generated from coulomb/repo-seed
145 lines
4.8 KiB
YAML
145 lines
4.8 KiB
YAML
id: conformance/railiance-fabric/mapping-expectations
|
|
title: Railiance Fabric Mapping Expectations
|
|
status: candidate
|
|
consumer: railiance-fabric
|
|
conformance_pack: conformance/railiance-fabric
|
|
first_models:
|
|
- id: model/landscape
|
|
reason: Primary owner of services, software systems, runtime resources, environments, dependencies, and landscape claims.
|
|
expected_categories:
|
|
- service
|
|
- software-system
|
|
- runtime-resource
|
|
- endpoint
|
|
- id: model/network
|
|
reason: Owner of topology, connectivity, reachability, zones, paths, and flows.
|
|
expected_categories:
|
|
- endpoint
|
|
- network-zone
|
|
- flow
|
|
- id: model/data
|
|
reason: Owner of datastores, datasets, data movement, lineage, residency, and processing purpose.
|
|
expected_categories:
|
|
- datastore
|
|
- dataset
|
|
- data-flow
|
|
- id: model/devsecops
|
|
reason: Owner of repositories, pipelines, artifacts, releases, deployments, attestations, and delivery evidence.
|
|
expected_categories:
|
|
- source-repository
|
|
- pipeline
|
|
- deployment
|
|
- artifact
|
|
- id: model/observability
|
|
reason: Owner of telemetry, signals, alerts, incidents, dashboards, investigations, and operational evidence.
|
|
expected_categories:
|
|
- telemetry-signal
|
|
- incident
|
|
- dashboard
|
|
- evidence
|
|
- id: model/governance
|
|
reason: Owner of policy, decision, control objective, review, exception, evidence expectations, and acceptance of gaps.
|
|
expected_categories:
|
|
- policy
|
|
- decision
|
|
- review
|
|
- exception
|
|
- id: model/security
|
|
reason: Owner of findings, exposure, attack paths, mitigations, security incidents, and controls.
|
|
expected_categories:
|
|
- control
|
|
- finding
|
|
- exposure
|
|
- mitigation
|
|
- id: model/purpose-demand-extension
|
|
reason: Owner of purpose fit, demand signal, scope pressure, and evolution requests from railiance-fabric.
|
|
expected_categories:
|
|
- consumer-purpose
|
|
- demand-signal
|
|
- purpose-fit
|
|
- scope-pressure
|
|
mapping_requirements:
|
|
- id: req/canonical-anchor
|
|
expectation: Every railiance-fabric entity category maps to one canon artifact and one proposed owner concept.
|
|
- id: req/edge-direction
|
|
expectation: Every canonical edge has direction, source category, target category, relationship type, and evidence status.
|
|
- id: req/display-separation
|
|
expectation: Layout, grouping, highlighting, and collapsed view relationships are display metadata, not canon edges.
|
|
- id: req/evidence-state
|
|
expectation: Each captured node and edge has evidence_state of observed, declared, inferred, proposed, or gap.
|
|
- id: req/purpose-fit
|
|
expectation: Unmapped fabric concepts create PurposeFit and EvolutionRequest candidates instead of silent scope changes.
|
|
candidate_edge_mapping:
|
|
- railiance_edge: service_depends_on_service
|
|
canon_relationship: depends_on
|
|
canon_anchor: model/landscape
|
|
evidence_required:
|
|
- source artifact
|
|
- reason for dependency
|
|
- confidence
|
|
- railiance_edge: workload_exposes_endpoint
|
|
canon_relationship: exposes
|
|
canon_anchor: model/network
|
|
evidence_required:
|
|
- endpoint declaration or observation
|
|
- protocol
|
|
- scope
|
|
- railiance_edge: service_reads_datastore
|
|
canon_relationship: reads_or_writes
|
|
canon_anchor: model/data
|
|
evidence_required:
|
|
- data access direction
|
|
- processing purpose
|
|
- data classification
|
|
- railiance_edge: deployment_runs_resource
|
|
canon_relationship: deploys
|
|
canon_anchor: model/devsecops
|
|
evidence_required:
|
|
- deployment record
|
|
- artifact version
|
|
- environment
|
|
- railiance_edge: signal_observes_resource
|
|
canon_relationship: observed_by
|
|
canon_anchor: model/observability
|
|
evidence_required:
|
|
- signal source
|
|
- resource reference
|
|
- collection time or version
|
|
- railiance_edge: policy_governs_service
|
|
canon_relationship: governed_by
|
|
canon_anchor: model/governance
|
|
evidence_required:
|
|
- policy reference
|
|
- scope
|
|
- owner
|
|
- railiance_edge: finding_affects_service
|
|
canon_relationship: affects
|
|
canon_anchor: model/security
|
|
evidence_required:
|
|
- finding record
|
|
- affected asset
|
|
- severity or impact
|
|
consumer_interface_card_expectations:
|
|
consumed_artifacts:
|
|
- model/landscape
|
|
- model/network
|
|
- model/data
|
|
- model/devsecops
|
|
- model/observability
|
|
- model/governance
|
|
- model/security
|
|
- model/task
|
|
- model/purpose-demand-extension
|
|
- standard/tagging
|
|
produced_concepts:
|
|
- FabricEntity
|
|
- FabricEdge
|
|
- CaptureSource
|
|
- DisplayEdge
|
|
- CanonicalEdgeCandidate
|
|
- VisualizationView
|
|
requested_extensions:
|
|
- stable relationship vocabulary for graph capture
|
|
- evidence-state vocabulary for captured edges
|
|
- visualization boundary guidance for display-only edges
|