stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
Files
10212d67c0dfa0dd849fd798c24502b773664749
git.stella-ops.org/docs/implplan/SPRINT_0510_0001_0001_airgap.md
master 10212d67c0
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
api-governance / spectral-lint (push) Has been cancelled
Details
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00

8.5 KiB
Raw Blame History

Sprint 0510 · Ops & Offline · AirGap (190.E)

Topic & Scope

  • Implement air-gap controller/importer/time components: seal/unseal state machine, status APIs, importer verification, and time-anchor telemetry for offline bundles.
  • Align with platform sealed-mode posture and ensure deterministic verification paths for offline kits.
  • Working directory: src/AirGap.

Dependencies & Concurrency

  • Upstream: Attestor/Authority scopes for airgap:*, Offline Kit bundle formats, DevOps sealed-mode pipeline outputs.
  • AirGap Importer depends on Bundle trust roots and TUF metadata from release pipelines.

Documentation Prerequisites

  • docs/07_HIGH_LEVEL_ARCHITECTURE.md
  • docs/modules/platform/architecture-overview.md
  • docs/modules/devops/architecture.md
  • docs/modules/airgap/airgap-mode.md (if present)

Delivery Tracker

# Task ID Status Key dependency / next step Owners Task Definition
P1 PREP-AIRGAP-CTL-56-001-CONTROLLER-PROJECT-SCA TODO Due 2025-11-26 · Accountable: AirGap Controller Guild AirGap Controller Guild Controller project scaffold missing; need baseline service skeleton.

Document artefact/deliverable for AIRGAP-CTL-56-001 and publish location so downstream tasks can proceed.
P2 PREP-AIRGAP-CTL-56-002-BLOCKED-ON-56-001-SCAF TODO Due 2025-11-26 · Accountable: AirGap Controller Guild · DevOps Guild AirGap Controller Guild · DevOps Guild Blocked on 56-001 scaffolding.

Document artefact/deliverable for AIRGAP-CTL-56-002 and publish location so downstream tasks can proceed.
P3 PREP-AIRGAP-CTL-57-001-BLOCKED-ON-56-002 TODO Due 2025-11-26 · Accountable: AirGap Controller Guild AirGap Controller Guild Blocked on 56-002.

Document artefact/deliverable for AIRGAP-CTL-57-001, AIRGAP-IMP-57-001 and publish location so downstream tasks can proceed.
P4 PREP-AIRGAP-CTL-57-002-BLOCKED-ON-57-001 TODO Due 2025-11-26 · Accountable: AirGap Controller Guild · Observability Guild AirGap Controller Guild · Observability Guild Blocked on 57-001.

Document artefact/deliverable for AIRGAP-CTL-57-002, AIRGAP-IMP-57-002, AIRGAP-TIME-57-002 and publish location so downstream tasks can proceed.
P5 PREP-AIRGAP-CTL-58-001-BLOCKED-ON-57-002 TODO Due 2025-11-26 · Accountable: AirGap Controller Guild · AirGap Time Guild AirGap Controller Guild · AirGap Time Guild Blocked on 57-002.

Document artefact/deliverable for AIRGAP-CTL-58-001, AIRGAP-IMP-58-001, AIRGAP-TIME-58-001 and publish location so downstream tasks can proceed.
P6 PREP-AIRGAP-IMP-56-001-IMPORTER-PROJECT-SCAFF TODO Due 2025-11-26 · Accountable: AirGap Importer Guild AirGap Importer Guild Importer project scaffold missing; need trust-root inputs.

Document artefact/deliverable for AIRGAP-IMP-56-001 and publish location so downstream tasks can proceed.
P7 PREP-AIRGAP-IMP-56-002-BLOCKED-ON-56-001 TODO Due 2025-11-26 · Accountable: AirGap Importer Guild · Security Guild AirGap Importer Guild · Security Guild Blocked on 56-001.

Document artefact/deliverable for AIRGAP-IMP-56-002 and publish location so downstream tasks can proceed.
P8 PREP-AIRGAP-IMP-58-002-BLOCKED-ON-58-001 TODO Due 2025-11-26 · Accountable: AirGap Importer Guild · Observability Guild AirGap Importer Guild · Observability Guild Blocked on 58-001.

Document artefact/deliverable for AIRGAP-IMP-58-002, AIRGAP-TIME-58-002 and publish location so downstream tasks can proceed.
P9 PREP-AIRGAP-TIME-57-001-TIME-COMPONENT-SCAFFO TODO Due 2025-11-26 · Accountable: AirGap Time Guild AirGap Time Guild Time component scaffold missing; need token format decision.

