stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
0103defcffd57d9910f75398792f58969fdb4c5c
git.stella-ops.org/docs/modules/export-center/README.md
StellaOps Bot 0103defcff docs consolidation work
2025-12-25 19:09:48 +02:00

75 lines
4.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# StellaOps Export Center
Export Center packages reproducible evidence bundles (JSON, Trivy DB, mirror) with provenance metadata and optional signing for offline or mirrored deployments.
## Latest updates (2025-11-30)
- Sprint tracker `docs/implplan/SPRINT_0320_0001_0001_docs_modules_export_center.md` and module `TASKS.md` added to mirror status.
- Observability runbook stub + dashboard placeholder added under `operations/` (offline import).
- Bundle/profile/offline manifest guidance reaffirmed (`devportal-offline*.md`, `mirror-bundles.md`, `provenance-and-signing.md`).
## Responsibilities
- Coordinate export jobs based on profiles and scope selectors.
- Assemble manifests, provenance documents, and cosign signatures.
- Stream bundles via HTTP/OCI and stage them for Offline Kit uses.
- Expose CLI/API surfaces for automation.
## Key components
- `StellaOps.ExportCenter.WebService` planner.
- `StellaOps.ExportCenter.Worker` bundle builder.
- Adapters in `StellaOps.ExportCenter.*` for JSON/Trivy/mirror variants.
## Profiles at a glance
- **json:raw / json:policy** — Evidence bundles with raw ingestion facts or policy overlays.
- **trivy:db / trivy:java-db** — Trivy-compatible vulnerability feeds with deterministic manifests.
- **mirror:full / mirror:delta** — OCI-style mirrors with provenance, TUF metadata, and optional encryption.
- **devportal:offline** — Developer portal static assets, specs, SDKs, and changelogs packaged with `manifest.json`, `checksums.txt`, helper scripts, and a DSSE-signed manifest (`manifest.dsse.json`) for offline verification.
## Integrations & dependencies
- Concelier/Excititor/Policy data stores for evidence.
- Signer/Attestor for provenance signing.
- CLI for operator-managed exports.
## Operational notes
- Runbooks in ./operations/ for deployment and monitoring.
- Observability assets: `operations/observability.md` and `operations/dashboards/export-center-observability.json` (offline import).
- Mirror bundle instructions and validation notes.
- Telemetry dashboards for export latency and retry rates.
## Related resources
- ./operations/runbook.md
- ./devportal-offline.md (bundle structure, verification workflow, DSSE signature details)
- ./provenance-and-signing.md (manifest/provenance schema, signing pipeline, verification)
## Backlog references
- DOCS-EXPORT-35-001 … DOCS-EXPORT-37-002 in ../../TASKS.md.
- EXPORT-ATTEST-75-002 cross-team deliverable.
## Epic alignment
- **Epic 10 Export Center:** deliver canonical JSON, Trivy DB, and mirror bundle workflows with provenance, signatures, and offline parity.
## Implementation Status
### Delivery Phases
- **Phase 1 JSON & mirror foundations:** Stand up service + worker, deliver canonical JSON and mirror profiles, seed schema migrations, publish manifest/provenance formats
- **Phase 2 Trivy adapters & distribution:** Implement Trivy DB/Java DB adapters, wire OCI/object storage distribution, expose policy snapshot embedding + verification
- **Phase 3 Delta, encryption, scheduling:** Release mirror deltas, bundle encryption, advanced scheduling/automation, resumable downloads, CLI/Console verification workflows
### Acceptance Criteria
- Operators can create, monitor, and download exports; verification succeeds against manifest + provenance
- Trivy bundles import cleanly; mirror bundles run in Offline Kit reference environment (full + delta)
- Policy snapshot runs reproduce deterministic decisions with embedded policyVersion + inputsHash
- Tenant scoping and RBAC block unauthorized actions; encryption-enabled bundles lock data to recipient keys
- Metrics and dashboards reflect live runs; alerts trigger on sustained failure rates
- Retried runs remain idempotent with matching manifests, hashes, and distribution artefacts
### Key Risks & Mitigations
- **Schema drift:** Versioned adapters with compatibility gates, CI integration tests, fail-fast with actionable errors
- **Bundle bloat:** zstd compression, sharding, delta exports, OCI dedupe
- **Data leakage:** Strict schema allowlists, tenancy filters, redaction enforcement, encryption options
- **Non-determinism:** Embed policy snapshots, enforce deterministic ordering, include content hashes in manifest
### Recent Updates
- Sprint tracker and module TASKS.md added to mirror status
- Observability runbook stub + dashboard placeholder added under operations/
- Bundle/profile/offline manifest guidance reaffirmed
Reference in New Issue View Git Blame Copy Permalink