# StellaOps Flow Documentation

This directory contains detailed end-to-end flow documentation for all major StellaOps workflows.

## Flow Categories

### Core Platform Flows (Existing)

| Flow | File | Description |
|------|------|-------------|
| Dashboard Data Flow | [01-dashboard-data-flow.md](01-dashboard-data-flow.md) | How dashboard aggregates and displays security posture |
| Scan Submission Flow | [02-scan-submission-flow.md](02-scan-submission-flow.md) | End-to-end container image scan lifecycle |
| SBOM Generation Flow | [03-sbom-generation-flow.md](03-sbom-generation-flow.md) | Multi-analyzer SBOM generation and attestation |
| Policy Evaluation Flow | [04-policy-evaluation-flow.md](04-policy-evaluation-flow.md) | K4 lattice policy evaluation with confidence scoring |
| Notification Flow | [05-notification-flow.md](05-notification-flow.md) | Multi-channel notification delivery |
| Export Flow | [06-export-flow.md](06-export-flow.md) | Report and evidence bundle generation |

### Advanced Flows (New)

| Flow | File | Description |
|------|------|-------------|
| CI/CD Gate Flow | [10-cicd-gate-flow.md](10-cicd-gate-flow.md) | Pipeline integration with pass/fail gates |
| Advisory Drift Re-scan Flow | [11-advisory-drift-rescan-flow.md](11-advisory-drift-rescan-flow.md) | Automatic re-evaluation on new advisories |
| VEX Auto-Generation Flow | [12-vex-auto-generation-flow.md](12-vex-auto-generation-flow.md) | ML-assisted VEX statement generation |
| Evidence Bundle Export Flow | [13-evidence-bundle-export-flow.md](13-evidence-bundle-export-flow.md) | Auditable evidence package creation |
| Multi-Tenant Policy Rollout Flow | [14-multi-tenant-policy-rollout-flow.md](14-multi-tenant-policy-rollout-flow.md) | Cross-tenant policy propagation |
| Binary Delta Attestation Flow | [15-binary-delta-attestation-flow.md](15-binary-delta-attestation-flow.md) | Binary-level change attestation |
| Offline Sync Flow | [16-offline-sync-flow.md](16-offline-sync-flow.md) | Air-gapped environment synchronization |
| Exception Approval Workflow | [17-exception-approval-workflow.md](17-exception-approval-workflow.md) | Policy exception request and approval |
| Risk Score Dashboard Flow | [18-risk-score-dashboard-flow.md](18-risk-score-dashboard-flow.md) | Real-time risk aggregation and display |
| Reachability Drift Alert Flow | [19-reachability-drift-alert-flow.md](19-reachability-drift-alert-flow.md) | Runtime reachability change detection |

## Flow Documentation Format

Each flow document follows a standard structure:

1. **Overview** - Brief description and business value
2. **Actors** - Users, systems, and services involved
3. **Prerequisites** - Required configuration and dependencies
4. **Flow Diagram** - UML sequence/activity diagram
5. **Step-by-Step** - Detailed step descriptions
6. **Data Contracts** - Input/output schemas
7. **Error Handling** - Failure modes and recovery
8. **Observability** - Metrics, logs, and traces
9. **Related Flows** - Cross-references to related workflows

## Module Ownership

| Flow Category | Primary Module | Supporting Modules |
|---------------|----------------|-------------------|
| Scanning | Scanner | Gateway, Scheduler, Attestor |
| Policy | Policy | VexLens, Concelier, Scanner |
| Advisory | Concelier | Excititor, Mirror, VexLens |
| Export | ExportCenter | EvidenceLocker, Attestor, Signer |
| Notification | Notify | Scheduler, Orchestrator |
| CI/CD | CLI | Gateway, Scanner, Policy |

## Related Documentation

- [User Flows (UML)](../technical/architecture/user-flows.md)
- [Data Flows](../technical/architecture/data-flows.md)
- [Module Matrix](../technical/architecture/module-matrix.md)
- [Schema Mapping](../technical/architecture/schema-mapping.md)