stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
15b4a1de6a1b4e4b5b980fe08ed344dfe7336c0a
git.stella-ops.org/src/Policy/StellaOps.Policy.Engine/TASKS.completed.md
master 15b4a1de6a feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries 
- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys.
- Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations.
- Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.
2025-10-31 14:37:45 +02:00

3.7 KiB
Raw Blame History

Completed Tasks

ID Status Owner(s) Depends on Description Exit Criteria
POLICY-ENGINE-20-000 DONE (2025-10-26) Policy Guild, BE-Base Platform Guild POLICY-AOC-19-001 Spin up new StellaOps.Policy.Engine service project (minimal API host + worker), wire DI composition root, configuration binding, and Authority client scaffolding. New project builds/tests; registered in solution; bootstrap validates configuration; host template committed with compliance checklist.
POLICY-ENGINE-27-001 DONE (2025-10-31) Policy Guild, Security Guild AUTH-POLICY-27-001, POLICY-ENGINE-20-004 Replace legacy policy:write/submit scope usage across Policy Engine API/worker/scheduler clients with the new Policy Studio scope family (policy:author/review/approve/operate/audit/simulate), update bootstrap configuration and tests, and ensure RBAC denials surface deterministic errors. All configs/tests reference new scope set, integration tests cover missing-scope failures, CLI/docs samples updated, and CI guard prevents reintroduction of legacy scope names.
POLICY-GATEWAY-18-001 DONE (2025-10-27) Policy Gateway Strike Team POLICY-ENGINE-20-000 Bootstrap Policy Gateway host (StellaOps.Policy.Gateway) with configuration bootstrap, Authority resource-server auth, structured logging, health endpoints, and solution registration. Gateway project builds/tests, configuration validation wired, /healthz + /readyz exposed, logging uses standard format.
POLICY-ENGINE-70-001 DONE (2025-10-27) Policy Guild, Governance Guild POLICY-EXC-25-001 Implement exception evaluation layer: specificity resolution, effect application (suppress/defer/downgrade/require control), and integration with explain traces. Engine applies exceptions deterministically; unit/property tests cover precedence; explainer includes exception metadata.
POLICY-ENGINE-20-001 DONE (2025-10-26) Policy Guild, Language Infrastructure Guild POLICY-ENGINE-20-000 Implement stella-dsl@1 parser + IR compiler with grammar validation, syntax diagnostics, and checksum outputs for caching. DSL parser handles full grammar + error reporting; IR checksum stored with policy version; unit tests cover success/error paths.
POLICY-GATEWAY-18-002 DONE (2025-10-27) Policy Gateway Strike Team POLICY-GATEWAY-18-001 Implement proxy routes for policy packs/revisions (GET/POST /api/policy/packs, /revisions) with scope enforcement (policy:read, policy:edit) and deterministic DTOs. Endpoints proxy to Policy Engine, unit tests cover happy/error paths, unauthorized requests rejected correctly.
POLICY-GATEWAY-18-003 DONE (2025-10-27) Policy Gateway Strike Team POLICY-GATEWAY-18-002 Implement activation proxy (POST /api/policy/packs/{packId}/revisions/{version}:activate) supporting single/two-person flows, returning 202 when awaiting second approval, and emitting structured logs/metrics. Activation responses match Policy Engine contract, logs include tenant/actor/pack info, metrics published for outcomes.
POLICY-GATEWAY-18-004 DONE (2025-10-27) Policy Gateway Strike Team POLICY-GATEWAY-18-001 Add typed HttpClient for Policy Engine with DPoP client credentials, retry/backoff, and consistent error mapping to ProblemDetails. HttpClient registered with resilient pipeline, integration tests verify error translation and token usage.
POLICY-GATEWAY-18-005 DONE (2025-10-27) Policy Gateway Strike Team POLICY-GATEWAY-18-002, POLICY-GATEWAY-18-003 Update docs/offline kit configs with new gateway service, sample curl commands, and CLI/UI integration guidance. Docs merged, Offline Kit includes gateway config, verification script updated, release notes prepared.