Skip to content

Diagrams

Huzefaaa2 edited this page May 31, 2026 · 72 revisions

Diagrams

C4 Context

See docs/diagrams/c4-context.md.

C4 Container

See docs/diagrams/c4-container.md. The current container diagram marks the Approval Router as an implemented JSON/SQLite-backed lifecycle service with repository routing, signed OIDC/JWKS validation, repository RBAC, Entra/Okta deployment references, console actions, console break-glass creation, approval audit details, provider request specs, and live provider delivery evidence. It also marks the Agent and MCP Trust Registry as a JSON/SQLite implementation for governed agent identities, MCP trust decisions, predefined agent profiles, MCP capability classifications, and console registry views. The metadata store now includes JSON/SQLite evidence, session, decision, approval, registry, repository inventory, policy rollout metadata, policy authoring previews, approval-bound signed policy publishing, rollout change plans, deployment readiness checks, integration inventory, connector delivery records, backup/restore operations, retention planning, and governed evidence artifact retrieval. The evidence plane now feeds CI/CD required-check artifacts for GitHub, GitLab, Azure DevOps templates, configured SIEM/ITSM/ChatOps/webhook connector hooks, and AWS/Azure immutable evidence storage references. The console security boundary and console session context are exposed as OIDC/RBAC/CORS readiness and authenticated actor metadata. The Go enforcement plane is now shown as a scaffolded parity-tested container with daemon transport and client mode, and the sandbox is shown as GitHub Pages deployable.

Agent and MCP Registry

See docs/diagrams/agent-mcp-registry.svg for the dedicated registry view that separates profiles, registered identities, trust records, classifications, storage modes, runtime decisions, console views, and evidence consumers.

Runtime Components

See docs/diagrams/c4-component-runtime.md.

Runtime Decision Flow

See docs/diagrams/runtime-decision-flow.md.

Evidence Lifecycle

See docs/diagrams/evidence-lifecycle.md.

Immutable Evidence Storage

See docs/diagrams/immutable-evidence-storage.svg for the dedicated immutable storage flow from runtime decision, signed bundle, verifier gate, and storage plan into AWS S3 Object Lock and Azure Blob immutability.

OIDC/RBAC Deployment

See docs/diagrams/oidc-rbac-deployment.svg for the dedicated identity flow from Entra ID or Okta discovery metadata and group claims into CAVRA OIDC config, repository RBAC, console sessions, approvals, and break-glass decisions.

Go Parity and Sandbox Deployment

See docs/diagrams/go-parity-sandbox-deployment.svg for the dedicated flow from authoritative Python runtime behavior through shared parity fixtures, Go runtime tests, required CI checks, sandbox source, GitHub Pages deployment, and the future promotion gate.

Runner OIDC and Evidence Verification

The release-governance runner wrapper now acquires provider OIDC tokens from GitHub Actions, GitLab CI, or Azure Pipelines when available, sends signed or OIDC-backed runner_auth to the Go daemon, records hash-chained evidence, verifies the evidence stream, and publishes release-governance-evidence-verification.json as an audit artifact. Custody and rotation guidance is documented in Runner-Auth-And-Evidence-Key-Custody.md.

Go Reproducible Air-Gapped Build Flow

See docs/diagrams/go-reproducible-airgap.svg for the release path from connected GitHub Actions build, checksums, SBOM, signatures, provenance, and reproducibility metadata to restricted-environment verification and optional binary rebuild.

Release Signing Operations

See docs/diagrams/release-signing-operations.svg for the release path from external signing key custody into signed package generation, verifier enforcement, planned key rotation, and emergency revocation evidence.

High-Risk Command And Cloud/IaC Parity

See docs/diagrams/high-risk-command-cloud-iac-parity.svg for the shared fixture path that compares authoritative Python runtime decisions with Go runtime decisions before Go is allowed into deployment paths.

Opt-In Go Backend Pilot

See docs/diagrams/go-backend-pilot.svg for the guarded backend-selection flow from operator opt-in through Python evaluation, Go comparison, parity gate, fallback, and readiness evidence.

Go Backend Deployment Readiness

See docs/diagrams/go-backend-deployment-readiness.svg for the CI runner and workstation readiness path that checks release metadata before Go backend promotion.

