stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
f98cea3bcfb4730b238ab8605ce6d48c2998aa44
git.stella-ops.org/docs/modules/scanner
History
master f98cea3bcf Add Authority Advisory AI and API Lifecycle Configuration 
- Introduced AuthorityAdvisoryAiOptions and related classes for managing advisory AI configurations, including remote inference options and tenant-specific settings.
- Added AuthorityApiLifecycleOptions to control API lifecycle settings, including legacy OAuth endpoint configurations.
- Implemented validation and normalization methods for both advisory AI and API lifecycle options to ensure proper configuration.
- Created AuthorityNotificationsOptions and its related classes for managing notification settings, including ack tokens, webhooks, and escalation options.
- Developed IssuerDirectoryClient and related models for interacting with the issuer directory service, including caching mechanisms and HTTP client configurations.
- Added support for dependency injection through ServiceCollectionExtensions for the Issuer Directory Client.
- Updated project file to include necessary package references for the new Issuer Directory Client library.
2025-11-02 13:50:25 +02:00
..
design
Add Authority Advisory AI and API Lifecycle Configuration
2025-11-02 13:50:25 +02:00
operations
Add Authority Advisory AI and API Lifecycle Configuration
2025-11-02 13:50:25 +02:00
AGENTS.md
feat: Add guild charters and task boards for various components
2025-11-01 02:21:46 +02:00
architecture.md
feat(docs): Add comprehensive documentation for Vexer, Vulnerability Explorer, and Zastava modules
2025-10-30 00:09:39 +02:00
implementation_plan.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00
README.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00
TASKS.md
Align AOC tasks for Excititor and Concelier
2025-10-31 18:50:15 +02:00

README.md

StellaOps Scanner

Scanner analyses container images layer-by-layer, producing deterministic SBOM fragments, diffs, and signed reports.

Responsibilities

  • Expose APIs (WebService) for scan orchestration, diffing, and artifact retrieval.
  • Run Worker analyzers for OS, language, and native ecosystems with restart-only plug-ins.
  • Store SBOM fragments and artifacts in RustFS/object storage.
  • Publish DSSE-ready metadata for Signer/Attestor and downstream policy evaluation.

Key components

  • StellaOps.Scanner.WebService minimal API host.
  • StellaOps.Scanner.Worker analyzer executor.
  • Analyzer libraries under StellaOps.Scanner.Analyzers.*.

Integrations & dependencies

  • Scheduler for job intake and retries.
  • Policy Engine for evidence handoff.
  • Export Center / Offline Kit for artifact packaging.

Operational notes

  • CAS caches, bounded retries, DSSE integration.
  • Monitoring dashboards (see ./operations/analyzers-grafana-dashboard.json).
  • RustFS migration playbook.

Related resources

  • ./operations/analyzers.md
  • ./operations/analyzers-grafana-dashboard.json
  • ./operations/rustfs-migration.md
  • ./operations/entrypoint.md

Backlog references

  • DOCS-SCANNER updates tracked in ../../TASKS.md.
  • Analyzer parity work in src/Scanner/**/TASKS.md.

Epic alignment

  • Epic 6 Vulnerability Explorer: provide policy-aware scan outputs, explain traces, and findings ledger hooks for triage workflows.
  • Epic 10 Export Center: generate export-ready artefacts, manifests, and DSSE metadata for bundles.