stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

feat(zastava): add evidence locker plan and schema examples

Browse Source 
- Introduced README.md for Zastava Evidence Locker Plan detailing artifacts to sign and post-signing steps.
- Added example JSON schemas for observer events and webhook admissions.
- Updated implementor guidelines with checklist for CI linting, determinism, secrets management, and schema control.
- Created alert rules for Vuln Explorer to monitor API latency and projection errors.
- Developed analytics ingestion plan for Vuln Explorer, focusing on telemetry and PII guardrails.
- Implemented Grafana dashboard configuration for Vuln Explorer metrics visualization.
- Added expected projection SHA256 for vulnerability events.
- Created k6 load testing script for Vuln Explorer API.
- Added sample projection and replay event data for testing.
- Implemented ReplayInputsLock for deterministic replay inputs management.
- Developed tests for ReplayInputsLock to ensure stable hash computation.
- Created SurfaceManifestDeterminismVerifier to validate manifest determinism and integrity.
- Added unit tests for SurfaceManifestDeterminismVerifier to ensure correct functionality.
- Implemented Angular tests for VulnerabilityHttpClient and VulnerabilityDetailComponent to verify API interactions and UI rendering.
This commit is contained in:
StellaOps Bot
2025-12-02 09:27:31 +02:00
parent 885ce86af4
commit 2d08f52715
74 changed files with 1690 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
samples/vuln/events/projection.json Normal file
View File

@@ -0,0 +1,23 @@
{
"tenants": {
"alpha": {
"open": [],
"remediated": [
{ "findingId": "f-001", "cve": "CVE-2024-1234", "package": "openssl", "version": "3.0.13", "status": "remediated", "lastTs": "2025-01-02T00:00:00Z" },
{ "findingId": "f-002", "cve": "CVE-2023-4567", "package": "nginx", "version": "1.25.3", "status": "remediated", "lastTs": "2025-01-02T01:00:00Z" }
]
},
"beta": {
"open": [],
"remediated": [
{ "findingId": "f-003", "cve": "CVE-2024-1111", "package": "glibc", "version": "2.39", "status": "verified", "lastTs": "2025-01-02T02:00:00Z" }
]
}
},
"stats": {
"totalOpen": 0,
"totalRemediated": 3,
"totalDisputed": 0,
"lastProjectionTs": "2025-01-02T02:00:00Z"
}
}

6
samples/vuln/events/replay.ndjson Normal file
View File

@@ -0,0 +1,6 @@
{"tenant":"alpha","findingId":"f-001","cve":"CVE-2024-1234","package":"openssl","version":"3.0.13","status":"open","evidence":"scan","ts":"2025-01-01T00:00:00Z"}
{"tenant":"alpha","findingId":"f-002","cve":"CVE-2023-4567","package":"nginx","version":"1.25.3","status":"open","evidence":"scan","ts":"2025-01-01T00:05:00Z"}
{"tenant":"beta","findingId":"f-003","cve":"CVE-2024-1111","package":"glibc","version":"2.39","status":"disputed","evidence":"manual","ts":"2025-01-01T00:10:00Z"}
{"tenant":"alpha","findingId":"f-001","status":"remediated","ts":"2025-01-02T00:00:00Z"}
{"tenant":"alpha","findingId":"f-002","status":"remediated","ts":"2025-01-02T01:00:00Z"}
{"tenant":"beta","findingId":"f-003","status":"verified","ts":"2025-01-02T02:00:00Z"}