stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
c13355923f0f663dabc6935bb3251ffb90897b12
git.stella-ops.org/docs/implplan/blocked_tree.md
StellaOps Bot c13355923f
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Console CI / console-ci (push) Has been cancelled
Details
blocked 4
2025-11-23 17:53:41 +02:00

110 lines
6.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Blocked Task Dependency Tree (as of 2025-11-23)
- Concelier ingestion & Link-Not-Merge
- MIRROR-CRT-56-001 (DONE; thin bundle v1 sample + hashes published)
- MIRROR-CRT-56-002 (DEV-UNBLOCKED: dedicated CI workflow `.gitea/workflows/mirror-sign.yml` uses MIRROR_SIGN_KEY_B64 + REQUIRE_PROD_SIGNING=1; production secret still needed for release signing)
- MIRROR-KEY-56-002-CI (BLOCKED: production secret `MIRROR_SIGN_KEY_B64` still not provided; release jobs must run with REQUIRE_PROD_SIGNING=1)
- MIRROR-CRT-57-001 (DONE; OCI layout emitted when OCI=1)
- MIRROR-CRT-57-002 (DEV-UNBLOCKED: time-anchor layer embedded; production signing still waits on MIRROR_SIGN_KEY_B64 and AirGap trust roots)
- MIRROR-CRT-58-001/002 (depend on 56-002, EXPORT-OBS-54-001, CLI-AIRGAP-56-001)
- PROV-OBS-53-001 (DONE; observer doc + verifier script)
- AIRGAP-TIME-57-001 (DEV-UNBLOCKED: schema + trust-roots bundle + service config present; production trust roots/signing still needed)
- EXPORT-OBS-51-001 / 54-001 (DEV-UNBLOCKED: DSSE/TUF profile + test-signed bundle available; production signing still blocked on MIRROR_SIGN_KEY_B64)
- CLI-AIRGAP-56-001 (needs 56-002 signing + 58-001 CLI path)
- CONCELIER-AIRGAP-56-001..58-001 <- PREP-ART-56-001, PREP-EVIDENCE-BDL-01
- CONCELIER-CONSOLE-23-001..003 <- PREP-CONSOLE-FIXTURES-29; PREP-EVIDENCE-BDL-01
- FEEDCONN-ICSCISA-02-012 / KISA-02-008 <- PREP-FEEDCONN-ICS-KISA-PLAN
- SBOM Service (Link-Not-Merge consumers)
- SBOM-SERVICE-21-001 (projection read API) DONE (2025-11-23): WAF aligned with fixtures + in-memory repo fallback; `ProjectionEndpointTests` pass.
- SBOM-SERVICE-21-002..004 TODO: depend on 21-001 implementation; proceed after projection API lands.
- Concelier orchestrator / policy / risk chain
- POLICY-20-001 (API contract; DOING in Sprint 0114) -> CONCELIER-POLICY-20-003 -> CONCELIER-POLICY-23-001 -> CONCELIER-POLICY-23-002
- POLICY-AUTH-SIGNALS-LIB-115 (shared contract NuGet 0.1.0-alpha, Sprint 0115)
- CONCELIER-RISK-66-001 -> 66-002 -> 67-001 -> 68-001 -> 69-001
- CONCELIER-SIG-26-001
- CONCELIER-TEN-48-001
- CONCELIER-VEXLENS-30-001 (also needs PREP-CONCELIER-VULN-29-001 & VEXLENS-30-005)
- CONCELIER-VULN-29-004 <- CONCELIER-VULN-29-001
- CONCELIER-ORCH-32-001 (needs CI/clean runner) -> 32-002 -> 33-001 -> 34-001
- Concelier Web chains
- CONCELIER-WEB-AIRGAP-56-001 -> 56-002 -> 57-001 -> 58-001
- CONCELIER-WEB-OAS-61-002 -> 62-001 -> 63-001
- CONCELIER-WEB-OBS-50-001 ✅ (telemetry core adopted 2025-11-07) -> 51-001 ✅ (health endpoint shipped 2025-11-23) -> 52-001
- Advisory AI docs & packaging
- AIAI-PACKAGING-31-002 & AIAI-DOCS-31-001 <- SBOM feeds + CLI/Policy artefacts
- DOCS-AIAI-31-005 -> 31-006 -> 31-008 -> 31-009 (all gated by DOCS-UNBLOCK-CLI-KNOBS-301 <- CLI-VULN-29-001; CLI-VEX-30-001; POLICY-ENGINE-31-001)
- Policy Engine (core) chain
- POLICY-ENGINE-29-002 (missing contract) -> 29-003 -> 29-004
- 30-001 / 30-002 / 30-003 / 30-101 (depend on 29-004)
- 31-001 / 31-002 (depend on 29/30 chain)
