stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: Implement air-gap functionality with timeline impact and evidence snapshot services
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
devportal-offline / build-offline (push) Has been cancelled
Details
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Details

Browse Source 
- Added AirgapTimelineImpact, AirgapTimelineImpactInput, and AirgapTimelineImpactResult records for managing air-gap bundle import impacts.
- Introduced EvidenceSnapshotRecord, EvidenceSnapshotLinkInput, and EvidenceSnapshotLinkResult records for linking findings to evidence snapshots.
- Created IEvidenceSnapshotRepository interface for managing evidence snapshot records.
- Developed StalenessValidationService to validate staleness and enforce freshness thresholds.
- Implemented AirgapTimelineService for emitting timeline events related to bundle imports.
- Added EvidenceSnapshotService for linking findings to evidence snapshots and verifying their validity.
- Introduced AirGapOptions for configuring air-gap staleness enforcement and thresholds.
- Added minimal jsPDF stub for offline/testing builds in the web application.
- Created TypeScript definitions for jsPDF to enhance type safety in the web application.
This commit is contained in:
StellaOps Bot
2025-12-06 01:30:08 +02:00
parent 6c1177a6ce
commit 2eaf0f699b
144 changed files with 7578 additions and 2581 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/AirGapServiceCollectionExtensions.cs Normal file
View File

@@ -0,0 +1,77 @@
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
namespace StellaOps.Concelier.Core.AirGap;
/// <summary>
/// Service collection extensions for AirGap services.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public static class AirGapServiceCollectionExtensions
{
/// <summary>
/// Adds AirGap services to the service collection.
/// </summary>
/// <param name="services">The service collection.</param>
/// <param name="configureSealed">Optional sealed mode configuration.</param>
/// <returns>The service collection for chaining.</returns>
public static IServiceCollection AddConcelierAirGapServices(
this IServiceCollection services,
Action<SealedModeConfiguration>? configureSealed = null)
{
ArgumentNullException.ThrowIfNull(services);
// Register TimeProvider if not already registered
services.TryAddSingleton(TimeProvider.System);
// Register core services
services.TryAddSingleton<IBundleSourceRegistry, BundleSourceRegistry>();
services.TryAddSingleton<IBundleCatalogService, BundleCatalogService>();
// Configure and register sealed mode enforcer
var sealedConfig = new SealedModeConfiguration();
configureSealed?.Invoke(sealedConfig);
services.TryAddSingleton<ISealedModeEnforcer>(sp =>
{
var logger = sp.GetRequiredService<Microsoft.Extensions.Logging.ILogger<SealedModeEnforcer>>();
var timeProvider = sp.GetService<TimeProvider>();
return new SealedModeEnforcer(
logger,
isSealed: sealedConfig.IsSealed,
warnOnly: sealedConfig.WarnOnly,
allowedSources: sealedConfig.AllowedSources,
allowedHosts: sealedConfig.AllowedHosts,
timeProvider: timeProvider);
});
return services;
}
}
/// <summary>
/// Configuration for sealed mode.
/// </summary>
public sealed class SealedModeConfiguration
{
/// <summary>
/// Enable sealed mode.
/// </summary>
public bool IsSealed { get; set; }
/// <summary>
/// Enable warn-only mode (log violations but don't block).
/// </summary>
public bool WarnOnly { get; set; }
/// <summary>
/// Sources allowed even in sealed mode.
/// </summary>
public IList<string> AllowedSources { get; } = new List<string>();
/// <summary>
/// Hosts allowed even in sealed mode.
/// </summary>
public IList<string> AllowedHosts { get; } = new List<string>();
}

250
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/BundleCatalogService.cs Normal file
View File

