semi implemented and features implemented save checkpoint

2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
--- a/docs/features/unchecked/notifier/ack-tokens-for-approval-workflows.md
+++ b/docs/features/unchecked/notifier/ack-tokens-for-approval-workflows.md
@@ -0,0 +1,31 @@
+# Ack Tokens for Approval Workflows
+
+## Module
+Notifier
+
+## Status
+IMPLEMENTED
+
+## Description
+HMAC-based ack token service with bridge integration for acknowledgement workflows. Note: uses HMAC rather than DSSE-signed tokens as described in the advisory.
+
+## Implementation Details
+- **IAckTokenService interface**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Security/IAckTokenService.cs` -- `CreateToken`, `VerifyToken`, `CreateAckUrl` for signed acknowledgement tokens with configurable expiration and metadata
+- **HmacAckTokenService**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Security/HmacAckTokenService.cs` -- HMAC-SHA256 implementation with HKDF key derivation, `soa1` token prefix, versioned token format, configurable signing key
+- **IAckBridge interface**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Escalation/IAckBridge.cs` -- bridge between ack tokens and escalation engine
+- **AckBridge**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Escalation/AckBridge.cs` -- processes ack requests, maps external IDs to internal incident IDs, integrates with `IEscalationEngine` and `IIncidentManager`, supports audit logging
+- **SecurityContracts**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Contracts/SecurityContracts.cs` -- ack token request/response DTOs
+- **PackApprovalAckRequest**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Contracts/PackApprovalAckRequest.cs` -- pack approval ack request model
+- **EscalationEndpoints**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Endpoints/EscalationEndpoints.cs` -- REST endpoints for ack token processing
+- **SecurityEndpoints**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Endpoints/SecurityEndpoints.cs` -- security-related endpoints
+- **Tests**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService.Tests/Escalation/AckBridgeTests.cs`
+- **OpenAPI**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/openapi/pack-approvals.yaml`
+- **Source**: Feature matrix scan
+
+## E2E Test Plan
+- [ ] Verify HMAC ack token creation with configurable expiration (default 7 days)
+- [ ] Test token verification rejects expired, tampered, or malformed tokens
+- [ ] Verify AckBridge routes ack actions (ack, resolve, escalate) to escalation engine
+- [ ] Test ack URL generation and round-trip verification
+- [ ] Verify pack approval ack workflow through EscalationEndpoints
+- [ ] Test audit logging of ack processing events
--- a/docs/features/unchecked/notifier/digest-windows-and-throttling.md
+++ b/docs/features/unchecked/notifier/digest-windows-and-throttling.md
@@ -0,0 +1,33 @@
+# Digest Windows and Throttling
+
+## Module
+Notifier
+
+## Status
+IMPLEMENTED
+
+## Description
+Digest generation for coalescing notifications within configurable time windows.
+
+## Implementation Details
+- **INotifyThrottler interface**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/NotifyThrottler.cs` -- `RecordEventAsync`, `CheckAsync` (with configurable window/maxEvents), `ClearAsync` for per-key throttle management
+- **InMemoryNotifyThrottler**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/NotifyThrottler.cs` -- in-memory sliding window throttler with `ConcurrentDictionary<string, ThrottleState>`, `ThrottlerOptions` for default window/max
+- **IThrottleConfigService**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/IThrottleConfigService.cs` -- per-tenant throttle configuration
+- **ThrottleConfigService**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/ThrottleConfigService.cs` -- resolves throttle windows per event kind
+- **ThrottleConfigurationService**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/ThrottleConfigurationService.cs` -- advanced throttle configuration management
+- **QuietHoursServiceExtensions**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/QuietHoursServiceExtensions.cs` -- quiet hours integration with throttling
+- **ThrottleEndpoints**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Endpoints/ThrottleEndpoints.cs` -- REST API for throttle configuration
+- **QuietHoursContracts**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Contracts/QuietHoursContracts.cs` -- quiet hours request/response models
+- **IOperatorOverrideService**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/IOperatorOverrideService.cs` -- operator override for throttle bypass
+- **OperatorOverrideService**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/OperatorOverrideService.cs` -- operator override implementation
+- **OperatorOverrideEndpoints**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Endpoints/OperatorOverrideEndpoints.cs` -- REST API for operator overrides
+- **Tests**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Tests/Correlation/NotifyThrottlerTests.cs`, `ThrottleConfigServiceTests.cs`, `ThrottleConfigurationServiceTests.cs`
+- **Source**: Feature matrix scan
+
+## E2E Test Plan
+- [ ] Verify sliding window throttling suppresses notifications exceeding maxEvents within window
+- [ ] Test per-tenant throttle configuration via ThrottleEndpoints API
+- [ ] Verify quiet hours suppress notifications during configured periods
+- [ ] Test operator override allows bypassing throttle for specific keys
+- [ ] Verify throttle state clears after incident resolution
+- [ ] Test throttle configuration persists across service restarts
--- a/docs/features/unchecked/notifier/multi-channel-delivery.md
+++ b/docs/features/unchecked/notifier/multi-channel-delivery.md
@@ -0,0 +1,39 @@
+# Multi-Channel Delivery (Slack, Teams, Email, Webhooks)
+
+## Module
+Notifier
+
+## Status
+IMPLEMENTED
+
+## Description
+Multi-channel notification delivery with Slack, Webhook connectors (and PagerDuty in Notifier), with snapshot testing and error handling.
