stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
791e12baab550a97c05723b514496a57a6619e44
git.stella-ops.org/ops/devops/TASKS.md
master 791e12baab
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Add tests and implement StubBearer authentication for Signer endpoints 
- Created SignerEndpointsTests to validate the SignDsse and VerifyReferrers endpoints.
- Implemented StubBearerAuthenticationDefaults and StubBearerAuthenticationHandler for token-based authentication.
- Developed ConcelierExporterClient for managing Trivy DB settings and export operations.
- Added TrivyDbSettingsPageComponent for UI interactions with Trivy DB settings, including form handling and export triggering.
- Implemented styles and HTML structure for Trivy DB settings page.
- Created NotifySmokeCheck tool for validating Redis event streams and Notify deliveries.
2025-10-21 09:37:07 +03:00

4.1 KiB
Raw Blame History

DevOps Task Board

ID Status Owner(s) Depends on Description Exit Criteria
DEVOPS-HELM-09-001 DONE DevOps Guild SCANNER-WEB-09-101 Create Helm/Compose environment profiles (dev, staging, airgap) with deterministic digests. Profiles committed under deploy/; docs updated; CI smoke deploy passes.
DEVOPS-SCANNER-09-204 DONE (2025-10-21) DevOps Guild, Scanner WebService Guild SCANNER-EVENTS-15-201 Surface SCANNER__EVENTS__* environment variables across docker-compose (dev/stage/airgap) and Helm values, defaulting to share the Redis queue DSN. Compose/Helm configs ship enabled Redis event publishing with documented overrides; lint jobs updated; docs cross-link to new knobs.
DEVOPS-SCANNER-09-205 DONE (2025-10-21) DevOps Guild, Notify Guild DEVOPS-SCANNER-09-204 Add Notify smoke stage that tails the Redis stream and asserts scanner.report.ready/scanner.scan.completed reach Notify WebService in staging. CI job reads Redis stream during scanner smoke deploy, confirms Notify ingestion via API, alerts on failure.
DEVOPS-PERF-10-001 DONE DevOps Guild BENCH-SCANNER-10-001 Add perf smoke job (SBOM compose <5s target) to CI. CI job runs sample build verifying <5s; alerts configured.
DEVOPS-PERF-10-002 TODO DevOps Guild BENCH-SCANNER-10-002 Publish analyzer bench metrics to Grafana/perf workbook and alarm on ≥20% regressions. CI exports JSON for dashboards; Grafana panel wired; Ops on-call doc updated with alert hook.
DEVOPS-REL-14-001 TODO DevOps Guild SIGNER-API-11-101, ATTESTOR-API-11-201 Deterministic build/release pipeline with SBOM/provenance, signing, manifest generation. CI pipeline produces signed images + SBOM/attestations, manifests published with verified hashes, docs updated.
DEVOPS-REL-17-002 TODO DevOps Guild DEVOPS-REL-14-001, SCANNER-EMIT-17-701 Persist stripped-debug artifacts organised by GNU build-id and bundle them into release/offline kits with checksum manifests. CI job writes .debug files under artifacts/debug/.build-id/, manifest + checksums published, offline kit includes cache, smoke job proves symbol lookup via build-id.
DEVOPS-MIRROR-08-001 DONE (2025-10-19) DevOps Guild DEVOPS-REL-14-001 Stand up managed mirror profiles for *.stella-ops.org (Concelier/Excititor), including Helm/Compose overlays, multi-tenant secrets, CDN caching, and sync documentation. Infra overlays committed, CI smoke deploy hits mirror endpoints, runbooks published for downstream sync and quota management.
DEVOPS-SEC-10-301 DONE (2025-10-20) DevOps Guild Wave 0A complete Address NU1902/NU1903 advisories for MongoDB.Driver 2.12.0 and SharpCompress 0.23.0 surfaced during scanner cache and worker test runs. Dependencies bumped to patched releases, audit logs free of NU1902/NU1903 warnings, regression tests green, change log documents upgrade guidance.
DEVOPS-LAUNCH-18-100 TODO DevOps Guild - Finalise production environment footprint (clusters, secrets, network overlays) for full-platform go-live. IaC/compose overlays committed, secrets placeholders documented, dry-run deploy succeeds in staging.
DEVOPS-LAUNCH-18-900 TODO DevOps Guild, Module Leads Wave 0 completion Collect “full implementation” sign-off from module owners and consolidate launch readiness checklist. Sign-off record stored under docs/ops/launch-readiness.md; outstanding gaps triaged; checklist approved.
DEVOPS-LAUNCH-18-001 TODO DevOps Guild DEVOPS-LAUNCH-18-100, DEVOPS-LAUNCH-18-900 Production launch cutover rehearsal and runbook publication. docs/ops/launch-cutover.md drafted, rehearsal executed with rollback drill, approvals captured.

Remark (2025-10-20): Repacked Mongo2Go local feed to require MongoDB.Driver 3.5.0 + SharpCompress 0.41.0; cache regression tests green and NU1902/NU1903 suppressed. Remark (2025-10-21): Compose/Helm profiles now surface SCANNER__EVENTS__* toggles with docs pointing at new .env placeholders.