026-01-05 18:37:08 +02:00
StellaOps Bot
3098e84de4 save progress 2026-01-04 14:54:52 +02:00
StellaOps Bot
83c37243e0 save progress 2026-01-03 11:02:24 +02:00
StellaOps Bot
ca578801fd save progress 2026-01-03 00:49:19 +02:00
master
c706b3d3e0 audit remarks work 2025-12-30 16:10:34 +02:00
StellaOps Bot
7a5210e2aa Frontend gaps fill work. Testing fixes work. Auditing in progress. 2025-12-30 01:22:58 +02:00
master
1647892b09 Add Astra Linux connector and E2E CLI verify bundle command 
Implementation of two completed sprints:

Sprint 1: Astra Linux Connector (SPRINT_20251229_005_CONCEL_astra_connector)
- Research complete: OVAL XML format identified
- Connector foundation implemented (IFeedConnector interface)
- Configuration options with validation (AstraOptions.cs)
- Trust vectors for FSTEC-certified source (AstraTrustDefaults.cs)
- Comprehensive documentation (README.md, IMPLEMENTATION_NOTES.md)
- Unit tests: 8 passing, 6 pending OVAL parser implementation
- Build: 0 warnings, 0 errors
- Files: 9 files (~800 lines)

Sprint 2: E2E CLI Verify Bundle (SPRINT_20251229_004_E2E_replayable_verdict)
- CLI verify bundle command implemented (CommandHandlers.VerifyBundle.cs)
- Hash validation for SBOM, feeds, VEX, policy inputs
- Bundle manifest loading (ReplayManifest v2 format)
- JSON and table output formats with Spectre.Console
- Exit codes: 0 (pass), 7 (file not found), 8 (validation failed), 9 (not implemented)
- Tests: 6 passing
- Files: 4 files (~750 lines)

Total: ~1950 lines across 12 files, all tests passing, clean builds.
Sprints archived to docs/implplan/archived/2025-12-29-completed-sprints/

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2025-12-29 16:57:16 +02:00
StellaOps Bot
c2b9cd8d1f Fix build and code structure improvements. New but essential UI functionality. CI improvements. Documentation improvements. AI module improvements. 2025-12-29 07:45:03 +02:00
StellaOps Bot
b4fc66feb6 Refactor code structure and optimize performance across multiple modules 2025-12-26 21:38:12 +02:00
StellaOps Bot
907783f625 Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism 
- Implement `SbomVexOrderingDeterminismProperties` for testing component list and vulnerability metadata hash consistency.
- Create `UnicodeNormalizationDeterminismProperties` to validate NFC normalization and Unicode string handling.
- Add project file for `StellaOps.Testing.Determinism.Properties` with necessary dependencies.
- Introduce CI/CD template validation tests including YAML syntax checks and documentation content verification.
- Create validation script for CI/CD templates ensuring all required files and structures are present.
 2025-12-26 15:17:58 +02:00
StellaOps Bot
ed3079543c save dev progress 2025-12-26 00:32:58 +02:00
StellaOps Bot
aa70af062e save development progress 2025-12-25 23:10:09 +02:00