+
+## Implementation Details
+- **IChannelAdapter interface**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/IChannelAdapter.cs` -- `DispatchAsync` (sends notification via channel), `CheckHealthAsync` (verifies channel connectivity), typed by `NotifyChannelType`
+- **ChannelAdapterFactory**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/ChannelAdapterFactory.cs` -- resolves channel adapters by type, `GetAdapter`/`GetAllAdapters` for DI-based adapter registry
+- **SlackChannelAdapter**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/SlackChannelAdapter.cs` -- Slack delivery adapter
+- **WebhookChannelAdapter**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/WebhookChannelAdapter.cs` -- generic webhook delivery adapter
+- **ChatWebhookChannelAdapter**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/ChatWebhookChannelAdapter.cs` -- chat-specific webhook adapter (Teams, Discord, etc.)
+- **PagerDutyChannelAdapter**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/PagerDutyChannelAdapter.cs` -- PagerDuty incident creation adapter
+- **OpsGenieChannelAdapter**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/OpsGenieChannelAdapter.cs` -- OpsGenie alert adapter
+- **EmailChannelAdapter**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/EmailChannelAdapter.cs` -- email delivery adapter
+- **InAppChannelAdapter**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/InAppChannelAdapter.cs` -- in-app notification adapter
+- **WebhookChannelDispatcher**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Dispatch/WebhookChannelDispatcher.cs` -- dispatches to webhook-based channels
+- **IWebhookSecurityService**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Security/IWebhookSecurityService.cs` -- webhook signature verification
+- **IFallbackHandler**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Fallback/IFallbackHandler.cs` -- fallback when primary channel fails
+- **HttpEgressSloSink**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Processing/HttpEgressSloSink.cs` -- SLO tracking for HTTP egress
+- **Templates**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/offline/notifier/templates/` -- Slack and webhook templates for risk, attestation, deprecation events
+- **Tests**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Tests/Channels/WebhookChannelAdapterTests.cs`, `Dispatch/WebhookChannelDispatcherTests.cs`, `Dispatch/SimpleTemplateRendererTests.cs`, `Security/WebhookSecurityServiceTests.cs`, `Fallback/FallbackHandlerTests.cs`, `HttpEgressSloSinkTests.cs`
+- **Source**: Feature matrix scan
+
+## E2E Test Plan
+- [ ] Verify Slack channel adapter delivers notifications with Block Kit formatting
+- [ ] Test webhook channel adapter posts to configured URLs with HMAC signature
+- [ ] Verify PagerDuty adapter creates incidents with correct severity mapping
+- [ ] Test OpsGenie adapter creates alerts with priority
+- [ ] Verify email adapter sends with subject and rendered body
+- [ ] Test in-app notification adapter records notifications for UI retrieval
+- [ ] Verify channel health checks detect unreachable endpoints
+- [ ] Test fallback handler routes to secondary channel on primary failure
+- [ ] Verify egress SLO tracking records delivery latency
--- a/docs/features/unchecked/notifier/notification-correlation-engine.md
+++ b/docs/features/unchecked/notifier/notification-correlation-engine.md
@@ -0,0 +1,31 @@
+# Notification Correlation Engine
+
+## Module
+Notifier
+
+## Status
+IMPLEMENTED
+
+## Description
+Correlates related notification events across time windows to reduce noise and group related alerts, preventing notification storms during large-scale vulnerability disclosures or policy changes.
