3.5 KiB
3.5 KiB
If you are working on this file you need to read docs/ARCHITECTURE_EXCITITOR.md and ./AGENTS.md).
TASKS
| Task | Owner(s) | Depends on | Notes |
|---|---|---|---|
| Bootstrap configuration fallback (env → appsettings{{.json/.yaml}}) | DevEx/CLI | Core | DONE – CLI loads API_KEY/STELLAOPS_BACKEND_URL from environment or local settings, defaulting to empty strings when unset. |
| Introduce command host & routing skeleton | DevEx/CLI | Configuration | DONE – System.CommandLine (v2.0.0-beta5) router stitched with scanner, scan, db, and config verbs. |
| Scanner artifact download/install commands | Ops Integrator | Backend contracts | DONE – scanner download caches bundles, validates SHA-256 (plus optional RSA signature), installs via docker load, persists metadata, and retries with exponential backoff. |
| Scan execution & result upload workflow | Ops Integrator, QA | Scanner cmd | DONE – scan run drives container scans against directories, emits artefacts in ResultsDirectory, auto-uploads on success, and scan upload covers manual retries. |
| Concelier DB operations passthrough | DevEx/CLI | Backend, Concelier APIs | DONE – `db fetch |
| CLI observability & tests | QA | Command host | DONE – Added console logging defaults & configuration bootstrap tests; future metrics hooks tracked separately. |
| Authority auth commands | DevEx/CLI | Auth libraries | DONE – auth login/logout/status wrap the shared auth client, manage token cache, and surface status messages. |
| Document authority workflow in CLI help & quickstart | Docs/CLI | Authority auth commands | DONE (2025-10-10) – CLI help now surfaces Authority config fields and docs/09 + docs/10 describe env vars, auth login/status flow, and cache location. |
| Authority whoami command | DevEx/CLI | Authority auth commands | DONE (2025-10-10) – Added auth whoami verb that displays subject/audience/expiry from cached tokens and handles opaque tokens gracefully. |
| Expose auth client resilience settings | DevEx/CLI | Auth libraries LIB5 | DONE (2025-10-10) – CLI options now bind resilience knobs, AddStellaOpsAuthClient honours them, and tests cover env overrides. |
| Document advanced Authority tuning | Docs/CLI | Expose auth client resilience settings | DONE (2025-10-10) – docs/09 and docs/10 describe retry/offline settings with env examples and point to the integration guide. |
| Surface password policy diagnostics in CLI output | DevEx/CLI, Security Guild | AUTHSEC-CRYPTO-02-004 | DONE (2025-10-15) – CLI startup runs the Authority plug-in analyzer, logs weakened password policy warnings with manifest paths, added unit tests (dotnet test src/StellaOps.Cli.Tests) and updated docs/09 with remediation guidance. |
EXCITITOR-CLI-01-001 – Add excititor command group |
DevEx/CLI | EXCITITOR-WEB-01-001 | TODO – Introduce excititor verb hierarchy (init/pull/resume/list-providers/export/verify/reconcile) forwarding to WebService with token auth and consistent exit codes. |
| EXCITITOR-CLI-01-002 – Export download & attestation UX | DevEx/CLI | EXCITITOR-CLI-01-001, EXCITITOR-EXPORT-01-001 | TODO – Display export metadata (sha256, size, Rekor link), support optional artifact download path, and handle cache hits gracefully. |
| EXCITITOR-CLI-01-003 – CLI docs & examples for Excititor | Docs/CLI | EXCITITOR-CLI-01-001 | TODO – Update docs/09_API_CLI_REFERENCE.md and quickstart snippets to cover Excititor verbs, offline guidance, and attestation verification workflow. |