stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
a81b524a8927439c9f7881a72c258b5a6a80d423
git.stella-ops.org/docs/modules/cli/guides/setup-guide.md
master 398d0659eb docs: UI-driven local setup sprints + module dossier sync 
Add SPRINT_20260413_004 (platform UI-only setup bootstrap closure)
with BOOTSTRAP-001..006 delivery tracker, and update sprint 003 and
sprint 20260410-001 execution logs to reflect the completed
persistence / orchestrator / secret-authority work.

Sync module dossiers and operator guides with the new reality: setup
wizard UX, platform-service architecture, CLI setup guide, integrations
architecture + local services, release-orchestrator architecture,
install guide, and compose README.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-14 07:56:45 +03:00

216 lines
6.2 KiB
Markdown
Raw Blame History

# Setup Wizard Guide
This guide covers the current `stella setup` command set for installation-scoped control-plane bootstrap.
## Overview
`stella setup` is no longer an all-in-one platform onboarding wizard.
- It owns only the five control-plane steps the running platform can truthfully validate and converge: `database`, `cache`, `migrations`, `admin`, `crypto`.
- It uses the Platform setup session APIs as the source of truth. Local files are not the authoritative setup state.
- Tenant onboarding such as integrations, secrets providers, advisory sources, environments, agents, and notifications happens on the authenticated `/setup/*` surfaces and the corresponding CLI command groups.
## Quick Start
```bash
# Run the installation bootstrap
stella setup run
# Resume the current installation session
stella setup resume
# Show the current installation-scoped session
stella setup status
# JSON status for automation
stella setup status --json
# Probe a specific step only
stella setup run --step database --dry-run
# Reset a specific step
stella setup reset --step cache
# Reset the whole installation session
stella setup reset --all --force
```
## Supported Steps
| Step | Purpose | Notes |
| --- | --- | --- |
| `database` | Verify the PostgreSQL runtime connection and record convergence | Machine-level DB provisioning remains outside `stella setup`. |
| `cache` | Verify the cache runtime connection and record convergence | `valkey` remains a compatibility alias. |
| `migrations` | Converge required schema migrations | Uses the backend migration-admin path. |
| `admin` | Ensure the bootstrap administrator exists | `authority` and `users` remain compatibility aliases. |
| `crypto` | Validate and apply the selected crypto profile | Uses live provider health rather than optimistic local state. |
Deprecated setup aliases still accepted:
- `valkey -> cache`
- `authority -> admin`
- `users -> admin`
Former setup targets such as `vault`, `registry`, `scm`, `sources`, `notify`, `telemetry`, `llm`, `settingsstore`, `environments`, and `agents` now return explicit handoff guidance instead of pretending they are bootstrap steps.
## Command Surface
### `stella setup`
Runs the same flow as `stella setup run`.
Global options:
- `--config`, `-c` - path to YAML configuration used to seed draft values before probe/apply
- `--non-interactive`, `-y` - do not prompt for missing values
### `stella setup run`
Run the installation bootstrap from the beginning or continue from the active installation-scoped session.
Options:
- `--step`, `-s` - run one supported control-plane step only
- `--skip` - skip selected steps for this invocation
- `--dry-run` - probe only; do not apply
- `--force`, `-f` - start a fresh setup session even if one already exists
- `--config`, `-c`
- `--non-interactive`, `-y`
Notes:
- `probe` is diagnostic only. A successful probe does not complete a step.
- Only `apply` transitions performed by `run` without `--dry-run` can converge a step.
### `stella setup resume`
Resume the current setup session or a specific one.
Options:
- `--session` - explicit setup session ID
### `stella setup status`
Show the current installation-scoped session.
Options:
- `--session` - explicit setup session ID
- `--json` - machine-readable output
### `stella setup reset`
Reset one step or the whole installation session.
Options:
- `--step`, `-s` - reset one control-plane step
- `--all` - start a fresh installation-scoped session
- `--force`, `-f` - skip confirmation when used with `--all`
### `stella setup validate`
Validate a configuration file, then run the setup flow in probe-only mode.
Options:
- `--config`, `-c` - required YAML configuration path
## Configuration File Shape
`stella setup` consumes only the values relevant to the five control-plane steps. The CLI forwards these as backend draft values rather than directly mutating local infrastructure.
```yaml
database:
connectionString: Host=postgres.stella-ops.local;Port=5432;Database=stellaops;Username=stellaops;Password=${DB_PASSWORD}
host: postgres.stella-ops.local
port: 5432
database: stellaops
user: stellaops
password: ${DB_PASSWORD}
cache:
host: cache.stella-ops.local
port: 6379
password: ${CACHE_PASSWORD}
database: 0
users:
superuser:
username: admin
email: admin@example.com
password: ${ADMIN_PASSWORD}
displayName: Stella Admin
authority:
provider: standard
crypto:
provider: default
```
## What Happens After Setup
When `stella setup` finishes, the next work is tenant onboarding, not more bootstrap steps.
Typical next commands:
```bash
# Discover writable secret-authority targets
stella config integrations secrets targets
# Stage a GitLab access token into a secret-authority target
stella config integrations secrets upsert-bundle \
--bundle gitlab-server \
--target <vault-integration-id> \
--path gitlab/server \
--entry access-token=glpat-...
# Create the GitLab server integration with the returned authref
stella config integrations create \
--name local-gitlab \
--type scm \
--provider gitlabserver \
--endpoint http://gitlab.stella-ops.local:8929 \
--authref authref://vault/gitlab/server#access-token
```
UI handoff surfaces:
- `/setup/integrations/secrets`
- `/setup/integrations/scm`
- `/setup/integrations/ci`
- `/setup/integrations/registries`
## Troubleshooting
### Database probe fails
```bash
stella setup run --step database --dry-run --config ./setup.yaml
```
Check:
- the runtime PostgreSQL service is reachable
- the connection string or host/user/password values are correct
- the machine/bootstrap layer already provisioned PostgreSQL
### Cache probe fails
```bash
stella setup run --step cache --dry-run --config ./setup.yaml
```
Check:
- the runtime cache service is reachable
- the host/port/password values are correct
### Setup reports that `vault` or `scm` is no longer a supported step
That is expected. Those flows moved out of installation bootstrap.
Use:
- `stella config integrations secrets *`
- `stella config integrations create`
- the authenticated `/setup/integrations/*` UI
## Related Commands
- `stella setup status --json`
- `stella config integrations providers`
- `stella config integrations secrets targets`
- `stella config integrations secrets upsert-bundle`
- `stella system migrations-status --module all`
Reference in New Issue View Git Blame Copy Permalink