feat: add Attestation Chain and Triage Evidence API clients and models

- Implemented Attestation Chain API client with methods for verifying, fetching, and managing attestation chains. - Created models for Attestation Chain, including DSSE envelope structures and verification results. - Developed Triage Evidence API client for fetching finding evidence, including methods for evidence retrieval by CVE and component. - Added models for Triage Evidence, encapsulating evidence responses, entry points, boundary proofs, and VEX evidence. - Introduced mock implementations for both API clients to facilitate testing and development.
2025-12-18 13:15:13 +02:00
parent 7d5250238c
commit 00d2c99af9
118 changed files with 13463 additions and 151 deletions
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Triage/Entities/TriageSnapshot.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Triage/Entities/TriageSnapshot.cs
@@ -0,0 +1,66 @@
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace StellaOps.Scanner.Triage.Entities;
+
+/// <summary>
+/// Immutable snapshot record for Smart-Diff, capturing input/output changes.
+/// </summary>
+[Table("triage_snapshot")]
+public sealed class TriageSnapshot
+{
+    /// <summary>
+    /// Unique identifier.
+    /// </summary>
+    [Key]
+    [Column("id")]
+    public Guid Id { get; init; } = Guid.NewGuid();
+
+    /// <summary>
+    /// The finding this snapshot applies to.
+    /// </summary>
+    [Column("finding_id")]
+    public Guid FindingId { get; init; }
+
+    /// <summary>
+    /// What triggered this snapshot.
+    /// </summary>
+    [Column("trigger")]
+    public TriageSnapshotTrigger Trigger { get; init; }
+
+    /// <summary>
+    /// Previous inputs hash (null for first snapshot).
+    /// </summary>
+    [Column("from_inputs_hash")]
+    public string? FromInputsHash { get; init; }
+
+    /// <summary>
+    /// New inputs hash.
+    /// </summary>
+    [Required]
+    [Column("to_inputs_hash")]
+    public required string ToInputsHash { get; init; }
+
+    /// <summary>
+    /// Human-readable summary of what changed.
+    /// </summary>
+    [Required]
+    [Column("summary")]
+    public required string Summary { get; init; }
+
+    /// <summary>
+    /// Precomputed diff in JSON format (optional).
+    /// </summary>
+    [Column("diff_json", TypeName = "jsonb")]
+    public string? DiffJson { get; init; }
+
+    /// <summary>
+    /// When this snapshot was created.
+    /// </summary>
+    [Column("created_at")]
+    public DateTimeOffset CreatedAt { get; init; } = DateTimeOffset.UtcNow;
+
+    // Navigation property
+    [ForeignKey(nameof(FindingId))]
+    public TriageFinding? Finding { get; init; }
+}