26 lines
1.4 KiB
Markdown
26 lines
1.4 KiB
Markdown
# Air-Gap Epistemic Mode with Sealed Startup and Feed Snapshots
|
|
|
|
## Module
|
|
AirGap
|
|
|
|
## Status
|
|
IMPLEMENTED
|
|
|
|
## Description
|
|
Full epistemic completeness for air-gapped environments: sealed startup validation, feed snapshot repositories, signed mirror connectors, cryptographic binding of knowledge state to scan results, snapshot management, and sealed install enforcement.
|
|
|
|
## Implementation Details
|
|
- **Sealed startup**: `src/AirGap/StellaOps.AirGap.Controller/Services/AirGapStartupDiagnosticsHostedService.cs` -- validates sealed state at startup
|
|
- **Startup options**: `src/AirGap/StellaOps.AirGap.Controller/Options/AirGapStartupOptions.cs` -- sealed startup configuration
|
|
- **State management**: `src/AirGap/StellaOps.AirGap.Controller/Domain/AirGapState.cs`, `Services/AirGapStateService.cs`
|
|
- **State stores**: `src/AirGap/StellaOps.AirGap.Controller/Stores/IAirGapStateStore.cs`, `InMemoryAirGapStateStore.cs`
|
|
- **Feed snapshots**: `src/AirGap/__Libraries/StellaOps.AirGap.Bundle/` -- snapshot management in bundle library
|
|
- **Offline verification**: `src/AirGap/StellaOps.AirGap.Importer/Policy/OfflineVerificationPolicy.cs`, `OfflineVerificationPolicyLoader.cs`
|
|
- **Source**: Feature matrix scan
|
|
|
|
## E2E Test Plan
|
|
- [ ] Verify sealed startup validation prevents operation with incomplete knowledge state
|
|
- [ ] Test feed snapshot loading and cryptographic binding
|
|
- [ ] Verify state transitions in air-gap controller
|
|
- [ ] Test offline verification policy enforcement
|