@@ -0,0 +1,250 @@
using System.Collections.Immutable;
using System.Security.Cryptography;
using System.Text;
using Microsoft.Extensions.Logging;
using StellaOps.Concelier.Core.AirGap.Models;
namespace StellaOps.Concelier.Core.AirGap;
/// <summary>
/// Default implementation of <see cref="IBundleCatalogService"/>.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed class BundleCatalogService : IBundleCatalogService
{
private readonly IBundleSourceRegistry _sourceRegistry;
private readonly ILogger<BundleCatalogService> _logger;
private readonly TimeProvider _timeProvider;
private readonly int _defaultPageSize;
private readonly int _maxPageSize;
private AggregatedCatalog? _cachedCatalog;
private DateTimeOffset _cacheExpiry = DateTimeOffset.MinValue;
private readonly object _cacheLock = new();
public BundleCatalogService(
IBundleSourceRegistry sourceRegistry,
ILogger<BundleCatalogService> logger,
TimeProvider? timeProvider = null,
int defaultPageSize = 50,
int maxPageSize = 100)
{
_sourceRegistry = sourceRegistry ?? throw new ArgumentNullException(nameof(sourceRegistry));
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
_timeProvider = timeProvider ?? TimeProvider.System;
_defaultPageSize = defaultPageSize;
_maxPageSize = maxPageSize;
}
/// <inheritdoc />
public async Task<AggregatedCatalog> GetCatalogAsync(
string? cursor = null,
int? limit = null,
CancellationToken cancellationToken = default)
{
var fullCatalog = await GetOrRefreshCatalogAsync(cancellationToken).ConfigureAwait(false);
return ApplyPagination(fullCatalog, cursor, limit);
}
/// <inheritdoc />
public async Task<AggregatedCatalog> GetCatalogBySourceAsync(
string sourceId,
string? cursor = null,
int? limit = null,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(sourceId);
var fullCatalog = await GetOrRefreshCatalogAsync(cancellationToken).ConfigureAwait(false);
var filteredEntries = fullCatalog.Entries
.Where(e => string.Equals(e.SourceId, sourceId, StringComparison.OrdinalIgnoreCase))
.ToImmutableArray();
var filteredCatalog = fullCatalog with
{
Entries = filteredEntries,
TotalCount = filteredEntries.Length,
SourceIds = ImmutableArray.Create(sourceId)
};
return ApplyPagination(filteredCatalog, cursor, limit);
}
/// <inheritdoc />
public async Task<BundleCatalogEntry?> GetBundleAsync(
string bundleId,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(bundleId);
var catalog = await GetOrRefreshCatalogAsync(cancellationToken).ConfigureAwait(false);
return catalog.Entries.FirstOrDefault(e =>
string.Equals(e.BundleId, bundleId, StringComparison.OrdinalIgnoreCase));
}
/// <inheritdoc />
public Task RefreshAsync(CancellationToken cancellationToken = default)
{
lock (_cacheLock)
{
_cachedCatalog = null;
_cacheExpiry = DateTimeOffset.MinValue;
}
_logger.LogDebug("Catalog cache invalidated");
return Task.CompletedTask;
}
private async Task<AggregatedCatalog> GetOrRefreshCatalogAsync(CancellationToken cancellationToken)
{
var now = _timeProvider.GetUtcNow();
lock (_cacheLock)
{
if (_cachedCatalog is not null && now < _cacheExpiry)
{
return _cachedCatalog;
}
}
var catalog = await BuildCatalogAsync(cancellationToken).ConfigureAwait(false);
lock (_cacheLock)
{
_cachedCatalog = catalog;
_cacheExpiry = now.AddMinutes(5); // Default 5-minute cache
}
return catalog;
}
