stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
4d8a48a05fe5eb1d0305a090defc70cd70d51a72
git.stella-ops.org/docs/quickstart.md
master 534aabfa2a First-time user experience fixes and platform contract repairs 
FTUX fixes (Sprint 316-001):
- Remove all hardcoded fake data from dashboard — fresh installs show
  honest setup guide instead of fake crisis data (5 fake criticals gone)
- Curate advisory source defaults: 32 sources disabled by default
  (ecosystem, geo-restricted, exploit, hardware, mirror). ~43 core
  sources remain enabled. StellaOps Mirror no longer enabled at priority 1.
- Filter Mirror-category sources from Create Domain wizard to prevent
  circular mirror-from-mirror chains
- Add 404 catch-all route — unknown URLs show "Page Not Found" instead
  of silently rendering the dashboard
- Fix arrow characters in release target path dropdown (? → →)
- Add login credentials to quickstart documentation
- Update Feature Matrix: 14 release orchestration features marked as
  shipped (was marked planned)

Platform contract repairs (from prior session):
- Add /api/v1/jobengine/quotas/summary endpoint on Platform
- Fix gateway route prefix matching for /policy/shadow/* and
  /policy/simulations/* (regex routes instead of exact match)
- Fix VexHub PostgresVexSourceRepository missing interface method
- Fix advisory-vex-sources sweep text expectation
- Fix mirror operator journey auth (session storage token extraction)

Verified: 110/111 canonical routes passing (1 unrelated stale approval ref)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-16 02:05:38 +02:00

148 lines
5.5 KiB
Markdown
Raw Blame History

# Quickstart -- Local Dev Environment in Minutes
Get Stella Ops running locally for development and evaluation.
> This guide is for **local development**. For production deployment, see the [Installation Guide](INSTALL_GUIDE.md).
## Prerequisites
| Requirement | Minimum | Verify |
|-------------|---------|--------|
| OS | Windows 10+, macOS 12+, Ubuntu 22.04+ | x86-64 or arm64 |
| Docker | Engine 20.10+ with Compose v2 | `docker compose version` |
| .NET SDK | 10.x | `dotnet --version` |
| Node.js | 20+ | `node --version` |
| RAM | 16 GB (32 GB recommended) | |
| Disk | 50 GB free | |
## 0. Runtime data assets (optional but recommended)
Some services depend on files not produced by `dotnet build` — most notably the
ONNX embedding model for semantic search. Without it, search works but with
reduced quality.
```bash
# After cloning, download the embedding model (~80 MB)
./devops/runtime-assets/acquire.sh --models
# Verify everything is in place
./devops/runtime-assets/acquire.sh --verify
```
For binary analysis (Ghidra), add `--ghidra` (~1.6 GB). Full details:
`devops/runtime-assets/README.md`.
---
## 1. Clone the repository
```bash
git clone <your-gitea-instance>/stella-ops/stella-ops.git
cd stella-ops
```
## 2. Run setup
**Windows (PowerShell 7):**
```powershell
.\scripts\setup.ps1
```
**Linux / macOS:**
```bash
./scripts/setup.sh
```
The setup script will:
- Verify all prerequisites are installed
- Offer to add hosts file entries (50 services need unique loopback IPs)
- Create `.env` from the example template (works out of the box, no editing needed)
- Create or reuse the external frontdoor Docker network from `.env` (`FRONTDOOR_NETWORK`, default `stellaops_frontdoor`)
- Build .NET solutions and Docker images
- Launch the full platform stack (`docker-compose.stella-ops.yml`)
- Run health checks and report status
### Infrastructure only (faster)
To skip builds and only start infrastructure:
```powershell
.\scripts\setup.ps1 -InfraOnly # Windows
./scripts/setup.sh --infra-only # Linux/macOS
```
## 3. First 30 minutes path
1. Start platform quickly (reuse existing images):
```powershell
.\scripts\setup.ps1 -SkipBuild -SkipImages
```
2. Confirm service health:
```powershell
docker compose -f devops/compose/docker-compose.stella-ops.yml ps
```
3. Preview demo seeding:
```powershell
dotnet run --project src/Cli/StellaOps.Cli/StellaOps.Cli.csproj -- `
admin seed-demo --dry-run `
--connection "Host=127.1.1.1;Port=5432;Database=stellaops_platform;Username=stellaops;Password=stellaops"
```
4. Seed demo data:
```powershell
dotnet run --project src/Cli/StellaOps.Cli/StellaOps.Cli.csproj -- `
admin seed-demo --confirm `
--connection "Host=127.1.1.1;Port=5432;Database=stellaops_platform;Username=stellaops;Password=stellaops"
```
5. Open **https://stella-ops.local**.
6. Log in with the demo admin account:
- **Username**: `admin`
- **Password**: `Admin@Stella2026!`
- **Tenant**: demo-prod (selected automatically)
Additional demo accounts: `operator`, `viewer`, `auditor`, `developer` (same password pattern).
## What's running
After a full setup, you'll have 60+ services running locally:
| Service | URL | Purpose |
|---------|-----|---------|
| Web UI | https://stella-ops.local | Angular console |
| Authority | https://authority.stella-ops.local | OAuth2/OIDC |
| Scanner | https://scanner.stella-ops.local | SBOM/vulnerability scanning |
| Concelier | https://concelier.stella-ops.local | Advisory aggregation |
| PostgreSQL | db.stella-ops.local:5432 | Primary database |
| Valkey | cache.stella-ops.local:6379 | Cache and messaging |
| RustFS | s3.stella-ops.local:8333 | S3-compatible object storage |
Full service list: `devops/compose/docker-compose.stella-ops.yml`
Runtime URL convention: use `*.stella-ops.local` hostnames for services.
Exception: `hosts.stellaops.local` is a file name, not a runtime host.
Optional Sigstore services (`rekor-v2`, `rekor-cli`, `cosign`) are enabled only with:
```bash
docker compose -f devops/compose/docker-compose.stella-ops.yml --profile sigstore up -d
```
## Troubleshooting
| Symptom | Meaning | Action |
|---------|---------|--------|
| `stella-ops.local` not found | Hosts entries missing | Re-run setup and accept hosts installation, or append `devops/compose/hosts.stellaops.local` manually |
| `health=starting` for RustFS during setup | Advisory startup lag | Wait 30-60 seconds and re-check `docker compose ... ps` |
| `stellaops-dev-rekor` restarting without `--profile sigstore` | Optional profile container from older runs | Non-blocking for default setup; ignore or clean old container |
| `SM remote service probe failed (localhost:56080)` in CLI | Optional China SM Remote plugin probe | Non-blocking for default crypto profile |
| `admin seed-demo --confirm` fails with `scheduler_exceptions_tenant_isolation already exists` | Outdated Scheduler migration scripts | Pull latest code and rerun seeding |
| Seed endpoint still returns HTTP 500 after patching source | Running old container image | Rebuild/restart platform image and retest |
| Port conflicts | Local process already using mapped port | Override in `devops/compose/.env` (`devops/compose/env/stellaops.env.example`) |
## Next steps
- [Developer setup details](dev/DEV_ENVIRONMENT_SETUP.md) -- manual steps, hybrid debugging, building individual modules
- [Installation Guide](INSTALL_GUIDE.md) -- production deployment, air-gap, regional compliance
- [Architecture overview](ARCHITECTURE_OVERVIEW.md) -- how the platform fits together
Reference in New Issue View Git Blame Copy Permalink