stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
1d962ee6fc98ad8c53715bbff6d513246f5b1361
git.stella-ops.org/docs/modules/attestor/ttl-validation.md
master f98cea3bcf Add Authority Advisory AI and API Lifecycle Configuration 
- Introduced AuthorityAdvisoryAiOptions and related classes for managing advisory AI configurations, including remote inference options and tenant-specific settings.
- Added AuthorityApiLifecycleOptions to control API lifecycle settings, including legacy OAuth endpoint configurations.
- Implemented validation and normalization methods for both advisory AI and API lifecycle options to ensure proper configuration.
- Created AuthorityNotificationsOptions and its related classes for managing notification settings, including ack tokens, webhooks, and escalation options.
- Developed IssuerDirectoryClient and related models for interacting with the issuer directory service, including caching mechanisms and HTTP client configurations.
- Added support for dependency injection through ServiceCollectionExtensions for the Issuer Directory Client.
- Updated project file to include necessary package references for the new Issuer Directory Client library.
2025-11-02 13:50:25 +02:00

1.9 KiB
Raw Blame History

Attestor TTL Validation Runbook

Purpose: confirm MongoDB TTL indexes and Redis expirations for the attestation dedupe store behave as expected on a production-like stack.

Prerequisites

  • Docker Desktop or compatible daemon with the Compose plugin enabled.
  • Local ports 27017 and 6379 free.
  • dotnet SDK 10.0 preview (same as repo toolchain).
  • Network access to pull mongo:7 and redis:7 images.

Quickstart

  1. From the repo root export any required proxy settings, then run

    scripts/run-attestor-ttl-validation.sh

    The helper script:

    • Spins up mongo:7 and redis:7 containers.
    • Sets ATTESTOR_LIVE_MONGO_URI / ATTESTOR_LIVE_REDIS_URI.
    • Executes the live TTL test suite (Category=LiveTTL) in StellaOps.Attestor.Tests.
    • Tears the stack down automatically.

  2. Capture the test output (ttl-validation-<timestamp>.log) and attach it to the sprint evidence folder (docs/modules/attestor/evidence/).

Result handling

  • Success: Tests complete in ~34 minutes with Total tests: 2, Passed: 2. Store the log and note the run in SPRINT_100_identity_signing.md under ATTESTOR-72-003.
  • Failure: Preserve:
    • docker compose logs for both services.
    • mongosh output of db.dedupe.getIndexes() and sample documents.
    • redis-cli --raw ttl attestor:ttl:live:bundle:<id>. File an incident in the Attestor Guild channel and link the captured artifacts.

Manual verification (optional)

If the helper script cannot be used:

  1. Start MongoDB and Redis manually with equivalent configuration.
  2. Set ATTESTOR_LIVE_MONGO_URI and ATTESTOR_LIVE_REDIS_URI.
  3. Run dotnet test src/Attestor/StellaOps.Attestor.sln --no-build --filter "Category=LiveTTL".
  4. Follow the evidence handling steps above.

Ownership

  • Primary: Attestor Service Guild.
  • Partner: QA Guild (observes TTL metrics, confirms evidence archiving).