15 KiB
15 KiB
Stella Ops UI Structure - Part 1: Shell & Navigation
Technology Stack
- Framework: Angular 17+ (standalone components, signals)
- Routing: Angular Router with lazy-loaded modules
- Styling: SCSS
- Architecture: Feature-based module organization under
src/app/features/ - Location:
src/Web/StellaOps.Web/
1. MAIN SHELL & HEADER
┌─────────────────────────────────────────────────────────────────────────────────┐
│ [QUICKSTART BANNER - visible only in demo/offline mode] │
├─────────────────────────────────────────────────────────────────────────────────┤
│ ┌─────────────┐ ┌─────────────────────────────────────────┐ ┌────────────────┐ │
│ │ StellaOps │ │ HOME│ANALYZE│TRIAGE│POLICY│OPS│NOTIFY│ │ Fresh Auth │ │
│ │ Dashboard │ │ │ADMIN │ │ Tenant: xxx │ │
│ │ (brand) │ │ │ │ [User Menu ▼] │ │
│ └─────────────┘ └─────────────────────────────────────────┘ └────────────────┘ │
├─────────────────────────────────────────────────────────────────────────────────┤
│ [BREADCRUMB: Dashboard > Section > Subsection] │
├─────────────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────────────────────────┐ │
│ │ <router-outlet /> │ │
│ │ (Page Content) │ │
│ └─────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────────────────────┘
│
┌─────────────────────┼─────────────────────┐
▼ ▼ ▼
[Command Palette] [Toast Container] [Keyboard Shortcuts]
Shell Components (from app.component.html)
app-navigation-menu- Main navigationapp-user-menu- User dropdownapp-breadcrumb- Breadcrumb navigationapp-command-palette- Command palette (keyboard shortcut access)app-toast-container- Toast notificationsapp-keyboard-shortcuts- Keyboard shortcut handler
2. NAVIGATION MENU STRUCTURE
Source: src/app/core/navigation/navigation.config.ts
┌──────────────────────────────────────────────────────────────────────────────┐
│ MAIN NAVIGATION │
├──────────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ │
│ │ HOME │ │ ANALYZE │ │ TRIAGE │ │ POLICY │ │ OPS │ │
│ │ [icon] │ │ [icon] ▼ │ │ [icon] ▼ │ │ [icon] ▼ │ │ [icon] ▼ │ │
│ └────┬─────┘ └────┬─────┘ └────┬─────┘ └────┬─────┘ └────┬─────┘ │
│ │ │ │ │ │ │
│ ┌────▼─────┐ ┌────▼───────────────────┐ ┌────▼──────────┐ ┌─▼────────────┐│
│ │Dashboard │ │ • Scans & Findings │ │ • Artifacts │ │• SBOM Sources││
│ └──────────┘ │ • Vulnerabilities │ │ • Exceptions │ │• Quotas ││
│ │ • SBOM Graph │ │ • Audit │ │ └→ Overview ││
│ │ • Lineage │ │ Bundles │ │ └→ Tenants ││
│ │ • Reachability │ │ • Risk │ │ └→ Throttle ││
│ │ • VEX Hub │ │ Profiles │ │ └→ Forecast ││
│ │ • Unknowns │ └───────────────┘ │ └→ Alerts ││
│ │ • Patch Map │ │ └→ Reports ││
│ └────────────────────────┘ │• Dead-Letter ││
│ │ └→ Dashboard││
│ ┌──────────┐ ┌───────────────────────────────────────────▲│ └→ Queue ││
│ │ NOTIFY │ │ ADMIN (scoped) ││• SLO Monitor ││
│ │ [icon] │ │ ││ └→ Dashboard││
│ └────┬─────┘ └────┬──────────────────────────────────────┘│ └→ Alerts ││
│ │ │ │ └→ Defs ││
│ ┌────▼─────┐ ┌────▼───────────────────────────────────┐ │• Platform ││
│ │Notific. │ │ • Tenants • OAuth Clients │ │ Health ││
│ │Panel │ │ • Users • Tokens │ │• Feed Mirror ││
│ └──────────┘ │ • Roles • Unified Audit Log │ │ └→ Dashboard││
│ │ • Branding • Notification Admin │ │ └→ AirGap ││
│ │ • Platform • Trust Management │ │• Offline Kit ││
│ │ Status • Policy Governance │ │• AOC Compli. ││
│ │ • Trivy DB • Policy Simulation │ │• Scheduler ││
│ │ • Registry • Issuer Directory │ │• Doctor Diag ││
│ │ Tokens • Scanner Ops │ │ ││
│ └────────────────────────────────────────┘ └──────────────┘│
└──────────────────────────────────────────────────────────────────────────────┘
3. NAVIGATION GROUPS DETAIL
3.1 HOME Group
| ID | Label | Route | Icon | Scopes |
|---|---|---|---|---|
| dashboard | Dashboard | / |
dashboard | - |
3.2 ANALYZE Group
| ID | Label | Route | Icon | Scopes |
|---|---|---|---|---|
| findings | Scans & Findings | /findings |
scan | - |
| vulnerabilities | Vulnerabilities | /vulnerabilities |
bug | - |
| graph | SBOM Graph | /graph |
graph | graph:read |
| lineage | Lineage | /lineage |
git-branch | - |
| reachability | Reachability | /reachability |
network | - |
| vex-hub | VEX Hub | /admin/vex-hub |
shield-check | - |
| unknowns | Unknowns | /analyze/unknowns |
help-circle | - |
| patch-map | Patch Map | /analyze/patch-map |
grid | - |
3.3 TRIAGE Group
| ID | Label | Route | Icon | Scopes |
