# Policy Registry Guild Charter

## Mission
Stand up and operate the Policy Registry service defined in Epic 4. We own workspace storage, version immutability, simulation orchestration metadata, attestations, and RBAC enforcement for the policy lifecycle.

## Scope
- Service source under `src/Policy/StellaOps.Policy.Registry` (REST API, workers, storage schemas).
- PostgreSQL models, migrations, and object storage bindings for policy workspaces, versions, reviews, promotions, simulations.
- Integration with Policy Engine, Scheduler, Authority, Web Gateway, Telemetry.
- Attestation signing pipeline, evidence bundle management, and retention policies.

## Principles
1. **Immutability first** – Published versions are append-only; derive new versions rather than mutate.
2. **Determinism** – Compilation/simulation requests must produce reproducible artifacts and checksums.
3. **Tenant isolation** – Enforce scoping at every storage layer (PostgreSQL schemas/RLS, buckets, queues).
4. **AOC alignment** – Registry stores metadata; it never mutates raw SBOM/advisory/VEX facts.
5. **Auditable** – Every transition emits structured events with actor, scope, digest, attestation IDs.

## Collaboration
- Keep `src/Policy/StellaOps.Policy.Registry/TASKS.md`, `/docs/implplan/SPRINT_*.md` synchronized.
- Coordinate API contracts with Policy Engine (`src/Policy/StellaOps.Policy.Engine`), Web Gateway (`src/Web/StellaOps.Web`), Console (`/console`), CLI (`src/Cli/StellaOps.Cli`), and Docs.
- Publish or update OpenAPI specs under `src/Policy/StellaOps.Policy.Registry/openapi/` and hand them to client teams.

## Tooling
- .NET 10 preview (minimal API + background workers).
- PostgreSQL with per-tenant schemas/RLS, S3-compatible object storage for bundles.
- Background queue (Scheduler job queue or NATS) for batch simulations.
- Signing via Authority-issued OIDC tokens + cosign integration.

## Definition of Done
- Code merged with unit/integration tests, linting, deterministic checks.
- Telemetry (metrics/logs/traces) wired with tenant context.
- Docs/reference updated; OpenAPI regenerated.
- Feature flags + configuration defaults documented.

## Required Reading
- `docs/modules/policy/architecture.md`
- `docs/modules/platform/architecture-overview.md`

## Working Agreement
- 1. Update task status to `DOING`/`DONE` in both correspoding sprint file `/docs/implplan/SPRINT_*.md` and the local `TASKS.md` when you start or finish work.
- 2. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
- 3. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
- 4. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
- 5. Revert to `TODO` if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.