stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
c2b9cd8d1f1a81af32c757063a460815ff4949a4
git.stella-ops.org/src/Scheduler/StellaOps.Scheduler.WebService/TASKS.completed.md
master b1e78fe412
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Implement vulnerability token signing and verification utilities 
- Added VulnTokenSigner for signing JWT tokens with specified algorithms and keys.
- Introduced VulnTokenUtilities for resolving tenant and subject claims, and sanitizing context dictionaries.
- Created VulnTokenVerificationUtilities for parsing tokens, verifying signatures, and deserializing payloads.
- Developed VulnWorkflowAntiForgeryTokenIssuer for issuing anti-forgery tokens with configurable options.
- Implemented VulnWorkflowAntiForgeryTokenVerifier for verifying anti-forgery tokens and validating payloads.
- Added AuthorityVulnerabilityExplorerOptions to manage configuration for vulnerability explorer features.
- Included tests for FilesystemPackRunDispatcher to ensure proper job handling under egress policy restrictions.
2025-11-03 10:04:10 +02:00

2.9 KiB
Raw Blame History

Completed Tasks

ID Status Owner(s) Depends on Description Exit Criteria
SCHED-WEB-16-101 DONE (2025-10-27) Scheduler WebService Guild SCHED-MODELS-16-101 Bootstrap Minimal API host with Authority OpTok + DPoP, health endpoints, plug-in discovery per architecture §§12. Service boots with config validation; /healthz//readyz pass; restart-only plug-ins enforced.
SCHED-WEB-16-102 DONE (2025-10-26) Scheduler WebService Guild SCHED-WEB-16-101 Implement schedules CRUD (tenant-scoped) with cron validation, pause/resume, audit logging. CRUD operations tested; invalid cron inputs rejected; audit entries persisted.
SCHED-WEB-16-103 DONE (2025-10-26) Scheduler WebService Guild SCHED-WEB-16-102 Runs API (list/detail/cancel), ad-hoc run POST, and impact preview endpoints. Integration tests cover run lifecycle; preview returns counts/sample; cancellation honoured.
SCHED-WEB-16-104 DONE (2025-10-27) Scheduler WebService Guild SCHED-QUEUE-16-401, SCHED-STORAGE-16-201 Webhook endpoints for Feeder/Excitor exports with mTLS/HMAC validation and rate limiting. Webhooks validated via tests; invalid signatures rejected; rate limits documented.
SCHED-WEB-20-001 DONE (2025-10-29) Scheduler WebService Guild, Policy Guild SCHED-WEB-16-101, POLICY-ENGINE-20-000 Expose policy run scheduling APIs (POST /policy/runs, GET /policy/runs) with tenant scoping and RBAC enforcement for policy:run. Endpoints documented; integration tests cover run creation/status; unauthorized access blocked.
SCHED-WEB-21-001 DONE (2025-10-26) Scheduler WebService Guild, Cartographer Guild SCHED-WEB-16-101, SCHED-MODELS-21-001 Expose graph build/overlay job APIs (POST /graphs/build, GET /graphs/jobs) with graph:write/graph:read enforcement and tenant scoping. APIs documented in docs/SCHED-WEB-21-001-GRAPH-APIS.md; integration tests cover submission/status; unauthorized requests blocked; scope checks now reference StellaOpsScopes.
SCHED-WEB-21-002 DONE (2025-10-26) Scheduler WebService Guild SCHED-WEB-21-001, CARTO-GRAPH-21-007 Provide overlay lag metrics endpoint and webhook to notify Cartographer of job completions; include correlation IDs. POST /graphs/hooks/completed + GET /graphs/overlays/lag documented in docs/SCHED-WEB-21-001-GRAPH-APIS.md; integration tests cover completion + metrics.
SCHED-WEB-21-003 DONE (2025-10-26) Scheduler WebService Guild, Authority Core Guild AUTH-GRAPH-21-001 Replace temporary X-Scopes/X-Tenant-Id headers with Authority-issued OpTok verification and scope enforcement for graph endpoints. Authentication configured via AddStellaOpsResourceServerAuthentication; authority scopes enforced end-to-end with StellaOpsScopes; header fallback limited to dev mode; tests updated.