stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
10212d67c0dfa0dd849fd798c24502b773664749
git.stella-ops.org/docs/implplan/SPRINT_203_cli_iii.md
master c2c6b58b41 feat: Add Promotion-Time Attestations for Stella Ops 
- Introduced a new document for promotion-time attestations, detailing the purpose, predicate schema, producer workflow, verification flow, APIs, and security considerations.
- Implemented the `stella.ops/promotion@v1` predicate schema to capture promotion evidence including image digest, SBOM/VEX artifacts, and Rekor proof.
- Defined producer responsibilities and workflows for CLI orchestration, signer responsibilities, and Export Center integration.
- Added verification steps for auditors to validate promotion attestations offline.

feat: Create Symbol Manifest v1 Specification

- Developed a specification for Symbol Manifest v1 to provide a deterministic format for publishing debug symbols and source maps.
- Defined the manifest structure, including schema, entries, source maps, toolchain, and provenance.
- Outlined upload and verification processes, resolve APIs, runtime proxy, caching, and offline bundle generation.
- Included security considerations and related tasks for implementation.

chore: Add Ruby Analyzer with Git Sources

- Created a Gemfile and Gemfile.lock for Ruby analyzer with dependencies on git-gem, httparty, and path-gem.
- Implemented main application logic to utilize the defined gems and output their versions.
- Added expected JSON output for the Ruby analyzer to validate the integration of the new gems and their functionalities.
- Developed internal observation classes for Ruby packages, runtime edges, and capabilities, including serialization logic for observations.

test: Add tests for Ruby Analyzer

- Created test fixtures for Ruby analyzer, including Gemfile, Gemfile.lock, main application, and expected JSON output.
- Ensured that the tests validate the correct integration and functionality of the Ruby analyzer with the specified gems.
2025-11-11 15:30:22 +02:00

4.4 KiB
Raw Blame History

Sprint 203 - Experience & SDKs · 180.A) Cli.III

Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).

[Experience & SDKs] 180.A) Cli.III Depends on: Sprint 180.A - Cli.II Summary: Experience & SDKs focus on Cli (phase III).

Task ID State Task description Owners (Source)
CLI-OBS-51-001 TODO Implement stella obs top command streaming service health metrics, SLO status, and burn-rate alerts with TUI view and JSON output. Dependencies: CLI-OBS-50-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-OBS-52-001 TODO Add stella obs trace <trace_id> and stella obs logs --from/--to commands that correlate timeline events, logs, and evidence links with pagination + guardrails. Dependencies: CLI-OBS-51-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-OBS-55-001 TODO Add `stella obs incident-mode enable. Dependencies: CLI-OBS-52-001. DevEx/CLI Guild, DevOps Guild (src/Cli/StellaOps.Cli)
CLI-ORCH-32-001 TODO Implement `stella orch sources DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-ORCH-33-001 TODO Add action verbs (`sources test. Dependencies: CLI-ORCH-32-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-ORCH-34-001 TODO Provide backfill wizard (--from/--to --dry-run), quota management (`quotas get. Dependencies: CLI-ORCH-33-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-PACKS-42-001 TODO Implement Task Pack commands (pack plan/run/push/pull/verify) with schema validation, expression sandbox, plan/simulate engine, remote execution. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-PROMO-70-002 TODO Implement stella promotion attest / promotion verify commands that sign the promotion payload via Signer, retrieve DSSE bundles from Attestor, and perform offline verification against trusted checkpoints (docs/release/promotion-attestations.md). Dependencies: CLI-PROMO-70-001. DevEx/CLI Guild, Provenance Guild (src/Cli/StellaOps.Cli)
CLI-DETER-70-004 TODO Add stella detscore report to summarise published determinism.json files (overall score, per-image matrix) and integrate with release notes/air-gap kits (docs/modules/scanner/determinism-score.md). Dependencies: CLI-DETER-70-003. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-PACKS-43-001 TODO Deliver advanced pack features (approvals pause/resume, secret injection, localization, man pages, offline cache). Dependencies: CLI-PACKS-42-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-PARITY-41-001 TODO Deliver parity command groups (policy, sbom, vuln, vex, advisory, export, orchestrator) with --explain, deterministic outputs, and parity matrix entries. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-PARITY-41-002 TODO Implement notify, aoc, auth command groups, idempotency keys, shell completions, config docs, and parity matrix export tooling. Dependencies: CLI-PARITY-41-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-SBOM-60-001 TODO Ship stella sbomer layer/compose verbs that capture per-layer fragments, run canonicalization, verify fragment DSSE, and emit _composition.json + Merkle diagnostics (ref docs/modules/scanner/deterministic-sbom-compose.md). Dependencies: CLI-PARITY-41-001, SCANNER-SURFACE-04. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-SBOM-60-002 TODO Add stella sbomer drift --explain + verify commands that rerun composition locally, highlight which arrays/keys broke determinism, and integrate with Offline Kit bundles. Dependencies: CLI-SBOM-60-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-POLICY-20-001 TODO Add `stella policy new DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-POLICY-23-004 TODO Add stella policy lint command validating SPL files with compiler diagnostics; support JSON output. Dependencies: CLI-POLICY-20-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)

2025-11-06: CLI enforces --version as mandatory and adds scheduled activation timestamp normalization tests while keeping exit codes intact. CLI-POLICY-23-006 | TODO | Provide stella policy history and stella policy explain commands to pull run history and explanation trees. Dependencies: CLI-POLICY-23-005. | DevEx/CLI Guild (src/Cli/StellaOps.Cli) CLI-POLICY-27-001 | TODO | Implement policy workspace commands (stella policy init, edit, lint, compile, test) with template selection, local cache, JSON output, and deterministic temp directories. Dependencies: CLI-POLICY-23-006. | DevEx/CLI Guild (src/Cli/StellaOps.Cli)