40 lines
2.4 KiB
Markdown
40 lines
2.4 KiB
Markdown
# Unknowns budget dashboard (budgeted unknowns with policy thresholds)
|
|
|
|
## Module
|
|
Policy
|
|
|
|
## Status
|
|
IMPLEMENTED
|
|
|
|
## Description
|
|
Grey queue, SLA monitoring, unknown budget service, and budget constraint enforcer implement first-class unknowns management with policy thresholds.
|
|
|
|
## Implementation Details
|
|
- **UnknownBudgetService**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownBudgetService.cs`
|
|
- Budget CRUD operations: create, query, consume, replenish, status check
|
|
- Per-type budget tracking across multiple unknown categories
|
|
- **UnknownsBudgetEnforcer**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownsBudgetEnforcer.cs`
|
|
- Constraint enforcement with Green/Yellow/Red/Exhausted thresholds
|
|
- SLA monitoring: tracks unknown resolution against SLA targets
|
|
- **UnknownRanker**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownRanker.cs`
|
|
- Prioritizes unknowns by HOT/WARM/COLD/Negligible bands
|
|
- Score = (Uncertainty * 50) + (ExploitPressure * 50)
|
|
- Reason codes for triage: AnalyzerLimit, Reachability, Identity, Provenance, VexConflict, FeedGap, ConfigUnknown
|
|
- **Grey queue models**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Models/`
|
|
- UnknownItem with reason code, band assignment, score, and SLA tracking
|
|
- BlastRadius (Dependents, NetFacing, Privilege)
|
|
- **BudgetEndpoints**: `src/Policy/StellaOps.Policy.Engine/Endpoints/BudgetEndpoints.cs` -- budget dashboard API
|
|
- **PolicyGateEvaluator**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs` -- uncertainty tier gate enforces budget thresholds
|
|
|
|
## E2E Test Plan
|
|
- [ ] Query budget dashboard; verify response includes per-type unknown counts, thresholds, and status
|
|
- [ ] Verify HOT band unknowns appear first in priority queue
|
|
- [ ] Verify SLA tracking: unknown exceeding SLA target flagged as overdue
|
|
- [ ] Consume budget; verify dashboard updates with new consumption levels
|
|
- [ ] Resolve unknowns; verify budget capacity replenished and dashboard reflects change
|
|
- [ ] Verify reason codes in dashboard: AnalyzerLimit, Reachability, Identity, etc.
|
|
- [ ] Query budget history; verify trendline shows consumption over time
|
|
- [ ] Verify budget threshold transitions are logged for audit
|
|
- [ ] Create budget with per-type limits (reachability=10, identity=5); verify independent tracking
|
|
- [ ] Verify Exhausted status prevents new releases via PolicyGateEvaluator
|