stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
226 Commits 2 Branches 0 Tags
347c88342c00aa12416c7711c3d7c7c52b344d87
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
StellaOps Bot 347c88342c Add draft skeletons for various documentation topics 
- Created draft documentation for enabling reachability, CLI authentication, EntryTrace heuristics, Go stripped binaries, Java and Python lockfiles, Rust fingerprint enrichment, SAST integration, Windows/macOS analyzer coverage, scanner engine surface, multi-tenancy operations, RLS and data isolation, ABAC overlays, VEX trust model, VEX ops runbook, VEX mapping, scopes and roles, tenancy overview, VEX signatures, contract testing, VEX consensus algorithm, VEX consensus API, VEX consensus console, VEX consensus overview, and VEX issuer directory.
- Each document includes a status placeholder, purpose, and open TODOs for future updates.
2025-12-05 21:23:21 +02:00
.claude
Add signal contracts for reachability, exploitability, trust, and unknown symbols
2025-12-05 00:27:00 +02:00
.gitea/workflows
Add unit tests for Router configuration and transport layers
2025-12-05 08:01:47 +02:00
.nuget/packages
nuget update
2025-11-25 07:44:18 +02:00
.nuget-cache/microsoft.extensions.logging.abstractions/10.0.0-rc.2.25502.107
feat(graph-api): Add schema review notes for upcoming Graph API changes
2025-11-22 19:22:30 +02:00
.venv
Add signal contracts for reachability, exploitability, trust, and unknown symbols
2025-12-05 00:27:00 +02:00
bench
Add receipt input JSON and SHA256 hash for CVSS policy scoring tests
2025-12-04 07:30:42 +02:00
certificates
tam
2025-10-12 20:42:07 +00:00
deploy
Add tests and implement timeline ingestion options with NATS and Redis subscribers
2025-12-03 09:46:48 +02:00
docs
Add draft skeletons for various documentation topics
2025-12-05 21:23:21 +02:00
etc
Add unit tests for Router configuration and transport layers
2025-12-05 08:01:47 +02:00
evidence-locker
Add unit tests and logging infrastructure for InMemory and RabbitMQ transports
2025-12-05 09:38:45 +02:00
examples/router
Add unit tests for Router configuration and transport layers
2025-12-05 08:01:47 +02:00
helm/signals
up
2025-11-25 22:09:44 +02:00
local-nugets
work
2025-11-23 23:40:10 +02:00
logs
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
offline
Add signal contracts for reachability, exploitability, trust, and unknown symbols
2025-12-05 00:27:00 +02:00
ops
Add tests and implement timeline ingestion options with NATS and Redis subscribers
2025-12-03 09:46:48 +02:00
out
Add tests and implement timeline ingestion options with NATS and Redis subscribers
2025-12-03 09:46:48 +02:00
plugins
up
2025-12-01 21:16:22 +02:00
samples
up
2025-12-03 00:10:19 +02:00
scripts
Add unit tests and logging infrastructure for InMemory and RabbitMQ transports
2025-12-05 09:38:45 +02:00
seed-data
feat: Add Promotion-Time Attestations for Stella Ops
2025-11-11 15:30:22 +02:00
src
Add unit tests and logging infrastructure for InMemory and RabbitMQ transports
2025-12-05 09:38:45 +02:00
tests
Add unit tests for Router configuration and transport layers
2025-12-05 08:01:47 +02:00
third_party/forks/AlexMAS.GostCryptography
up
2025-11-26 07:47:08 +02:00
third-party-licenses
Add Ruby language analyzer and related functionality
2025-11-03 01:15:43 +02:00
tools
Add unit tests for Router configuration and transport layers
2025-12-05 08:01:47 +02:00
vendor
feat: Add new provenance and crypto registry documentation
2025-11-18 23:47:13 +02:00
.editorconfig
feat: Add new provenance and crypto registry documentation
2025-11-18 23:47:13 +02:00
.gitattributes
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
.gitignore
up
2025-11-27 07:46:56 +02:00
.spectral.yaml
up
2025-11-27 07:46:56 +02:00
AGENTS.md
up
2025-11-29 01:35:49 +02:00
CLAUDE.md
up
2025-11-29 01:35:49 +02:00
concelier-webservice.slnf
feat: Add MongoIdempotencyStoreOptions for MongoDB configuration
2025-11-22 16:42:56 +02:00
Consolidates
feat: Add comprehensive product advisories for improved scanner functionality
2025-11-17 00:09:26 +02:00
Derived
feat: Add comprehensive product advisories for improved scanner functionality
2025-11-17 00:09:26 +02:00
Directory.Build.props
fix: Correct local NuGet source paths in project files and update verification script comments
2025-11-19 00:20:28 +02:00
Directory.Build.rsp
nuget reorganization
2025-11-18 23:45:25 +02:00
global.json
Add tests and implement timeline ingestion options with NATS and Redis subscribers
2025-12-03 09:46:48 +02:00
LICENSE
Initial commit (history squashed)
2025-10-11 23:28:35 +03:00
mirror-thin-v1.manifest.json
blockers 2
2025-11-23 14:54:17 +02:00
NOTICE.md
Add Ruby language analyzer and related functionality
2025-11-03 01:15:43 +02:00
NuGet.config
Add integration tests for migration categories and execution
2025-12-04 19:10:54 +02:00
package-lock.json
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
package.json
up
2025-11-27 07:46:56 +02:00
README.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00
stdout
Add receipt input JSON and SHA256 hash for CVSS policy scoring tests
2025-12-04 07:30:42 +02:00
StellaOps.Router.slnx
Implement InMemory Transport Layer for StellaOps Router
2025-12-05 01:00:10 +02:00