+
+## Implementation Details
+- **ICorrelationEngine interface**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/ICorrelationEngine.cs` -- `CorrelateAsync` for event correlation
+- **CorrelationEngine**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/CorrelationEngine.cs` -- orchestrates correlation key building, incident management, throttling, and quiet hours evaluation; multi-step pipeline: (1) build correlation key, (2) get/create incident, (3) check throttle, (4) evaluate quiet hours
+- **ICorrelationKeyBuilder**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/ICorrelationKeyBuilder.cs` -- builds correlation keys from events
+- **ICorrelationKeyEvaluator**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/ICorrelationKeyEvaluator.cs` -- evaluates correlation key expressions
+- **DefaultCorrelationKeyEvaluator**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/DefaultCorrelationKeyEvaluator.cs` -- default key evaluator implementation
+- **IncidentManager**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/IncidentManager.cs` -- creates/manages incidents from correlated events
+- **NotifyIncident**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/NotifyIncident.cs` -- incident model
+- **CorrelationServiceExtensions**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Correlation/CorrelationServiceExtensions.cs` -- DI registration for correlation services
+- **NotifierEventProcessor**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Processing/NotifierEventProcessor.cs` -- integrates correlation engine into event processing pipeline
+- **Tests**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Tests/Correlation/CorrelationEngineTests.cs`, `IncidentManagerTests.cs`
+- **Source**: SPRINT_0172_0001_0002_notifier_ii.md
+
+## E2E Test Plan
+- [ ] Verify events with same correlation key are grouped into a single incident
+- [ ] Test time-window-based correlation correctly groups events within window
+- [ ] Verify throttling suppresses repeat notifications for same incident
+- [ ] Test quiet hours evaluation defers notifications during configured periods
+- [ ] Verify new incidents are created when correlation window expires
+- [ ] Test correlation key building for different event kinds (CVE, policy, attestation)
--- a/docs/features/unchecked/notifier/notification-digest-generator.md
+++ b/docs/features/unchecked/notifier/notification-digest-generator.md
@@ -0,0 +1,27 @@
+# Notification Digest Generator
+
+## Module
+Notifier
+
+## Status
+IMPLEMENTED
+
+## Description
+Configurable digest aggregation that batches notifications into scheduled summary digests (hourly/daily/weekly) with customizable grouping and priority thresholds.
+
+## Implementation Details
+- **IDigestGenerator interface**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Digest/IDigestGenerator.cs` -- `GenerateAsync` and `PreviewAsync` for producing digest reports
+- **DigestGenerator**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Digest/DigestGenerator.cs` -- default implementation; queries IncidentManager for events in time range, produces `DigestResult` with `DigestId`, `TotalIncidentCount`, and `Summary.TotalEvents`; supports preview mode
+- **DigestScheduleRunner**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Digest/DigestScheduleRunner.cs` -- `BackgroundService` that runs digest generation on configured schedules; uses `IDigestDistributor` to deliver digests, `IDigestTenantProvider` for multi-tenant support; configurable via `DigestScheduleOptions.Enabled` and `Schedules`
+- **DigestTypes**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Digest/DigestTypes.cs` -- digest models (`DigestResult`, `DigestQuery`, `DigestSummary`)
+- **DigestServiceExtensions**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Digest/DigestServiceExtensions.cs` -- DI registration for digest services
+- **Tests**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Tests/Digest/DigestGeneratorTests.cs`
+- **Source**: SPRINT_0172_0001_0002_notifier_ii.md
+
+## E2E Test Plan
+- [ ] Verify scheduled digest generation runs at configured intervals (hourly/daily/weekly)
+- [ ] Test digest aggregates incidents within the configured time window
+- [ ] Verify preview mode returns digest without side effects
+- [ ] Test multi-tenant digest generation processes each tenant independently
+- [ ] Verify digest distribution delivers summary to configured channels
+- [ ] Test DigestScheduleRunner respects Enabled=false configuration
--- a/docs/features/unchecked/notifier/notification-rules-engine.md
+++ b/docs/features/unchecked/notifier/notification-rules-engine.md
@@ -0,0 +1,33 @@
+# Notification Rules Engine
+
+## Module
+Notifier
+
+## Status
+IMPLEMENTED
+
+## Description
+Rules engine with NotifyRule model, rule evaluator interface, evaluation outcomes, and schema migration support.