Go Backend Promotion Gate

See docs/diagrams/go-backend-promotion.svg for the promotion gate that requires runtime readiness, deployment readiness, audited parity evidence, and approval before promoted mode selects Go.

Go Backend Rollback Controls

See docs/diagrams/go-backend-rollback.svg for the rollback gate that requires an approved plan back to Python-only mode before promoted mode selects Go.

Go Backend Rollback Rehearsal

See docs/diagrams/go-backend-rollback-rehearsal.svg for the rehearsal evidence path that validates fallback restoration, recovery target, and dashboard visibility before promoted mode selects Go.

Go Backend Rollback Drill History

See docs/diagrams/go-backend-rollback-drill-history.svg for the operational drill history path that validates fresh fallback drills before promoted mode selects Go.

Go Backend Rollback Drill Scheduling

Go Backend Rollback Drill Executive Delivery Retry Execution And Recovery Health Alerts

See docs/diagrams/go-backend-rollback-drill-executive-delivery-retry-execution-and-recovery-health-alerts.svg for the public-safe recovery retry health alert and executive report delivery retry execution loop.

Go Backend Rollback Drill Retry Approvals And Recovery Playbooks

See docs/diagrams/go-backend-rollback-drill-retry-approvals-recovery-playbooks.svg for the approval path from failed acknowledgement audit delivery through retry acknowledgement, execution approval, approval-bound worker selection, and connector recovery playbooks.

Go Backend Rollback Drill Live Retry Closure Evidence

See docs/diagrams/go-backend-rollback-drill-live-retry-closure-evidence.svg for the live retry execution and recovery closure path that links failed delivery, retry acknowledgement, approval, worker execution, connector recovery playbooks, and closure evidence.

Go Backend Rollback Drill Retry Recovery Reporting

See docs/diagrams/go-backend-rollback-drill-retry-recovery-reporting.svg for the retry execution dashboard, recovery SLO, provider summary, and closure trend analytics flow.

Go Backend Rollback Drill Recovery Escalation And Executive Reporting

See docs/diagrams/go-backend-rollback-drill-recovery-escalation-executive-reporting.svg for the public-safe flow from retry recovery evidence into escalation plans, connector delivery, executive reports, dashboard counts, and audit history.

Go Backend Rollback Drill Recovery Escalation Acknowledgements And Scheduling

See docs/diagrams/go-backend-rollback-drill-recovery-escalation-ack-retry-scheduling.svg for the public-safe flow from escalation plans into provider acknowledgements, failed delivery retry plans, scheduled executive report runs, dashboard counts, and audit history.

Go Backend Rollback Drill Recovery Escalation Retry Execution And Executive Delivery

See docs/diagrams/go-backend-rollback-drill-recovery-escalation-retry-execution-and-executive-delivery.svg for the public-safe flow from recovery escalation acknowledgements into retry worker execution, retry execution records, scheduled executive report delivery, dashboard counts, and audit history.

Go Backend Rollback Drill Recovery Retry Health And Executive Delivery Retry

See docs/diagrams/go-backend-rollback-drill-recovery-retry-health-and-executive-delivery-retry.svg for the public-safe flow from retry worker metadata and executive delivery failures into health reports, retry decisions, dashboard counts, and audit history.

Go Backend Rollback Drill Executive Retry Health And Recovery Health Alert Retry

See docs/diagrams/go-backend-rollback-drill-executive-retry-health-and-recovery-health-alert-retry.svg for the public-safe flow from executive retry metadata and failed recovery health alert delivery into retry health reports, retry decisions, dashboard counts, and audit history.

Go Backend Rollback Drill Recovery Health Alert Retry Worker And Executive Retry Health Alerts

See docs/diagrams/go-backend-rollback-drill-recovery-health-alert-retry-worker-and-executive-retry-health-alerts.svg for the public-safe flow from failed recovery health alert delivery through retry worker execution and executive retry health alert delivery.

Go Backend Rollback Drill Executive Health Alert Retry And Final Closure

See docs/diagrams/go-backend-rollback-drill-executive-health-alert-retry-final-closure.svg for the public-safe flow from failed executive retry health alert delivery through retry planning, worker execution, execution evidence, and final reporting closure.

