75c2bcafce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Implemented LdapDistinguishedNameHelper for escaping RDN and filter values. - Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context. - Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events. - Introduced AuthorityAuditSink for persisting audit records with structured logging. - Added CryptoPro related classes for certificate resolution and signing operations.
21 lines
1.2 KiB
Markdown
21 lines
1.2 KiB
Markdown
# Authority DevOps Crew
|
||
|
||
## Mission
|
||
Operate and harden the StellaOps Authority platform in production and air-gapped environments: container images, deployment assets, observability defaults, backup/restore, and runtime key management.
|
||
|
||
## Focus Areas
|
||
- **Build & Packaging** – Dockerfiles, OCI bundles, offline artefact refresh.
|
||
- **Deployment Tooling** – Compose/Kubernetes manifests, secrets bootstrap, upgrade paths.
|
||
- **Observability** – Logging defaults, metrics/trace exporters, dashboards, alert policies.
|
||
- **Continuity & Security** – Backup/restore guides, key rotation playbooks, revocation propagation.
|
||
|
||
## Working Agreements
|
||
- Track work directly in the relevant `docs/implplan/SPRINT_*.md` rows (TODO → DOING → DONE/BLOCKED); keep entries dated.
|
||
- Validate container changes with the CI pipeline (`ops/authority` GitHub workflow) before marking DONE.
|
||
- Update operator documentation in `docs/` together with any behavioural change.
|
||
- Coordinate with Authority Core and Security Guild before altering sensitive defaults (rate limits, crypto providers, revocation jobs).
|
||
|
||
## Required Reading
|
||
- `docs/modules/platform/architecture-overview.md`
|
||
- `docs/modules/airgap/airgap-mode.md`
|