mock data

2026-02-21 19:10:28 +02:00
parent b911537870
commit 1edce73165
61 changed files with 2325 additions and 3424 deletions
--- a/src/Authority/__Libraries/StellaOps.Authority.Persistence/Migrations/S001_demo_seed.sql
+++ b/src/Authority/__Libraries/StellaOps.Authority.Persistence/Migrations/S001_demo_seed.sql
@@ -0,0 +1,103 @@
+-- Migration: S001_demo_seed
+-- Category: seed
+-- Description: Demo data for Authority module (tenants, users, roles, clients)
+-- Idempotent: ON CONFLICT DO NOTHING
+
+-- ============================================================================
+-- Tenants
+-- ============================================================================
+
+INSERT INTO authority.tenants (id, tenant_id, name, display_name, status, settings, metadata, created_by)
+VALUES
+    ('a0000001-0000-0000-0000-000000000001', 'demo-prod', 'Production', 'Production Environment', 'active',
+     '{"maxUsers": 100, "features": ["releases", "policy", "scanning"]}'::jsonb, '{}'::jsonb, 'system'),
+    ('a0000001-0000-0000-0000-000000000002', 'demo-staging', 'Staging', 'Staging Environment', 'active',
+     '{"maxUsers": 50, "features": ["releases", "policy", "scanning"]}'::jsonb, '{}'::jsonb, 'system'),
+    ('a0000001-0000-0000-0000-000000000003', 'demo-dev', 'Development', 'Development Environment', 'active',
+     '{"maxUsers": 25, "features": ["releases", "policy", "scanning", "experimental"]}'::jsonb, '{}'::jsonb, 'system')
+ON CONFLICT (tenant_id) DO NOTHING;
+
+-- ============================================================================
+-- Roles (for demo-prod tenant)
+-- ============================================================================
+
+INSERT INTO authority.roles (id, tenant_id, name, display_name, description, is_system)
+VALUES
+    ('a0000002-0000-0000-0000-000000000001', 'demo-prod', 'admin', 'Administrator', 'Full platform access', true),
+    ('a0000002-0000-0000-0000-000000000002', 'demo-prod', 'operator', 'Operator', 'Release and deployment operations', true),
+    ('a0000002-0000-0000-0000-000000000003', 'demo-prod', 'viewer', 'Viewer', 'Read-only access to dashboards and reports', true),
+    ('a0000002-0000-0000-0000-000000000004', 'demo-prod', 'auditor', 'Auditor', 'Audit log and compliance access', true),
+    ('a0000002-0000-0000-0000-000000000005', 'demo-prod', 'developer', 'Developer', 'CI/CD and scanning integration access', false)
+ON CONFLICT (tenant_id, name) DO NOTHING;
+
+-- ============================================================================
+-- Users (for demo-prod tenant)
+-- ============================================================================
+
+INSERT INTO authority.users (id, tenant_id, username, email, display_name, enabled, status, email_verified, created_by)
+VALUES
+    ('a0000003-0000-0000-0000-000000000001', 'demo-prod', 'admin', 'admin@demo.stella-ops.local', 'Demo Admin', true, 'active', true, 'system'),
+    ('a0000003-0000-0000-0000-000000000002', 'demo-prod', 'operator', 'operator@demo.stella-ops.local', 'Release Operator', true, 'active', true, 'system'),
+    ('a0000003-0000-0000-0000-000000000003', 'demo-prod', 'viewer', 'viewer@demo.stella-ops.local', 'Dashboard Viewer', true, 'active', true, 'system'),
+    ('a0000003-0000-0000-0000-000000000004', 'demo-prod', 'auditor', 'auditor@demo.stella-ops.local', 'Compliance Auditor', true, 'active', true, 'system'),
+    ('a0000003-0000-0000-0000-000000000005', 'demo-prod', 'developer', 'dev@demo.stella-ops.local', 'Platform Developer', true, 'active', true, 'system')
+ON CONFLICT (tenant_id, username) DO NOTHING;
+
+-- ============================================================================
+-- User-Role Assignments
