stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
564df71bfbacfe8886e9f1999d4424b507f83c53
git.stella-ops.org/docs/modules/export-center
History
StellaOps Bot 564df71bfb
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
Details
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Details
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Details
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Details
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Details
up
2025-12-13 00:20:26 +02:00
..
openapi
up
2025-12-07 22:49:53 +02:00
operations
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
prep
prep docs and service updates
2025-11-21 06:56:36 +00:00
schemas
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
AGENTS.md
feat: Add Scanner CI runner and related artifacts
2025-11-30 19:12:35 +02:00
api.md
feat(graph): introduce graph.inspect.v1 contract and schema for SBOM relationships
2025-12-04 09:36:59 +02:00
architecture.md
up
2025-12-13 00:20:26 +02:00
cli.md
feat(graph): introduce graph.inspect.v1 contract and schema for SBOM relationships
2025-12-04 09:36:59 +02:00
determinism.md
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
devportal-offline-manifest.md
Add unit tests for Router configuration and transport layers
2025-12-05 08:01:47 +02:00
devportal-offline.md
feat: Implement DevPortal Offline Export Job
2025-11-05 21:57:46 +02:00
implementation_plan.md
feat: Add Scanner CI runner and related artifacts
2025-11-30 19:12:35 +02:00
mirror-bundles.md
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
overview.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00
profiles.md
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
provenance-and-signing.md
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
README.md
feat: Add Scanner CI runner and related artifacts
2025-11-30 19:12:35 +02:00
TASKS.md
feat: Add Scanner CI runner and related artifacts
2025-11-30 19:12:35 +02:00
trivy-adapter.md
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00

README.md

StellaOps Export Center

Export Center packages reproducible evidence bundles (JSON, Trivy DB, mirror) with provenance metadata and optional signing for offline or mirrored deployments.

Latest updates (2025-11-30)

  • Sprint tracker docs/implplan/SPRINT_0320_0001_0001_docs_modules_export_center.md and module TASKS.md added to mirror status.
  • Observability runbook stub + dashboard placeholder added under operations/ (offline import).
  • Bundle/profile/offline manifest guidance reaffirmed (devportal-offline*.md, mirror-bundles.md, provenance-and-signing.md).

Responsibilities

  • Coordinate export jobs based on profiles and scope selectors.
  • Assemble manifests, provenance documents, and cosign signatures.
  • Stream bundles via HTTP/OCI and stage them for Offline Kit uses.
  • Expose CLI/API surfaces for automation.

Key components

  • StellaOps.ExportCenter.WebService planner.
  • StellaOps.ExportCenter.Worker bundle builder.
  • Adapters in StellaOps.ExportCenter.* for JSON/Trivy/mirror variants.

Profiles at a glance

  • json:raw / json:policy — Evidence bundles with raw ingestion facts or policy overlays.
  • trivy:db / trivy:java-db — Trivy-compatible vulnerability feeds with deterministic manifests.
  • mirror:full / mirror:delta — OCI-style mirrors with provenance, TUF metadata, and optional encryption.
  • devportal:offline — Developer portal static assets, specs, SDKs, and changelogs packaged with manifest.json, checksums.txt, helper scripts, and a DSSE-signed manifest (manifest.dsse.json) for offline verification.

Integrations & dependencies

  • Concelier/Excititor/Policy data stores for evidence.
  • Signer/Attestor for provenance signing.
  • CLI for operator-managed exports.

Operational notes

  • Runbooks in ./operations/ for deployment and monitoring.
  • Observability assets: operations/observability.md and operations/dashboards/export-center-observability.json (offline import).
  • Mirror bundle instructions and validation notes.
  • Telemetry dashboards for export latency and retry rates.

Related resources

  • ./operations/runbook.md
  • ./devportal-offline.md (bundle structure, verification workflow, DSSE signature details)
  • ./provenance-and-signing.md (manifest/provenance schema, signing pipeline, verification)

Backlog references

  • DOCS-EXPORT-35-001 … DOCS-EXPORT-37-002 in ../../TASKS.md.
  • EXPORT-ATTEST-75-002 cross-team deliverable.

Epic alignment

  • Epic 10 Export Center: deliver canonical JSON, Trivy DB, and mirror bundle workflows with provenance, signatures, and offline parity.