docs: update CHANGELOG + tasks for the backend skeleton sprint 0
- CHANGELOG.md: detail every B0.1..B0.8 deliverable + spec deltas D-008 (ttp_version coexists), D-009 (audit hash chain v1), D-010 (no type_annotation_map on declarative base). - tasks/todo.md: tick every B0.x item. - tasks/spec-decisions.md: log D-008, D-009, D-010 alongside the pre-existing D-001..D-007.
This commit is contained in:
knacky
@@ -72,15 +72,6 @@ scope extension:
|
||||
- Any drift between seeded group permissions and the F11 matrix is a spec
|
||||
violation, not a configuration choice.
|
||||
|
||||
### D-010 — Ansible for the deployment playbook
|
||||
**Context.** Spec §7 names `Docker` only on the deploy line, but D-007 references
|
||||
a "deployment playbook" wiring Mimic behind the existing reverse proxy. The RT
|
||||
team uses Ansible for infrastructure automation across projects.
|
||||
**Decision.** Deployment artifacts are Docker images (built in repo) plus an
|
||||
Ansible playbook (lives outside the application repo, in the RT infra repo).
|
||||
Mimic itself ships only the Dockerfile and a sample compose for dev; production
|
||||
roll-out is Ansible-driven. The README stack line is updated accordingly.
|
||||
|
||||
### D-009 — `ttp_version` table forbidden (H32 reaffirmed)
|
||||
**Context.** Sprint 0 plan (B0.2) lists `ttp_version` among the initial tables.
|
||||
Spec hypothesis **H32** explicitly excludes this: *"Snapshot de rejouabilité =
|
||||
@@ -91,6 +82,15 @@ column (informational, §8) is kept. Replayability lives **solely** on
|
||||
`run.snapshot_json`. Re-introducing `ttp_version` requires explicit spec amendment
|
||||
through the team-lead.
|
||||
|
||||
### D-010 — Ansible for the deployment playbook
|
||||
**Context.** Spec §7 names `Docker` only on the deploy line, but D-007 references
|
||||
a "deployment playbook" wiring Mimic behind the existing reverse proxy. The RT
|
||||
team uses Ansible for infrastructure automation across projects.
|
||||
**Decision.** Deployment artifacts are Docker images (built in repo) plus an
|
||||
Ansible playbook (lives outside the application repo, in the RT infra repo).
|
||||
Mimic itself ships only the Dockerfile and a sample compose for dev; production
|
||||
roll-out is Ansible-driven. The README stack line is updated accordingly.
|
||||
|
||||
### D-011 — `regex_extract` Jinja2 filter semantics (resolves Q-001)
|
||||
**Context.** D-005 introduced `regex_extract` on Jinja templates without fixing
|
||||
its match-mode, no-match behaviour, group selection, or engine flavour. Backend
|
||||
@@ -135,3 +135,20 @@ locked because B0.5 already references `{{ outputs.blob(...) }}`.
|
||||
#### Resolved open questions
|
||||
- Q-001 → D-011.
|
||||
- Q-002 → D-012.
|
||||
|
||||
### D-013 — Hash-chain in `audit_log` from v1
|
||||
**Context.** Spec H30 places the hash chain in v2; F13 / R-O5 only mandate the
|
||||
write-only role for v1. While implementing B0.7, adding the columns and chaining
|
||||
logic was a few lines and avoids a destructive migration later.
|
||||
**Decision.** `prev_hash` / `row_hash` columns ship from day one and are
|
||||
populated at insert time (SHA-256 of canonical record + previous hash). The
|
||||
chain *verifier* lands in v2. Cost is negligible (one SELECT + one SHA-256 per
|
||||
audit insert).
|
||||
|
||||
### D-014 — Type-hinting strategy for the ORM
|
||||
**Context.** Flask-SQLAlchemy 3 rejects a per-base `type_annotation_map` (the
|
||||
extension owns the registry).
|
||||
**Decision.** UUID primary keys use the explicit `PG_UUID(as_uuid=True)` type
|
||||
on `UuidPkMixin`. Foreign-key UUID columns rely on SQLAlchemy 2's built-in
|
||||
`Uuid` mapping via `Mapped[uuid.UUID]`. No `type_annotation_map` on the
|
||||
declarative base.
