stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
ae69b1a8a1da7e0d01298f2ad94e60c2d3a007ca
git.stella-ops.org/docs/implplan/SPRINT_507_ops_devops_v.md
master ae69b1a8a1 feat: Add documentation and task tracking for Sprints 508 to 514 in Ops & Offline 
- Created detailed markdown files for Sprints 508 (Ops Offline Kit), 509 (Samples), 510 (AirGap), 511 (Api), 512 (Bench), 513 (Provenance), and 514 (Sovereign Crypto Enablement) outlining tasks, dependencies, and owners.
- Introduced a comprehensive Reachability Evidence Delivery Guide to streamline the reachability signal process.
- Implemented unit tests for Advisory AI to block known injection patterns and redact secrets.
- Added AuthoritySenderConstraintHelper to manage sender constraints in OpenIddict transactions.
2025-11-08 23:18:28 +02:00

2.8 KiB
Raw Blame History

Sprint 507 - Ops & Offline · 190.B) Ops Devops.V

Active items only. Completed/historic work now resides in docs/implplan/archived_sprints_tasks.md (updated 2025-11-08).

[Ops & Offline] 190.B) Ops Devops.V Depends on: Sprint 190.B - Ops Devops.IV Summary: Ops & Offline focus on Ops Devops (phase V).

Task ID State Task description Owners (Source)
DEVOPS-TEN-49-001 TODO Deploy audit pipeline, scope usage metrics, JWKS outage chaos tests, and tenant load/perf benchmarks. Dependencies: DEVOPS-TEN-48-001. DevOps Guild (ops/devops/TASKS.md)
DEVOPS-VEX-30-001 TODO Provision CI, load tests, dashboards, alerts for VEX Lens and Issuer Directory (compute latency, disputed totals, signature verification rates). DevOps Guild, VEX Lens Guild (ops/devops/TASKS.md)
DEVOPS-VULN-29-001 TODO Provision CI jobs for ledger projector (replay, determinism), set up backups, monitor Merkle anchoring, and automate verification. DevOps Guild, Findings Ledger Guild (ops/devops/TASKS.md)
DEVOPS-VULN-29-002 TODO Configure load/perf tests (5M findings/tenant), query budget enforcement, API SLO dashboards, and alerts for vuln_list_latency and projection_lag. Dependencies: DEVOPS-VULN-29-001. DevOps Guild, Vuln Explorer API Guild (ops/devops/TASKS.md)
DEVOPS-VULN-29-003 TODO Instrument analytics pipeline for Vuln Explorer (telemetry ingestion, query hashes), ensure compliance with privacy/PII guardrails, and update observability docs. Dependencies: DEVOPS-VULN-29-002. DevOps Guild, Console Guild (ops/devops/TASKS.md)
DOCKER-44-001 TODO Author multi-stage Dockerfiles for all core services (API, Console, Orchestrator, Task Runner, Conseiller, Excitor, Policy, Notify, Export, AI) with non-root users, read-only file systems, and health scripts. DevOps Guild, Service Owners (ops/devops/TASKS.md)
DOCKER-44-002 TODO Generate SBOMs and cosign attestations for each image and integrate verification into CI. Dependencies: DOCKER-44-001. DevOps Guild (ops/devops/TASKS.md)
DOCKER-44-003 TODO Implement /health/liveness, /health/readiness, /version, /metrics, and ensure capability endpoint returns merge=false for Conseiller/Excitor. Dependencies: DOCKER-44-002. DevOps Guild (ops/devops/TASKS.md)
OPS-ENV-01 TODO Update deployment manifests (Helm/Compose) and configuration docs to include Surface.Env variables for Scanner and Zastava services. DevOps Guild, Scanner Guild (ops/devops/TASKS.md)
OPS-SECRETS-01 TODO Define secret provisioning workflow (Kubernetes, Compose, Offline Kit) for Surface.Secrets references and update runbooks. DevOps Guild, Security Guild (ops/devops/TASKS.md)
OPS-SECRETS-02 TODO Embed Surface.Secrets material (encrypted bundles, manifests) into offline kit packaging scripts. Dependencies: OPS-SECRETS-01. DevOps Guild, Offline Kit Guild (ops/devops/TASKS.md)