stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
c11d87d2522efe734fead57b7842e3b8982fe0de
git.stella-ops.org/docs/api/gateway/findings-ledger-proxy.md
StellaOps Bot c11d87d252
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details
feat: Add tests for RichGraphPublisher and RichGraphWriter 
- Implement unit tests for RichGraphPublisher to verify graph publishing to CAS.
- Implement unit tests for RichGraphWriter to ensure correct writing of canonical graphs and metadata.

feat: Implement AOC Guard validation logic

- Add AOC Guard validation logic to enforce document structure and field constraints.
- Introduce violation codes for various validation errors.
- Implement tests for AOC Guard to validate expected behavior.

feat: Create Console Status API client and service

- Implement ConsoleStatusClient for fetching console status and streaming run events.
- Create ConsoleStatusService to manage console status polling and event subscriptions.
- Add tests for ConsoleStatusClient to verify API interactions.

feat: Develop Console Status component

- Create ConsoleStatusComponent for displaying console status and run events.
- Implement UI for showing status metrics and handling user interactions.
- Add styles for console status display.

test: Add tests for Console Status store

- Implement tests for ConsoleStatusStore to verify event handling and state management.
2025-12-01 07:34:50 +02:00

1.7 KiB
Raw Blame History

Findings Ledger Proxy Contract (Web V)

Status

  • Draft v0.1 (2025-12-01); to be validated at 2025-12-04 checkpoint with Findings Ledger Guild.

Scope

  • Gateway → Findings Ledger forwarding for vuln workflow actions (open/ack/close/export).
  • Idempotency and correlation headers; retry/backoff defaults for offline-safe behavior.

Required Headers

  • X-Idempotency-Key: deterministic hash of tenant + route + body; required on POST/PUT; 3664 chars; ledger must treat as unique for 24h TTL.
  • X-Correlation-Id: UUID/ULID stable across gateway → ledger → notifier.
  • X-Stella-Tenant / X-Stella-Project: tenant/project scoping per tenant-auth contract.
  • Authorization: Bearer <jwt>: RS256/ES256 service token; aud=stellaops-ledger; scopes ledger:write ledger:read.
  • Content-Type: application/json.

Behavior

  • Delivery semantics: at-least-once from gateway; ledger must guarantee exactly-once per X-Idempotency-Key.
  • Retry/backoff (gateway):
    • Base delay 500 ms; exponential factor 2; jitter ±20%; max 3 attempts; cap total wait ≤ 10 s.
    • Offline kits: persist request NDJSON with headers; replay on next sync window.
  • Timeout: 5 s per attempt; fail with ERR_LEDGER_TIMEOUT.
  • Error mapping:
    • 400 series → ERR_LEDGER_BAD_REQUEST (propagate details).
    • 404 → ERR_LEDGER_NOT_FOUND.
    • 409 → ERR_LEDGER_CONFLICT (idempotency violation).
    • 429/503 → ERR_LEDGER_RETRY.
    • All responses include trace_id and echo X-Correlation-Id.

Open Questions

  • Confirm ledger idempotency TTL (proposed 24h) and whether ETag is returned for optimistic concurrency.
  • Confirm expected payload schemas for each workflow action (open/ack/close/export).
  • Confirm whether ledger enforces ordering per tenant_id.