stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
4e3e575db596a66f01b712f9504d762f2ef07ea2
git.stella-ops.org/docs/updates/2025-10-27-policy-scope-migration.md
master 4e3e575db5 feat: Implement console session management with tenant and profile handling 
- Add ConsoleSessionStore for managing console session state including tenants, profile, and token information.
- Create OperatorContextService to manage operator context for orchestrator actions.
- Implement OperatorMetadataInterceptor to enrich HTTP requests with operator context metadata.
- Develop ConsoleProfileComponent to display user profile and session details, including tenant information and access tokens.
- Add corresponding HTML and SCSS for ConsoleProfileComponent to enhance UI presentation.
- Write unit tests for ConsoleProfileComponent to ensure correct rendering and functionality.
2025-10-28 09:59:09 +02:00

1.1 KiB
Raw Blame History

2025-10-27 — Policy scope migration guidance

Summary

  • Updated Authority defaults (etc/authority.yaml) to register a policy-cli client using the fine-grained scope set introduced by AUTH-POLICY-23-001 (policy:read, policy:author, policy:review, policy:simulate, findings:read).
  • Added release/CI documentation call-outs instructing operators to reissue tokens that previously relied on policy:write/policy:submit/policy:run scopes.
  • Introduced a repo verification script so future config changes fail CI when policy clients regress to the legacy scope bundles.

Next steps

Team Follow-up Target
Authority Core Rotate long-lived policy CLI tokens in staging to confirm new scope set before freezing release 2025.10. 2025-10-29
DevOps Guild Update automation secrets (CI/CD, offline kit) to point at the regenerated policy-cli credentials. Sprint 23 stand-up
Docs Guild Fold the broader scope matrix refresh into AUTH-POLICY-23-003 once the dual-approval workflow lands. Blocked on AUTH-POLICY-23-002