64 lines
3.7 KiB
Markdown
64 lines
3.7 KiB
Markdown
# StellaOps Flow Documentation
|
|
|
|
This directory contains detailed end-to-end flow documentation for all major StellaOps workflows.
|
|
|
|
## Flow Categories
|
|
|
|
### Core Platform Flows (Existing)
|
|
|
|
| Flow | File | Description |
|
|
|------|------|-------------|
|
|
| Dashboard Data Flow | [01-dashboard-data-flow.md](01-dashboard-data-flow.md) | How dashboard aggregates and displays security posture |
|
|
| Scan Submission Flow | [02-scan-submission-flow.md](02-scan-submission-flow.md) | End-to-end container image scan lifecycle |
|
|
| SBOM Generation Flow | [03-sbom-generation-flow.md](03-sbom-generation-flow.md) | Multi-analyzer SBOM generation and attestation |
|
|
| Policy Evaluation Flow | [04-policy-evaluation-flow.md](04-policy-evaluation-flow.md) | K4 lattice policy evaluation with confidence scoring |
|
|
| Notification Flow | [05-notification-flow.md](05-notification-flow.md) | Multi-channel notification delivery |
|
|
| Export Flow | [06-export-flow.md](06-export-flow.md) | Report and evidence bundle generation |
|
|
|
|
### Advanced Flows (New)
|
|
|
|
| Flow | File | Description |
|
|
|------|------|-------------|
|
|
| CI/CD Gate Flow | [10-cicd-gate-flow.md](10-cicd-gate-flow.md) | Pipeline integration with pass/fail gates |
|
|
| Advisory Drift Re-scan Flow | [11-advisory-drift-rescan-flow.md](11-advisory-drift-rescan-flow.md) | Automatic re-evaluation on new advisories |
|
|
| VEX Auto-Generation Flow | [12-vex-auto-generation-flow.md](12-vex-auto-generation-flow.md) | ML-assisted VEX statement generation |
|
|
| Evidence Bundle Export Flow | [13-evidence-bundle-export-flow.md](13-evidence-bundle-export-flow.md) | Auditable evidence package creation |
|
|
| Multi-Tenant Policy Rollout Flow | [14-multi-tenant-policy-rollout-flow.md](14-multi-tenant-policy-rollout-flow.md) | Cross-tenant policy propagation |
|
|
| Binary Delta Attestation Flow | [15-binary-delta-attestation-flow.md](15-binary-delta-attestation-flow.md) | Binary-level change attestation |
|
|
| Offline Sync Flow | [16-offline-sync-flow.md](16-offline-sync-flow.md) | Air-gapped environment synchronization |
|
|
| Exception Approval Workflow | [17-exception-approval-workflow.md](17-exception-approval-workflow.md) | Policy exception request and approval |
|
|
| Risk Score Dashboard Flow | [18-risk-score-dashboard-flow.md](18-risk-score-dashboard-flow.md) | Real-time risk aggregation and display |
|
|
| Reachability Drift Alert Flow | [19-reachability-drift-alert-flow.md](19-reachability-drift-alert-flow.md) | Runtime reachability change detection |
|
|
|
|
## Flow Documentation Format
|
|
|
|
Each flow document follows a standard structure:
|
|
|
|
1. **Overview** - Brief description and business value
|
|
2. **Actors** - Users, systems, and services involved
|
|
3. **Prerequisites** - Required configuration and dependencies
|
|
4. **Flow Diagram** - UML sequence/activity diagram
|
|
5. **Step-by-Step** - Detailed step descriptions
|
|
6. **Data Contracts** - Input/output schemas
|
|
7. **Error Handling** - Failure modes and recovery
|
|
8. **Observability** - Metrics, logs, and traces
|
|
9. **Related Flows** - Cross-references to related workflows
|
|
|
|
## Module Ownership
|
|
|
|
| Flow Category | Primary Module | Supporting Modules |
|
|
|---------------|----------------|-------------------|
|
|
| Scanning | Scanner | Gateway, Scheduler, Attestor |
|
|
| Policy | Policy | VexLens, Concelier, Scanner |
|
|
| Advisory | Concelier | Excititor, Mirror, VexLens |
|
|
| Export | ExportCenter | EvidenceLocker, Attestor, Signer |
|
|
| Notification | Notify | Scheduler, Orchestrator |
|
|
| CI/CD | CLI | Gateway, Scanner, Policy |
|
|
|
|
## Related Documentation
|
|
|
|
- [User Flows (UML)](../technical/architecture/user-flows.md)
|
|
- [Data Flows](../technical/architecture/data-flows.md)
|
|
- [Module Matrix](../technical/architecture/module-matrix.md)
|
|
- [Schema Mapping](../technical/architecture/schema-mapping.md)
|