stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
79b8e53441e92dbc63684f42072434d40b80275f
git.stella-ops.org/docs/modules/concelier/prep/2025-11-20-web-airgap-57-001-prep.md
master 79b8e53441
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Add new features and tests for AirGap and Time modules 
- Introduced `SbomService` tasks documentation.
- Updated `StellaOps.sln` to include new projects: `StellaOps.AirGap.Time` and `StellaOps.AirGap.Importer`.
- Added unit tests for `BundleImportPlanner`, `DsseVerifier`, `ImportValidator`, and other components in the `StellaOps.AirGap.Importer.Tests` namespace.
- Implemented `InMemoryBundleRepositories` for testing bundle catalog and item repositories.
- Created `MerkleRootCalculator`, `RootRotationPolicy`, and `TufMetadataValidator` tests.
- Developed `StalenessCalculator` and `TimeAnchorLoader` tests in the `StellaOps.AirGap.Time.Tests` namespace.
- Added `fetch-sbomservice-deps.sh` script for offline dependency fetching.
2025-11-20 23:29:54 +02:00

1.9 KiB
Raw Blame History

Concelier Web AirGap Prep — PREP-CONCELIER-WEB-AIRGAP-57-001

Status: Draft (2025-11-20) Owners: Concelier WebService Guild · AirGap Policy Guild Scope: Define remediation payloads and staleness plumbing for sealed-mode violations, dependent on WEB-AIRGAP-56-002.

Dependencies

  • WEB-AIRGAP-56-001: mirror bundle registration + sealed-mode enforcement.
  • WEB-AIRGAP-56-002: staleness + bundle provenance metadata surfaces.
  • AirGap controller scopes (seal/unseal) and time anchor semantics from AirGap Controller/Time guilds.

Proposed payload mapping (EGRESS blocked)

  • Error code: AIRGAP_EGRESS_BLOCKED.
  • Shape:
{
  "error": "AIRGAP_EGRESS_BLOCKED",
  "message": "Direct internet fetches disabled in sealed mode; use mirror bundle sources only.",
  "bundle_required": true,
  "staleness_seconds": 0,
  "remediation": [
    "Import mirror bundle via /airgap/import or offline kit",
    "Ensure sealed mode is set with valid time anchor",
    "Retry with cached/mirrored sources enabled"
  ]
}
  • Determinism: fixed ordering of fields, remediation list sorted.

Staleness surfacing

  • Staleness derived from bundle metadata supplied by 56-002 (bundle_id, provenance, staleness_budget_seconds).
  • Responses include staleness_seconds_remaining and bundle_id when available.

Observability

  • Emit timeline event concelier.airgap.egress_blocked with {tenant_id, bundle_id?, endpoint, request_id}.
  • Metric: concelier_airgap_egress_blocked_total (counter) tagged by endpoint.

Open decisions

  • Final error envelope format (depends on WEB-OAS-61-002 standard envelope).
  • Exact header name for staleness metadata (suggest x-concelier-bundle-staleness).
  • Whether to include advisory key/linkset ids in the blocked response.

Handoff

Use this as the PREP artefact for WEB-AIRGAP-57-001. Update once 56-002 and error envelope standard are finalized.