private Task<AggregatedCatalog> BuildCatalogAsync(CancellationToken cancellationToken)
{
var sources = _sourceRegistry.GetSources()
.Where(s => s.Enabled && s.Status != BundleSourceStatus.Error)
.ToList();
var entries = new List<BundleCatalogEntry>();
var sourceIds = new List<string>();
foreach (var source in sources)
{
var sourceEntries = DiscoverBundles(source);
entries.AddRange(sourceEntries);
sourceIds.Add(source.Id);
}
var now = _timeProvider.GetUtcNow();
var etag = ComputeETag(entries);
_logger.LogDebug(
"Built catalog with {EntryCount} entries from {SourceCount} sources",
entries.Count, sources.Count);
return Task.FromResult(new AggregatedCatalog
{
Entries = entries.OrderBy(e => e.BundleId).ToImmutableArray(),
TotalCount = entries.Count,
SourceIds = sourceIds.ToImmutableArray(),
ComputedAt = now,
ETag = etag
});
}
private IEnumerable<BundleCatalogEntry> DiscoverBundles(BundleSourceInfo source)
{
// Actual implementation would discover bundles from the source
// For now, return empty - this would be expanded based on source type
return source.Type switch
{
"directory" => DiscoverDirectoryBundles(source),
"archive" => DiscoverArchiveBundles(source),
"remote" => Enumerable.Empty<BundleCatalogEntry>(), // Would require async HTTP calls
_ => Enumerable.Empty<BundleCatalogEntry>()
};
}
private IEnumerable<BundleCatalogEntry> DiscoverDirectoryBundles(BundleSourceInfo source)
{
if (!Directory.Exists(source.Location))
{
yield break;
}
foreach (var file in Directory.EnumerateFiles(source.Location, "*.bundle.json", SearchOption.AllDirectories))
{
var fileInfo = new FileInfo(file);
var bundleId = Path.GetFileNameWithoutExtension(fileInfo.Name);
yield return new BundleCatalogEntry
{
BundleId = bundleId,
SourceId = source.Id,
Type = "advisory", // Would be parsed from bundle metadata
ContentHash = $"sha256:{ComputeFileHash(file)}",
SizeBytes = fileInfo.Length,
CreatedAt = fileInfo.CreationTimeUtc,
ModifiedAt = fileInfo.LastWriteTimeUtc
};
}
}
private IEnumerable<BundleCatalogEntry> DiscoverArchiveBundles(BundleSourceInfo source)
{
// Would extract and inspect archive contents
yield break;
}
private AggregatedCatalog ApplyPagination(AggregatedCatalog catalog, string? cursor, int? limit)
{
var pageSize = Math.Min(limit ?? _defaultPageSize, _maxPageSize);
var offset = ParseCursor(cursor);
var pagedEntries = catalog.Entries
.Skip(offset)
.Take(pageSize)
.ToImmutableArray();
string? nextCursor = null;
if (offset + pageSize < catalog.TotalCount)
{
nextCursor = (offset + pageSize).ToString();
}
return catalog with
{
Entries = pagedEntries,
NextCursor = nextCursor
};
}
private static int ParseCursor(string? cursor)
{
if (string.IsNullOrEmpty(cursor))
{
return 0;
}
return int.TryParse(cursor, out var offset) ? offset : 0;
}
private static string ComputeETag(IEnumerable<BundleCatalogEntry> entries)
{
var builder = new StringBuilder();
foreach (var entry in entries.OrderBy(e => e.BundleId))
{
builder.Append(entry.BundleId);
builder.Append(entry.ContentHash);
}
var hash = SHA256.HashData(Encoding.UTF8.GetBytes(builder.ToString()));
return $"W/\"{Convert.ToHexString(hash)[..16]}\"";
}
private static string ComputeFileHash(string filePath)
{
using var stream = File.OpenRead(filePath);
var hash = SHA256.HashData(stream);
return Convert.ToHexString(hash).ToLowerInvariant();
}
}