README.md

StellaOps Concelier & CLI

This repository hosts the StellaOps Concelier service, its plug-in ecosystem, and the first-party CLI (stellaops-cli). Concelier ingests vulnerability advisories from authoritative sources, stores them in MongoDB, and exports deterministic JSON and Trivy DB artefacts. The CLI drives scanner distribution, scan execution, and job control against the Concelier API.

Quickstart

  1. Prepare a MongoDB instance and (optionally) install trivy-db/oras.
  2. Copy etc/concelier.yaml.sample to etc/concelier.yaml and update the storage + telemetry settings.
  3. Copy etc/authority.yaml.sample to etc/authority.yaml, review the issuer, token lifetimes, and plug-in descriptors, then edit the companion manifests under etc/authority.plugins/*.yaml to match your deployment.
  4. Start the web service with dotnet run --project src/Concelier/StellaOps.Concelier.WebService.
  5. Configure the CLI via environment variables (e.g. STELLAOPS_BACKEND_URL) and trigger jobs with dotnet run --project src/Cli/StellaOps.Cli -- db merge.

Detailed operator guidance is available in docs/10_CONCELIER_CLI_QUICKSTART.md. API and command reference material lives in docs/09_API_CLI_REFERENCE.md.

Pipeline note: deployment workflows should template etc/concelier.yaml during CI/CD, injecting environment-specific Mongo credentials and telemetry endpoints. Upcoming releases will add Microsoft OAuth (Entra ID) authentication support—track the quickstart for integration steps once available.

Documentation

  • docs/README.md now consolidates the platform index and points to the updated high-level architecture.
  • Module architecture dossiers now live under docs/modules/<module>/. The most relevant here are docs/modules/concelier/ARCHITECTURE.md (service layout, merge engine, exports) and docs/modules/cli/ARCHITECTURE.md (command surface, AOT packaging, auth flows). Related services such as the Signer, Attestor, Authority, Scanner, UI, Excititor, Zastava, and DevOps pipeline each have their own dossier in the same hierarchy.
  • Offline operation guidance moved to docs/24_OFFLINE_KIT.md, which details bundle composition, verification, and delta workflows. Concelier-specific connector operations stay in docs/modules/concelier/operations/connectors/*.md with companion runbooks in docs/modules/concelier/operations/.
Description
No description provided
Readme AGPL-3.0 2.8 GiB
Languages
C# 91.7%
TypeScript 4.3%
Python 1%
Shell 0.8%
HTML 0.7%
Other 1.3%