233873f620
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Reachability Corpus Validation / validate-corpus (push) Has been cancelled
Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Reachability Corpus Validation / determinism-check (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
48 lines
2.4 KiB
Markdown
48 lines
2.4 KiB
Markdown
# StellaOps Console UI
|
||
|
||
The Console presents operator dashboards for scans, policies, VEX evidence, runtime posture, and admin workflows.
|
||
|
||
## Latest updates (2025-11-30)
|
||
- Docs refreshed per `docs/implplan/SPRINT_0331_0001_0001_docs_modules_ui.md`; added observability runbook stub and TASKS mirror.
|
||
- Access-control guidance from 2025-11-03 remains valid; ensure Authority scopes are verified before enabling uploads.
|
||
|
||
## Responsibilities
|
||
- Render real-time status for ingestion, scanning, policy, and exports via SSE.
|
||
- Provide policy editor, SBOM explorer, and advisory views with accessibility compliance.
|
||
- Integrate with Authority for fresh-auth and scope enforcement.
|
||
- Support offline bundles with deterministic build outputs.
|
||
|
||
## Key components
|
||
- Angular 17 workspace under `src/Web/StellaOps.Web`.
|
||
- Signals-based state management with `@ngrx/signals` store.
|
||
- API client generator (`core/api`).
|
||
|
||
## Integrations & dependencies
|
||
- Backend APIs (Scanner, Policy, Notify, Export Center, Attestor).
|
||
- Authority for DPoP-protected calls.
|
||
- Telemetry streams for observability dashboards.
|
||
|
||
## Operational notes
|
||
- Auth smoke tests in `operations/auth-smoke.md`.
|
||
- Observability runbook + dashboard stub in `operations/observability.md` and `operations/dashboards/console-ui-observability.json` (offline import).
|
||
- Console architecture doc for layout and SSE fan-out.
|
||
- Accessibility and security guides in ../../ui/ & ../../security/.
|
||
|
||
## Related resources
|
||
- ./operations/auth-smoke.md
|
||
- ./operations/observability.md
|
||
- ./console-architecture.md
|
||
|
||
## Backlog references
|
||
- DOCS-CONSOLE-23-001 … DOCS-CONSOLE-23-003 baseline (done).
|
||
- CONSOLE-OBS-52-001 tasks for observability updates.
|
||
|
||
## Epic alignment
|
||
- **Epic 2 – Policy Engine & Editor:** deliver deterministic policy authoring, simulation, and explain UX.
|
||
- **Epic 4 – Policy Studio:** implement registry workspace, approvals, and promotion workflows.
|
||
- **Epic 5 – SBOM Graph Explorer:** surface graph navigation, overlays, and diff tools.
|
||
- **Epic 6 – Vulnerability Explorer:** provide triage dashboards, findings ledger views, and audit exports.
|
||
- **Epic 8 – Advisory AI:** embed advisory summaries, explanations, and remediation hints with citations.
|
||
- **Epic 9 – Orchestrator Dashboard:** expose source/job monitoring with throttling and replay controls.
|
||
- **Epic 11 – Notifications Studio:** deliver notifications workspace with rule/channel previews and audits.
|