79 lines
3.6 KiB
Markdown
79 lines
3.6 KiB
Markdown
# Router Rollout Acceptance Package (2026-02-22)
|
|
|
|
## Scope
|
|
- Program closeout for Router sprints `047-050`.
|
|
- Dual-mode verification:
|
|
- Default microservice mode (`router-gateway-local.json`).
|
|
- Reverse-proxy fallback mode (`router-gateway-local.reverseproxy.json`).
|
|
|
|
## Command Matrix
|
|
- Image refresh:
|
|
- `docker build ... -t stellaops/scanner-web:dev`
|
|
- `docker build ... -t stellaops/integrations-web:dev`
|
|
- `docker build ... -t stellaops/gateway:dev`
|
|
- `docker build ... -t stellaops/doctor-web:dev`
|
|
- Clean bootstrap:
|
|
- `devops/compose/scripts/router-mode-redeploy.ps1 -Mode reverseproxy`
|
|
- `devops/compose/scripts/router-mode-redeploy.ps1 -Mode microservice`
|
|
- Route smoke:
|
|
- `devops/compose/scripts/router-routeprefix-smoke.ps1`
|
|
- Conformance tests:
|
|
- `dotnet test src/Router/__Tests/StellaOps.Router.AspNet.Tests/StellaOps.Router.AspNet.Tests.csproj`
|
|
- `dotnet test src/Router/__Tests/StellaOps.Router.Gateway.Tests/StellaOps.Router.Gateway.Tests.csproj`
|
|
- `dotnet test src/Router/__Tests/StellaOps.Gateway.WebService.Tests/StellaOps.Gateway.WebService.Tests.csproj`
|
|
|
|
## Evidence Artifacts
|
|
- `devops/compose/openapi_current.json`
|
|
- `devops/compose/openapi_reverse.json`
|
|
- `devops/compose/openapi_routeprefix_smoke_microservice.csv`
|
|
- `devops/compose/openapi_routeprefix_smoke_reverseproxy.csv`
|
|
- `devops/compose/openapi_quality_report_microservice.json`
|
|
- `devops/compose/openapi_quality_report_reverseproxy.json`
|
|
- `devops/compose/perf_microservice.json`
|
|
- `devops/compose/perf_reverseproxy.json`
|
|
- `devops/compose/perf_mode_comparison.json`
|
|
- `devops/compose/timeline.json`
|
|
- `devops/compose/timeline_schemas.json`
|
|
- `devops/compose/openai_adapter.json`
|
|
- `devops/compose/llm_providers.json`
|
|
|
|
## Acceptance Results
|
|
|
|
Microservice mode:
|
|
- Route smoke summary: `200=30,302=4,400=25,401=14,403=2,404=3,410=1`
|
|
- Route smoke blocker status: `500=0`
|
|
- OpenAPI counts: `paths=1899`, `schemas=901`
|
|
- Timeline contract gate: 4 timeline operations with summary/description/security/timeouts/auth extensions.
|
|
- Advisory AI adapter exposure: 2 LLM adapter operations in aggregated `openapi.json`; providers endpoint denies anonymous access (`403`).
|
|
|
|
Reverse mode:
|
|
- Route smoke summary: `200=15,400=6,401=18,404=15`
|
|
- Route smoke blocker status: `500=0`
|
|
- OpenAPI counts: `paths=1529`, `schemas=901`
|
|
- Reverse-proxy exception set remains explicit (`/rekor`, `/platform`, static SPA/error routes).
|
|
|
|
Security and authorization:
|
|
- Gateway and Router conformance suites pass.
|
|
- Identity-header spoofing protections covered in gateway test suite.
|
|
- Authority claims refresh and effective-claim integration covered in Router gateway tests.
|
|
|
|
## Performance Gate Decision
|
|
- Baseline: reverse-proxy mode.
|
|
- Candidate: microservice mode.
|
|
- Comparison artifact: `devops/compose/perf_mode_comparison.json`.
|
|
- Result:
|
|
- `openapi.json` and timeline unauthorized path remained within acceptable local-dev drift.
|
|
- Advisory AI adapter unauthorized path showed higher latency in microservice mode; accepted for now as non-blocking because error-rate and contract gates passed, with follow-up hardening item retained in Router backlog.
|
|
|
|
## Rollback
|
|
- Scripted mode rollback:
|
|
- `devops/compose/scripts/router-mode-redeploy.ps1 -Mode reverseproxy`
|
|
- Return to default:
|
|
- `devops/compose/scripts/router-mode-redeploy.ps1 -Mode microservice`
|
|
- The redeploy helper now auto-recovers transient unhealthy services (bounded retries) before declaring failure.
|
|
|
|
## Final Runtime State
|
|
- Default compose mode restored to microservice routing:
|
|
- `ROUTER_GATEWAY_CONFIG=./router-gateway-local.json`
|
|
- Timeline route `/api/v1/timeline` remains `Type=Microservice` with Valkey messaging transport.
|