feat: Implement air-gap functionality with timeline impact and evidence snapshot services
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
- Added AirgapTimelineImpact, AirgapTimelineImpactInput, and AirgapTimelineImpactResult records for managing air-gap bundle import impacts. - Introduced EvidenceSnapshotRecord, EvidenceSnapshotLinkInput, and EvidenceSnapshotLinkResult records for linking findings to evidence snapshots. - Created IEvidenceSnapshotRepository interface for managing evidence snapshot records. - Developed StalenessValidationService to validate staleness and enforce freshness thresholds. - Implemented AirgapTimelineService for emitting timeline events related to bundle imports. - Added EvidenceSnapshotService for linking findings to evidence snapshots and verifying their validity. - Introduced AirGapOptions for configuring air-gap staleness enforcement and thresholds. - Added minimal jsPDF stub for offline/testing builds in the web application. - Created TypeScript definitions for jsPDF to enhance type safety in the web application.
This commit is contained in:
StellaOps Bot
@@ -10,6 +10,51 @@ global:
|
||||
stellaops.io/channel: stable
|
||||
stellaops.io/profile: prod
|
||||
|
||||
# Migration jobs for controlled rollouts (disabled by default)
|
||||
migrations:
|
||||
enabled: false
|
||||
jobs: []
|
||||
|
||||
networkPolicy:
|
||||
enabled: true
|
||||
ingressPort: 8443
|
||||
egressPort: 443
|
||||
ingressNamespaces:
|
||||
kubernetes.io/metadata.name: stellaops
|
||||
egressNamespaces:
|
||||
kubernetes.io/metadata.name: stellaops
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
className: nginx
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
hosts:
|
||||
- host: gateway.prod.stella-ops.org
|
||||
path: /
|
||||
servicePort: 80
|
||||
tls:
|
||||
- secretName: stellaops-prod-tls
|
||||
hosts:
|
||||
- gateway.prod.stella-ops.org
|
||||
|
||||
externalSecrets:
|
||||
enabled: true
|
||||
secrets:
|
||||
- name: core-secrets
|
||||
storeRef:
|
||||
name: stellaops-secret-store
|
||||
kind: ClusterSecretStore
|
||||
target:
|
||||
name: stellaops-prod-core
|
||||
data:
|
||||
- key: STELLAOPS_AUTHORITY__JWT__SIGNINGKEY
|
||||
remoteKey: prod/authority/jwt-signing-key
|
||||
- key: STELLAOPS_SECRETS_ENCRYPTION_KEY
|
||||
remoteKey: prod/core/secrets-encryption-key
|
||||
|
||||
configMaps:
|
||||
notify-config:
|
||||
data:
|
||||
|
||||
Reference in New Issue
Block a user