stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
09b6a28172e715f87decf24a587bd33a3215bad3
git.stella-ops.org/ops/devops/TASKS.md

2.9 KiB
Raw Blame History

DevOps Task Board

ID Status Owner(s) Depends on Description Exit Criteria
DEVOPS-HELM-09-001 DONE DevOps Guild SCANNER-WEB-09-101 Create Helm/Compose environment profiles (dev, staging, airgap) with deterministic digests. Profiles committed under deploy/; docs updated; CI smoke deploy passes.
DEVOPS-SCANNER-09-204 TODO DevOps Guild, Scanner WebService Guild SCANNER-EVENTS-15-201 Surface SCANNER__EVENTS__* environment variables across docker-compose (dev/stage/airgap) and Helm values, defaulting to share the Redis queue DSN. Compose/Helm configs ship enabled Redis event publishing with documented overrides; lint jobs updated; docs cross-link to new knobs.
DEVOPS-SCANNER-09-205 TODO DevOps Guild, Notify Guild DEVOPS-SCANNER-09-204 Add Notify smoke stage that tails the Redis stream and asserts scanner.report.ready/scanner.scan.completed reach Notify WebService in staging. CI job reads Redis stream during scanner smoke deploy, confirms Notify ingestion via API, alerts on failure.
DEVOPS-PERF-10-001 DONE DevOps Guild BENCH-SCANNER-10-001 Add perf smoke job (SBOM compose <5s target) to CI. CI job runs sample build verifying <5s; alerts configured.
DEVOPS-PERF-10-002 TODO DevOps Guild BENCH-SCANNER-10-002 Publish analyzer bench metrics to Grafana/perf workbook and alarm on ≥20% regressions. CI exports JSON for dashboards; Grafana panel wired; Ops on-call doc updated with alert hook.
DEVOPS-REL-14-001 TODO DevOps Guild SIGNER-API-11-101, ATTESTOR-API-11-201 Deterministic build/release pipeline with SBOM/provenance, signing, manifest generation. CI pipeline produces signed images + SBOM/attestations, manifests published with verified hashes, docs updated.
DEVOPS-REL-17-002 TODO DevOps Guild DEVOPS-REL-14-001, SCANNER-EMIT-17-701 Persist stripped-debug artifacts organised by GNU build-id and bundle them into release/offline kits with checksum manifests. CI job writes .debug files under artifacts/debug/.build-id/, manifest + checksums published, offline kit includes cache, smoke job proves symbol lookup via build-id.
DEVOPS-MIRROR-08-001 DONE (2025-10-19) DevOps Guild DEVOPS-REL-14-001 Stand up managed mirror profiles for *.stella-ops.org (Concelier/Excititor), including Helm/Compose overlays, multi-tenant secrets, CDN caching, and sync documentation. Infra overlays committed, CI smoke deploy hits mirror endpoints, runbooks published for downstream sync and quota management.
DEVOPS-SEC-10-301 DOING (2025-10-19) DevOps Guild Wave 0A complete Address NU1902/NU1903 advisories for MongoDB.Driver 2.12.0 and SharpCompress 0.23.0 surfaced during scanner cache and worker test runs. Dependencies bumped to patched releases, audit logs free of NU1902/NU1903 warnings, regression tests green, change log documents upgrade guidance.