stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
df5984d07ee1592a53d8d6c29e90b4443364b7ae
git.stella-ops.org/StellaOps.Authority.TODOS.Feedser.md

2.6 KiB
Raw Blame History

StellaOps Authority — Feedser Integration Team

Read first: AGENTS.md, StellaOps.Authority.TODOS.md, and this plan. Update both TODO trackers as tasks progress.

Mission

Adopt the new authority stack inside Feedser: configure authentication, enforce scopes, update configuration, and validate end-to-end flows.

Task Timeline

Order Task IDs Description Dependencies Acceptance
1 FSR1 Extend etc/feedser.yaml with Authority configuration block (issuer, client credentials, bypass masks, scopes). DevEx FND4, LIB2 Sample config + docs updated.
2 FSR2 Update Feedser WebService startup to use AddStellaOpsResourceServerAuthentication; annotate endpoints with [Authorize] and scope policies. LIB2 DONE (2025-10-10) Auth wiring is optional but enabled via config; /jobs* endpoints demand feedser.jobs.trigger and tests cover bypass mode.
3 FSR3 Implement bypass mask handling for on-host cron jobs; log when mask used. FSR2, LIB3 Configurable via YAML; integration test ensures mask respected.
4 FSR4 Refresh Feedser docs (quickstart, operator guide) to explain auth requirements + config knobs. FSR1FSR3 Coordinate with Docs team for final wording.
5 FSR5 Build integration test harness (Authority + Feedser docker-compose) verifying token issuance and job triggering. CORE1CORE5, LIB4 CI job produces pass/fail artefact.

Implementation Notes

  • Add feature flag to allow temporary anonymous mode for staged rollout (document sunset date).
  • Ensure CLI + API docs reference required scopes and sample client creation.
  • Logs should capture client ID, user ID, and scopes when jobs triggered for audit (without leaking secrets).
  • Avoid coupling tests to specific plugin implementations—use Standard plugin via configuration.
  • Share any new scopes/policies with Auth Libraries and Docs teams.

Deliverables

  • Updated Feedser configuration + startup code.
  • Documentation updates in docs/10_FEEDSER_CLI_QUICKSTART.md and docs/11_AUTHORITY.md (in partnership with Docs team).
  • Integration tests executed in CI (Authority + Feedser).
  • Rollout checklist for existing deployments (feature flag, config changes).

Coordination

  • Sync with Authority Core on policy naming (feedser.jobs.trigger, feedser.merge).
  • Coordinate with CLI team for shared sample configs.
  • Work closely with DevOps to integrate integration tests into pipeline.
  • Notify Security Guild once bypass masks implemented for review.