stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
5540ce94306923d75089965e75c414b488c2afd5
git.stella-ops.org/docs/modules/scanner/operations/field-engagement.md
StellaOps Bot 9a08d10b89 docs consolidation
2025-12-24 12:38:14 +02:00

39 lines
2.2 KiB
Markdown
Raw Blame History

# Field Engagement Playbook: Windows and macOS Coverage
This playbook helps field teams answer Windows/macOS coverage questions without drifting into speculative promises.
## 1) Current scope (baseline)
- Scanner targets deterministic container-image workflows first (Linux-focused).
- Windows and macOS analyzers are design-tracked and should be discussed as "in discovery/design" unless a specific sprint/feature flag says otherwise.
## 2) Operator talking points
- Determinism and offline parity are non-negotiable: any Windows/macOS expansion must keep fixtures, ordering, hashing, and Offline Kit flows reproducible.
- Coverage work is split into:
- Scanner analyzers (collection and parsing),
- Policy predicates (trust/verification rules),
- Offline Kit packaging (feeds, certificates, mirrors, and deterministic indexes).
## 3) Where to point people
- Design briefs:
- `docs/modules/scanner/design/windows-analyzer.md`
- `docs/modules/scanner/design/macos-analyzer.md`
- Deep dives and research notes:
- `docs/benchmarks/scanner/deep-dives/windows.md`
- `docs/benchmarks/scanner/deep-dives/macos.md`
- Demand capture: `docs/benchmarks/scanner/windows-macos-demand.md`
- Policy readiness notes:
- `docs/modules/policy/windows-package-readiness.md`
- `docs/modules/policy/secret-leak-detection-readiness.md`
## 4) Signal capture workflow
1. Capture requirements using `docs/benchmarks/scanner/windows-macos-interview-template.md`.
2. Append a structured summary to `docs/benchmarks/scanner/windows-macos-demand.md`.
3. If the signal implies policy/security decisions (signature verification, trust roots, masking/telemetry), update the relevant readiness notes and reference the demand entry.
4. Share the updated demand entry with the Scanner and Policy guilds in the next sync.
## 5) FAQ snippets
- When will Windows/macOS be GA? Demand- and evidence-driven; avoid date promises. Use the design briefs and deep dives for the current state.
- Can we run scans offline? Offline parity is required; any OS expansion must include an Offline Kit story (feeds, trust roots, deterministic indexes).
- Do we cover Authenticode/notarization? Treat as a policy/security decision captured in readiness notes, not an implicit feature promise.
Reference in New Issue View Git Blame Copy Permalink