stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
75c2bcafced8b7a9e4e442cd10af3972f5788d35
git.stella-ops.org/docs/implplan/SPRINT_214_web_iii.md
master 75c2bcafce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Add LDAP Distinguished Name Helper and Credential Audit Context 
- Implemented LdapDistinguishedNameHelper for escaping RDN and filter values.
- Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context.
- Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events.
- Introduced AuthorityAuditSink for persisting audit records with structured logging.
- Added CryptoPro related classes for certificate resolution and signing operations.
2025-11-09 12:21:38 +02:00

4.2 KiB
Raw Blame History

Sprint 214 - Experience & SDKs · 180.F) Web.III

Active items only. Completed/historic work now resides in docs/implplan/archived_sprints_tasks.md (updated 2025-11-08).

[Experience & SDKs] 180.F) Web.III Depends on: Sprint 180.F - Web.II Summary: Experience & SDKs focus on Web (phase III).

Task ID State Task description Owners (Source)
WEB-LNM-21-003 Policy evidence aggregation TODO Provide combined endpoint for Console to fetch policy result + source evidence (advisory + VEX linksets) for a component. Dependencies: WEB-LNM-21-002. BE-Base Platform Guild, Policy Guild (src/Web/StellaOps.Web)
WEB-NOTIFY-38-001 Gateway routing TODO Route notifier APIs (/notifications/*) and WS feed through gateway with tenant scoping, viewer/operator scope enforcement, and SSE/WebSocket bridging. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-NOTIFY-39-001 Digest & simulation endpoints TODO Surface digest scheduling, quiet-hour/throttle management, and simulation APIs; ensure rate limits and audit logging. Dependencies: WEB-NOTIFY-38-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-NOTIFY-40-001 Escalations & localization TODO Expose escalation, localization, channel health, and ack verification endpoints with admin scope enforcement and signed token validation. Dependencies: WEB-NOTIFY-39-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-OAS-61-001 Discovery endpoint TODO Implement GET /.well-known/openapi returning gateway spec with version metadata, cache headers, and signed ETag. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-OAS-61-002 Standard error envelope TODO Migrate gateway errors to standard envelope and update examples; ensure telemetry logs include error.code. Dependencies: WEB-OAS-61-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-OAS-62-001 Pagination & idempotency alignment TODO Normalize all endpoints to cursor pagination, expose Idempotency-Key support, and document rate-limit headers. Dependencies: WEB-OAS-61-002. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-OAS-63-001 Deprecation support TODO Add deprecation header middleware, Sunset link emission, and observability metrics for deprecated routes. Dependencies: WEB-OAS-62-001. BE-Base Platform Guild, API Governance Guild (src/Web/StellaOps.Web)
WEB-OBS-50-001 Telemetry core adoption TODO Integrate StellaOps.Telemetry.Core into gateway host, replace ad-hoc logging, ensure all routes emit trace/span IDs, tenant context, and scrubbed payload previews. BE-Base Platform Guild, Observability Guild (src/Web/StellaOps.Web)
WEB-OBS-51-001 Observability health endpoints TODO Implement /obs/health and /obs/slo aggregations, pulling metrics from Prometheus/collector APIs, including burn-rate signals and exemplar links for Console widgets. Dependencies: WEB-OBS-50-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-OBS-52-001 Trace & log proxies TODO Deliver /obs/trace/:id and /obs/logs proxy endpoints with guardrails (time window limits, tenant scoping) forwarding to timeline indexer + log store with signed URLs. Dependencies: WEB-OBS-51-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-OBS-54-001 Evidence & attestation bridges TODO Provide /evidence/* and /attestations/* pass-through endpoints, enforce timeline:read, evidence:read, attest:read scopes, append provenance headers, and surface verification summaries. Dependencies: WEB-OBS-52-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-OBS-55-001 Incident mode controls TODO Add /obs/incident-mode API (enable/disable/status) with audit trail, sampling override, retention bump preview, and CLI/Console hooks. Dependencies: WEB-OBS-54-001. BE-Base Platform Guild, Ops Guild (src/Web/StellaOps.Web)
WEB-OBS-56-001 Sealed status surfaces TODO Extend telemetry core integration to expose sealed/unsealed status APIs, drift metrics, and Console widgets without leaking sealed-mode secrets. Dependencies: WEB-OBS-55-001. BE-Base Platform Guild, AirGap Guild (src/Web/StellaOps.Web)
WEB-ORCH-32-001 Read-only routing TODO Expose `/orchestrator/sources BE-Base Platform Guild (src/Web/StellaOps.Web)