stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
Files
d92973d6fdeb259a3a8c5a67b0b6e95aaca8633f
git.stella-ops.org/docs/implplan/SPRINT_0154_0001_0001_packsregistry.md
StellaOps Bot d92973d6fd
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Details
sprints update
2025-11-25 07:49:24 +02:00

4.9 KiB
Raw Blame History

Sprint 0154-0001-0001 · Packs Registry (Scheduling & Automation 150.B)

Topic & Scope

  • Stand up Packs Registry service: indexing, provenance storage, signature verification, and lifecycle management.
  • Add version lifecycle (promote/deprecate), provenance exports, mirroring, attestation integration, and compliance dashboards.
  • Keep registry offline-friendly with RBAC, audit logs, and Offline Kit seed support.
  • Working directory: src/PacksRegistry/StellaOps.PacksRegistry.

Dependencies & Concurrency

  • Upstream: Sprint 120.A (AirGap), 130.A (Scanner), 140.A (Graph) provide pack metadata and graph inputs.
  • Concurrency: execute tasks in table order; all tasks currently TODO.

Documentation Prerequisites

  • docs/README.md
  • docs/07_HIGH_LEVEL_ARCHITECTURE.md
  • docs/modules/platform/architecture-overview.md
  • docs/modules/graph/architecture.md
  • docs/modules/devops/architecture.md
  • Any PacksRegistry AGENTS.md (if present under src/PacksRegistry).

Delivery Tracker

# Task ID Status Key dependency / next step Owners Task Definition
1 PACKS-REG-41-001 DONE (2025-11-25) Start registry service + migrations. Packs Registry Guild (src/PacksRegistry/StellaOps.PacksRegistry) Implement registry service, migrations (packs_index, parity_matrix, provenance docs); upload/list/get; signature verification; RBAC; provenance manifest storage.
2 PACKS-REG-42-001 DONE (2025-11-25) Depends on 41-001. Packs Registry Guild Version lifecycle (promote/deprecate), tenant allowlists, provenance export, signature rotation, audit logs, Offline Kit seed support.
3 PACKS-REG-43-001 DONE (2025-11-25) Depends on 42-001. Packs Registry Guild Registry mirroring, pack signing policies, attestation integration, compliance dashboards; integrate with Export Center.

Execution Log

Date (UTC) Update Owner
2025-11-08 Sprint stub created; awaiting staffing. Planning
2025-11-19 Normalized sprint to standard template and renamed from SPRINT_154_packsregistry.md to SPRINT_0154_0001_0001_packsregistry.md; content preserved. Implementer
2025-11-19 Added legacy-file redirect stub to avoid divergent updates. Implementer
2025-11-24 Started PACKS-REG-41-001: added core pack service with hash verification, in-memory + file repos, WebService endpoints for upload/list/get/content download; tests cover upload/list/content + signature failure. RBAC, migrations, and real signature verification remain pending. Implementer
2025-11-24 Added API-key guard, RSA signature verifier option, tenant checks, provenance upload/digest/storage, and /provenance download; integration + RSA verifier tests added. Implementer
2025-11-24 Exposed digest headers on downloads, added manifest endpoint, health check, and documented auth/tenant rules in PacksRegistry AGENTS. Implementer
2025-11-24 Added Mongo option with initializer ensuring packs/blobs/parity collections + indexes; configurable collections via PacksRegistry:Mongo. Implementer
2025-11-24 Added Pack Manifest OpenAPI stub (src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.WebService/OpenApi/pack-manifest.openapi.json) covering manifest response/auth headers. Implementer
2025-11-24 Added parity matrix scaffolding: parity model/service/repos (memory/file/mongo) and endpoints /api/v1/packs/{id}/parity (GET/POST) with auth/tenant enforcement; tests updated. Implementer
2025-11-24 Added packs OpenAPI stub (OpenApi/packs.openapi.json) documenting upload/list/get/content/provenance/manifest/parity endpoints and auth headers. Implementer
2025-11-25 Started PACKS-REG-42-001 to add lifecycle/rbac hardening, provenance export, signature rotation, audit logs, and offline seed support. Implementer
2025-11-25 Completed PACKS-REG-42-001: lifecycle/parity listing + audit trail repos (file/memory/mongo), signature rotation endpoint, offline-seed zip export with provenance/content, tenant allowlist enforcement on listings, OpenAPI updates; upgraded tests to ASP.NET Core 10 RC and added coverage for exports/rotation. Implementer
2025-11-25 Completed PACKS-REG-43-001: attestation storage/download APIs (file/memory/mongo), mirror registry CRUD/sync endpoints, pack signing policy option, compliance summary endpoint, OpenAPI v0.3 updated; all tests green. Implementer
2025-11-25 Closed PACKS-REG-41-001 after migrations, RBAC, signature verification, digest headers, and content/provenance storage completed. Implementer

Decisions & Risks

  • Registry relies on upstream pack metadata/graph contracts; keep schema aligned before migrations run.
  • Ensure offline posture: signature verification, provenance storage, audit logs, and Offline Kit seeds are mandatory before GA.

Next Checkpoints

  • Schedule kickoff once staffing confirmed (date TBD).