Go Backend Rollback Drill Final Readiness Runbook Export

See docs/diagrams/go-backend-rollback-drill-final-readiness-runbook-export.svg for the public-safe flow from final closure evidence into release-readiness checks, operator runbook export, and release evidence attachment.

Go Backend Rollback Drill Readiness Approval Release Record

See docs/diagrams/go-backend-rollback-drill-readiness-approval-release-record.svg for the public-safe flow from final readiness summary into governed approval, operator runbook export, release record attachment evidence, and private connector boundaries.

Go Backend Rollback Drill Closure Packet Auditor Export

See docs/diagrams/go-backend-rollback-drill-closure-packet-auditor-export.svg for the public-safe flow from release record attachment into closure packet verification, auditor export, and private SIEM/GRC/archive extension points.

Go Backend Rollback Drill Auditor Export Routing Archive

See docs/diagrams/go-backend-rollback-drill-auditor-export-routing-archive.svg for the public-safe flow from verified auditor exports into connector delivery metadata, immutable archive references, Evidence Console metrics, and private enterprise connector boundaries.

Go Backend Rollback Drill Auditor Export Retry Archive Health

See docs/diagrams/go-backend-rollback-drill-auditor-export-retry-archive-health.svg for the public-safe flow from failed auditor export delivery metadata into retry planning, archive custody health, Evidence Console drill-downs, and private execution boundaries.

Go Backend Rollback Drill Final Readiness Bundle Closeout

See docs/diagrams/go-backend-rollback-drill-final-readiness-bundle-closeout.svg for the public-safe flow from final reporting metadata into readiness bundles, externally signed archive manifests, closeout summaries, and Enterprise/private signing boundaries.

Go Backend Rollback Drill Final Closeout Delivery Retention

See docs/diagrams/go-backend-rollback-drill-final-closeout-delivery-retention.svg for the public-safe flow from closed release summaries into connector delivery, retention review approval, downloadable closeout artifact bundles, and private retention boundaries.

See docs/diagrams/go-backend-rollback-drill-scheduling.svg for the schedule and notification path that detects due-soon or stale rollback drills and emits redacted connector delivery evidence.

Go Backend Rollback Drill Notification Escalation

See docs/diagrams/go-backend-rollback-drill-notification-escalation.svg for the acknowledgement and escalation path that tracks missed rollback drill notifications.

Go Backend Rollback Drill Routing

See docs/diagrams/go-backend-rollback-drill-routing.svg for owner routing, maintenance-window suppression, owner calendar suppression, and route decision evidence for promoted Go backend rollback drills.

Go Backend Rollback Drill Routing History

See docs/diagrams/go-backend-rollback-drill-routing-history.svg for the route-history and suppression-trend path that converts persisted route decisions into filterable evidence and audit summaries.

Go Backend Rollback Drill Console

See docs/diagrams/go-backend-rollback-drill-console.svg for the Evidence Console drill-down flow across notification history, acknowledgement state, escalation routes, detail panels, and exportable public-safe evidence.

Go Backend Rollback Drill Acknowledgement Controls

See docs/diagrams/go-backend-rollback-drill-acknowledgement-controls.svg for the authenticated console mutation flow that records route acknowledgements with verified actor identity.

Go Backend Rollback Drill Bulk Acknowledgement Audit

See docs/diagrams/go-backend-rollback-drill-bulk-acknowledgement-audit.svg for the filtered bulk acknowledgement and acknowledgement audit package export flow.

Go Backend Rollback Drill Acknowledgement Audit Delivery

See docs/diagrams/go-backend-rollback-drill-acknowledgement-audit-delivery.svg for the scheduled acknowledgement audit delivery routing flow.

Go Backend Rollback Drill Audit Delivery Health

See docs/diagrams/go-backend-rollback-drill-audit-delivery-health.svg for acknowledgement audit delivery history filtering and health dashboards.

Go Backend Rollback Drill Audit Delivery Retry Worker

See docs/diagrams/go-backend-rollback-drill-audit-delivery-retry-worker.svg for governed retry planning, scheduled worker dry-runs, and public-safe retry evidence indexing.

