150b3730ef
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
api-governance / spectral-lint (push) Has been cancelled
28 lines
1.4 KiB
Markdown
28 lines
1.4 KiB
Markdown
# Console Airgap UI (Airgap 57-002)
|
||
|
||
Describes console surfaces for sealed-mode imports, staleness, and user guidance.
|
||
|
||
## Surfaces
|
||
- **Airgap status badge**: shows `sealed` state, `mirrorGeneration`, last import time, and staleness indicator.
|
||
- **Import wizard**: stepper to upload/verify mirror bundle, show manifest hash, and emit timeline event upon success.
|
||
- **Staleness dashboard**: charts staleness by bundle/component; highlights tenants nearing expiry.
|
||
|
||
## Staleness logic
|
||
- Use time anchors from `docs/airgap/staleness-and-time.md`.
|
||
- Staleness = now - `bundle.createdAt`; color bands: green (<24h), amber (24–72h), red (>72h) or missing anchor.
|
||
|
||
## Guidance banners
|
||
- When sealed: banner text "Sealed mode: egress denied. Only registered bundles allowed." Include current `mirrorGeneration` and bundle hash.
|
||
- On staleness red: prompt operators to import next bundle or reapply time anchor.
|
||
|
||
## Events
|
||
- Successful import emits timeline event with bundleId, mirrorGeneration, manifest hash, actor.
|
||
- Failed import emits event with error code; do not expose stack traces in UI.
|
||
|
||
## Security/guardrails
|
||
- Require admin scope to import bundles; read-only users can view status only.
|
||
- Never display raw hashes without tenant context; prefix with tenant and generation.
|
||
|
||
## TODOs
|
||
- Wire to backend once mirror bundle schema and timeline events are exposed (blocked until backend readiness).
|