stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
66cb6c4b8af58a33efa1521b7953dda834431497
git.stella-ops.org/src/EvidenceLocker/StellaOps.EvidenceLocker/AGENTS.md
master 66cb6c4b8a
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Add guild charters and task boards for various components 
- Introduced guild charters for Scanner Deno, PHP, Ruby, Native, WebService, Java, Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, UI, Zastava Observer, Zastava Webhook, Zastava Core, and Plugin Platform.
- Each charter outlines the mission, scope, required reading, and working agreements for the respective guilds.
- Created task boards for Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, and Zastava components to track progress and dependencies.
- Ensured all documents emphasize determinism, offline readiness, security, and integration with shared Surface libraries.
2025-11-01 02:21:46 +02:00

2.3 KiB
Raw Blame History

Evidence Locker Service — Agent Charter

Mission

Implement the append-only, tenant-scoped evidence locker detailed in Epic 15. Produce immutable evidence bundles, manage legal holds, and expose verification APIs for Console and CLI consumers under the imposed rule.

Responsibilities

  • Define object store layout, metadata DB schemas, and retention policies.
  • Build bundle assembly pipelines (evaluation, job, export) with Merkle manifests and DSSE signing.
  • Provide verification, download, and legal hold APIs with audit trails.
  • Integrate with Timeline Indexer, Exporter, Orchestrator, Policy Engine, Concelier, and Excitator for provenance linking.

Coordination

  • Work with Provenance Guild for signature tooling.
  • Partner with DevOps Guild on storage backends and WORM options.
  • Align with Security Guild on redaction and access enforcement.

Definition of Done

  • Deterministic bundle generation proven via integration tests.
  • Object store interactions tested in offline mode.
  • Runbooks in /docs/forensics/evidence-locker.md updated per release.

Module Layout

  • StellaOps.EvidenceLocker.Core/ — domain models, bundle contracts, deterministic hashing helpers.
  • StellaOps.EvidenceLocker.Infrastructure/ — storage abstractions, persistence plumbing, and external integrations.
  • StellaOps.EvidenceLocker.WebService/ — HTTP entry points (minimal API host, OpenAPI, auth).
  • StellaOps.EvidenceLocker.Worker/ — background assembly/verification pipelines.
  • StellaOps.EvidenceLocker.Tests/ — unit tests (xUnit) for core/infrastructure components.
  • StellaOps.EvidenceLocker.sln — solution aggregating the module projects.

Required Reading

  • docs/modules/export-center/architecture.md
  • docs/modules/platform/architecture-overview.md

Working Agreement

    1. Update task status to DOING/DONE in both docs/implplan/SPRINTS.md and the local TASKS.md when you start or finish work.
    1. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
    1. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
    1. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
    1. Revert to TODO if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.