|---|---|---|---|---|
| artifacts | Artifact Workspace | /triage/artifacts |
package | - |
| exceptions | Exception Queue | /exceptions |
exception | - |
| audit-bundles | Audit Bundles | /triage/audit-bundles |
archive | - |
| risk | Risk Profiles | /risk |
shield | - |
3.4 POLICY Group
| ID | Label | Route | Icon | Scopes |
|---|---|---|---|---|
| policy-studio | Policy Studio | - | edit | - |
| ├─ policy-editor | Editor | /policy-studio/packs |
- | policy:author |
| ├─ policy-simulate | Simulate | /policy-studio/simulate |
- | policy:simulate |
| ├─ policy-approvals | Approvals | /policy-studio/approvals |
- | policy:review OR policy:approve |
| └─ policy-dashboard | Dashboard | /policy-studio/dashboard |
- | policy:read |
| orchestrator | Jobs & Orchestration | /orchestrator |
workflow | - |
3.5 OPS Group
| ID | Label | Route | Icon | Children |
|---|---|---|---|---|
| sbom-sources | SBOM Sources | /sbom-sources |
database | - |
| quotas | Quota Dashboard | /ops/quotas |
gauge | Overview, Tenant Usage, Throttle Events, Forecast, Alert Config, Reports |
| dead-letter | Dead-Letter Queue | /ops/orchestrator/dead-letter |
alert-triangle | Dashboard, Queue Browser |
| slo-monitoring | SLO Monitoring | /ops/orchestrator/slo |
activity | Dashboard, Alerts, Definitions |
| platform-health | Platform Health | /ops/health |
heart-pulse | Dashboard, Incidents |
| feed-mirror | Feed Mirror & AirGap | /ops/feeds |
mirror | Dashboard, Import Bundle, Export Bundle, Version Locks |
| offline-kit | Offline Kit | /ops/offline-kit |
offline | Dashboard, Bundles, Verification, JWKS |
| aoc-compliance | AOC Compliance | /ops/aoc |
shield-check | Dashboard, Guard Violations, Ingestion Flow, Provenance Validator, Compliance Report |
3.6 NOTIFY Group
| ID | Label | Route | Icon | Scopes |
|---|---|---|---|---|
| notifications | Notifications | /notify |
notification | - |
3.7 ADMIN Group (requires ui.admin scope)
| ID | Label | Route | Icon | Notes |
|---|---|---|---|---|
| tenants | Tenants | /console/admin/tenants |
building | - |
| users | Users | /console/admin/users |
users | - |
| roles | Roles & Scopes | /console/admin/roles |
key | - |
| clients | OAuth Clients | /console/admin/clients |
app | - |
| tokens | Tokens | /console/admin/tokens |
token | - |
| audit | Unified Audit Log | /admin/audit |
log | Has children: Dashboard, All Events, Policy Audit, Authority Audit, VEX Audit, Integration Audit, Export |
| branding | Branding | /console/admin/branding |
palette | - |
| platform-status | Platform Status | /console/status |
monitor | - |
| trivy-db | Trivy DB Settings | /concelier/trivy-db-settings |
database | - |
| admin-notifications | Notification Admin | /admin/notifications |
bell-config | - |
| admin-trust | Trust Management | /admin/trust |
certificate | - |
| policy-governance | Policy Governance | /admin/policy/governance |
policy-config | - |
| policy-simulation | Policy Simulation | /admin/policy/simulation |
test-tube | - |
| registry-admin | Registry Tokens | /admin/registries |
container | - |
| issuer-trust | Issuer Directory | /admin/issuers |
shield-check | - |
| scanner-ops | Scanner Ops | /ops/scanner |
scan | - |
4. USER MENU ITEMS
| ID | Label | Route | Icon |
|---|---|---|---|
| profile | Profile | /console/profile |
user |
| settings | Settings | /settings |
settings |
5. FEATURE MODULES COUNT
Total feature directories under src/app/features/: 77 modules
admin-notifications/ evidence-export/ policy-governance/ setup-wizard/
advisory-ai/ evidence-pack/ policy-simulation/ slo-monitoring/
ai-runs/ evidence-thread/ policy-studio/ snapshot/
aoc/ exceptions/ proof/ sources/
aoc-compliance/ feed-mirror/ proof-chain/ timeline/
audit-log/ findings/ proof-studio/ triage/
auth/ graph/ proofs/ triage-inbox/
binary-index/ home/ quota-dashboard/ trivy-db-settings/
change-trace/ integration-hub/ reachability/ trust-admin/
compare/ integrations/ registry-admin/ unknowns/
configuration-pane/ issuer-trust/ release-orchestrator/ unknowns-tracking/
console/ lineage/ releases/ verdicts/
console-admin/ notify/ risk/ vex-hub/
cvss/ offline-kit/ runs/ vex-studio/
dashboard/ opsmemory/ sbom/ vuln-explorer/
deadletter/ orchestrator/ sbom-sources/ vulnerabilities/
doctor/ platform-health/ scanner-ops/ welcome/
evidence/ policy/ scans/
policy-gates/ scheduler-ops/
scores/
secret-detection/
settings/