stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
docs/features/unchecked/cli/cli-verify-command-for-attestation-chain-validation.md Normal file
View File

@@ -0,0 +1,33 @@
# CLI Verify Command for Attestation Chain Validation
## Module
Cli
## Status
IMPLEMENTED
## Description
CLI verify commands validate attestation chains for images with determinism testing and golden output verification.
## Implementation Details
- **Command Group**: `src/Cli/StellaOps.Cli/Commands/VerifyCommandGroup.cs` -- `VerifyCommandGroup` for `stella verify` commands
- **Image Verification**: `src/Cli/StellaOps.Cli/Commands/CommandHandlers.VerifyImage.cs` -- image verification handlers
- **Bundle Verification**: `src/Cli/StellaOps.Cli/Commands/CommandHandlers.VerifyBundle.cs` -- bundle verification handlers
- **Offline Verification**: `src/Cli/StellaOps.Cli/Commands/CommandHandlers.VerifyOffline.cs` -- offline verification handlers
- **Image Attestation Verifier**: `src/Cli/StellaOps.Cli/Services/ImageAttestationVerifier.cs` / `IImageAttestationVerifier.cs`
- **Tests**: `src/Cli/__Tests/StellaOps.Cli.Tests/GoldenOutput/VerifyCommandGoldenTests.cs`, `VerifyCommandGoldenOutputTests.cs`, `VerifyImageCommandTests.cs`, `VerifyImageHandlerTests.cs`
- **Commands**:
- `stella verify attestation <digest>` -- verify attestation chain for an artifact
- `stella verify image <image>` -- verify image attestations
- `stella verify bundle <path>` -- verify evidence bundle integrity
- `stella verify offline <digest>` -- offline verification mode
- **Integration tests**: `src/Cli/__Tests/StellaOps.Cli.Tests/Integration/VerificationConsolidationTests.cs`
## E2E Test Plan
- [ ] Run `stella verify attestation sha256:abc123` and verify attestation chain validated
- [ ] Run `stella verify image myregistry/app:v1.0` and verify image attestation check
- [ ] Run `stella verify bundle ./evidence-bundle/` and verify bundle integrity
- [ ] Run `stella verify offline sha256:abc123` and verify offline verification without network
- [ ] Verify golden output tests pass deterministically
- [ ] Verify exit code 0 for valid chains, non-zero for broken chains
- [ ] Verify `--format json` provides structured verification results