stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
791e12baab550a97c05723b514496a57a6619e44
git.stella-ops.org/src/StellaOps.Concelier.WebService/TASKS.md
master 791e12baab
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Add tests and implement StubBearer authentication for Signer endpoints 
- Created SignerEndpointsTests to validate the SignDsse and VerifyReferrers endpoints.
- Implemented StubBearerAuthenticationDefaults and StubBearerAuthenticationHandler for token-based authentication.
- Developed ConcelierExporterClient for managing Trivy DB settings and export operations.
- Added TrivyDbSettingsPageComponent for UI interactions with Trivy DB settings, including form handling and export triggering.
- Implemented styles and HTML structure for Trivy DB settings page.
- Created NotifySmokeCheck tool for validating Redis event streams and Notify deliveries.
2025-10-21 09:37:07 +03:00

5.2 KiB
Raw Blame History

TASKS

Task Owner(s) Depends on Notes
FEEDWEB-EVENTS-07-001 Advisory event replay API Concelier WebService Guild FEEDCORE-ENGINE-07-001 DONE (2025-10-19) Added /concelier/advisories/{vulnerabilityKey}/replay endpoint with optional asOf, hex hashes, and conflict payloads; integration covered via dotnet test src/StellaOps.Concelier.WebService.Tests/StellaOps.Concelier.WebService.Tests.csproj.
Bind & validate ConcelierOptions BE-Base WebService DONE options bound/validated with failure logging.
Mongo service wiring BE-Base Storage.Mongo DONE wiring delegated to AddMongoStorage.
Bootstrapper execution on start BE-Base Storage.Mongo DONE startup calls MongoBootstrapper.InitializeAsync.
Plugin host options finalization BE-Base Plugins DONE default plugin directories/search patterns configured.
Jobs API contract tests QA Core DONE WebServiceEndpointsTests now cover success payloads, filtering, and trigger outcome mapping.
Health/Ready probes DevOps Ops DONE /health and /ready endpoints implemented.
Serilog + OTEL integration hooks BE-Base Observability DONE TelemetryExtensions wires Serilog + OTEL with configurable exporters.
Register built-in jobs (sources/exporters) BE-Base Core DONE AddBuiltInConcelierJobs adds fallback scheduler definitions for core connectors and exporters via reflection.
HTTP problem details consistency BE-Base WebService DONE API errors now emit RFC7807 responses with trace identifiers and typed problem categories.
Request logging and metrics BE-Base Observability DONE Serilog request logging enabled with enriched context and web.jobs counters published via OpenTelemetry.
Endpoint smoke tests (health/ready/jobs error paths) QA WebService DONE WebServiceEndpointsTests assert success and problem responses for health, ready, and job trigger error paths.
Batch job definition last-run lookup BE-Base Core DONE definitions endpoint now precomputes kinds array and reuses batched last-run dictionary; manual smoke verified via local GET /jobs/definitions.
Add no-cache headers to health/readiness/jobs APIs BE-Base WebService DONE helper applies Cache-Control/Pragma/Expires on all health/ready/jobs endpoints; awaiting automated probe tests once connector fixtures stabilize.
Authority configuration parity (FSR1) DevEx/Concelier Authority options schema DONE (2025-10-10) Options post-config loads clientSecretFile fallback, validators normalize scopes/audiences, and sample config documents issuer/credential/bypass settings.
Document authority toggle & scope requirements Docs/Concelier Authority integration DONE (2025-10-21) Quickstart now documents staging flag, client credentials, env overrides; operator guide refresh merged. Remaining copy polishing is tracked under DOCS-CONCELIER-07-201 in docs/TASKS.md.
Plumb Authority client resilience options BE-Base Auth libraries LIB5 DONE (2025-10-12) Program.cs wires authority.resilience.* + client scopes into AddStellaOpsAuthClient; new integration test asserts binding and retries.
Author ops guidance for resilience tuning Docs/Concelier Plumb Authority client resilience options DONE (2025-10-12) docs/21_INSTALL_GUIDE.md + docs/ops/concelier-authority-audit-runbook.md document resilience profiles for connected vs air-gapped installs and reference monitoring cues.
Document authority bypass logging patterns Docs/Concelier FSR3 logging DONE (2025-10-12) Updated operator guides clarify Concelier.Authorization.Audit fields (route/status/subject/clientId/scopes/bypass/remote) and SIEM triggers.
Update Concelier operator guide for enforcement cutoff Docs/Concelier FSR1 rollout DONE (2025-10-12) Installation guide emphasises disabling allowAnonymousFallback before 2025-12-31 UTC and connects audit signals to the rollout checklist.
Rename plugin drop directory to namespaced path BE-Base Plugins DONE (2025-10-19) Build outputs now target StellaOps.Concelier.PluginBinaries/StellaOps.Authority.PluginBinaries, plugin host defaults updated, config/docs refreshed, and dotnet test src/StellaOps.Concelier.WebService.Tests/StellaOps.Concelier.WebService.Tests.csproj --no-restore covers the change.
Authority resilience adoption Concelier WebService, Docs Plumb Authority client resilience options BLOCKED (2025-10-10) Roll out retry/offline knobs to deployment docs and confirm CLI parity once LIB5 lands; unblock after resilience options wired and tested.
CONCELIER-WEB-08-201 Mirror distribution endpoints Concelier WebService Guild CONCELIER-EXPORT-08-201, DEVOPS-MIRROR-08-001 DONE (2025-10-20) Mirror endpoints now enforce per-domain rate limits, emit cache headers, honour Authority/WWW-Authenticate, and docs cover auth + smoke workflows.

Remark (2025-10-20): Updated ops runbook with token/rate-limit checks and added API tests for Retry-After + unauthorized flows.| |Wave 0B readiness checkpoint|Team WebService & Authority|Wave0A completion|BLOCKED (2025-10-19) FEEDSTORAGE-MONGO-08-001 closed, but remaining Wave0A items (AUTH-DPOP-11-001, AUTH-MTLS-11-002, PLUGIN-DI-08-001) still open; maintain current DOING workstreams only.|