stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
108d1c64b323808d6085fca05818fc581c6b003a
git.stella-ops.org/docs/modules/zastava/AGENTS.md
StellaOps Bot 17d45a6d30
Some checks failed
Airgap Sealed CI Smoke / sealed-smoke (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details
feat: Implement Filesystem and MongoDB provenance writers for PackRun execution context 
- Added `FilesystemPackRunProvenanceWriter` to write provenance manifests to the filesystem.
- Introduced `MongoPackRunArtifactReader` to read artifacts from MongoDB.
- Created `MongoPackRunProvenanceWriter` to store provenance manifests in MongoDB.
- Developed unit tests for filesystem and MongoDB provenance writers.
- Established `ITimelineEventStore` and `ITimelineIngestionService` interfaces for timeline event handling.
- Implemented `TimelineIngestionService` to validate and persist timeline events with hashing.
- Created PostgreSQL schema and migration scripts for timeline indexing.
- Added dependency injection support for timeline indexer services.
- Developed tests for timeline ingestion and schema validation.
2025-11-30 15:38:14 +02:00

2.6 KiB
Raw Blame History

Zastava agent guide

Mission

Zastava monitors running workloads, verifies supply chain posture, and enforces runtime policy via Kubernetes admission webhooks.

Advisory Handling

  • Trigger: any new/updated advisory triggers doc + sprint updates; no approval required.
  • Docs: update high-level + detailed pages; inline only small snippets; put runnable/long code in docs/benchmarks/** or tests/** (deterministic/offline) and link.
  • Sprints: add tasks + Execution Log in the relevant SPRINT_*.md with doc paths/owners; add risks if schema/feed/transparency caps apply.
  • De-dup: check archived advisories; mark supersedes/extends where overlapping.
  • Defaults: hybrid reachability posture, deterministic/frozen feeds; execute immediately, then report.

Key docs

How to get started

  1. Open sprint file /docs/implplan/SPRINT_*.md and locate the stories referencing this module.
  2. Review ./TASKS.md for local follow-ups and confirm status transitions (TODO → DOING → DONE/BLOCKED).
  3. Read the architecture and README for domain context before editing code or docs.
  4. Coordinate cross-module changes in the main /AGENTS.md description and through the sprint plan.

Guardrails

  • Honour the Aggregation-Only Contract where applicable (see ../../ingestion/aggregation-only-contract.md).
  • Preserve determinism: sort outputs, normalise timestamps (UTC ISO-8601), and avoid machine-specific artefacts.
  • Keep Offline Kit parity in mind—document air-gapped workflows for any new feature.
  • Update runbooks/observability assets when operational characteristics change.

Required Reading

  • docs/modules/zastava/README.md
  • docs/modules/zastava/architecture.md
  • docs/modules/zastava/implementation_plan.md
  • docs/modules/platform/architecture-overview.md

Working Agreement

    1. Update task status to DOING/DONE in both correspoding sprint file /docs/implplan/SPRINT_*.md and the local TASKS.md when you start or finish work.
    1. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
    1. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
    1. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
    1. Revert to TODO if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.