stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
d3ecd7f8e6d6a6d61ec629e21a780390f6ed143b
git.stella-ops.org/docs/implplan/SPRINT_212_web_i.md
master d3ecd7f8e6 nuget reorganization
2025-11-18 23:45:25 +02:00

6.6 KiB
Raw Blame History

Sprint 212 - Experience & SDKs · 180.F) Web.I

Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).

[Experience & SDKs] 180.F) Web.I Depends on: Sprint 120.A - AirGap, Sprint 130.A - Scanner, Sprint 150.A - Orchestrator, Sprint 170.A - Notifier Summary: Experience & SDKs focus on Web (phase I).

Task ID State Task description Owners (Source)
WEB-AIAI-31-001 API routing TODO Route /advisory/ai/* endpoints through gateway with RBAC/ABAC, rate limits, and telemetry headers. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-AIAI-31-002 Batch orchestration TODO Provide batching job handlers and streaming responses for CLI automation with retry/backoff. Dependencies: WEB-AIAI-31-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-AIAI-31-003 Telemetry & audit TODO Emit metrics/logs (latency, guardrail blocks, validation failures) and forward anonymized prompt hashes to analytics. Dependencies: WEB-AIAI-31-002. BE-Base Platform Guild, Observability Guild (src/Web/StellaOps.Web)

2025-11-07: Enforced unknown-field detection, added the shared AocError payload (HTTP + CLI), refreshed guard docs, and extended tests/endpoint helpers. WEB-AOC-19-002 Provenance & signature helpers | TODO | Ship ProvenanceBuilder, checksum utilities, and signature verification helper integrated with guard logging. Cover DSSE/CMS formats with unit tests. Dependencies: WEB-AOC-19-001. | BE-Base Platform Guild (src/Web/StellaOps.Web) WEB-AOC-19-003 Analyzer + test fixtures | TODO | Author Roslyn analyzer preventing ingestion modules from writing forbidden keys without guard, and provide shared test fixtures for guard validation used by Concelier/Excititor service tests. Dependencies: WEB-AOC-19-002. | QA Guild, BE-Base Platform Guild (src/Web/StellaOps.Web) WEB-CONSOLE-23-001 Global posture endpoints | TODO | Provide consolidated /console/dashboard and /console/filters APIs returning tenant-scoped aggregates (findings by severity, VEX override counts, advisory deltas, run health, policy change log). Enforce AOC labelling, deterministic ordering, and cursor-based pagination for drill-down hints. | BE-Base Platform Guild, Product Analytics Guild (src/Web/StellaOps.Web) CONSOLE-VULN-29-001 Vulnerability workspace | DOING (2025-11-08) | Build /console/vuln/* APIs and filters surfacing tenant-scoped findings with policy/VEX badges so Docs/UI teams can document workflows. Dependencies: WEB-CONSOLE-23-001, CONCELIER-GRAPH-21-001. | Console Guild, BE-Base Platform Guild (src/Web/StellaOps.Web) 2025-11-07: API scaffolding kicked off; docs/advisory-ai/console.md consuming placeholder responses until this lands. Scheduler/Signals hooks queued once filters stabilized. 2025-11-08: Driving filter + reachability badge wiring plus /console/vuln/search DTOs to keep DOCS-AIAI-31-004 on real payloads; aligning Signals/Scheduler dependencies now that upstream tickets exist. 2025-11-08: Published HTTP contract + sample payloads in docs/api/console/workspaces.md and docs/api/console/samples/vuln-findings-sample.json so Docs can stage screenshots while backend wires up. CONSOLE-VEX-30-001 VEX evidence workspace | DOING (2025-11-08) | Provide /console/vex/* APIs streaming VEX statements, justification summaries, and advisory links with SSE refresh hooks. Dependencies: WEB-CONSOLE-23-001, EXCITITOR-CONSOLE-23-001. | Console Guild, BE-Base Platform Guild (src/Web/StellaOps.Web) 2025-11-07: Endpoint contract draft in progress to unblock DOCS-AIAI-31-004 screenshot capture once responses are wired. 2025-11-08: Building SSE controller + /console/vex/events payloads and syncing Scheduler Signals tasks so DOCS-AIAI-31-004 can embed live data. 2025-11-08: SSE schema + NDJSON sample captured in docs/api/console/workspaces.md and docs/api/console/samples/vex-statement-sse.ndjson; waiting on Scheduler topic hook-up. WEB-CONSOLE-23-002 Live status & SSE proxy | TODO | Expose /console/status polling endpoint and /console/runs/{id}/stream SSE/WebSocket proxy with heartbeat/backoff, queue lag metrics, and auth scope enforcement. Surface request IDs + retry headers. Dependencies: WEB-CONSOLE-23-001. | BE-Base Platform Guild, Scheduler Guild (src/Web/StellaOps.Web) WEB-CONSOLE-23-003 Evidence export orchestrator | TODO | Add /console/exports POST/GET routes coordinating evidence bundle creation, streaming CSV/JSON exports, checksum manifest retrieval, and signed attestation references. Ensure requests honor tenant + policy scopes and expose job tracking metadata. Dependencies: WEB-CONSOLE-23-002. | BE-Base Platform Guild, Policy Guild (src/Web/StellaOps.Web) WEB-CONSOLE-23-004 Global search router | TODO | Implement /console/search endpoint accepting CVE/GHSA/PURL/SBOM identifiers, performing fan-out queries with caching, ranking, and deterministic tie-breaking. Return typed results for Console navigation; respect result caps and latency SLOs. Dependencies: WEB-CONSOLE-23-003. | BE-Base Platform Guild (src/Web/StellaOps.Web) WEB-CONSOLE-23-005 Downloads manifest API | TODO | Serve /console/downloads JSON manifest (images, charts, offline bundles) sourced from signed registry metadata; include integrity hashes, release notes links, and offline instructions. Provide caching headers and documentation. Dependencies: WEB-CONSOLE-23-004. | BE-Base Platform Guild, DevOps Guild (src/Web/StellaOps.Web) WEB-CONTAINERS-44-001 Config discovery & quickstart flag | DONE | Expose /welcome state, config discovery endpoint (safe values), and QUICKSTART_MODE handling for Console banner; add /health/liveness, /health/readiness, /version if missing. | BE-Base Platform Guild (src/Web/StellaOps.Web) WEB-CONTAINERS-45-001 Helm readiness support | DONE | Added readiness/liveness/version JSON assets for helm probes; quickstart/config flags already surfaced. | BE-Base Platform Guild (src/Web/StellaOps.Web) WEB-CONTAINERS-46-001 Air-gap hardening | DONE | Documented offline asset strategy and object-store override guidance; UI already serves local assets (no CDN). | BE-Base Platform Guild (src/Web/StellaOps.Web) WEB-EXC-25-001 Exceptions CRUD & workflow | TODO | Implement /exceptions API (create, propose, approve, revoke, list, history) with validation, pagination, and audit logging. | BE-Base Platform Guild (src/Web/StellaOps.Web)

Updates

  • 2025-11-18: WEB-CONTAINERS-44-001 completed — added quickstart banner, /welcome config discovery page, and sample config values to surface safe deployment info.
  • 2025-11-19: WEB-CONTAINERS-45-001 completed — readiness/liveness/version JSON assets added for helm probes; config discovery is live via /welcome.