+-- ============================================================================
+
+INSERT INTO authority.user_roles (user_id, role_id, granted_by)
+VALUES
+    ('a0000003-0000-0000-0000-000000000001', 'a0000002-0000-0000-0000-000000000001', 'system'),
+    ('a0000003-0000-0000-0000-000000000002', 'a0000002-0000-0000-0000-000000000002', 'system'),
+    ('a0000003-0000-0000-0000-000000000003', 'a0000002-0000-0000-0000-000000000003', 'system'),
+    ('a0000003-0000-0000-0000-000000000004', 'a0000002-0000-0000-0000-000000000004', 'system'),
+    ('a0000003-0000-0000-0000-000000000005', 'a0000002-0000-0000-0000-000000000005', 'system')
+ON CONFLICT (user_id, role_id) DO NOTHING;
+
+-- ============================================================================
+-- Permissions
+-- ============================================================================
+
+INSERT INTO authority.permissions (id, tenant_id, name, resource, action, description)
+VALUES
+    ('a0000004-0000-0000-0000-000000000001', 'demo-prod', 'releases:manage', 'releases', 'manage', 'Create and manage releases'),
+    ('a0000004-0000-0000-0000-000000000002', 'demo-prod', 'releases:view', 'releases', 'view', 'View releases and history'),
+    ('a0000004-0000-0000-0000-000000000003', 'demo-prod', 'policy:manage', 'policy', 'manage', 'Manage policy packs and rules'),
+    ('a0000004-0000-0000-0000-000000000004', 'demo-prod', 'policy:view', 'policy', 'view', 'View policy evaluation results'),
+    ('a0000004-0000-0000-0000-000000000005', 'demo-prod', 'scanning:run', 'scanning', 'run', 'Trigger vulnerability scans'),
+    ('a0000004-0000-0000-0000-000000000006', 'demo-prod', 'scanning:view', 'scanning', 'view', 'View scan results and findings'),
+    ('a0000004-0000-0000-0000-000000000007', 'demo-prod', 'audit:view', 'audit', 'view', 'View audit logs'),
+    ('a0000004-0000-0000-0000-000000000008', 'demo-prod', 'admin:manage', 'admin', 'manage', 'Platform administration')
+ON CONFLICT (tenant_id, name) DO NOTHING;
+
+-- ============================================================================
+-- OAuth Clients
+-- ============================================================================
+
+INSERT INTO authority.clients (id, client_id, display_name, description, enabled, redirect_uris, allowed_scopes, allowed_grant_types, require_client_secret, require_pkce)
+VALUES
+    ('demo-client-ui', 'stellaops-console', 'Stella Ops Console', 'Web UI application', true,
+     ARRAY['https://stella-ops.local/callback', 'https://stella-ops.local/silent-renew'],
+     ARRAY['openid', 'profile', 'email', 'stellaops.api'],
+     ARRAY['authorization_code', 'refresh_token'],
+     false, true),
+    ('demo-client-cli', 'stellaops-cli', 'Stella Ops CLI', 'Command-line client', true,
+     ARRAY['http://localhost:8400/callback'],
+     ARRAY['openid', 'profile', 'stellaops.api', 'stellaops.admin'],
+     ARRAY['authorization_code', 'device_code'],
+     false, true)
+ON CONFLICT (client_id) DO NOTHING;
+
+-- ============================================================================
+-- Service Accounts
+-- ============================================================================
+
+INSERT INTO authority.service_accounts (id, account_id, tenant, display_name, description, enabled, allowed_scopes)
+VALUES
+    ('demo-sa-scanner', 'scanner-agent', 'demo-prod', 'Scanner Agent', 'Automated vulnerability scanner service account', true,
+     ARRAY['stellaops.api', 'stellaops.scanner']),
+    ('demo-sa-scheduler', 'scheduler-agent', 'demo-prod', 'Scheduler Agent', 'Job scheduling service account', true,
+     ARRAY['stellaops.api', 'stellaops.scheduler'])
+ON CONFLICT (account_id) DO NOTHING;