7b01c7d6ac
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Introduced a blueprint for explainable quiet alerts, detailing phases for SBOM, VEX readiness, and attestations. - Developed a roadmap for deterministic diff-aware rescans, enhancing scanner speed and efficiency. - Implemented a hash-based SBOM layer cache to optimize container scans by reusing previous results. - Created a multi-runtime reachability corpus to validate function-level reachability across various programming languages. - Proposed a stable SBOM model using SPDX 3.0.1 for persistence and CycloneDX 1.6 for interchange. - Established a validation plan for quiet scans, focusing on provenance and CI integration. - Documented guidelines for the Findings Ledger module, outlining roles, execution rules, and testing protocols.
1.1 KiB
1.1 KiB
2025-10-27 — Orchestrator operator scope & audit metadata
Summary
- Introduced the
orch:operatescope andOrch.Operatorrole in Authority to unlock Orchestrator control actions while keeping read-only access underOrch.Viewer. - Authority now enforces
operator_reasonandoperator_ticketparameters on/tokenrequests that includeorch:operate; missing values yieldinvalid_requestand no token is issued. - Client credentials audit events capture both fields (
request.reason,request.ticket), giving SecOps traceability for every control action.
Next steps
| Team | Follow-up | Target |
|---|---|---|
| Console Guild | Wire UI control panels to request operator_reason/operator_ticket when exchanging tokens for orchestrator actions. |
Sprint 23 stand-up |
| CLI Guild | Add flags to stella orch subcommands to pass reason/ticket metadata before enabling mutations. |
Sprint 23 stand-up |
| Orchestrator Service | Enforce presence of X-Stella-Reason/X-Stella-Ticket (or equivalent metadata) on mutate endpoints and align audit logging. |
ORCH-SVC-33-001 implementation |