21 lines
1.2 KiB
Markdown
21 lines
1.2 KiB
Markdown
# Controller Scaffold Prep — PREP-AIRGAP-CTL-56-001 / 56-002
|
|
|
|
Status: Draft (2025-11-20)
|
|
Owners: AirGap Controller Guild · DevOps Guild
|
|
Scope: Provide the controller scaffold + status API contract so AIRGAP-CTL-56-001/56-002 can proceed.
|
|
|
|
## Deliverables included
|
|
- Service scaffold described in `docs/airgap/controller-scaffold.md` (project layout, DI wiring, config keys, auth scopes).
|
|
- Baseline status/seal endpoints sketch:
|
|
- `GET /system/airgap/status` → `{sealed, policy_hash?, staleness_seconds?, time_anchor_id?, bundle_id?}`
|
|
- `POST /system/airgap/seal` (body: `{policy_hash, reason}`) → returns new state; requires `airgap:seal` scope.
|
|
- Determinism & offline posture: no external calls; state persisted via `airgap_state` store; timestamps UTC; subject ordering deterministic.
|
|
|
|
## Next steps for implementation
|
|
- Generate controller project under `src/AirGap/StellaOps.AirGap.Controller` per scaffold.
|
|
- Wire Authority scope checks (`airgap:seal`, `airgap:status:read`).
|
|
- Add sealed-mode guard middleware and timeline events per `docs/airgap/sealed-startup-diagnostics.md` once integrated.
|
|
|
|
## Handoff
|
|
Use this prep doc to satisfy PREP-AIRGAP-CTL-56-001 and PREP-AIRGAP-CTL-56-002. Update if scope changes; otherwise move tasks to DONE.
|