stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
da27b9faa98619ece3407f731f0eacbc730cfffb
git.stella-ops.org/docs/technical/architecture/README.md

78 lines
7.3 KiB
Markdown
Raw Blame History

# Platform architecture & module dossiers
Use this index to locate platform-level architecture references and per-module dossiers.
## Core views
- [Architecture overview (10-minute tour)](../../ARCHITECTURE_OVERVIEW.md)
- [High-level architecture (reference map)](../../ARCHITECTURE_REFERENCE.md)
- [Scanner core contracts](../../scanner-core-contracts.md)
- [Authority (legacy overview)](../../AUTHORITY.md)
- [Console operator guide](../../UI_GUIDE.md) and deep dives under [ui/operations](../../modules/ui/operations/) and [ux](../../ux/)
- [Component map](component-map.md) (quick descriptions of every module under `src/`)
## Detailed references
- [Platform topology](platform-topology.md)
- [Infrastructure dependencies](infrastructure-dependencies.md)
- [Request and data flows](request-flows.md)
- [Data isolation model](data-isolation.md)
- [Security boundaries](security-boundaries.md)
## User-centric views (NEW)
- [User flows (UML diagrams)](user-flows.md) - End-to-end flows from user perspective
- [Module matrix](module-matrix.md) - Complete 46-module inventory with categorization
- [Data flows](data-flows.md) - SBOM, advisory, VEX, and policy data lifecycles
- [Schema mapping](schema-mapping.md) - PostgreSQL, Valkey, and RustFS storage reference
## Policy engine deep dives (NEW)
Comprehensive documentation of how data feeds policy decisions:
- [Policy Engine Data Pipeline](policy-engine-data-pipeline.md) - Master view of all data flowing to policy engine
- [SBOM Analyzer Inventory](sbom-analyzer-inventory.md) - Complete inventory of 25 analyzers (11 language, 9 OS, 4 surface, 1 capability)
- [Runtime Agents Architecture](runtime-agents-architecture.md) - eBPF observation, Zastava container observer, signal processing
- [Call Graph Analysis](call-graph-analysis.md) - ReachGraph construction, BFS path finding, 8-state reachability
- [Confidence Scoring](confidence-scoring.md) - 5-factor weighted scoring (RCH, RTS, VEX, PRV, POL)
- [K4 Lattice Logic](k4-lattice-logic.md) - Four-valued logic for handling uncertainty and conflicts
## End-to-end workflow flows
Comprehensive flow documentation for all major StellaOps workflows: [flows/](../../flows/)
| Category | Flows |
|----------|-------|
| **Core Platform** | Dashboard, Scan Submission, SBOM Generation, Policy Evaluation, Notification, Export |
| **Advanced** | CI/CD Gate, Advisory Drift Re-scan, VEX Auto-Generation, Evidence Bundle Export |
| **Enterprise** | Multi-Tenant Policy Rollout, Exception Approval, Risk Score Dashboard |
| **Specialized** | Binary Delta Attestation, Offline Sync, Reachability Drift Alert |
## Module catalogue
Each module directory bundles an ownership charter (`AGENTS.md`), current work (`TASKS.md`), an architecture dossier, and an implementation plan. Operations guides live under `operations/` where applicable.
