# Pack 22 - Release-First IA Consolidation Advisory

Status: Active authority (partially superseded by Pack 23 for Platform IA)
Date: 2026-02-20
Precedence: Overrides `pack-21.md` and lower packs for overlapping IA, naming, and ownership decisions. Pack 23 supersedes Pack 22 for Platform menu placement and Ops/Integrations/Setup ownership boundaries.

## 1) Intent

- Reframe IA around Stella Ops core loop:
  - Release -> Gate (security + ops) -> Promote/Deploy -> Evidence -> Audit/Replay.
- Remove duplicated menus that represent the same lifecycle object from different angles.
- Keep backend semantics strict:
  - release identity is immutable and digest-first,
  - workflow/run/deployment/promotion are execution artifacts of a release.

## 2) Canonical mental model

- Release (formerly Bundle): immutable unit of change, identified by digest and metadata.
- Workflow/Pipeline: policy and orchestration template.
- Run: workflow execution instance for a release and context.
- Promotion: environment transition.
- Deployment: apply release to targets/runtimes.
- Hotfix: release type with expedited gate defaults (not a separate product root).

## 3) Canonical global navigation

Top-level modules:

1. Dashboard
2. Releases
3. Security
4. Evidence
5. Topology
6. Operations
7. Integrations
8. Administration

Persistent top bar context:

- Search
- Region multi-select
- Environment multi-select (scoped by selected regions)
- Time window selector
- Status indicators (offline/feed/policy/evidence)

## 4) Consolidation rules

- `Bundle` term is deprecated in UI:
  - use `Release`.
- `Create Bundle` becomes:
  - `Create Release`.
- `Current Release` action label becomes:
  - `Deploy Release`.
- The following become views inside `Releases` and are not standalone modules:
  - Runs,
  - Deployments,
  - Promotions,
  - Hotfixes.
- `Regions & Environments` is not daily navigation:
  - global context lives in top bar,
  - inventory/setup lives under `Topology`.
- Security surface is consolidated:
  - Overview,
  - Triage,
  - Advisories & VEX,
  - Supply-Chain Data.
- `Disposition` is a UX concept embedded in triage/detail:
  - Effective VEX,
  - Waivers/Exceptions,
  - Policy Gate Trace.
- VEX/advisory feed configuration belongs to `Integrations`, not Security.

## 5) Canonical module surfaces

### Dashboard

- Mission control posture:
  - deploying now,
  - blocked promotions,
  - hotfix lane,
  - risk posture,
  - evidence posture.
- Quick actions:
  - Create Release,
  - Create Hotfix,
  - Approvals Queue,
  - Export Evidence,
  - Replay decision capsule.

### Releases

- Releases List (standard + hotfix in one list).
- Release Detail tabs:
  - Overview,
  - Timeline,
  - Deploy,
  - Security,
  - Evidence,
  - Audit.
- Approvals Queue (cross-release).
- Activity (cross-release runs timeline).

### Security

- Overview:
  - blocker-first posture,
  - freshness/confidence,
  - expiring waivers and conflicts.
- Triage:
  - single dataset with pivots and facets,
  - sticky evidence rail (`Why`, `SBOM`, `Reachability`, `Effective VEX`, `Waiver`, `Policy Trace`, `Export`).
- Advisories & VEX:
  - provider health,
  - VEX library,
  - conflicts and resolution,
  - issuer trust.
- Supply-Chain Data:
  - SBOM Viewer,
  - SBOM Graph,
  - SBOM Lake,
  - Reachability coverage,
  - Coverage/Unknowns.
- Reports:
  - optional route family,
  - evidence export handoff remains owned by `Evidence`.

### Evidence

- Audit Log.
- Evidence Packs:
  - Export Center,
  - Proof Chains,
  - Replay and Verify.
- Trust and Signing:
  - user-facing trust posture can be reached here,
  - admin owner mutations remain governed by Administration scopes.

### Topology

- Regions.
- Environments.
- Targets and Hosts.
- Agents.
- Promotion Paths.
- Workflows.
- Gate Profiles.

Implementation update (2026-02-20):
- Dedicated operator pages now back canonical Topology routes:
  - `/topology/overview`,
  - `/topology/regions` + `/topology/environments` (region-first + flat/graph views),
  - `/topology/environments/:environmentId/posture` (topology-first tabs),
  - `/topology/targets`,
  - `/topology/hosts`,
  - `/topology/agents`,
  - `/topology/promotion-paths`.
- Generic inventory fallback remains only for non-primary Topology routes (`/topology/workflows`, `/topology/gate-profiles`).
- Region/environment global multi-select filters propagate as comma-joined query scope on Topology reads.

### Operations

- Platform Health.
- Orchestrator and Jobs.
- Scheduler.
- Data Integrity.
- Offline Kit.
- Quotas and Limits.

### Integrations

- Registries.
- SCM.
- CI/CD.
- Hosts/Targets connectors.
- Secrets.
- Advisory feeds.
- VEX sources/feeds.
- Integration Health.
- Integration Activity.

### Administration

- Identity and Access.
- Tenants and Branding.
- Notifications.
- Usage and Limits.
- Policy Governance.
- System.

## 6) Old-to-new mapping (route/module intent)

| Legacy intent | New canonical placement |
| --- | --- |
| `Release Control` root | Split into `Releases` + `Topology` |
| `Bundles` | `Releases` (rename Bundle -> Release) |
| `Promotions` | `Releases -> Release Detail -> Timeline` and `Releases -> Activity` |
| `Deployments` | `Releases -> Release Detail -> Deploy` and `Releases -> Activity` |
| `Run Timeline` | `Releases -> Activity` and `Release Detail -> Timeline` |
| `Hotfixes` | `Releases` filter/type + Dashboard hotfix lane |
| `Regions & Environments` menu | Top bar context + `Topology` inventory |
| `Security & Risk -> VEX` and `Exceptions` | `Security -> Triage` disposition rail + `Security -> Advisories & VEX` |
| `Security -> SBOM Graph` and `SBOM Lake` | `Security -> Supply-Chain Data` tabs |
| `Security -> Advisory Sources` config | `Integrations` feeds and source setup |
| `Platform Ops -> Agents` | `Topology -> Agents` |

## 7) Backend dependency directives

- Add/extend v2 contract namespaces for canonical modules:
  - `/api/v2/context/*`,
  - `/api/v2/releases/*`,
  - `/api/v2/topology/*`,
  - `/api/v2/security/*`,
  - `/api/v2/evidence/*`,
  - `/api/v2/integrations/*`,
  - `/api/v2/operations/*`.
- Keep legacy aliases during migration window (`/api/v1/*` and domain legacy paths) with explicit deprecation telemetry.
- Required DB migration families (Platform release DB sequence continues after `046_TrustSigningAdministration.sql`):
  - `047_GlobalContextAndFilters.sql`,
  - `048_ReleaseReadModels.sql`,
  - `049_TopologyInventory.sql`,
  - `050_SecurityDispositionProjection.sql`,
  - `051_IntegrationSourceHealth.sql`.

## 8) Planning acceptance gates

- Canonical docs (`source-of-truth.md`, `authority-matrix.md`, contract ledger) updated before sprint execution.
- Every new screen/route has endpoint classification:
  - `EXISTS_COMPAT`,
  - `EXISTS_ADAPT`,
  - `MISSING_NEW`.
- Backend migrations are listed in sprint completion criteria before FE route cutover tasks can be marked done.