185
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/BundleSourceRegistry.cs Normal file
View File

@@ -0,0 +1,185 @@
using System.Collections.Concurrent;
using System.Collections.Immutable;
using Microsoft.Extensions.Logging;
using StellaOps.Concelier.Core.AirGap.Models;
namespace StellaOps.Concelier.Core.AirGap;
/// <summary>
/// Default implementation of <see cref="IBundleSourceRegistry"/>.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed class BundleSourceRegistry : IBundleSourceRegistry
{
private readonly ConcurrentDictionary<string, BundleSourceInfo> _sources = new(StringComparer.OrdinalIgnoreCase);
private readonly ILogger<BundleSourceRegistry> _logger;
private readonly TimeProvider _timeProvider;
public BundleSourceRegistry(
ILogger<BundleSourceRegistry> logger,
TimeProvider? timeProvider = null)
{
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
_timeProvider = timeProvider ?? TimeProvider.System;
}
/// <inheritdoc />
public IReadOnlyList<BundleSourceInfo> GetSources()
=> _sources.Values.OrderBy(s => s.Priority).ThenBy(s => s.Id).ToList();
/// <inheritdoc />
public BundleSourceInfo? GetSource(string sourceId)
{
ArgumentException.ThrowIfNullOrWhiteSpace(sourceId);
return _sources.GetValueOrDefault(sourceId);
}
/// <inheritdoc />
public Task<BundleSourceInfo> RegisterAsync(
BundleSourceRegistration registration,
CancellationToken cancellationToken = default)
{
ArgumentNullException.ThrowIfNull(registration);
ArgumentException.ThrowIfNullOrWhiteSpace(registration.Id);
ArgumentException.ThrowIfNullOrWhiteSpace(registration.Type);
ArgumentException.ThrowIfNullOrWhiteSpace(registration.Location);
var now = _timeProvider.GetUtcNow();
var sourceInfo = new BundleSourceInfo
{
Id = registration.Id,
DisplayName = registration.DisplayName,
Type = registration.Type,
Location = registration.Location,
Enabled = registration.Enabled,
Priority = registration.Priority,
VerificationMode = registration.VerificationMode,
RegisteredAt = now,
Status = BundleSourceStatus.Unknown,
Metadata = ImmutableDictionary<string, string>.Empty
};
_sources[registration.Id] = sourceInfo;
_logger.LogInformation(
"Registered bundle source: {SourceId}, type={Type}, location={Location}",
registration.Id, registration.Type, registration.Location);
return Task.FromResult(sourceInfo);
}
/// <inheritdoc />
public Task<bool> UnregisterAsync(string sourceId, CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(sourceId);
var removed = _sources.TryRemove(sourceId, out _);
if (removed)
{
_logger.LogInformation("Unregistered bundle source: {SourceId}", sourceId);
}
return Task.FromResult(removed);
}
/// <inheritdoc />
public Task<BundleSourceValidationResult> ValidateAsync(
string sourceId,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(sourceId);
if (!_sources.TryGetValue(sourceId, out var source))
{
return Task.FromResult(BundleSourceValidationResult.Failure(sourceId, $"Source '{sourceId}' not found"));
}
var now = _timeProvider.GetUtcNow();
// Basic validation - actual implementation would check source accessibility
var result = source.Type switch
{
"directory" => ValidateDirectorySource(source),
"archive" => ValidateArchiveSource(source),
"remote" => ValidateRemoteSource(source),
_ => BundleSourceValidationResult.Failure(sourceId, $"Unknown source type: {source.Type}")
};
// Update source status
var updatedSource = source with
{
LastValidatedAt = now,
Status = result.Status,
BundleCount = result.BundleCount,
ErrorMessage = result.Errors.Length > 0 ? string.Join("; ", result.Errors) : null
};
_sources[sourceId] = updatedSource;
_logger.LogDebug(
"Validated bundle source: {SourceId}, status={Status}, bundles={BundleCount}",
sourceId, result.Status, result.BundleCount);
return Task.FromResult(result);
}
/// <inheritdoc />
public Task<bool> SetEnabledAsync(string sourceId, bool enabled, CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(sourceId);
if (!_sources.TryGetValue(sourceId, out var source))
{
return Task.FromResult(false);
}
var updatedSource = source with
{
Enabled = enabled,
Status = enabled ? source.Status : BundleSourceStatus.Disabled
};
_sources[sourceId] = updatedSource;
_logger.LogInformation("Set bundle source {SourceId} enabled={Enabled}", sourceId, enabled);
return Task.FromResult(true);
}
private BundleSourceValidationResult ValidateDirectorySource(BundleSourceInfo source)
{
if (!Directory.Exists(source.Location))
{
return BundleSourceValidationResult.Failure(source.Id, $"Directory not found: {source.Location}");
}
var bundleFiles = Directory.GetFiles(source.Location, "*.bundle.json", SearchOption.AllDirectories);
return BundleSourceValidationResult.Success(source.Id, bundleFiles.Length);
}
private BundleSourceValidationResult ValidateArchiveSource(BundleSourceInfo source)
{
if (!File.Exists(source.Location))
{
return BundleSourceValidationResult.Failure(source.Id, $"Archive not found: {source.Location}");
}
// Actual implementation would inspect archive contents
return BundleSourceValidationResult.Success(source.Id, 0);
}
private BundleSourceValidationResult ValidateRemoteSource(BundleSourceInfo source)
{
if (!Uri.TryCreate(source.Location, UriKind.Absolute, out var uri))
{
return BundleSourceValidationResult.Failure(source.Id, $"Invalid URL: {source.Location}");
}
// Actual implementation would check remote accessibility
return new BundleSourceValidationResult
{
SourceId = source.Id,
IsValid = true,
Status = BundleSourceStatus.Unknown,
ValidatedAt = _timeProvider.GetUtcNow(),
Warnings = ImmutableArray.Create("Remote validation not implemented - assuming valid")
};
}
}

