stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
75c2bcafced8b7a9e4e442cd10af3972f5788d35
git.stella-ops.org/docs/implplan/SPRINT_117_concelier_vi.md
master 75c2bcafce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Add LDAP Distinguished Name Helper and Credential Audit Context 
- Implemented LdapDistinguishedNameHelper for escaping RDN and filter values.
- Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context.
- Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events.
- Introduced AuthorityAuditSink for persisting audit records with structured logging.
- Added CryptoPro related classes for certificate resolution and signing operations.
2025-11-09 12:21:38 +02:00

3.8 KiB
Raw Blame History

Sprint 117 - Ingestion & Evidence · 110.B) Concelier.VI

Active items only. Completed/historic work now resides in docs/implplan/archived_sprints_tasks.md (updated 2025-11-08).

[Ingestion & Evidence] 110.B) Concelier.VI Depends on: Sprint 110.B - Concelier.V Summary: Ingestion & Evidence focus on Concelier (phase VI).

Task ID State Task description Owners (Source)
CONCELIER-WEB-OBS-53-001 Evidence locker integration TODO Add /evidence/advisories/* routes invoking evidence locker snapshots, verifying tenant scopes (evidence:read), and returning signed manifest metadata. Dependencies: CONCELIER-WEB-OBS-52-001. Concelier WebService Guild, Evidence Locker Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-OBS-54-001 Attestation exposure TODO Provide /attestations/advisories/* read APIs surfacing DSSE status, verification summary, and provenance chain for Console/CLI. Dependencies: CONCELIER-WEB-OBS-53-001. Concelier WebService Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-OBS-55-001 Incident mode toggles TODO Implement incident mode toggle endpoints, propagate to orchestrator/locker, and document cooldown/backoff semantics. Dependencies: CONCELIER-WEB-OBS-54-001. Concelier WebService Guild, DevOps Guild (src/Concelier/StellaOps.Concelier.WebService)
FEEDCONN-CCCS-02-009 Version range provenance (Oct 2025) BE-Conn-CCCS TODO (due 2025-10-21) Map CCCS advisories into the new advisory_observations.affected.versions[] structure, preserving each upstream range with provenance anchors (cccs:{serial}:{index}) and normalized comparison keys. Update mapper tests/fixtures for the Link-Not-Merge schema and verify linkset builders consume the ranges without relying on legacy merge counters.
2025-10-29: docs/dev/normalized-rule-recipes.md now documents helper snippets for building observation version entries—use them instead of merge-specific builders and refresh fixtures with UPDATE_CCCS_FIXTURES=1.		 CONCELIER-LNM-21-001 (src/Concelier/__Libraries/StellaOps.Concelier.Connector.Cccs)
FEEDCONN-CERTBUND-02-010 Version range provenance BE-Conn-CERTBUND TODO (due 2025-10-22) Translate product.Versions phrases (e.g., 2023.1 bis 2024.2, alle) into comparison helpers for advisory_observations.affected.versions[], capturing provenance (certbund:{advisoryId}:{vendor}) and localisation notes. Update mapper/tests for the Link-Not-Merge schema and refresh documentation accordingly. CONCELIER-LNM-21-001 (src/Concelier/__Libraries/StellaOps.Concelier.Connector.CertBund)
FEEDCONN-CISCO-02-009 SemVer range provenance BE-Conn-Cisco DOING (2025-11-08) Emitting Cisco SemVer ranges into advisory_observations.affected.versions[] with provenance identifiers (cisco:{productId}) and deterministic comparison keys. Updating mapper/tests for the Link-Not-Merge schema and replacing legacy merge counter checks with observation/linkset validation. CONCELIER-LNM-21-001 (src/Concelier/__Libraries/StellaOps.Concelier.Connector.Vndr.Cisco)
FEEDMERGE-COORD-02-901 Connector deadline check-ins DROPPED (2025-11-07) Scope removed: FeedMerge coordination requires an AOC policy that does not exist yet. Re-open once governance/ownership is defined.
FEEDMERGE-COORD-02-902 ICS-CISA version comparison support DROPPED (2025-11-07) Blocked on FEEDMERGE policy/ownership; dropped alongside 02-901.
FEEDMERGE-COORD-02-903 KISA firmware scheme review DROPPED (2025-11-07) Blocked on FEEDMERGE policy/ownership; dropped alongside 02-901.
DOCS-LNM-22-008 DONE (2025-11-03) Write /docs/migration/no-merge.md describing migration plan, backfill steps, rollback procedures, and feature-flag toggles for Link-Not-Merge rollout. Docs Guild, DevOps Guild (docs)