stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
75c2bcafced8b7a9e4e442cd10af3972f5788d35
git.stella-ops.org/docs/implplan/SPRINT_157_taskrunner_i.md
master 75c2bcafce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Add LDAP Distinguished Name Helper and Credential Audit Context 
- Implemented LdapDistinguishedNameHelper for escaping RDN and filter values.
- Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context.
- Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events.
- Introduced AuthorityAuditSink for persisting audit records with structured logging.
- Added CryptoPro related classes for certificate resolution and signing operations.
2025-11-09 12:21:38 +02:00

4.4 KiB
Raw Blame History

Sprint 157 - Scheduling & Automation · 150.D) TaskRunner.I

Active items only. Completed/historic work now resides in docs/implplan/archived_sprints_tasks.md (updated 2025-11-08).

[Scheduling & Automation] 150.D) TaskRunner.I Depends on: Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 140.A - Graph Summary: Scheduling & Automation focus on TaskRunner (phase I).

Task ID State Task description Owners (Source)
TASKRUN-41-001 TODO Bootstrap service, define migrations for pack_runs, pack_run_logs, pack_artifacts, implement run API (create/get/log stream), local executor, approvals pause, artifact capture, and provenance manifest generation. Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-AIRGAP-56-001 TODO Enforce plan-time validation rejecting steps with non-allowlisted network calls in sealed mode and surface remediation errors. Task Runner Guild, AirGap Policy Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-AIRGAP-56-002 TODO Add helper steps for bundle ingestion (checksum verification, staging to object store) with deterministic outputs. Dependencies: TASKRUN-AIRGAP-56-001. Task Runner Guild, AirGap Importer Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-AIRGAP-57-001 TODO Refuse to execute plans when environment sealed=false but declared sealed install; emit advisory timeline events. Dependencies: TASKRUN-AIRGAP-56-002. Task Runner Guild, AirGap Controller Guild (src/TaskRunner/StellaOps.TaskRunner)
TASKRUN-AIRGAP-58-001 TODO Capture bundle import job transcripts, hashed inputs, and outputs into portable evidence bundles. Dependencies: TASKRUN-AIRGAP-57-001. Task Runner Guild, Evidence Locker Guild (src/TaskRunner/StellaOps.TaskRunner)

2025-11-04: Resumed TASKRUN-42-001 — scoping execution engine upgrades (loops/conditionals/maxParallel), simulation mode, policy gate integration, and deterministic failure recovery. 2025-11-04: Worker/WebService wiring in place — execution graph honours maxParallel/continueOnError, retry windows persisted, and simulation API exposed. 2025-11-04: Continuing TASKRUN-42-001 — cleaning persistence anomalies, validating retry metadata, and wiring simulation preview into CLI surface. 2025-11-04: CLI command stella task-runner simulate wired to the new endpoint with JSON/table output modes. TASKRUN-OAS-61-001 | TODO | Document Task Runner APIs (pack runs, logs, approvals) in service OAS, including streaming response schemas and examples. | Task Runner Guild, API Contracts Guild (src/TaskRunner/StellaOps.TaskRunner) TASKRUN-OAS-61-002 | TODO | Expose GET /.well-known/openapi returning signed spec metadata, build version, and ETag. Dependencies: TASKRUN-OAS-61-001. | Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner) TASKRUN-OAS-62-001 | TODO | Provide SDK examples for pack run lifecycle; ensure SDKs offer streaming log helpers and paginator wrappers. Dependencies: TASKRUN-OAS-61-002. | Task Runner Guild, SDK Generator Guild (src/TaskRunner/StellaOps.TaskRunner) TASKRUN-OAS-63-001 | TODO | Implement deprecation header support and Sunset handling for legacy pack APIs; emit notifications metadata. Dependencies: TASKRUN-OAS-62-001. | Task Runner Guild, API Governance Guild (src/TaskRunner/StellaOps.TaskRunner) TASKRUN-OBS-50-001 | TODO | Adopt telemetry core in Task Runner host + worker executors, ensuring step execution spans/logs include trace_id, tenant_id, run_id, and scrubbed command transcripts. | Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner) TASKRUN-OBS-51-001 | TODO | Emit metrics for step latency, retries, queue depth, sandbox resource usage; define SLOs for pack run completion and failure rate; surface burn-rate alerts to collector/Notifier. Dependencies: TASKRUN-OBS-50-001. | Task Runner Guild, DevOps Guild (src/TaskRunner/StellaOps.TaskRunner) TASKRUN-OBS-52-001 | TODO | Produce timeline events for pack runs (pack.started, pack.step.completed, pack.failed) containing evidence pointers and policy gate context. Provide dedupe + retry logic. Dependencies: TASKRUN-OBS-51-001. | Task Runner Guild (src/TaskRunner/StellaOps.TaskRunner) TASKRUN-OBS-53-001 | TODO | Capture step transcripts, artifact manifests, environment digests, and policy approvals into evidence locker snapshots; ensure redaction + hash chain coverage. Dependencies: TASKRUN-OBS-52-001. | Task Runner Guild, Evidence Locker Guild (src/TaskRunner/StellaOps.TaskRunner)