Go Backend Rollback Drill Audit Worker Health Alerts

See docs/diagrams/go-backend-rollback-drill-audit-worker-health-alerts.svg for worker health alerts, health alert acknowledgements, and retry acknowledgement evidence.

Go Backend Rollback Drill Executive Retry Health And Recovery Health Alert Retry

See docs/diagrams/go-backend-rollback-drill-executive-retry-health-and-recovery-health-alert-retry.svg for executive retry health reporting and recovery health alert delivery retry planning.

Go Backend Rollback Drill Final Closeout Health And Retry

See docs/diagrams/go-backend-rollback-drill-final-closeout-health-retry.svg for closeout retention health checks, retention alert delivery, failed closeout delivery retry planning, and retry worker evidence.

Release Governance Final Closeout Operator Guide

See docs/diagrams/release-governance-final-closeout-operator-guide.svg for the public-safe operator workflow from final readiness evidence through signed archive manifest metadata, closeout delivery, retention approval, artifact bundle review, retention health, alerting, retry planning, release criteria, and trial handoff.

Final Closeout Trial Onboarding

See docs/diagrams/final-closeout-trial-onboarding.svg for the customer onboarding and public sandbox flow across evaluator walkthrough, synthetic sample evidence, sales-engineering script, release criteria, upgrade path, and production pilot planning.

Final Closeout Production Pilot Intake

See docs/diagrams/final-closeout-production-pilot-intake.svg for the flow from trial evidence through scope intake, readiness checks, Enterprise/SaaS handoff path, pilot plan, success criteria, and commercial decision.

SVG Images

Repository diagram images:

  • docs/diagrams/architecture-context.svg
  • docs/diagrams/c4-container.svg
  • docs/diagrams/runtime-flow.svg
  • docs/diagrams/evidence-hub.svg
  • docs/diagrams/immutable-evidence-storage.svg
  • docs/diagrams/oidc-rbac-deployment.svg
  • docs/diagrams/go-parity-sandbox-deployment.svg
  • docs/diagrams/go-reproducible-airgap.svg
  • docs/diagrams/release-signing-operations.svg
  • docs/diagrams/high-risk-command-cloud-iac-parity.svg
  • docs/diagrams/go-backend-pilot.svg
  • docs/diagrams/go-backend-deployment-readiness.svg
  • docs/diagrams/go-backend-promotion.svg
  • docs/diagrams/go-backend-rollback.svg
  • docs/diagrams/go-backend-rollback-rehearsal.svg
  • docs/diagrams/go-backend-rollback-drill-history.svg
  • docs/diagrams/go-backend-rollback-drill-scheduling.svg
  • docs/diagrams/go-backend-rollback-drill-notification-escalation.svg
  • docs/diagrams/go-backend-rollback-drill-routing.svg
  • docs/diagrams/go-backend-rollback-drill-routing-history.svg
  • docs/diagrams/go-backend-rollback-drill-console.svg
  • docs/diagrams/go-backend-rollback-drill-acknowledgement-controls.svg
  • docs/diagrams/go-backend-rollback-drill-bulk-acknowledgement-audit.svg
  • docs/diagrams/go-backend-rollback-drill-acknowledgement-audit-delivery.svg
  • docs/diagrams/go-backend-rollback-drill-audit-delivery-health.svg
  • docs/diagrams/go-backend-rollback-drill-audit-delivery-retry-worker.svg
  • docs/diagrams/go-backend-rollback-drill-audit-worker-health-alerts.svg
  • docs/diagrams/go-backend-rollback-drill-executive-retry-health-and-recovery-health-alert-retry.svg
  • docs/diagrams/go-backend-rollback-drill-closure-packet-auditor-export.svg
  • docs/diagrams/go-backend-rollback-drill-auditor-export-retry-worker-archive-alert-acks.svg
  • docs/diagrams/go-backend-rollback-drill-final-closeout-health-retry.svg
  • docs/diagrams/release-governance-final-closeout-operator-guide.svg
  • docs/diagrams/final-closeout-trial-onboarding.svg
  • docs/diagrams/final-closeout-production-pilot-intake.svg
  • docs/diagrams/policy-lifecycle.svg
  • docs/diagrams/developer-journey.svg
  • docs/diagrams/agent-orchestration.svg

Clone this wiki locally