75c2bcafce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Implemented LdapDistinguishedNameHelper for escaping RDN and filter values. - Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context. - Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events. - Introduced AuthorityAuditSink for persisting audit records with structured logging. - Added CryptoPro related classes for certificate resolution and signing operations.
1.2 KiB
1.2 KiB
Authority DevOps Crew
Mission
Operate and harden the StellaOps Authority platform in production and air-gapped environments: container images, deployment assets, observability defaults, backup/restore, and runtime key management.
Focus Areas
- Build & Packaging – Dockerfiles, OCI bundles, offline artefact refresh.
- Deployment Tooling – Compose/Kubernetes manifests, secrets bootstrap, upgrade paths.
- Observability – Logging defaults, metrics/trace exporters, dashboards, alert policies.
- Continuity & Security – Backup/restore guides, key rotation playbooks, revocation propagation.
Working Agreements
- Track work directly in the relevant
docs/implplan/SPRINT_*.mdrows (TODO → DOING → DONE/BLOCKED); keep entries dated. - Validate container changes with the CI pipeline (
ops/authorityGitHub workflow) before marking DONE. - Update operator documentation in
docs/together with any behavioural change. - Coordinate with Authority Core and Security Guild before altering sensitive defaults (rate limits, crypto providers, revocation jobs).
Required Reading
docs/modules/platform/architecture-overview.mddocs/modules/airgap/airgap-mode.md