stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries

Browse Source 
- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys.
- Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations.
- Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.
This commit is contained in:
master
2025-10-31 14:37:45 +02:00
parent 240e8ff25d
commit 15b4a1de6a
312 changed files with 6399 additions and 3319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/Scanner/__Tests/StellaOps.Scanner.WebService.Tests/ReportEventDispatcherTests.cs
View File

@@ -10,9 +10,11 @@ using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Logging.Abstractions;
using Microsoft.Extensions.Options;
using StellaOps.Auth.Abstractions;
using StellaOps.Policy;
using StellaOps.Scanner.WebService.Contracts;
using StellaOps.Scanner.WebService.Options;
using StellaOps.Scanner.WebService.Services;
namespace StellaOps.Scanner.WebService.Tests;
@@ -28,7 +30,7 @@ public sealed class ReportEventDispatcherTests
public async Task PublishAsync_EmitsReportReadyAndScanCompleted()
{
var publisher = new RecordingEventPublisher();
var dispatcher = new ReportEventDispatcher(publisher, TimeProvider.System, NullLogger<ReportEventDispatcher>.Instance);
var dispatcher = new ReportEventDispatcher(publisher, Microsoft.Extensions.Options.Options.Create(new ScannerWebServiceOptions()), TimeProvider.System, NullLogger<ReportEventDispatcher>.Instance);
var cancellationToken = CancellationToken.None;
var request = new ReportRequestDto
@@ -132,10 +134,12 @@ public sealed class ReportEventDispatcherTests
Assert.NotNull(readyPayload.Delta);
Assert.Equal(1, readyPayload.Delta?.NewCritical);
Assert.Contains("CVE-2024-9999", readyPayload.Delta?.Kev ?? Array.Empty<string>());
Assert.Equal("https://scanner.example/ui/reports/report-abc", readyPayload.Links.Ui);
Assert.Equal("https://scanner.example/api/v1/reports/report-abc", readyPayload.Links.Report);
Assert.Equal("https://scanner.example/api/v1/policy/revisions/rev-42", readyPayload.Links.Policy);
Assert.Equal("https://scanner.example/ui/attestations/report-abc", readyPayload.Links.Attestation);
Assert.Equal("https://scanner.example/ui/reports/report-abc", readyPayload.Links.Report?.Ui);
Assert.Equal("https://scanner.example/api/v1/reports/report-abc", readyPayload.Links.Report?.Api);
Assert.Equal("https://scanner.example/ui/policy/revisions/rev-42", readyPayload.Links.Policy?.Ui);
Assert.Equal("https://scanner.example/api/v1/policy/revisions/rev-42", readyPayload.Links.Policy?.Api);
Assert.Equal("https://scanner.example/ui/attestations/report-abc", readyPayload.Links.Attestation?.Ui);
Assert.Equal("https://scanner.example/api/v1/reports/report-abc/attestation", readyPayload.Links.Attestation?.Api);
Assert.Equal(envelope.Payload, readyPayload.Dsse?.Payload);
Assert.Equal("blocked", readyPayload.Report.Verdict);
@@ -151,9 +155,12 @@ public sealed class ReportEventDispatcherTests
Assert.Equal("finding-1", finding.Id);
Assert.Equal("runtime", finding.Reachability);
Assert.Equal("CVE-2024-9999", finding.Cve);
Assert.Equal("https://scanner.example/api/v1/reports/report-abc", scanPayload.Links.Report);
Assert.Equal("https://scanner.example/api/v1/policy/revisions/rev-42", scanPayload.Links.Policy);
Assert.Equal("https://scanner.example/ui/attestations/report-abc", scanPayload.Links.Attestation);
Assert.Equal("https://scanner.example/api/v1/reports/report-abc", scanPayload.Links.Report?.Api);
Assert.Equal("https://scanner.example/ui/reports/report-abc", scanPayload.Links.Report?.Ui);
Assert.Equal("https://scanner.example/ui/policy/revisions/rev-42", scanPayload.Links.Policy?.Ui);
Assert.Equal("https://scanner.example/api/v1/policy/revisions/rev-42", scanPayload.Links.Policy?.Api);
Assert.Equal("https://scanner.example/ui/attestations/report-abc", scanPayload.Links.Attestation?.Ui);
Assert.Equal("https://scanner.example/api/v1/reports/report-abc/attestation", scanPayload.Links.Attestation?.Api);
Assert.Equal(envelope.Payload, scanPayload.Dsse?.Payload);
Assert.Equal("blocked", scanPayload.Report.Verdict);
}