838257245a
Closes the last open task in SPRINT_20260422_003. Persisted operator
enablement is now separated from runtime readiness so credential-gated
sources can show an explicit blocked state instead of collapsing into a
generic failed/disabled shape.
Readiness model:
- new SourceReadiness constants class: Disabled | Unsupported | Blocked | Ready
- ConfiguredAdvisorySourceStatus gains Readiness + BlockedReason alongside
existing SyncState (kept as backward-compatible alias)
- enabled = persisted operator intent (untouched)
- readiness = blocked when persisted-enabled and credentials/URIs missing
- blockedReason = free-form list of missing fields
- blockingReason.errorCode = SOURCE_CONFIG_REQUIRED for structured drill-down
Endpoint propagation:
- /status: persisted enabled=true kept; readiness=blocked; readyForSync=false
- /{id}/enable: 200 with readiness=blocked; sourceRegistry left disabled
until credentials land (pre-existing behaviour retained)
- /{id}/sync: 422 readiness=blocked + SOURCE_CONFIG_REQUIRED;
**connector never invoked**, no job run created
- /sync (batch): per-result outcome=blocked with readiness/errorCode/
blockedReason; excluded from totalTriggered; other sources proceed
- Transition: PUT /{id}/configuration with missing credential →
runtimeOptionsInvalidator.Invalidate → next /status flips to ready.
No disable/re-enable cycle needed.
Tests: 8 targeted xUnit methods via scripts/test-targeted-xunit.ps1,
8/8 pass. Includes: blocked status exposure, blocked-to-ready transition
on persisted credential, connector-not-invoked-when-blocked, plus 4
pre-existing SRC-CREDS-002 regression tests.
Docs:
- docs/modules/concelier/connectors.md — new "Blocked / sleeping
readiness state" section with field contract, per-endpoint behaviour
table, UI/CLI rendering guidance, resolution flow
- docs/modules/cli/guides/commands/db.md — short note under
`db connectors configure` cross-linking the connectors.md contract
Sprint SPRINT_20260422_003 archived — all 5 tasks DONE.
New fields are additive; existing UI types in
source-management.api.ts ignore unknown fields so no UI breakage. A
future FE pass can wire explicit readiness/blockedReason rendering.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Stella Ops Suite Documentation
Stella Ops Suite is a centralized, auditable release control plane for non-Kubernetes container estates. It orchestrates environment promotions, gates releases using reachability-aware security and policy, and produces verifiable evidence for every decision.
Stella is designed for teams who deploy containers via Docker/Compose, hosts/VMs, and scripted automation and need certifiable security + auditable releases without building a bespoke governance pipeline.
Product framing reference: docs/product/release-with-confidence-product-card.md
What Stella delivers
Evidence-grade release governance (outside Kubernetes)
- Environment promotions (Dev -> Stage -> Prod) with explicit policy, approvals, and change control.
- Digest-first release identity: deployments are tracked by immutable OCI digests so "what is deployed where" is unambiguous.
- Deterministic decision records: every gate decision is explainable ("why blocked?") and replayable.
Reachability-aware security decisioning
- Deep scanning produces SBOM + findings + reachability and hybrid reachability evidence.
- VEX-first decisioning with consensus and conflict handling across issuers (SBOM/VEX are part of the evidence chain, not a side export).
- Policy-as-code with deterministic evaluation and traceable outcomes.
Verifiability, attestability, and audit export
- Evidence packets / decision capsules: hashable, immutable bundles that capture inputs, verdicts, and approvals.
- Attestations (DSSE/in-toto, predicates for SBOM/VEX/verdict/reachability; optional Sigstore flows where configured).
- Audit exports for compliance review, incident response, and forensic reconstruction.
Offline-first, sovereign operation
- Built for air-gapped and restricted environments: local databases, offline kits/snapshots, and deterministic replay.
- Regional crypto profiles (eIDAS/FIPS/GOST/SM and related plugin architecture) to avoid compliance lock-in.
Toolchain-agnostic integrations
- Integrates with common SCM/CI/registries/secrets managers through connectors and plugins.
- Works alongside existing pipelines: scan-on-build, gate-on-promotion, re-evaluate on advisory updates.
Core differentiators (the "why Stella" set)
These concepts appear throughout the docs and are the suite's anchor points:
- Signed, replayable risk verdicts: decisions can be re-run deterministically from the same evidence.
- Decision capsules: evidence is packaged for audit, not scattered across logs and screenshots.
- Reachability with portable proofs: exploitability is evidenced, not asserted.
- Smart-diff / semantic risk delta: focus on what materially changed between releases.
- Unknowns as first-class state: uncertainty is tracked and budgeted, not hidden.
