stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
17613acf57402a4e1da74a13e1c61449478f2e8d
git.stella-ops.org/docs/modules/concelier/README.md
StellaOps Bot 0103defcff docs consolidation work
2025-12-25 19:09:48 +02:00

78 lines
4.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# StellaOps Concelier
Concelier ingests signed advisories from **32 advisory connectors** and converts them into immutable observations plus linksets under the Aggregation-Only Contract (AOC).
**Advisory Sources (32 connectors):**
- **National CERTs (8):** ACSC (Australia), CCCS (Canada), CERT-Bund (Germany), CERT-CC (US), CERT-FR (France), CERT-IN (India), JVN (Japan), KISA (Korea)
- **OS Distros (5):** Alpine SecDB, Debian Security Tracker, RedHat OVAL, SUSE OVAL, Ubuntu USN
- **Vendors (7):** Apple, Adobe, Chromium, Cisco PSIRT, Microsoft MSRC, Oracle, VMware
- **Standards (5):** CVE, NVD, GHSA (GitHub), OSV, EPSS v4
- **Threat Intel (3):** KEV (CISA Exploited Vulns), CISA ICS, Kaspersky ICS
- **Regional (3):** Russia BDU, Russia NKCKI, Plus regional mirrors
- **Internal (1):** StellaOps internal mirror
## Responsibilities
- Fetch and normalise vulnerability advisories via restart-time connectors.
- Persist observations and correlation linksets without precedence decisions.
- Emit deterministic exports (JSON, Trivy DB) for downstream policy evaluation.
- Coordinate offline/air-gap updates via Offline Kit bundles.
- Serve paragraph-anchored advisory chunks for Advisory AI consumers without breaking the Aggregation-Only Contract.
## Key components
- `StellaOps.Concelier.WebService` orchestration host.
- Connector libraries under `StellaOps.Concelier.Connector.*`.
- Exporter packages (`StellaOps.Concelier.Exporter.*`).
## Recent updates
- **2025-11-07:** Paragraph-anchored `/advisories/{advisoryKey}/chunks` endpoint shipped for Advisory AI paragraph retrieval. Details and rollout notes live in [`../../implplan/archived/updates/2025-11-07-concelier-advisory-chunks.md`](../../implplan/archived/updates/2025-11-07-concelier-advisory-chunks.md).
## Integrations & dependencies
- PostgreSQL (schema `vuln`) for canonical observations and schedules.
- Policy Engine / Export Center / CLI for evidence consumption.
- Notify and UI for advisory deltas.
## Operational notes
- Connector runbooks in ./operations/connectors/.
- Mirror operations for Offline Kit parity.
- Grafana dashboards for connector health.
- **Authority toggle rollout (2025-10-22 update).** Follow the phased table and audit checklist in `../../10_CONCELIER_CLI_QUICKSTART.md` when enabling `authority.enabled`/`authority.allowAnonymousFallback`, and cross-check the refreshed `./operations/authority-audit-runbook.md` before enforcement.
## Related resources
- ./operations/conflict-resolution.md
- ./operations/mirror.md
- ./operations/authority-audit-runbook.md
- ../../10_CONCELIER_CLI_QUICKSTART.md (authority integration timeline & smoke tests)
## Backlog references
- DOCS-LNM-22-001, DOCS-LNM-22-007 in ../../TASKS.md.
- Connector-specific TODOs in `src/Concelier/**/TASKS.md`.
## Epic alignment
- **Epic 1 AOC enforcement:** uphold raw observation invariants, provenance requirements, linkset-only enrichment, and AOC verifier guardrails across every connector.
- **Epic 10 Export Center:** expose deterministic advisory exports and metadata required by JSON/Trivy/mirror bundles.
## Implementation Status
**Delivery Phases:**
- Phase 1 (Guardrails & schema) PostgreSQL validators, AOCWriteGuard interceptor, deterministic linkset builders operational
- Phase 2 (API & observability) Ingestion/verification endpoints with Authority scopes, telemetry, Offline Kit packaging
- Phase 3 (Experience polish) CLI/Console affordances, Export Center hand-off metadata, CI enforcement
**Acceptance Criteria:**
- PostgreSQL validators and runtime guards reject forbidden fields and missing provenance with ERR_AOC_00x codes
- Linksets and supersedes chains deterministic; identical payloads yield byte-identical documents
- CLI `stella aoc verify` exits non-zero on violations, zero on clean datasets
- Export Center consumes advisory datasets without legacy normalized fields
- CI fails on lint violations or guard test regressions
**Key Risks & Mitigations:**
- Collector drift: guard middleware + CI lint + schema validation; RFC required for linkset changes
- Migration complexity: staged cutover with backup copies, temporary views for Policy Engine parity
- Performance overhead: guard remains O(number of keys), index review for insert latency targets
- Tenancy leakage: tenant required in schema, Authority claims enforced, observability alerts
**Recent Milestones:**
- Sprint 110 attestation chain validated, evidence bundle tests green
- Link-Not-Merge cache and console consumption docs frozen
- Observation events transport reviewed, NATS/air-gap guidance updated
Reference in New Issue View Git Blame Copy Permalink