stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
2de8d1784bc8e846ca9f320ddd99582b0d441582
git.stella-ops.org/docs/modules/signer/AGENTS.md
master 2de8d1784b
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
new advisories
2025-11-23 23:38:25 +02:00

2.5 KiB
Raw Blame History

Signer agent guide

Mission

Signer validates callers, enforces Proof-of-Entitlement, and produces signed DSSE bundles for SBOMs, reports, and exports.

Advisory Handling

  • Any new/updated advisory triggers immediate doc + sprint updates; no approval.
  • Update high-level + detailed docs; inline only short snippets; put runnable/long code in docs/benchmarks/** or tests/** (deterministic/offline) and link.
  • Add tasks + Execution Log entries in relevant SPRINT_*.md with doc paths/owners; add risks if schema/feed/transparency caps apply.
  • Check archived advisories; mark supersedes/extends if overlapping.
  • Defaults: hybrid reachability (graph DSSE required; edge-bundle optional), deterministic/frozen feeds; act first, report after.

Key docs

How to get started

  1. Open sprint file /docs/implplan/SPRINT_*.md and locate the stories referencing this module.
  2. Review ./TASKS.md for local follow-ups and confirm status transitions (TODO → DOING → DONE/BLOCKED).
  3. Read the architecture and README for domain context before editing code or docs.
  4. Coordinate cross-module changes in the main /AGENTS.md description and through the sprint plan.

Guardrails

  • Honour the Aggregation-Only Contract where applicable (see ../../ingestion/aggregation-only-contract.md).
  • Preserve determinism: sort outputs, normalise timestamps (UTC ISO-8601), and avoid machine-specific artefacts.
  • Keep Offline Kit parity in mind—document air-gapped workflows for any new feature.
  • Update runbooks/observability assets when operational characteristics change.

Required Reading

  • docs/modules/signer/README.md
  • docs/modules/signer/architecture.md
  • docs/modules/signer/implementation_plan.md
  • docs/modules/platform/architecture-overview.md

Working Agreement

    1. Update task status to DOING/DONE in both correspoding sprint file /docs/implplan/SPRINT_*.md and the local TASKS.md when you start or finish work.
    1. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
    1. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
    1. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
    1. Revert to TODO if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.