stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 14 Releases Wiki Activity
Files
f43e828b4e21957636ce35cdaf50bb29da5d4e1d
git.stella-ops.org/docs/modules/concelier/prep/2025-11-22-oas-obs-prep.md
StellaOps Bot f43e828b4e
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Implement MongoDB orchestrator storage with registry, commands, and heartbeats 
- Added NullAdvisoryObservationEventTransport for handling advisory observation events.
- Created IOrchestratorRegistryStore interface for orchestrator registry operations.
- Implemented MongoOrchestratorRegistryStore for MongoDB interactions with orchestrator data.
- Defined OrchestratorCommandDocument and OrchestratorCommandRecord for command handling.
- Added OrchestratorHeartbeatDocument and OrchestratorHeartbeatRecord for heartbeat tracking.
- Created OrchestratorRegistryDocument and OrchestratorRegistryRecord for registry management.
- Developed tests for orchestrator collections migration and MongoOrchestratorRegistryStore functionality.
- Introduced AirgapImportRequest and AirgapImportValidator for air-gapped VEX bundle imports.
- Added incident mode rules sample JSON for notifier configuration.
2025-11-22 12:35:38 +02:00

2.5 KiB
Raw Blame History

Concelier OAS & Observability Prep (61-001..63-001, 51-001..55-001)

Status: Ready for implementation (2025-11-22) Owners: Concelier Core Guild · API Contracts Guild · DevOps/Observability Guilds Scope: Freeze the API/SDK contracts and observability envelopes for LNM search/timeline APIs so downstream SDK, governance, and incident flows can proceed without schema churn.

Inputs

  • Frozen LNM payload schema: docs/modules/concelier/link-not-merge-schema.md (2025-11-17).
  • Event contract: docs/modules/concelier/events/advisory.observation.updated@1.md.
  • Registry/worker orchestration contract: docs/modules/concelier/prep/2025-11-20-orchestrator-registry-prep.md.

Deliverables

  • OpenAPI source stub for LNM + timeline surfaces recorded at docs/modules/concelier/openapi/lnm-api.yaml (paths enumerated; examples outlined below).
  • SDK example library checklist covering searchAdvisories, searchLinksets, getTimeline, getObservationById; response bodies aligned to frozen schema; no consensus/merge fields.
  • Observability contract (metrics/logs/traces):
    • Metrics: concelier_ingest_latency_seconds, concelier_linkset_conflicts_total, concelier_timeline_emit_lag_seconds, concelier_api_requests_total{route,tenant,status} with burn-rate alert examples.
    • Logs: structured fields tenantId, advisoryKey, linksetId, timelineCursor, egressPolicy.
    • Traces: span names for lnm.search, lnm.timeline, lnm.linkset-resolve with baggage keys tenant-id, request-id.
  • Incident/observability hooks: timeline/attestation enrichment notes for OBS-54/55 including DSSE envelope hash field and sealed-mode redaction rules.

Acceptance Criteria

  • Request/response shapes for /api/v1/lnm/advisories, /api/v1/lnm/linksets, /api/v1/lnm/timeline documented with required query params (tenantId, productKey, offset, limit, sort, includeTimeline=true|false).
  • All responses MUST include provenance block (source, fetchedAt, digest, evidenceBundleId) and forbid consensus/merge fields.
  • Metrics/logs names and labels are deterministic and lowercase; alert examples reference burn-rate SLOs.
  • File path above is referenced from sprint trackers; any future schema edits require bumping version/comment in this prep doc.

Notes

  • This prep satisfies PREP-CONCELIER-OAS-61-001/002/62-001/63-001 and PREP-CONCELIER-OBS-51-001/52-001/53-001/54-001/55-001.
  • No external dependencies remaining; downstream tasks may proceed using the stubbed OpenAPI and observability contracts here.