stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
df66ce10c30ac49280fca28cabdd737542aac662
git.stella-ops.org/docs/modules/export-center
History
master 7943cfb3af chore(docs+devops): cross-module doc sync + sprint archival moves + compose updates 
Bundled pre-session doc + ops work:
- docs/modules/**: sync across advisory-ai, airgap, cli, excititor,
  export-center, findings-ledger, notifier, notify, platform, router,
  sbom-service, ui, web (architectural + operational updates)
- docs/features/**: updates to checked excititor vex pipeline,
  developer workspace, quick verify drawer
- docs top-level: README, quickstart, API_CLI_REFERENCE, UI_GUIDE,
  code-of-conduct/TESTING_PRACTICES updates
- docs/qa/feature-checks/: FLOW.md + excititor state update
- docs/implplan/: remaining sprint updates + new Concelier source
  credentials sprint (SPRINT_20260422_003)
- docs-archived/implplan/: 30 sprint archival moves (ElkSharp series,
  misc completed sprints)
- devops/compose: .env + services compose + env example + router gateway
  config updates

File-level granularity preserved.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 16:06:39 +03:00
..
openapi
up
2025-12-07 22:49:53 +02:00
operations
docs consolidation, big sln build fixes, new advisories and sprints/tasks
2026-01-05 18:37:08 +02:00
schemas
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
AGENTS.md
docs consolidation work
2025-12-25 10:54:10 +02:00
api.md
chore(docs+devops): cross-module doc sync + sprint archival moves + compose updates
2026-04-22 16:06:39 +03:00
architecture.md
chore(docs+devops): cross-module doc sync + sprint archival moves + compose updates
2026-04-22 16:06:39 +03:00
cli.md
docs consolidation work
2025-12-25 10:54:10 +02:00
determinism.md
product advisories add change contiang folder
2026-01-08 09:06:03 +02:00
devportal-offline-manifest.md
Add unit tests for Router configuration and transport layers
2025-12-05 08:01:47 +02:00
devportal-offline.md
feat: Implement DevPortal Offline Export Job
2025-11-05 21:57:46 +02:00
implementation_plan.md
Align live evidence export with audit bundles
2026-03-11 18:21:47 +02:00
mirror-bundles.md
docs consolidation work
2025-12-25 10:54:10 +02:00
overview.md
audit notes work completed, test fixes work (95% done), new sprints, new data sources setup and configuration
2026-01-14 10:48:00 +02:00
profiles.md
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
provenance-and-signing.md
docs: module dossier + install/quickstart sync for truthful cutover sprints
2026-04-19 14:45:09 +03:00
README.md
chore(docs+devops): cross-module doc sync + sprint archival moves + compose updates
2026-04-22 16:06:39 +03:00
registry-compatibility.md
Gaps fill up, fixes, ui restructuring
2026-02-19 22:10:54 +02:00
trivy-adapter.md
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00

README.md

StellaOps Export Center

Export Center packages reproducible evidence bundles (JSON, Trivy DB, mirror) with provenance metadata and optional signing for offline or mirrored deployments.

Latest updates (2025-11-30)

  • Sprint tracker docs/implplan/SPRINT_0320_0001_0001_docs_modules_export_center.md and module TASKS.md added to mirror status.
  • Observability runbook stub + dashboard placeholder added under operations/ (offline import).
  • Bundle/profile/offline manifest guidance reaffirmed (devportal-offline*.md, mirror-bundles.md, provenance-and-signing.md).
  • 2026-04-16 truthful-runtime cutover: non-testing StellaOps.ExportCenter.WebService now uses PostgreSQL-backed canonical export repositories plus a real Evidence Locker client, while non-durable verification, attestation, incident, risk-bundle, simulation-export, audit-bundle, and exception-report host paths return explicit 501 problem+json until durable backends exist. Timeline publication also no longer defaults to an in-memory sink outside Testing.

Responsibilities

  • Coordinate export jobs based on profiles and scope selectors.
  • Assemble manifests, provenance documents, and cosign signatures.
  • Stream bundles via HTTP/OCI and stage them for Offline Kit uses.
  • Expose CLI/API surfaces for automation.

Key components

  • StellaOps.ExportCenter.WebService planner.
  • StellaOps.ExportCenter.Worker bundle builder.
  • Adapters in StellaOps.ExportCenter.* for JSON/Trivy/mirror variants.

