stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
fda92af9bcbaf6c1677f0d6b13609a8e04222bbc
git.stella-ops.org/README.md
master 541a936d03 feat: Complete MongoDB/MinIO removal and integrate CLI consolidation 
This commit completes the MongoDB and MinIO removal from the StellaOps
platform and integrates the CLI consolidation work from remote.

## Infrastructure Changes

- PostgreSQL v16+ is now the ONLY supported database
- Valkey v8.0 replaces Redis for caching, DPoP security, and event streams
- RustFS is the primary object storage (MinIO fully removed)
- NATS is OPTIONAL for messaging (Valkey is default transport)

## Docker Compose Updates

Updated all deployment profiles:
- deploy/compose/docker-compose.dev.yaml
- deploy/compose/docker-compose.airgap.yaml
- deploy/compose/docker-compose.stage.yaml
- deploy/compose/docker-compose.prod.yaml

All profiles now use PostgreSQL + Valkey + RustFS stack.

## Environment Configuration

Updated all env.example files with:
- Removed: MONGO_*, MINIO_* variables
- Added: POSTGRES_*, VALKEY_* variables
- Updated: SCANNER_QUEUE_BROKER to use Valkey by default
- Enhanced: Surface.Env and Offline Kit configurations

## Aoc.Cli Changes

- Removed --mongo option entirely
- Made --postgres option required
- Removed VerifyMongoAsync method
- PostgreSQL is now the only supported backend

## CLI Consolidation (from merge)

Integrated plugin architecture for unified CLI:
- stella aoc verify (replaces stella-aoc)
- stella symbols (replaces stella-symbols)
- Plugin manifests and command modules
- Migration guide for users

## Documentation Updates

- README.md: Updated deployment workflow notes
- DEVELOPER_ONBOARDING.md: Complete Valkey-centric flow diagrams
- QUICKSTART_HYBRID_DEBUG.md: Removed MongoDB/MinIO references
- VERSION_MATRIX.md: Updated infrastructure dependencies
- CLEANUP_SUMMARY.md: Marked all cleanup tasks complete
- 07_HIGH_LEVEL_ARCHITECTURE.md: Corrected infrastructure stack
- 11_DATA_SCHEMAS.md: Valkey keyspace documentation

## Merge Resolution

Resolved merge conflicts by accepting incoming changes which had more
complete Surface.Env and Offline Kit configurations.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-23 10:40:20 +02:00

40 lines
3.1 KiB
Markdown
Executable File
Raw Blame History

# StellaOps Concelier & CLI
[![Build Status](https://git.stella-ops.org/stellaops/feedser/actions/workflows/build-test-deploy.yml/badge.svg)](https://git.stella-ops.org/stellaops/feedser/actions/workflows/build-test-deploy.yml)
[![Quality Gates](https://git.stella-ops.org/stellaops/feedser/actions/workflows/build-test-deploy.yml/badge.svg?job=quality-gates)](https://git.stella-ops.org/stellaops/feedser/actions/workflows/build-test-deploy.yml)
[![Reachability](https://img.shields.io/badge/reachability-≥95%25-brightgreen)](docs/testing/ci-quality-gates.md)
[![TTFS SLO](https://img.shields.io/badge/TTFS_P95-≤1.2s-blue)](docs/testing/ci-quality-gates.md)
[![Mutation Score](https://img.shields.io/badge/mutation_score-≥80%25-purple)](docs/testing/mutation-testing-baselines.md)
This repository hosts the StellaOps Concelier service, its plug-in ecosystem, and the
first-party CLI (`stellaops-cli`). Concelier ingests vulnerability advisories from
authoritative sources, stores them in PostgreSQL, and exports deterministic JSON and
Trivy DB artefacts. The CLI drives scanner distribution, scan execution, and job
control against the Concelier API.
## Quickstart
1. Prepare a PostgreSQL instance and (optionally) install `trivy-db`/`oras`.
2. Copy `etc/concelier.yaml.sample` to `etc/concelier.yaml` and update the storage + telemetry
settings.
3. Copy `etc/authority.yaml.sample` to `etc/authority.yaml`, review the issuer, token
lifetimes, and plug-in descriptors, then edit the companion manifests under
`etc/authority.plugins/*.yaml` to match your deployment.
4. Start the web service with `dotnet run --project src/Concelier/StellaOps.Concelier.WebService`.
5. Configure the CLI via environment variables (e.g. `STELLAOPS_BACKEND_URL`) and trigger
jobs with `dotnet run --project src/Cli/StellaOps.Cli -- db merge`.
Detailed operator guidance is available in `docs/10_CONCELIER_CLI_QUICKSTART.md`. API and
command reference material lives in `docs/09_API_CLI_REFERENCE.md`.
Pipeline note: deployment workflows should template `etc/concelier.yaml` during CI/CD,
injecting environment-specific PostgreSQL connection strings and telemetry endpoints.
Upcoming releases will add Microsoft OAuth (Entra ID) authentication support—track
the quickstart for integration steps once available.
## Documentation
- `docs/README.md` now consolidates the platform index and points to the updated high-level architecture.
- Module architecture dossiers now live under `docs/modules/<module>/`. The most relevant here are `docs/modules/concelier/ARCHITECTURE.md` (service layout, merge engine, exports) and `docs/modules/cli/ARCHITECTURE.md` (command surface, AOT packaging, auth flows). Related services such as the Signer, Attestor, Authority, Scanner, UI, Excititor, Zastava, and DevOps pipeline each have their own dossier in the same hierarchy.
- Offline operation guidance moved to `docs/24_OFFLINE_KIT.md`, which details bundle composition, verification, and delta workflows. Concelier-specific connector operations stay in `docs/modules/concelier/operations/connectors/*.md` with companion runbooks in `docs/modules/concelier/operations/`.
Reference in New Issue View Git Blame Copy Permalink