Operations, Deployment & Offline

Deployment, runtime operations, and air-gap playbooks for running Stella Ops in production.

Install & Upgrade

• …/21_INSTALL_GUIDE.md – canonical install guide (Docker, air-gap considerations).
• …/install/docker.md – Docker install recipes.
• …/deploy/containers.md – container deployment guidance for AOC environments.
• …/deploy/console.md – console deployment specifics.
• …/13_RELEASE_ENGINEERING_PLAYBOOK.md – release automation, signing, reproducibility.
• …/artifacts/bom-index/README.md – BOM index artifact layout for Offline Kit exports.

Offline & Sovereign Operations

• …/quickstart.md – 5-minute path to first scan (useful for smoke testing installs).
• …/10_OFFLINE_KIT.md & …/24_OFFLINE_KIT.md – bundle contents, import/export workflow.
• …/airgap/airgap-mode.md – configuration for sealed environments.
• …/license-jwt-quota.md – offline quota token lifecycle.
• …/10_CONCELIER_CLI_QUICKSTART.md – workstation ingest/export workflow (operators).

Hardening & Governance

• …/17_SECURITY_HARDENING_GUIDE.md – platform hardening checklist.
• …/accessibility.md – accessibility checklist for console deployments.
• …/security/console-security.md – console-specific controls.
• …/security/authority-scopes.md – Authority scope model.
• …/security/rate-limits.md – throttling policy reference.
• …/security/policy-governance.md – policy governance guardrails.
• …/security/audit-events.md – audit event catalogue.
• …/security/revocation-bundle.md & …/security/revocation-bundle-example.json – revocation workflow.
• …/security/password-hashing.md – credential storage details.

Module Runbooks & Ops Guides

• Module operations directories under …/…/modules/ (Authority backups/monitoring, Concelier connectors, Scanner analyzers, Scheduler worker dashboards, Export Center runbook, DevOps launch readiness, Telemetry collector/storage, etc.).
• …/runtime/SCANNER_RUNTIME_READINESS.md – runtime readiness checklist.
• Notifications Studio operations: see …/notifications/architecture.md, …/notifications/overview.md, …/notifications/rules.md, …/notifications/templates.md, …/notifications/digests.md.
• Additional notification flows: …/notifications/pack-approvals-integration.md.
• Observability operations: …/observability/observability.md, …/observability/ui-telemetry.md.

DevOps & Release Automation

• …/devops/policy-schema-export.md – policy schema export automation.
• …/modules/devops/runbooks/launch-readiness.md, …/modules/devops/runbooks/launch-cutover.md, …/modules/devops/runbooks/deployment-upgrade.md, …/modules/devops/runbooks/nuget-preview-bootstrap.md.
• …/modules/registry/operations/token-service.md – registry token runbook.
• …/modules/concelier/operations/mirror.md – mirror operations.
• …/modules/concelier/operations/connectors/ – connector-specific procedures (ACSC, CCCS, CERT-Bund, etc.).
• …/modules/authority/operations/ – key rotation, monitoring, backup/restore.
• …/modules/scanner/operations/ – analyzer management, entrypoint guides, RustFS migration.
• …/modules/scheduler/operations/ – worker dashboards, Prometheus rules.
• …/modules/telemetry/operations/ – collector/storage deployment.