39
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/IBundleCatalogService.cs Normal file
View File

@@ -0,0 +1,39 @@
using StellaOps.Concelier.Core.AirGap.Models;
namespace StellaOps.Concelier.Core.AirGap;
/// <summary>
/// Service for accessing the aggregated bundle catalog.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public interface IBundleCatalogService
{
/// <summary>
/// Gets the aggregated catalog from all sources.
/// </summary>
Task<AggregatedCatalog> GetCatalogAsync(
string? cursor = null,
int? limit = null,
CancellationToken cancellationToken = default);
/// <summary>
/// Gets catalog entries for a specific source.
/// </summary>
Task<AggregatedCatalog> GetCatalogBySourceAsync(
string sourceId,
string? cursor = null,
int? limit = null,
CancellationToken cancellationToken = default);
/// <summary>
/// Gets a specific bundle entry.
/// </summary>
Task<BundleCatalogEntry?> GetBundleAsync(
string bundleId,
CancellationToken cancellationToken = default);
/// <summary>
/// Refreshes the catalog cache.
/// </summary>
Task RefreshAsync(CancellationToken cancellationToken = default);
}

44
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/IBundleSourceRegistry.cs Normal file
View File

@@ -0,0 +1,44 @@
using StellaOps.Concelier.Core.AirGap.Models;
namespace StellaOps.Concelier.Core.AirGap;
/// <summary>
/// Registry for managing bundle sources in air-gap mode.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public interface IBundleSourceRegistry
{
/// <summary>
/// Gets all registered sources.
/// </summary>
IReadOnlyList<BundleSourceInfo> GetSources();
/// <summary>
/// Gets a specific source by ID.
/// </summary>
BundleSourceInfo? GetSource(string sourceId);
/// <summary>
/// Registers a new bundle source.
/// </summary>
Task<BundleSourceInfo> RegisterAsync(
BundleSourceRegistration registration,
CancellationToken cancellationToken = default);
/// <summary>
/// Unregisters a bundle source.
/// </summary>
Task<bool> UnregisterAsync(string sourceId, CancellationToken cancellationToken = default);
/// <summary>
/// Validates a bundle source.
/// </summary>
Task<BundleSourceValidationResult> ValidateAsync(
string sourceId,
CancellationToken cancellationToken = default);
/// <summary>
/// Enables or disables a source.
/// </summary>
Task<bool> SetEnabledAsync(string sourceId, bool enabled, CancellationToken cancellationToken = default);
}

52
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/ISealedModeEnforcer.cs Normal file
View File

@@ -0,0 +1,52 @@
using StellaOps.Concelier.Core.AirGap.Models;
namespace StellaOps.Concelier.Core.AirGap;
/// <summary>
/// Enforces sealed mode by blocking direct internet feeds.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public interface ISealedModeEnforcer
{
/// <summary>
/// Gets whether sealed mode is currently active.
/// </summary>
bool IsSealed { get; }
/// <summary>
/// Ensures a source is allowed to access the given destination.
/// Throws <see cref="SealedModeViolationException"/> if not allowed and not in warn-only mode.
/// </summary>
void EnsureSourceAllowed(string sourceName, Uri destination);
/// <summary>
/// Checks if a source is allowed to access the given destination.
/// </summary>
bool IsSourceAllowed(string sourceName, Uri destination);
/// <summary>
/// Gets the list of currently blocked sources.
/// </summary>
IReadOnlyList<string> GetBlockedSources();
/// <summary>
/// Gets the current sealed mode status.
/// </summary>
SealedModeStatus GetStatus();
}
/// <summary>
/// Exception thrown when a sealed mode violation occurs.
/// </summary>
public sealed class SealedModeViolationException : Exception
{
public SealedModeViolationException(string sourceName, Uri destination)
: base($"Sealed mode violation: source '{sourceName}' attempted to access '{destination}'")
{
SourceName = sourceName;
Destination = destination;
}
public string SourceName { get; }
public Uri Destination { get; }
}

