stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
c13355923f0f663dabc6935bb3251ffb90897b12
git.stella-ops.org/docs/implplan/blocked_tree.md
StellaOps Bot c13355923f
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Console CI / console-ci (push) Has been cancelled
Details
blocked 4
2025-11-23 17:53:41 +02:00

6.5 KiB
Raw Blame History

Blocked Task Dependency Tree (as of 2025-11-23)

  • Concelier ingestion & Link-Not-Merge

    • MIRROR-CRT-56-001 (DONE; thin bundle v1 sample + hashes published)
      • MIRROR-CRT-56-002 (DEV-UNBLOCKED: dedicated CI workflow .gitea/workflows/mirror-sign.yml uses MIRROR_SIGN_KEY_B64 + REQUIRE_PROD_SIGNING=1; production secret still needed for release signing)
      • MIRROR-KEY-56-002-CI (BLOCKED: production secret MIRROR_SIGN_KEY_B64 still not provided; release jobs must run with REQUIRE_PROD_SIGNING=1)
      • MIRROR-CRT-57-001 (DONE; OCI layout emitted when OCI=1)
      • MIRROR-CRT-57-002 (DEV-UNBLOCKED: time-anchor layer embedded; production signing still waits on MIRROR_SIGN_KEY_B64 and AirGap trust roots)
      • MIRROR-CRT-58-001/002 (depend on 56-002, EXPORT-OBS-54-001, CLI-AIRGAP-56-001)
      • PROV-OBS-53-001 (DONE; observer doc + verifier script)
      • AIRGAP-TIME-57-001 (DEV-UNBLOCKED: schema + trust-roots bundle + service config present; production trust roots/signing still needed)
      • EXPORT-OBS-51-001 / 54-001 (DEV-UNBLOCKED: DSSE/TUF profile + test-signed bundle available; production signing still blocked on MIRROR_SIGN_KEY_B64)
      • CLI-AIRGAP-56-001 (needs 56-002 signing + 58-001 CLI path)
    • CONCELIER-AIRGAP-56-001..58-001 <- PREP-ART-56-001, PREP-EVIDENCE-BDL-01
    • CONCELIER-CONSOLE-23-001..003 <- PREP-CONSOLE-FIXTURES-29; PREP-EVIDENCE-BDL-01
    • FEEDCONN-ICSCISA-02-012 / KISA-02-008 <- PREP-FEEDCONN-ICS-KISA-PLAN

  • SBOM Service (Link-Not-Merge consumers)

    • SBOM-SERVICE-21-001 (projection read API) — DONE (2025-11-23): WAF aligned with fixtures + in-memory repo fallback; ProjectionEndpointTests pass.
    • SBOM-SERVICE-21-002..004 — TODO: depend on 21-001 implementation; proceed after projection API lands.

  • Concelier orchestrator / policy / risk chain

    • POLICY-20-001 (API contract; DOING in Sprint 0114) -> CONCELIER-POLICY-20-003 -> CONCELIER-POLICY-23-001 -> CONCELIER-POLICY-23-002
    • POLICY-AUTH-SIGNALS-LIB-115 (shared contract NuGet 0.1.0-alpha, Sprint 0115)
      • CONCELIER-RISK-66-001 -> 66-002 -> 67-001 -> 68-001 -> 69-001
      • CONCELIER-SIG-26-001
      • CONCELIER-TEN-48-001
      • CONCELIER-VEXLENS-30-001 (also needs PREP-CONCELIER-VULN-29-001 & VEXLENS-30-005)
    • CONCELIER-VULN-29-004 <- CONCELIER-VULN-29-001
    • CONCELIER-ORCH-32-001 (needs CI/clean runner) -> 32-002 -> 33-001 -> 34-001

  • Concelier Web chains

    • CONCELIER-WEB-AIRGAP-56-001 -> 56-002 -> 57-001 -> 58-001
    • CONCELIER-WEB-OAS-61-002 -> 62-001 -> 63-001
    • CONCELIER-WEB-OBS-50-001 (telemetry core adopted 2025-11-07) -> 51-001 (health endpoint shipped 2025-11-23) -> 52-001

  • Advisory AI docs & packaging

    • AIAI-PACKAGING-31-002 & AIAI-DOCS-31-001 <- SBOM feeds + CLI/Policy artefacts
    • DOCS-AIAI-31-005 -> 31-006 -> 31-008 -> 31-009 (all gated by DOCS-UNBLOCK-CLI-KNOBS-301 <- CLI-VULN-29-001; CLI-VEX-30-001; POLICY-ENGINE-31-001)

