feat: add PolicyPackSelectorComponent with tests and integration

- Implemented PolicyPackSelectorComponent for selecting policy packs. - Added unit tests for component behavior, including API success and error handling. - Introduced monaco-workers type declarations for editor workers. - Created acceptance tests for guardrails with stubs for AT1–AT10. - Established SCA Failure Catalogue Fixtures for regression testing. - Developed plugin determinism harness with stubs for PL1–PL10. - Added scripts for evidence upload and verification processes.
2025-12-05 21:24:34 +02:00
parent 347c88342c
commit 18d87c64c5
220 changed files with 7700 additions and 518 deletions
--- a/src/TimelineIndexer/StellaOps.TimelineIndexer/StellaOps.TimelineIndexer.Infrastructure/Db/TimelineQueryStore.cs
+++ b/src/TimelineIndexer/StellaOps.TimelineIndexer/StellaOps.TimelineIndexer.Infrastructure/Db/TimelineQueryStore.cs
@@ -75,6 +75,27 @@ public sealed class TimelineQueryStore(TimelineIndexerDataSource dataSource, ILo
            cancellationToken).ConfigureAwait(false);
    }

+    public async Task<TimelineEvidenceView?> GetEvidenceAsync(string tenantId, string eventId, CancellationToken cancellationToken)
+    {
+        const string sql = """
+            SELECT d.event_id, d.tenant_id, d.bundle_id, d.bundle_digest, d.attestation_subject, d.attestation_digest, d.manifest_uri, d.created_at
+            FROM timeline.timeline_event_digests d
+            WHERE d.tenant_id = @tenant_id AND d.event_id = @event_id
+            LIMIT 1
+            """;
+
+        return await QuerySingleOrDefaultAsync(
+            tenantId,
+            sql,
+            cmd =>
+            {
+                AddParameter(cmd, "tenant_id", tenantId);
+                AddParameter(cmd, "event_id", eventId);
+            },
+            MapEvidence,
+            cancellationToken).ConfigureAwait(false);
+    }
+
    private static TimelineEventView MapEvent(NpgsqlDataReader reader) => new()
    {
        EventSeq = reader.GetInt64(0),
@@ -118,6 +139,37 @@ public sealed class TimelineQueryStore(TimelineIndexerDataSource dataSource, ILo
        };
    }

+    private static TimelineEvidenceView MapEvidence(NpgsqlDataReader reader)
+    {
+        var bundleDigest = GetNullableString(reader, 3);
+        var attestationSubject = GetNullableString(reader, 4);
+
+        if (string.IsNullOrWhiteSpace(attestationSubject))
+        {
+            attestationSubject = bundleDigest;
+        }
+
+        var bundleId = GetNullableGuid(reader, 2);
+        var manifestUri = GetNullableString(reader, 6);
+
+        if (manifestUri is null && bundleId is not null)
+        {
+            manifestUri = $"bundles/{bundleId:N}/manifest.dsse.json";
+        }
+
+        return new TimelineEvidenceView
+        {
+            EventId = reader.GetString(0),
+            TenantId = reader.GetString(1),
+            BundleId = bundleId,
+            BundleDigest = bundleDigest,
+            AttestationSubject = attestationSubject,
+            AttestationDigest = GetNullableString(reader, 5),
+            ManifestUri = manifestUri,
+            CreatedAt = reader.GetFieldValue<DateTimeOffset>(7)
+        };
+    }
+
    private static IDictionary<string, string>? DeserializeAttributes(NpgsqlDataReader reader, int ordinal)
    {
        if (reader.IsDBNull(ordinal)) return null;