- Non-Kubernetes-first: orchestration and evidence for Compose/hosts/agentless targets as a primary use case.
- Digest-first release identity: immutable artifacts, immutable accountability.
For exhaustive capability detail (including planned items), use the Feature Matrix referenced below.
Two levels of documentation
- High-level (canonical): curated guides in
docs/*.md. - Detailed (reference): deep dives under
docs/**(module dossiers, architecture notes, API contracts/samples, runbooks, schemas).
Entry point:docs/technical/README.md.
This documentation set is intentionally consolidated and does not maintain compatibility stubs for old paths.
Start here
Product understanding
| Goal | Open this |
|---|---|
| Understand the suite quickly | overview.md |
| Product operating card | product/release-with-confidence-product-card.md |
| Capability cards | key-features.md |
| Full capability matrix | FEATURE_MATRIX.md |
| Product vision | product/VISION.md |
Getting started
| Goal | Open this |
|---|---|
| First run and basic workflows | quickstart.md |
| Installation guide | INSTALL_GUIDE.md |
| Runtime data assets (ML models, JDK, certs) | ../devops/runtime-assets/README.md |
| Ingest advisories (Concelier + CLI) | CONCELIER_CLI_QUICKSTART.md |
| Console (Web UI) operator guide | UI_GUIDE.md |
| Offline / air-gap operations | OFFLINE_KIT.md |
Architecture
| Goal | Open this |
|---|---|
| Architecture: high-level overview | ARCHITECTURE_OVERVIEW.md |
| Architecture: canonical system overview | 07_HIGH_LEVEL_ARCHITECTURE.md |
| Architecture: platform overview dossier | modules/platform/architecture-overview.md |
| Architecture: full reference map | ARCHITECTURE_REFERENCE.md |
| Architecture: user flows (UML) | technical/architecture/user-flows.md |
| Architecture: module matrix | technical/architecture/module-matrix.md |
| Architecture: data flows | technical/architecture/data-flows.md |
| Architecture: schema mapping | technical/architecture/schema-mapping.md |
| Release Orchestration dossier | modules/release-jobengine/architecture.md |
| Telemetry federation architecture | modules/telemetry/federation-architecture.md |
| Telemetry federation runbook | runbooks/federated-telemetry-operations.md |
| Telemetry federation contracts | contracts/federated-consent-v1.md, contracts/federated-telemetry-v1.md |
Development and operations
| Goal | Open this |
|---|---|
| Develop plugins/connectors | PLUGIN_SDK_GUIDE.md |
| Console UI traversal map | qa/console-ui-traversal-map.md |
| Console UI QA strategy | qa/console-ui-qa-strategy.md |
| Security deployment hardening | SECURITY_HARDENING_GUIDE.md |
| VEX consensus and issuer trust | VEX_CONSENSUS_GUIDE.md |
| Vulnerability Explorer guide | modules/vuln-explorer/VULNERABILITY_EXPLORER_GUIDE.md |
| SBOM determinism guide | sboms/DETERMINISM.md |
| Engineering standards (for implementers) | code-of-conduct/CODE_OF_CONDUCT.md |
| Testing standards (for QA/automation) | code-of-conduct/TESTING_PRACTICES.md |
Detailed indexes
- Technical index (everything):
docs/technical/README.md - End-to-end workflow flows:
docs/flows/ - Module dossiers:
docs/modules/ - API contracts and samples:
docs/api/ - Architecture notes / ADRs:
docs/technical/architecture/,docs/technical/adr/ - Operations and deployment:
docs/operations/ - Air-gap workflows:
docs/modules/airgap/guides/ - Security deep dives:
docs/security/ - Benchmarks and fixtures:
docs/benchmarks/,docs/assets/ - Product advisories:
docs/product/advisories/ - Hybrid diff patching blueprint:
docs/hybrid-diff-patching.md
License and notices
- Project license (BUSL-1.1 + Additional Use Grant):
../LICENSE - Third-party notices:
../NOTICE.md - Legal and licensing index:
docs/legal/README.md - Full dependency inventory:
docs/legal/THIRD-PARTY-DEPENDENCIES.md - Compatibility guidance:
docs/legal/LICENSE-COMPATIBILITY.md - Cryptography compliance:
docs/legal/crypto-compliance-review.md
Design principles (non-negotiable)
- Offline-first: core operations must work in restricted/air-gapped environments.
- Deterministic replay: same inputs yield the same outputs (stable ordering, canonical hashing).
- Evidence-linked decisions: every decision links to concrete evidence artifacts.
- Digest-first identity: releases are immutable OCI digests, not mutable tags.
- Pluggable integrations: connectors and steps are extensible; the core evidence chain stays stable.