stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
66d84fb17a0d3e7c8db250a4957a14f251c19a4d
git.stella-ops.org/src/Web/StellaOps.Web/output/playwright/live-release-confidence-journey.json
master da76d6e93e Add topology auth policies + journey findings notes 
Concelier:
- Register Topology.Read, Topology.Manage, Topology.Admin authorization
  policies mapped to OrchRead/OrchOperate/PlatformContextRead/IntegrationWrite
  scopes. Previously these policies were referenced by endpoints but never
  registered, causing System.InvalidOperationException on every topology
  API call.

Gateway routes:
- Simplified targets/environments routes (removed specific sub-path routes,
  use catch-all patterns instead)
- Changed environments base route to JobEngine (where CRUD lives)
- Changed to ReverseProxy type for all topology routes

KNOWN ISSUE (not yet fixed):
- ReverseProxy routes don't forward the gateway's identity envelope to
  Concelier. The regions/targets/bindings endpoints return 401 because
  hasPrincipal=False — the gateway authenticates the user but doesn't
  pass the identity to the backend via ReverseProxy. Microservice routes
  use Valkey transport which includes envelope headers. Topology endpoints
  need either: (a) Valkey transport registration in Concelier, or
  (b) Concelier configured to accept raw bearer tokens on ReverseProxy paths.
  This is an architecture-level fix.

Journey findings collected so far:
- Integration wizard (Harbor + GitHub App): works end-to-end
- Advisory Check All: fixed (parallel individual checks)
- Mirror domain creation: works, generate-immediately fails silently
- Topology wizard Step 1 (Region): blocked by auth passthrough issue
- Topology wizard Step 2 (Environment): POST to JobEngine needs verify
- User ID resolution: raw hashes shown everywhere

