stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
8d78dd219b5e44c835e511491a4750f4a3ee3640
git.stella-ops.org/docs/modules/concelier
History
StellaOps Bot 8d78dd219b
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat(advisory-ai): Add deployment guide, Dockerfile, and Helm chart for on-prem packaging 
- Introduced a comprehensive deployment guide for AdvisoryAI, detailing local builds, remote inference toggles, and scaling guidance.
- Created a multi-role Dockerfile for building WebService and Worker images.
- Added a docker-compose file for local and offline deployment.
- Implemented a Helm chart for Kubernetes deployment with persistence and remote inference options.
- Established a new API endpoint `/advisories/summary` for deterministic summaries of observations and linksets.
- Introduced a JSON schema for risk profiles and a validator to ensure compliance with the schema.
- Added unit tests for the risk profile validator to ensure functionality and error handling.
2025-11-23 00:35:33 +02:00
..
api
feat(advisory-ai): Add deployment guide, Dockerfile, and Helm chart for on-prem packaging
2025-11-23 00:35:33 +02:00
bridges
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
events
feat: Enhance MongoDB storage with event publishing and outbox support
2025-11-20 23:08:45 +02:00
feeds
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
operations
feat(advisory-ai): Add deployment guide, Dockerfile, and Helm chart for on-prem packaging
2025-11-23 00:35:33 +02:00
prep
feat: Implement MongoDB orchestrator storage with registry, commands, and heartbeats
2025-11-22 12:35:38 +02:00
advisory-ai-api.md
feat: Add initial implementation of Vulnerability Resolver Jobs
2025-11-18 07:52:15 +02:00
AGENTS.md
Update AGENTS.md files across multiple modules to standardize task status update instructions and introduce a new document for Secret Leak Detection operations.
2025-11-05 11:58:32 +02:00
architecture.md
feat: Implement MongoDB orchestrator storage with registry, commands, and heartbeats
2025-11-22 12:35:38 +02:00
attestation.md
feat: Implement MongoDB orchestrator storage with registry, commands, and heartbeats
2025-11-22 12:35:38 +02:00
implementation_plan.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00
link-not-merge-schema.md
feat: Add MongoIdempotencyStoreOptions for MongoDB configuration
2025-11-22 16:42:56 +02:00
linkset-correlation-21-002.md
Add PHP Analyzer Plugin and Composer Lock Data Handling
2025-11-22 14:02:49 +02:00
README.md
Implement MongoDB-based storage for Pack Run approval, artifact, log, and state management
2025-11-07 10:01:47 +02:00

README.md

StellaOps Concelier

Concelier ingests signed advisories from dozens of sources and converts them into immutable observations plus linksets under the Aggregation-Only Contract (AOC).

Responsibilities

  • Fetch and normalise vulnerability advisories via restart-time connectors.
  • Persist observations and correlation linksets without precedence decisions.
  • Emit deterministic exports (JSON, Trivy DB) for downstream policy evaluation.
  • Coordinate offline/air-gap updates via Offline Kit bundles.
  • Serve paragraph-anchored advisory chunks for Advisory AI consumers without breaking the Aggregation-Only Contract.

Key components

  • StellaOps.Concelier.WebService orchestration host.
  • Connector libraries under StellaOps.Concelier.Connector.*.
  • Exporter packages (StellaOps.Concelier.Exporter.*).

Recent updates

Integrations & dependencies

  • MongoDB for canonical observations and schedules.
  • Policy Engine / Export Center / CLI for evidence consumption.
  • Notify and UI for advisory deltas.

Operational notes

  • Connector runbooks in ./operations/connectors/.
  • Mirror operations for Offline Kit parity.
  • Grafana dashboards for connector health.
  • Authority toggle rollout (2025-10-22 update). Follow the phased table and audit checklist in ../../10_CONCELIER_CLI_QUICKSTART.md when enabling authority.enabled/authority.allowAnonymousFallback, and cross-check the refreshed ./operations/authority-audit-runbook.md before enforcement.

Related resources

  • ./operations/conflict-resolution.md
  • ./operations/mirror.md
  • ./operations/authority-audit-runbook.md
  • ../../10_CONCELIER_CLI_QUICKSTART.md (authority integration timeline & smoke tests)

Backlog references

  • DOCS-LNM-22-001, DOCS-LNM-22-007 in ../../TASKS.md.
  • Connector-specific TODOs in src/Concelier/**/TASKS.md.

Epic alignment

  • Epic 1 AOC enforcement: uphold raw observation invariants, provenance requirements, linkset-only enrichment, and AOC verifier guardrails across every connector.
  • Epic 10 Export Center: expose deterministic advisory exports and metadata required by JSON/Trivy/mirror bundles.