- 32-101, 33-101, 34-101, 35-201, 38-201, 40-001, 40-002 (prep items waiting on same upstream contracts)
- POLICY-AOC-19-001 -> 19-002 -> 19-003 -> 19-004
- POLICY-AIRGAP-56-001 -> 56-002 -> 57-001 -> 57-002 -> 58-001
- POLICY-ATTEST-73-001 -> 73-002 -> 74-001 -> 74-002
- POLICY-CONSOLE-23-001 (needs Console API contract)
- EXPORT-CONSOLE-23-001 (needs export bundle/job spec)
- Findings Ledger (Policy Engine sprints 01200122)
- LEDGER-OAS-61-001 -> 61-002 -> 62-001 -> 63-001
- LEDGER-AIRGAP-56-002 -> 57-001 -> 58-001
- LEDGER-ATTEST-73-001 -> 73-002
- LEDGER-RISK-67-001 -> 68-001 -> 69-001
- LEDGER-PACKS-42-001 (snapshot/time-travel contract pending)
- LEDGER-OBS-55-001 (depends on 54-001 attestation telemetry)
- LEDGER-TEN-48-001 (needs platform approval/RLS plan)
- LEDGER-29-009 (waiting DevOps paths for Helm/Compose/offline kit assets)
- API Governance / OpenAPI
- OAS-61-002 ratification -> OAS-62-001 -> OAS-62-002 -> OAS-63-001
- APIGOV-63-001 (needs Notification Studio templates + deprecation metadata schema)
- CLI feature chain
- CLI-NOTIFY-38-001 (schema missing) -> CLI-NOTIFY-39-001
- CLI-EXPORT-35-001 (blocked: export profile schema + storage fixtures not delivered)
- Scanner surface
- SCANNER-ENV-03 <- SCANNER-ENV-02
- SURFACE-SECRETS-01 -> SURFACE-SECRETS-02 -> SURFACE-VAL-01 (also needs SURFACE-FS-01 & SURFACE-ENV-01)
- SCANNER-EVENTS-16-301 (awaiting orchestrator/Notifier envelope contract)
- Excititor graph & air-gap
- EXCITITOR-GRAPH-24-101 <- 21-005 ingest overlays
- EXCITITOR-GRAPH-24-102 <- 24-101
- EXCITITOR-AIRGAP-57-001 <- 56-001 wiring
- EXCITITOR-AIRGAP-58-001 <- 56-001 storage layout + Export Center manifest
- DevOps pipeline blocks
- DEVOPS-LNM-TOOLING-22-000 -> DEVOPS-LNM-22-001 -> DEVOPS-LNM-22-002
- DEVOPS-AOC-19-001 -> 19-002 -> 19-003
- DEVOPS-AIRGAP-57-002 DEV-UNBLOCKED (sealed-mode smoke scaffold ready; needs CI wiring)
- DEVOPS-OFFLINE-17-004 ✅ (release debug store mirrored into Offline Kit)
- DEVOPS-REL-17-004 ✅ (release workflow now uploads `out/release/debug` artefact)
- DEVOPS-CONSOLE-23-001 ✅ (CI contract + workflow added; offline-first console CI in place)
- DEVOPS-EXPORT-35-001 ✅ (CI contract + MinIO fixtures added; pipeline wiring next)
- Deployment
- DEPLOY-EXPORT-35-001 (waiting exporter overlays/secrets)
- DEPLOY-NOTIFY-38-001 (waiting notifier overlays/secrets)
- Documentation ladders
- Docs Tasks ladder 200.A (blocked pending upstream SBOM/CLI/Policy/AirGap artefacts)
- DOCS-LNM chain: DOCS-LNM-22-001 -> 22-002 -> 22-003; DOCS-LNM-22-005 waits on 22-004
- Policy docs chain A: DOCS-POLICY-27-001 -> 27-002 -> 27-003 -> 27-004 -> 27-005
- Policy docs chain B: DOCS-POLICY-27-006 -> 27-007 -> 27-008 -> 27-009 -> 27-010 -> 27-011 -> 27-012 -> 27-013 -> 27-014
- DOCS-SCANNER-DET-01 <- Sprint 136 determinism fixtures
- EXCITITOR-DOCS-0001 (awaits Excititor chunk API CI + console contracts)
- Provenance / Observability
- PROV-OBS-53-002 -> PROV-OBS-53-003 ✅
- CLI/Advisory AI handoff
- SBOM-AIAI-31-003 <- CLI-VULN-29-001; CLI-VEX-30-001
- DOCS-AIAI-31-005/006/008/009 <- CLI-VULN-29-001; CLI-VEX-30-001; POLICY-ENGINE-31-001; DEVOPS-AIAI-31-001
Note: POLICY-20-001 is defined and tracked in `docs/implplan/SPRINT_0114_0001_0003_concelier_iii.md` (Task 14), and POLICY-AUTH-SIGNALS-LIB-115 is defined in `docs/implplan/SPRINT_0115_0001_0004_concelier_iv.md` (Task 0); both scopes match the expectations captured here.
Reference in New Issue View Git Blame Copy Permalink