40
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/Models/AggregatedCatalog.cs Normal file
View File

@@ -0,0 +1,40 @@
using System.Collections.Immutable;
namespace StellaOps.Concelier.Core.AirGap.Models;
/// <summary>
/// Aggregated bundle catalog from all sources.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed record AggregatedCatalog
{
/// <summary>
/// Catalog entries.
/// </summary>
public ImmutableArray<BundleCatalogEntry> Entries { get; init; } = ImmutableArray<BundleCatalogEntry>.Empty;
/// <summary>
/// Total number of entries (may differ from Entries.Length if paginated).
/// </summary>
public int TotalCount { get; init; }
/// <summary>
/// Sources that contributed to this catalog.
/// </summary>
public ImmutableArray<string> SourceIds { get; init; } = ImmutableArray<string>.Empty;
/// <summary>
/// When the catalog was computed.
/// </summary>
public DateTimeOffset ComputedAt { get; init; }
/// <summary>
/// Catalog version/ETag for caching.
/// </summary>
public string? ETag { get; init; }
/// <summary>
/// Cursor for pagination.
/// </summary>
public string? NextCursor { get; init; }
}

117
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/Models/BundleCatalogEntry.cs Normal file
View File

@@ -0,0 +1,117 @@
using System.Collections.Immutable;
namespace StellaOps.Concelier.Core.AirGap.Models;
/// <summary>
/// Entry in the aggregated bundle catalog.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed record BundleCatalogEntry
{
/// <summary>
/// Bundle identifier.
/// </summary>
public required string BundleId { get; init; }
/// <summary>
/// Source that provides this bundle.
/// </summary>
public required string SourceId { get; init; }
/// <summary>
/// Bundle type (advisory, vex, sbom, etc.).
/// </summary>
public required string Type { get; init; }
/// <summary>
/// Bundle version.
/// </summary>
public string? Version { get; init; }
/// <summary>
/// Content hash for integrity verification.
/// </summary>
public required string ContentHash { get; init; }
/// <summary>
/// Size of the bundle in bytes.
/// </summary>
public long SizeBytes { get; init; }
/// <summary>
/// When the bundle was created.
/// </summary>
public DateTimeOffset CreatedAt { get; init; }
/// <summary>
/// When the bundle was last modified.
/// </summary>
public DateTimeOffset? ModifiedAt { get; init; }
/// <summary>
/// Number of items in the bundle.
/// </summary>
public int ItemCount { get; init; }
/// <summary>
/// Bundle metadata.
/// </summary>
public ImmutableDictionary<string, string> Metadata { get; init; } = ImmutableDictionary<string, string>.Empty;
/// <summary>
/// Provenance information if available.
/// </summary>
public BundleProvenance? Provenance { get; init; }
}
/// <summary>
/// Provenance information for a bundle.
/// </summary>
public sealed record BundleProvenance
{
/// <summary>
/// Origin of the bundle data.
/// </summary>
public required string Origin { get; init; }
/// <summary>
/// Signature information if signed.
/// </summary>
public BundleSignature? Signature { get; init; }
/// <summary>
/// When the bundle was retrieved.
/// </summary>
public DateTimeOffset RetrievedAt { get; init; }
/// <summary>
/// Pipeline version that created this bundle.
/// </summary>
public string? PipelineVersion { get; init; }
}
/// <summary>
/// Signature information for a bundle.
/// </summary>
public sealed record BundleSignature
{
/// <summary>
/// Signature format (dsse, pgp, etc.).
/// </summary>
public required string Format { get; init; }
/// <summary>
/// Key identifier.
/// </summary>
public required string KeyId { get; init; }
/// <summary>
/// Whether signature was verified.
/// </summary>
public bool Verified { get; init; }
/// <summary>
/// When signature was verified.
/// </summary>
public DateTimeOffset? VerifiedAt { get; init; }
}

96
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/Models/BundleSourceInfo.cs Normal file
View File