+
+## Implementation Details
+- **DefaultNotifyRuleEvaluator**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Processing/DefaultNotifyRuleEvaluator.cs` -- evaluates `NotifyRule` against `NotifyEvent`; matches on event kind, namespace, repository, digest, severity (ranked none=0 through blocker=6); returns `NotifyRuleEvaluationOutcome` with match/not-matched reason
+- **NotifierEventProcessor**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Processing/NotifierEventProcessor.cs` -- integrates rule evaluation into the event processing pipeline
+- **SimulationEngine**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Simulation/SimulationEngine.cs` -- dry-run simulation of rule evaluation
+- **DefaultNotifySimulationEngine**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Simulation/DefaultNotifySimulationEngine.cs` -- default simulation engine implementation
+- **ISimulationEngine**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Simulation/ISimulationEngine.cs` -- simulation interface
+- **RuleEndpoints**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Endpoints/RuleEndpoints.cs` -- REST API for rule CRUD and testing
+- **SimulationEndpoints**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Endpoints/SimulationEndpoints.cs` -- REST API for rule simulation
+- **RiskTemplateSeeder**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Setup/RiskTemplateSeeder.cs` -- seeds default risk notification rules
+- **AttestationTemplateSeeder**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Setup/AttestationTemplateSeeder.cs` -- seeds attestation notification rules
+- **InMemoryNotifyRepositories**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Storage/InMemoryNotifyRepositories.cs` -- in-memory rule storage
+- **Sample rules**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.docs/risk-rules.sample.json`
+- **Tests**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Tests/RuleEvaluatorTests.cs`, `Simulation/SimulationEngineTests.cs`, `EventProcessorTests.cs`, `Endpoints/NotifyApiEndpointsTests.cs`
+- **Source**: Feature matrix scan
+
+## E2E Test Plan
+- [ ] Verify rule evaluator matches events by kind, namespace, repository, and severity
+- [ ] Test disabled rules are skipped with "rule_disabled" reason
+- [ ] Verify severity-based filtering (e.g., minimum severity threshold)
+- [ ] Test rule CRUD through RuleEndpoints API
+- [ ] Verify simulation endpoints allow dry-run rule testing without side effects
+- [ ] Test seeded default rules for risk and attestation scenarios
--- a/docs/features/unchecked/notifier/notification-storm-breaker.md
+++ b/docs/features/unchecked/notifier/notification-storm-breaker.md
@@ -0,0 +1,27 @@
+# Notification Storm Breaker
+
+## Module
+Notifier
+
+## Status
+IMPLEMENTED
+
+## Description
+Circuit breaker mechanism that detects notification storms and applies adaptive throttling to prevent overwhelming downstream channels during mass event cascades.
+
+## Implementation Details
+- **IStormBreaker interface**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/StormBreaker/IStormBreaker.cs` -- `EvaluateAsync` (records event and checks storm condition), `GetStateAsync` (gets current storm state for a key), `GetActiveStormsAsync` (lists all active storms for a tenant)
+- **StormBreakerServiceExtensions**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/StormBreaker/StormBreakerServiceExtensions.cs` -- DI registration for storm breaker services
+- **ChannelAdapterOptions**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Channels/ChannelAdapterOptions.cs` -- circuit breaker configuration for channel adapters
+- **StormBreakerEndpoints**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.WebService/Endpoints/StormBreakerEndpoints.cs` -- REST API for viewing and managing active storms
+- **INotifierMetrics**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Worker/Observability/INotifierMetrics.cs` -- metrics counters for storm detection events
+- **Tests**: `src/Notifier/StellaOps.Notifier/StellaOps.Notifier.Tests/StormBreaker/StormBreakerTests.cs`
+- **Source**: SPRINT_0172_0001_0002_notifier_ii.md
+
+## E2E Test Plan
+- [ ] Verify storm detection triggers when event rate exceeds configured threshold
+- [ ] Test storm consolidation batches events into summary notifications
+- [ ] Verify active storm state is queryable via StormBreakerEndpoints API
+- [ ] Test storm resolution when event rate drops below threshold
+- [ ] Verify per-tenant storm isolation (storms in one tenant do not affect others)
+- [ ] Test metrics emission for storm detection and resolution events