52 lines
1.7 KiB
Markdown
52 lines
1.7 KiB
Markdown
# AirGap
|
|
|
|
**Status:** Implemented
|
|
**Source:** `src/AirGap/`
|
|
**Owner:** Platform Team
|
|
|
|
## Purpose
|
|
|
|
AirGap manages sealed knowledge snapshot export and import for offline/air-gapped deployments. Provides time-anchored snapshots with staleness policies, deterministic bundle creation, and secure import validation for complete offline operation.
|
|
|
|
## Components
|
|
|
|
**Services:**
|
|
- `StellaOps.AirGap.Controller` - Snapshot orchestration and staleness enforcement
|
|
- `StellaOps.AirGap.Importer` - Import validation and bundle ingestion
|
|
|
|
**Libraries:**
|
|
- `StellaOps.AirGap.Policy` - Staleness policy evaluation
|
|
- `StellaOps.AirGap.Time` - Time anchor validation and trust
|
|
- `StellaOps.AirGap.Storage.Postgres` - PostgreSQL storage for snapshots
|
|
- `StellaOps.AirGap.Storage.Postgres.Tests` - Storage integration tests
|
|
|
|
## Configuration
|
|
|
|
See `etc/airgap.yaml.sample` for configuration options.
|
|
|
|
Key settings:
|
|
- Staleness policy (maxAgeHours, warnAgeHours, staleAction)
|
|
- Time anchor requirements (requireTimeAnchor)
|
|
- Per-content staleness budgets (advisories, VEX, packages, mitigations)
|
|
- PostgreSQL connection (schema: `airgap`)
|
|
- Export/import paths and validation rules
|
|
|
|
## Dependencies
|
|
|
|
- PostgreSQL (schema: `airgap`)
|
|
- Authority (authentication)
|
|
- ExportCenter (bundle creation)
|
|
- Mirror (snapshot sources)
|
|
- All data modules (Concelier, VexHub, SbomService, etc.)
|
|
|
|
## Related Documentation
|
|
|
|
- Operations: `./operations/` (if exists)
|
|
- Offline Kit: `../../24_OFFLINE_KIT.md`
|
|
- Mirror: `../mirror/`
|
|
- ExportCenter: `../export-center/`
|
|
|
|
## Current Status
|
|
|
|
Implemented with Controller for snapshot export and Importer for secure ingestion. Staleness policies enforce time-bound validity. Integrated with ExportCenter for bundle packaging and all data modules for content export/import.
|