@@ -0,0 +1,96 @@
using System.Collections.Immutable;
namespace StellaOps.Concelier.Core.AirGap.Models;
/// <summary>
/// Information about a registered bundle source.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed record BundleSourceInfo
{
/// <summary>
/// Unique identifier for the source.
/// </summary>
public required string Id { get; init; }
/// <summary>
/// Display name for the source.
/// </summary>
public string? DisplayName { get; init; }
/// <summary>
/// Source type (directory, archive, remote).
/// </summary>
public required string Type { get; init; }
/// <summary>
/// Location of the source (path or URL).
/// </summary>
public required string Location { get; init; }
/// <summary>
/// Whether the source is enabled.
/// </summary>
public bool Enabled { get; init; } = true;
/// <summary>
/// Priority for this source (lower = higher priority).
/// </summary>
public int Priority { get; init; } = 100;
/// <summary>
/// Verification mode for bundles (signature, hash, none).
/// </summary>
public string VerificationMode { get; init; } = "signature";
/// <summary>
/// When the source was registered.
/// </summary>
public DateTimeOffset RegisteredAt { get; init; }
/// <summary>
/// When the source was last validated.
/// </summary>
public DateTimeOffset? LastValidatedAt { get; init; }
/// <summary>
/// Number of bundles available from this source.
/// </summary>
public int BundleCount { get; init; }
/// <summary>
/// Source health status.
/// </summary>
public BundleSourceStatus Status { get; init; } = BundleSourceStatus.Unknown;
/// <summary>
/// Error message if status is Error.
/// </summary>
public string? ErrorMessage { get; init; }
/// <summary>
/// Metadata from the source catalog.
/// </summary>
public ImmutableDictionary<string, string> Metadata { get; init; } = ImmutableDictionary<string, string>.Empty;
}
/// <summary>
/// Bundle source health status.
/// </summary>
public enum BundleSourceStatus
{
/// <summary>Status unknown (not yet validated).</summary>
Unknown = 0,
/// <summary>Source is healthy and accessible.</summary>
Healthy = 1,
/// <summary>Source has warnings but is functional.</summary>
Degraded = 2,
/// <summary>Source is in error state.</summary>
Error = 3,
/// <summary>Source is disabled.</summary>
Disabled = 4
}

43
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/Models/BundleSourceRegistration.cs Normal file
View File

@@ -0,0 +1,43 @@
namespace StellaOps.Concelier.Core.AirGap.Models;
/// <summary>
/// Registration request for a new bundle source.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed record BundleSourceRegistration
{
/// <summary>
/// Unique identifier for the source.
/// </summary>
public required string Id { get; init; }
/// <summary>
/// Display name for the source.
/// </summary>
public string? DisplayName { get; init; }
/// <summary>
/// Source type (directory, archive, remote).
/// </summary>
public required string Type { get; init; }
/// <summary>
/// Location of the source (path or URL).
/// </summary>
public required string Location { get; init; }
/// <summary>
/// Whether the source should be enabled immediately.
/// </summary>
public bool Enabled { get; init; } = true;
/// <summary>
/// Priority for this source (lower = higher priority).
/// </summary>
public int Priority { get; init; } = 100;
/// <summary>
/// Verification mode for bundles (signature, hash, none).
/// </summary>
public string VerificationMode { get; init; } = "signature";
}

69
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/Models/BundleSourceValidationResult.cs Normal file
View File

@@ -0,0 +1,69 @@
using System.Collections.Immutable;
namespace StellaOps.Concelier.Core.AirGap.Models;
/// <summary>
/// Result of validating a bundle source.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed record BundleSourceValidationResult
{
/// <summary>
/// Source identifier that was validated.
/// </summary>
public required string SourceId { get; init; }
/// <summary>
/// Whether the source is valid.
/// </summary>
public bool IsValid { get; init; }
/// <summary>
/// Source status after validation.
/// </summary>
public BundleSourceStatus Status { get; init; }
/// <summary>
/// Validation errors if any.
/// </summary>
public ImmutableArray<string> Errors { get; init; } = ImmutableArray<string>.Empty;
/// <summary>
/// Validation warnings if any.
/// </summary>
public ImmutableArray<string> Warnings { get; init; } = ImmutableArray<string>.Empty;
/// <summary>
/// Number of bundles discovered.
/// </summary>
public int BundleCount { get; init; }
/// <summary>
/// When the validation was performed.
/// </summary>
public DateTimeOffset ValidatedAt { get; init; }
/// <summary>
/// Creates a successful validation result.
/// </summary>
public static BundleSourceValidationResult Success(string sourceId, int bundleCount) => new()
{
SourceId = sourceId,
IsValid = true,
Status = BundleSourceStatus.Healthy,
BundleCount = bundleCount,
ValidatedAt = DateTimeOffset.UtcNow
};
/// <summary>
/// Creates a failed validation result.
/// </summary>
public static BundleSourceValidationResult Failure(string sourceId, params string[] errors) => new()
{
SourceId = sourceId,
IsValid = false,
Status = BundleSourceStatus.Error,
Errors = errors.ToImmutableArray(),
ValidatedAt = DateTimeOffset.UtcNow
};
}