Profiles at a glance

  • json:raw / json:policy — Evidence bundles with raw ingestion facts or policy overlays.
  • trivy:db / trivy:java-db — Trivy-compatible vulnerability feeds with deterministic manifests.
  • mirror:full / mirror:delta — OCI-style mirrors with provenance, TUF metadata, and optional encryption.
  • devportal:offline — Developer portal static assets, specs, SDKs, and changelogs packaged with manifest.json, checksums.txt, helper scripts, and a DSSE-signed manifest (manifest.dsse.json) for offline verification.

Integrations & dependencies

  • Concelier/Excititor/Policy data stores for evidence.
  • Signer/Attestor for provenance signing.
  • CLI for operator-managed exports.

Operational notes

  • Runbooks in ./operations/ for deployment and monitoring.
  • Observability assets: operations/observability.md and operations/dashboards/export-center-observability.json (offline import).
  • Mirror bundle instructions and validation notes.
  • Telemetry dashboards for export latency and retry rates.
  • Testing-only in-memory runtime switches are explicit (Export:AllowInMemoryRepositories, Export:UseInMemoryEvidenceLocker, Export:UseInMemoryVerificationArtifactStore, Export:UseInMemoryAttestationStore, Export:UseInMemoryPromotionAttestationStore, Export:UseInMemoryIncidentManager, Export:UseInMemoryRiskBundleJobHandler, Export:UseInMemorySimulationExporter, Export:UseInMemoryAuditBundleJobHandler, Export:UseInMemoryExceptionReportGenerator, Export:UseInMemoryTimelineNotificationSink). Non-testing runtime must use durable services or truthful 501 gaps.

Remaining truthful unsupported runtime surfaces

  • UnsupportedExportArtifactStore, UnsupportedExportAttestationService, and UnsupportedPromotionAttestationAssembler are the current shipped truth for verification and attestation readback: outside Testing they return 501 problem+json instead of simulating persistence.
  • UnsupportedExportIncidentManager, UnsupportedRiskBundleJobHandler, UnsupportedSimulationReportExporter, UnsupportedAuditBundleJobHandler, and UnsupportedExceptionReportGenerator are the current shipped truth for the remaining admin/job surfaces: outside Testing they return 501 problem+json instead of keeping process-local state.
  • UnsupportedExportNotificationSink is the current shipped truth for timeline publication: outside Testing publish attempts report delivery failure instead of buffering in memory.
  • These surfaces remain durable-backend backlog, but they are no longer mock/stub runtime debt because the host does not fabricate success or persist canonical state in process.

Related resources

  • ./operations/runbook.md
  • ./devportal-offline.md (bundle structure, verification workflow, DSSE signature details)
  • ./provenance-and-signing.md (manifest/provenance schema, signing pipeline, verification)

Backlog references

  • DOCS-EXPORT-35-001 … DOCS-EXPORT-37-002 in ../../TASKS.md.
  • EXPORT-ATTEST-75-002 cross-team deliverable.

Epic alignment

  • Epic 10 Export Center: deliver canonical JSON, Trivy DB, and mirror bundle workflows with provenance, signatures, and offline parity.

Implementation Status

Delivery Phases

  • Phase 1 JSON & mirror foundations: Stand up service + worker, deliver canonical JSON and mirror profiles, seed schema migrations, publish manifest/provenance formats
  • Phase 2 Trivy adapters & distribution: Implement Trivy DB/Java DB adapters, wire OCI/object storage distribution, expose policy snapshot embedding + verification
  • Phase 3 Delta, encryption, scheduling: Release mirror deltas, bundle encryption, advanced scheduling/automation, resumable downloads, CLI/Console verification workflows

Acceptance Criteria

  • Operators can create, monitor, and download exports; verification succeeds against manifest + provenance
  • Trivy bundles import cleanly; mirror bundles run in Offline Kit reference environment (full + delta)
  • Policy snapshot runs reproduce deterministic decisions with embedded policyVersion + inputsHash
  • Tenant scoping and RBAC block unauthorized actions; encryption-enabled bundles lock data to recipient keys
  • Metrics and dashboards reflect live runs; alerts trigger on sustained failure rates
  • Retried runs remain idempotent with matching manifests, hashes, and distribution artefacts

Key Risks & Mitigations

  • Schema drift: Versioned adapters with compatibility gates, CI integration tests, fail-fast with actionable errors
  • Bundle bloat: zstd compression, sharding, delta exports, OCI dedupe
  • Data leakage: Strict schema allowlists, tenancy filters, redaction enforcement, encryption options
  • Non-determinism: Embed policy snapshots, enforce deterministic ordering, include content hashes in manifest

Recent Updates

  • Sprint tracker and module TASKS.md added to mirror status
  • Observability runbook stub + dashboard placeholder added under operations/
  • Bundle/profile/offline manifest guidance reaffirmed