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-16 08:12:39 +02:00

182 lines
8.6 KiB
JSON
Raw Blame History

{
"generatedAtUtc": "2026-03-15T10:36:51.420Z",
"baseUrl": "https://stella-ops.local",
"scope": {
"tenant": "demo-prod",
"regions": "us-east",
"environments": "stage",
"timeWindow": "7d"
},
"steps": [
{
"name": "01-releases-overview-to-deployments",
"ok": true,
"durationMs": 5182,
"issues": [],
"snapshot": {
"key": "01-releases-overview-to-deployments",
"url": "https://stella-ops.local/releases/deployments?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d",
"title": "Deployment History - Stella Ops QA 1773540847164",
"heading": "Deployments",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\01-releases-overview-to-deployments.png"
}
},
{
"name": "02-deployment-detail-evidence-and-replay",
"ok": true,
"durationMs": 24509,
"issues": [],
"snapshot": {
"key": "02-deployment-detail-evidence-and-replay",
"url": "https://stella-ops.local/evidence/verify-replay?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&releaseId=v1.2.5&returnTo=%2Freleases%2Fdeployments%2FDEP-2026-050%3Ftenant%3Ddemo-prod%26regions%3Dus-east%26environments%3Dstage%26timeWindow%3D7d",
"title": "Verify & Replay - Stella Ops QA 1773540847164",
"heading": "Verdict Replay",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\02-deployment-detail-evidence-and-replay.png",
"detailHeading": "DEP-2026-050",
"evidenceHref": "/evidence/capsules?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&evidenceId=evd-2026-049&returnTo=%2Freleases%2Fdeployments%2FDEP-2026-050%3Ftenant%3Ddemo-prod%26regions%3Dus-east%26environments%3Dstage%26timeWindow%3D7d",
"replayUrl": "https://stella-ops.local/evidence/verify-replay?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&releaseId=v1.2.5&returnTo=%2Freleases%2Fdeployments%2FDEP-2026-050%3Ftenant%3Ddemo-prod%26regions%3Dus-east%26environments%3Dstage%26timeWindow%3D7d"
}
},
{
"name": "02b-approval-detail-decision-cockpit",
"ok": true,
"durationMs": 26789,
"issues": [],
"snapshot": {
"key": "02b-approval-detail-decision-cockpit",
"url": "https://stella-ops.local/ops/operations/data-integrity/scan-pipeline?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d",
"title": "Scan Pipeline Health - StellaOps - Stella Ops QA 1773540847164",
"heading": "Scan Pipeline Health",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\02b-approval-detail-decision-cockpit.png",
"detailUrl": "https://stella-ops.local/releases/approvals/apr-001?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d"
}
},
{
"name": "03-decision-capsules-search-and-detail",
"ok": true,
"durationMs": 4860,
"issues": [],
"snapshot": {
"key": "03-decision-capsules-search-and-detail",
"url": "https://stella-ops.local/evidence/capsules?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d",
"title": "Decision Capsules - Stella Ops QA 1773540847164",
"heading": "Decision Capsules",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\03-decision-capsules-search-and-detail.png",
"listUrl": "https://stella-ops.local/evidence/capsules?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d"
}
},
{
"name": "04-security-posture-to-triage-workspace",
"ok": true,
"durationMs": 6874,
"issues": [],
"snapshot": {
"key": "04-security-posture-to-triage-workspace",
"url": "https://stella-ops.local/security/triage?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&pivot=cve",
"title": "Security Triage - Stella Ops QA 1773540847164",
"heading": "Security / Triage",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\04-security-posture-to-triage-workspace.png",
"triageUrl": "https://stella-ops.local/security/triage?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&pivot=cve"
}
},
{
"name": "05-advisories-vex-tabs",
"ok": true,
"durationMs": 7381,
"issues": [],
"snapshot": {
"key": "05-advisories-vex-tabs",
"url": "https://stella-ops.local/security/advisories-vex?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&tab=issuer-trust",
"title": "Advisories & VEX - Stella Ops QA 1773540847164",
"heading": "Security / Advisories & VEX",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\05-advisories-vex-tabs.png",
"visitedTabs": [
"Providers",
"VEX Library",
"Issuer Trust"
]
}
},
{
"name": "06-reachability-tabs",
"ok": true,
"durationMs": 5856,
"issues": [],
"snapshot": {
"key": "06-reachability-tabs",
"url": "https://stella-ops.local/security/reachability/poe?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&tab=poe",
"title": "Proof Of Exposure - Stella Ops QA 1773540847164",
"heading": "Reachability",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\06-reachability-tabs.png",
"finalUrl": "https://stella-ops.local/security/reachability/poe?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&tab=poe"
}
},
{
"name": "07-security-reports-embedded-tabs",
"ok": true,
"durationMs": 8937,
"issues": [],
"snapshot": {
"key": "07-security-reports-embedded-tabs",
"url": "https://stella-ops.local/security/reports?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d",
"title": "Security Reports - Stella Ops QA 1773540847164",
"heading": "Security Reports",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\07-security-reports-embedded-tabs.png",
"visitedTabs": [
"Risk Report",
"VEX Ledger",
"Evidence Export"
]
}
},
{
"name": "08-release-promotion-submit",
"ok": true,
"durationMs": 6146,
"issues": [],
"snapshot": {
"key": "08-release-promotion-submit",
"url": "https://stella-ops.local/releases/promotions/apr-005?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d",
"title": "Promotion Detail - Stella Ops QA 1773540847164",
"heading": "Platform Release 1.2.3",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\08-release-promotion-submit.png",
"promoteUrl": "https://stella-ops.local/releases/promotions/apr-005?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d",
"promoteStatus": 200
}
},
{
"name": "09-hotfix-review-and-create",
"ok": true,
"durationMs": 6723,
"issues": [],
"snapshot": {
"key": "09-hotfix-review-and-create",
"url": "https://stella-ops.local/releases/versions/new?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&type=hotfix&hotfixLane=true",
"title": "Create Release Version - Stella Ops QA 1773540847164",
"heading": "Create Release Version",
"alerts": [],
"screenshotPath": "C:\\dev\\New folder\\git.stella-ops.org\\src\\Web\\StellaOps.Web\\output\\playwright\\release-confidence-journey\\09-hotfix-review-and-create.png",
"createUrl": "https://stella-ops.local/releases/versions/new?tenant=demo-prod&regions=us-east&environments=stage&timeWindow=7d&type=hotfix&hotfixLane=true"
}
}
],
"runtime": {
"consoleErrors": [],
"pageErrors": [],
"requestFailures": [],
"responseErrors": []
},
"failedStepCount": 0,
"runtimeIssueCount": 0,
"runtimeIssues": []
}
Reference in New Issue View Git Blame Copy Permalink