feat(zastava): add evidence locker plan and schema examples
- Introduced README.md for Zastava Evidence Locker Plan detailing artifacts to sign and post-signing steps. - Added example JSON schemas for observer events and webhook admissions. - Updated implementor guidelines with checklist for CI linting, determinism, secrets management, and schema control. - Created alert rules for Vuln Explorer to monitor API latency and projection errors. - Developed analytics ingestion plan for Vuln Explorer, focusing on telemetry and PII guardrails. - Implemented Grafana dashboard configuration for Vuln Explorer metrics visualization. - Added expected projection SHA256 for vulnerability events. - Created k6 load testing script for Vuln Explorer API. - Added sample projection and replay event data for testing. - Implemented ReplayInputsLock for deterministic replay inputs management. - Developed tests for ReplayInputsLock to ensure stable hash computation. - Created SurfaceManifestDeterminismVerifier to validate manifest determinism and integrity. - Added unit tests for SurfaceManifestDeterminismVerifier to ensure correct functionality. - Implemented Angular tests for VulnerabilityHttpClient and VulnerabilityDetailComponent to verify API interactions and UI rendering.
This commit is contained in:
StellaOps Bot
4
ops/devops/vuln/dashboards/README.md
Normal file
4
ops/devops/vuln/dashboards/README.md
Normal file
@@ -0,0 +1,4 @@
|
||||
# Vuln Explorer dashboards
|
||||
|
||||
- `vuln-explorer.json`: p95 latency, projection lag, error rate, query budget enforcement.
|
||||
- Import into Grafana (folder `StellaOps / Vuln Explorer`). Data source: Prometheus scrape with `service="vuln-explorer"` labels.
|
||||
30
ops/devops/vuln/dashboards/vuln-explorer.json
Normal file
30
ops/devops/vuln/dashboards/vuln-explorer.json
Normal file
@@ -0,0 +1,30 @@
|
||||
{
|
||||
"title": "Vuln Explorer",
|
||||
"timezone": "utc",
|
||||
"panels": [
|
||||
{
|
||||
"type": "timeseries",
|
||||
"title": "API latency p50/p95/p99",
|
||||
"targets": [
|
||||
{ "expr": "histogram_quantile(0.95, rate(http_request_duration_seconds_bucket{service=\"vuln-explorer\",path=~\"/findings.*\"}[5m]))" },
|
||||
{ "expr": "histogram_quantile(0.99, rate(http_request_duration_seconds_bucket{service=\"vuln-explorer\",path=~\"/findings.*\"}[5m]))" }
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "timeseries",
|
||||
"title": "Projection lag (s)",
|
||||
"targets": [ { "expr": "vuln_projection_lag_seconds" } ]
|
||||
},
|
||||
{
|
||||
"type": "stat",
|
||||
"title": "Error rate",
|
||||
"targets": [ { "expr": "sum(rate(http_requests_total{service=\"vuln-explorer\",status=~\"5..\"}[5m])) / sum(rate(http_requests_total{service=\"vuln-explorer\"}[5m]))" } ],
|
||||
"options": { "reduceOptions": { "calcs": ["lastNotNull"] } }
|
||||
},
|
||||
{
|
||||
"type": "timeseries",
|
||||
"title": "Query budget enforcement hits",
|
||||
"targets": [ { "expr": "rate(vuln_query_budget_enforced_total[5m])" } ]
|
||||
}
|
||||
]
|
||||
}
|
||||
Reference in New Issue
Block a user