| Module | Architecture | Implementation plan | Operations / extras |
| --- | --- | --- | --- |
| Authority | [architecture.md](../../modules/authority/architecture.md) | [implementation_plan.md](../../modules/authority/implementation_plan.md) | [operations/](../../modules/authority/operations/) |
| Advisory AI | [architecture.md](../../modules/advisory-ai/architecture.md) | [implementation_plan.md](../../modules/advisory-ai/implementation_plan.md) | - |
| Attestor | [architecture.md](../../modules/attestor/architecture.md) | [implementation_plan.md](../../modules/attestor/implementation_plan.md) | - |
| CLI | [architecture.md](../../modules/cli/architecture.md) | [implementation_plan.md](../../modules/cli/implementation_plan.md) | [operations/release-and-packaging.md](../../modules/cli/operations/release-and-packaging.md) |
| CI recipes | [architecture.md](../cicd/ci-architecture.md) | - | [recipes.md](../cicd/ci-recipes.md) |
| Concelier | [architecture.md](../../modules/concelier/architecture.md) | [implementation_plan.md](../../modules/concelier/implementation_plan.md) | [operations/](../../modules/concelier/operations/) |
| DevOps / release | [architecture.md](../../operations/devops/architecture.md) | - | [runbooks/](../../operations/devops/runbooks/) |
| Excititor | [architecture.md](../../modules/excititor/architecture.md) | [implementation_plan.md](../../modules/excititor/implementation_plan.md) | [mirrors.md](../../modules/excititor/mirrors.md) |
| Export Center | [architecture.md](../../modules/export-center/architecture.md) | [implementation_plan.md](../../modules/export-center/implementation_plan.md) | [operations/runbook.md](../../modules/export-center/operations/runbook.md) |
| Graph | [architecture.md](../../modules/graph/architecture.md) | [implementation_plan.md](../../modules/graph/implementation_plan.md) | - |
| Notify | [architecture.md](../../modules/notify/architecture.md) | [implementation_plan.md](../../modules/notify/implementation_plan.md) | - |
| Orchestrator | [architecture.md](../../modules/orchestrator/architecture.md) | [implementation_plan.md](../../modules/orchestrator/implementation_plan.md) | - |
| Platform | [architecture-overview.md](../../modules/platform/architecture-overview.md) + [architecture.md](../../modules/platform/architecture.md) | [implementation_plan.md](../../modules/platform/implementation_plan.md) | - |
| Policy engine | [architecture.md](../../modules/policy/architecture.md) | [implementation_plan.md](../../modules/policy/implementation_plan.md) | - |
| Registry token service | [architecture.md](../../modules/registry/architecture.md) | [implementation_plan.md](../../modules/registry/implementation_plan.md) | [operations/token-service.md](../../modules/registry/operations/token-service.md) |
| Scanner | [architecture.md](../../modules/scanner/architecture.md) | [implementation_plan.md](../../modules/scanner/implementation_plan.md) | [operations/](../../modules/scanner/operations/) |
| Scheduler | [architecture.md](../../modules/scheduler/architecture.md) | [implementation_plan.md](../../modules/scheduler/implementation_plan.md) | [operations/](../../modules/scheduler/operations/) |
| Signer | [architecture.md](../../modules/signer/architecture.md) | [implementation_plan.md](../../modules/signer/implementation_plan.md) | - |
| Telemetry stack | [architecture.md](../../modules/telemetry/architecture.md) | [implementation_plan.md](../../modules/telemetry/implementation_plan.md) | [operations/collector.md](../../modules/telemetry/operations/collector.md), [operations/storage.md](../../modules/telemetry/operations/storage.md) |
| UI / Console | [architecture.md](../../modules/ui/architecture.md), [console-architecture.md](../../modules/ui/console-architecture.md) | [implementation_plan.md](../../modules/ui/implementation_plan.md) | - |
| Vuln Explorer | [architecture.md](../../modules/vuln-explorer/architecture.md) | [implementation_plan.md](../../modules/vuln-explorer/implementation_plan.md) | - |
| VEX Lens | [architecture.md](../../modules/vex-lens/architecture.md) | [implementation_plan.md](../../modules/vex-lens/implementation_plan.md) | - |
| Excitor | [architecture.md](../../modules/excitor/architecture.md) | [implementation_plan.md](../../modules/excitor/implementation_plan.md) | [scoring.md](../../modules/excitor/scoring.md) |
| Zastava | [architecture.md](../../modules/zastava/architecture.md) | [implementation_plan.md](../../modules/zastava/implementation_plan.md) | - |
> Tip: every module directory also exposes `README.md`, `AGENTS.md`, and `TASKS.md` for roles, current backlog, and ownership responsibilities.
Reference in New Issue View Git Blame Copy Permalink