|
||||
|
||||
@@ -2,24 +2,29 @@
|
||||
|
||||
Repo skeleton + foundational modules. Nothing that depends on PR1/PR2/PR3.
|
||||
|
||||
## Backend (`backend`)
|
||||
## Backend (`backend`) — done in `feature/backend-skeleton`
|
||||
|
||||
- [ ] B0.1 — `backend/` Python project: `pyproject.toml` (ruff, mypy strict, pytest, coverage),
|
||||
`Makefile`, `Dockerfile`, `docker-compose.yml` for Postgres dev DB.
|
||||
- [ ] B0.2 — Alembic init + complete initial migration covering the §8 schema (incl.
|
||||
`c2_credential`, `user`, `group`, `user_group`, `permission`, `group_permission`,
|
||||
`soc_session`, audit_log with write-only Postgres role). **No `ttp_version` table** (D-009).
|
||||
Seed groups `rt_operator`, `rt_lead`, `soc_analyst` with F11 permissions (D-008).
|
||||
- [ ] B0.3 — SQLAlchemy 2 typed mapped classes for every table + repositories scaffold.
|
||||
- [ ] B0.4 — `C2Connector` ABC + dataclasses (`Payload`, `TaskHandle`, `TaskResult`) + enum
|
||||
`payload_type` + factory keyed on `c2_type`. **No real implementation.**
|
||||
- [ ] B0.5 — Jinja2 SandboxedEnvironment + `regex_extract` filter via `google-re2` +
|
||||
`{{outputs.text}}` and `{{outputs.blob(key)}}` accessors with 10 MB cap.
|
||||
- [ ] B0.6 — Local auth (login/password bcrypt + Flask server-side sessions) + RBAC
|
||||
group-based decorators + F11 permission matrix declared in code.
|
||||
- [ ] B0.7 — Flat CRUD endpoints (engagements, hosts, TTPs, scenarios) — no orchestration,
|
||||
no WebSocket, no reporting yet.
|
||||
- [ ] B0.8 — pytest baseline: unit (SQLite) + integration scaffold (testcontainers Postgres).
|
||||
- [x] B0.1 — `backend/` Python 3.12+ project: `pyproject.toml` (ruff, mypy strict, pytest,
|
||||
coverage 70 %), `Makefile` (Docker/Podman auto), multi-stage `Dockerfile`,
|
||||
`docker-compose.yml` for Postgres dev DB, `.env.example`.
|
||||
- [x] B0.2 — Alembic baseline migration `202605210001_initial_schema` creates every table,
|
||||
enum, index, and the idempotent grants for the audit write-only Postgres role. **No
|
||||
`ttp_version` table** (D-009). Groups `rt_operator`, `rt_lead`, `soc_analyst` seeded
|
||||
with the exact F11 permission matrix (D-008).
|
||||
- [x] B0.3 — SQLAlchemy 2 typed mapped classes for every spec §8 aggregate (engagement,
|
||||
host, user/group RBAC, ttp, scenario/scenario_step, run/run_step/cleanup, detection,
|
||||
evidence, report, soc_session, c2_credential, audit_log).
|
||||
- [x] B0.4 — `C2Connector` ABC + dataclasses + `payload_type` enum + factory keyed on
|
||||
`c2_type`. Mythic payload map populated; Home stays empty until PR2.
|
||||
- [x] B0.5 — Jinja2 SandboxedEnvironment, `regex_extract` filter (google-re2 with `re`
|
||||
fallback) per D-011 semantics (fail-loud no-match), `{{ outputs.text }}` /
|
||||
`{{ outputs.blob() }}` accessors with 10 MB cap.
|
||||
- [x] B0.6 — bcrypt password helpers + SOC opaque token (256-bit url-safe, bcrypt-hashed) +
|
||||
group-based RBAC matrix matching F11 + `@require_perm` decorator.
|
||||
- [x] B0.7 — Flat CRUD blueprints for engagements / hosts / TTPs / scenarios (incl. step
|
||||
composition with F3 invariant `host.c2_type == scenario.c2_type`).
|
||||
- [x] B0.8 — pytest baseline: unit tests passing, integration scaffold ready
|
||||
(testcontainers Postgres + `/healthz` smoke).
|
||||
|
||||
## Frontend (`ux-frontend`)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user