  • Policy Engine (core) chain

    • POLICY-ENGINE-29-002 (missing contract) -> 29-003 -> 29-004
      • 30-001 / 30-002 / 30-003 / 30-101 (depend on 29-004)
      • 31-001 / 31-002 (depend on 29/30 chain)
      • 32-101, 33-101, 34-101, 35-201, 38-201, 40-001, 40-002 (prep items waiting on same upstream contracts)
    • POLICY-AOC-19-001 -> 19-002 -> 19-003 -> 19-004
    • POLICY-AIRGAP-56-001 -> 56-002 -> 57-001 -> 57-002 -> 58-001
    • POLICY-ATTEST-73-001 -> 73-002 -> 74-001 -> 74-002
    • POLICY-CONSOLE-23-001 (needs Console API contract)
    • EXPORT-CONSOLE-23-001 (needs export bundle/job spec)

  • Findings Ledger (Policy Engine sprints 01200122)

    • LEDGER-OAS-61-001 -> 61-002 -> 62-001 -> 63-001
    • LEDGER-AIRGAP-56-002 -> 57-001 -> 58-001
    • LEDGER-ATTEST-73-001 -> 73-002
    • LEDGER-RISK-67-001 -> 68-001 -> 69-001
    • LEDGER-PACKS-42-001 (snapshot/time-travel contract pending)
    • LEDGER-OBS-55-001 (depends on 54-001 attestation telemetry)
    • LEDGER-TEN-48-001 (needs platform approval/RLS plan)
    • LEDGER-29-009 (waiting DevOps paths for Helm/Compose/offline kit assets)

  • API Governance / OpenAPI

    • OAS-61-002 ratification -> OAS-62-001 -> OAS-62-002 -> OAS-63-001
    • APIGOV-63-001 (needs Notification Studio templates + deprecation metadata schema)

  • CLI feature chain

    • CLI-NOTIFY-38-001 (schema missing) -> CLI-NOTIFY-39-001
    • CLI-EXPORT-35-001 (blocked: export profile schema + storage fixtures not delivered)

  • Scanner surface

    • SCANNER-ENV-03 <- SCANNER-ENV-02
    • SURFACE-SECRETS-01 -> SURFACE-SECRETS-02 -> SURFACE-VAL-01 (also needs SURFACE-FS-01 & SURFACE-ENV-01)
    • SCANNER-EVENTS-16-301 (awaiting orchestrator/Notifier envelope contract)

  • Excititor graph & air-gap

    • EXCITITOR-GRAPH-24-101 <- 21-005 ingest overlays

    • EXCITITOR-GRAPH-24-102 <- 24-101

    • EXCITITOR-AIRGAP-57-001 <- 56-001 wiring

    • EXCITITOR-AIRGAP-58-001 <- 56-001 storage layout + Export Center manifest

    • DevOps pipeline blocks

      • DEVOPS-LNM-TOOLING-22-000 -> DEVOPS-LNM-22-001 -> DEVOPS-LNM-22-002
      • DEVOPS-AOC-19-001 -> 19-002 -> 19-003
      • DEVOPS-AIRGAP-57-002 DEV-UNBLOCKED (sealed-mode smoke scaffold ready; needs CI wiring)
      • DEVOPS-OFFLINE-17-004 (release debug store mirrored into Offline Kit)
      • DEVOPS-REL-17-004 (release workflow now uploads out/release/debug artefact)
      • DEVOPS-CONSOLE-23-001 (CI contract + workflow added; offline-first console CI in place)
      • DEVOPS-EXPORT-35-001 (CI contract + MinIO fixtures added; pipeline wiring next)

  • Deployment

    • DEPLOY-EXPORT-35-001 (waiting exporter overlays/secrets)
    • DEPLOY-NOTIFY-38-001 (waiting notifier overlays/secrets)

  • Documentation ladders

    • Docs Tasks ladder 200.A (blocked pending upstream SBOM/CLI/Policy/AirGap artefacts)
    • DOCS-LNM chain: DOCS-LNM-22-001 -> 22-002 -> 22-003; DOCS-LNM-22-005 waits on 22-004
    • Policy docs chain A: DOCS-POLICY-27-001 -> 27-002 -> 27-003 -> 27-004 -> 27-005
    • Policy docs chain B: DOCS-POLICY-27-006 -> 27-007 -> 27-008 -> 27-009 -> 27-010 -> 27-011 -> 27-012 -> 27-013 -> 27-014
    • DOCS-SCANNER-DET-01 <- Sprint 136 determinism fixtures
    • EXCITITOR-DOCS-0001 (awaits Excititor chunk API CI + console contracts)

  • Provenance / Observability

    • PROV-OBS-53-002 -> PROV-OBS-53-003

  • CLI/Advisory AI handoff

    • SBOM-AIAI-31-003 <- CLI-VULN-29-001; CLI-VEX-30-001
    • DOCS-AIAI-31-005/006/008/009 <- CLI-VULN-29-001; CLI-VEX-30-001; POLICY-ENGINE-31-001; DEVOPS-AIAI-31-001

Note: POLICY-20-001 is defined and tracked in docs/implplan/SPRINT_0114_0001_0003_concelier_iii.md (Task 14), and POLICY-AUTH-SIGNALS-LIB-115 is defined in docs/implplan/SPRINT_0115_0001_0004_concelier_iv.md (Task 0); both scopes match the expectations captured here.