Document artefact/deliverable for AIRGAP-TIME-57-001 and publish location so downstream tasks can proceed.
1 AIRGAP-CTL-56-001 BLOCKED PREP-AIRGAP-CTL-56-001-CONTROLLER-PROJECT-SCA AirGap Controller Guild Implement airgap_state persistence, seal/unseal state machine, and Authority scope checks (airgap:seal, airgap:status:read).
2 AIRGAP-CTL-56-002 BLOCKED PREP-AIRGAP-CTL-56-002-BLOCKED-ON-56-001-SCAF AirGap Controller Guild · DevOps Guild Expose GET /system/airgap/status, POST /system/airgap/seal, integrate policy hash validation, and return staleness/time anchor placeholders.
3 AIRGAP-CTL-57-001 BLOCKED PREP-AIRGAP-CTL-57-001-BLOCKED-ON-56-002 AirGap Controller Guild Add startup diagnostics that block application run when sealed flag set but egress policies missing; emit audit + telemetry.
4 AIRGAP-CTL-57-002 BLOCKED PREP-AIRGAP-CTL-57-002-BLOCKED-ON-57-001 AirGap Controller Guild · Observability Guild Instrument seal/unseal events with trace/log fields and timeline emission (airgap.sealed, airgap.unsealed).
5 AIRGAP-CTL-58-001 BLOCKED PREP-AIRGAP-CTL-58-001-BLOCKED-ON-57-002 AirGap Controller Guild · AirGap Time Guild Persist time anchor metadata, compute drift seconds, and surface staleness budgets in status API.
6 AIRGAP-IMP-56-001 BLOCKED PREP-AIRGAP-IMP-56-001-IMPORTER-PROJECT-SCAFF AirGap Importer Guild Implement DSSE verification helpers, TUF metadata parser (root.json, snapshot.json, timestamp.json), and Merkle root calculator.
7 AIRGAP-IMP-56-002 BLOCKED PREP-AIRGAP-IMP-56-002-BLOCKED-ON-56-001 AirGap Importer Guild · Security Guild Introduce root rotation policy validation (dual approval) and signer trust store management.
8 AIRGAP-IMP-57-001 BLOCKED PREP-AIRGAP-CTL-57-001-BLOCKED-ON-56-002 AirGap Importer Guild Write bundle_catalog and bundle_items repositories with RLS + deterministic migrations.
9 AIRGAP-IMP-57-002 BLOCKED PREP-AIRGAP-CTL-57-002-BLOCKED-ON-57-001 AirGap Importer Guild · DevOps Guild Implement object-store loader storing artifacts under tenant/global mirror paths with Zstandard decompression and checksum validation.
10 AIRGAP-IMP-58-001 BLOCKED PREP-AIRGAP-CTL-58-001-BLOCKED-ON-57-002 AirGap Importer Guild · CLI Guild Implement API (POST /airgap/import, /airgap/verify) and CLI commands wiring verification + catalog updates, including diff preview.
11 AIRGAP-IMP-58-002 BLOCKED PREP-AIRGAP-IMP-58-002-BLOCKED-ON-58-001 AirGap Importer Guild · Observability Guild Emit timeline events (airgap.import.started, airgap.import.completed) with staleness metrics.
12 AIRGAP-TIME-57-001 BLOCKED PREP-AIRGAP-TIME-57-001-TIME-COMPONENT-SCAFFO AirGap Time Guild Implement signed time token parser (Roughtime/RFC3161), verify signatures against bundle trust roots, and expose normalized anchor representation.
13 AIRGAP-TIME-57-002 BLOCKED PREP-AIRGAP-CTL-57-002-BLOCKED-ON-57-001 AirGap Time Guild · Observability Guild Add telemetry counters for time anchors (airgap_time_anchor_age_seconds) and alerts for approaching thresholds.
14 AIRGAP-TIME-58-001 BLOCKED PREP-AIRGAP-CTL-58-001-BLOCKED-ON-57-002 AirGap Time Guild Persist drift baseline, compute per-content staleness (advisories, VEX, policy) based on bundle metadata, and surface through controller status API.
15 AIRGAP-TIME-58-002 BLOCKED PREP-AIRGAP-IMP-58-002-BLOCKED-ON-58-001 AirGap Time Guild · Notifications Guild Emit notifications and timeline events when staleness budgets breached or approaching.

Execution Log

Date (UTC) Update Owner
2025-11-19 Assigned PREP owners/dates; see Delivery Tracker. Planning
2025-11-18 Marked all AIRGAP controller/importer/time tasks BLOCKED: no project scaffolds exist under src/AirGap; need baseline service skeletons and token format decisions before implementation. Ops/Docs
2025-11-18 Normalised sprint to standard template; renamed from SPRINT_510_airgap.md. Ops/Docs

Decisions & Risks

  • Seal/unseal + importer rely on release pipeline outputs (trust roots, manifests); delays there delay this sprint.
  • Time anchor parsing depends on chosen token format (Roughtime vs RFC3161); must be confirmed with AirGap Time Guild.
  • Offline posture: ensure all verification runs without egress; CMK/KMS access must have offline-friendly configs.

Next Checkpoints

  • 2025-11-20 · Confirm time token format and trust root delivery shape. Owner: AirGap Time Guild.
  • 2025-11-22 · Align on seal/unseal Authority scopes and baseline policy hash inputs. Owner: AirGap Controller Guild.
  • 2025-11-25 · Verify release pipeline exposes TUF metadata paths for importer (AIRGAP-IMP-56-001). Owner: AirGap Importer Guild.