stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity
Files
main
git.stella-ops.org/docs/modules/policy
History
master 66cb6c4b8a
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Add guild charters and task boards for various components 
- Introduced guild charters for Scanner Deno, PHP, Ruby, Native, WebService, Java, Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, UI, Zastava Observer, Zastava Webhook, Zastava Core, and Plugin Platform.
- Each charter outlines the mission, scope, required reading, and working agreements for the respective guilds.
- Created task boards for Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, and Zastava components to track progress and dependencies.
- Ensured all documents emphasize determinism, offline readiness, security, and integration with shared Surface libraries.
2025-11-01 02:21:46 +02:00
..
AGENTS.md
feat: Add guild charters and task boards for various components
2025-11-01 02:21:46 +02:00
architecture.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00
implementation_plan.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00
README.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00
TASKS.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00

README.md

StellaOps Policy Engine

Policy Engine compiles and evaluates Stella DSL policies deterministically, producing explainable findings with full provenance.

Responsibilities

  • Compile stella-dsl@1 packs into executable graphs.
  • Join advisories, VEX evidence, and SBOM inventories to derive effective findings.
  • Expose simulation and diff APIs for UI/CLI workflows.
  • Emit change-stream driven events for Notify/Scheduler integrations.

Key components

  • StellaOps.Policy.Engine service host.
  • Shared libraries under StellaOps.Policy.* for evaluation, storage, DSL tooling.

Integrations & dependencies

  • MongoDB findings collections, RustFS explain bundles.
  • Scheduler for incremental re-evaluation triggers.
  • CLI/UI for policy authoring and runs.

Operational notes

  • DSL grammar and lifecycle docs in ../../policy/.
  • Observability guidance in ../../observability/policy.md.
  • Governance and scope mapping in ../../security/policy-governance.md.

Backlog references

  • DOCS-POLICY-20-001 … DOCS-POLICY-20-012 (completed baseline).
  • DOCS-POLICY-23-007 (upcoming command updates).

Epic alignment

  • Epic 2 Policy Engine & Editor: deliver deterministic evaluation, DSL infrastructure, explain traces, and incremental runs.
  • Epic 4 Policy Studio: integrate registry workflows, simulation at scale, approvals, and promotion semantics.