bc4318ef97
- Created `StellaOps.TestKit.Tests` project for unit tests related to determinism. - Implemented `DeterminismManifestTests` to validate deterministic output for canonical bytes and strings, file read/write operations, and error handling for invalid schema versions. - Added `SbomDeterminismTests` to ensure identical inputs produce consistent SBOMs across SPDX 3.0.1 and CycloneDX 1.6/1.7 formats, including parallel execution tests. - Updated project references in `StellaOps.Integration.Determinism` to include the new determinism testing library.
1.4 KiB
1.4 KiB
Orchestrator overview
Mission
- Coordinate deterministic job execution across modules.
- Provide reproducible DAG runs with tenant isolation and auditability.
Runtime shape
- WebService for REST and WebSocket APIs and UI status.
- Scheduler creates runs from schedules and enqueues intents.
- Worker executes DAG steps from per-tenant queues.
- Plugin host loads signed task plugins from offline bundles.
Determinism
- Stable DAG evaluation order with lexical tie-breaks.
- Idempotency keys per run and step hash.
- UTC timestamps and ordered NDJSON exports.
AOC alignment
- Orchestrator runs declared steps and records outcomes.
- It does not derive policy verdicts or merge advisory data.
State and storage
- Run metadata stored in PostgreSQL with tenant scoping.
- Queues stored in PostgreSQL or Valkey-backed FIFO per tenant.
- Artifacts referenced by content hash in object storage or large objects.
- Optional Valkey locks for throttles and backpressure.
Offline posture
- DAG specs and plugins are loaded from offline bundles.
- Network egress is deny by default unless a task declares an allowlist.
Observability
- Metrics for runs, durations, and queue depth.
- Structured logs with tenant, dagId, runId, and status.
Related references
- orchestrator/architecture.md
- orchestrator/api.md
- orchestrator/cli.md
- orchestrator/console.md
- orchestrator/run-ledger.md
- orchestrator/runbook.md