fdf95e0f46
- API_CLI_REFERENCE.md, INSTALL_GUIDE.md, quickstart.md, architecture/integrations.md, dev/DEV_ENVIRONMENT_SETUP.md, integrations/LOCAL_SERVICES.md: reflect real-service wiring. - docs/modules/**: module dossier updates across the modules touched by SPRINT_20260415_001..007 + SPRINT_20260416_003..017 + SPRINT_20260417_018..024 + SPRINT_20260418_025 + SPRINT_20260419_026. - docs/features/checked/web/**: update feature notes where UI changed. - docs/qa/feature-checks/runs/web/evidence-presentation-ux/: QA evidence artifacts. - docs/setup/**, docs/technical/**: align with setup wizard contracts. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1.3 KiB
1.3 KiB
StellaOps Signer (Relocated)
Sprint 204 (2026-03-04): The Signer module source has been consolidated under the Attestor trust domain. Source code is now at
src/Attestor/StellaOps.Signer/. Architecture documentation is now in the Attestor architecture dossier. Archived standalone docs are indocs-archived/modules/signer/.
Runtime Identity (unchanged)
- Docker image:
stellaops/signer:dev - API base path:
/api/v1/signer/ - DSSE signing endpoint:
POST /api/v1/signer/sign/dsse - Database schema:
signer(includes ceremony state plus key-management tables such astrust_anchors,key_history, andkey_audit_log) - Authentication: Authority resource-server auth in live hosts; stub bearer auth is isolated to
Testing
Why the move
Signer, Attestor, and Provenance form the trust domain -- the set of services responsible for cryptographic evidence production, transparency logging, and verification. Consolidating source ownership under src/Attestor/ makes trust-boundary responsibilities explicit while preserving runtime isolation between Signer state and Attestor evidence state.
See the Trust Domain Model ADR for the no-merge rationale.