71
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/Models/SealedModeStatus.cs Normal file
View File

@@ -0,0 +1,71 @@
using System.Collections.Immutable;
namespace StellaOps.Concelier.Core.AirGap.Models;
/// <summary>
/// Status of sealed mode enforcement.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed record SealedModeStatus
{
/// <summary>
/// Whether sealed mode is enabled.
/// </summary>
public bool IsSealed { get; init; }
/// <summary>
/// Whether warn-only mode is active.
/// </summary>
public bool WarnOnly { get; init; }
/// <summary>
/// Sources that are allowed even in sealed mode.
/// </summary>
public ImmutableArray<string> AllowedSources { get; init; } = ImmutableArray<string>.Empty;
/// <summary>
/// Hosts that are allowed even in sealed mode.
/// </summary>
public ImmutableArray<string> AllowedHosts { get; init; } = ImmutableArray<string>.Empty;
/// <summary>
/// Sources that are currently blocked.
/// </summary>
public ImmutableArray<string> BlockedSources { get; init; } = ImmutableArray<string>.Empty;
/// <summary>
/// Recent seal violations (if warn-only mode).
/// </summary>
public ImmutableArray<SealViolation> RecentViolations { get; init; } = ImmutableArray<SealViolation>.Empty;
/// <summary>
/// When status was computed.
/// </summary>
public DateTimeOffset ComputedAt { get; init; }
}
/// <summary>
/// Record of a seal mode violation attempt.
/// </summary>
public sealed record SealViolation
{
/// <summary>
/// Source that attempted the violation.
/// </summary>
public required string SourceName { get; init; }
/// <summary>
/// Destination that was blocked.
/// </summary>
public required string Destination { get; init; }
/// <summary>
/// When the violation occurred.
/// </summary>
public DateTimeOffset OccurredAt { get; init; }
/// <summary>
/// Whether the request was blocked or just warned.
/// </summary>
public bool WasBlocked { get; init; }
}

169
src/Concelier/__Libraries/StellaOps.Concelier.Core/AirGap/SealedModeEnforcer.cs Normal file
View File

@@ -0,0 +1,169 @@
using System.Collections.Concurrent;
using System.Collections.Immutable;
using Microsoft.Extensions.Logging;
using StellaOps.Concelier.Core.AirGap.Models;
namespace StellaOps.Concelier.Core.AirGap;
/// <summary>
/// Default implementation of <see cref="ISealedModeEnforcer"/>.
/// Per CONCELIER-WEB-AIRGAP-56-001.
/// </summary>
public sealed class SealedModeEnforcer : ISealedModeEnforcer
{
private readonly ILogger<SealedModeEnforcer> _logger;
private readonly TimeProvider _timeProvider;
private readonly bool _isSealed;
private readonly bool _warnOnly;
private readonly ImmutableHashSet<string> _allowedSources;
private readonly ImmutableHashSet<string> _allowedHosts;
private readonly ConcurrentQueue<SealViolation> _recentViolations = new();
private readonly ConcurrentDictionary<string, bool> _blockedSources = new(StringComparer.OrdinalIgnoreCase);
private const int MaxRecentViolations = 100;
public SealedModeEnforcer(
ILogger<SealedModeEnforcer> logger,
bool isSealed = false,
bool warnOnly = false,
IEnumerable<string>? allowedSources = null,
IEnumerable<string>? allowedHosts = null,
TimeProvider? timeProvider = null)
{
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
_timeProvider = timeProvider ?? TimeProvider.System;
_isSealed = isSealed;
_warnOnly = warnOnly;
_allowedSources = (allowedSources ?? Enumerable.Empty<string>())
.ToImmutableHashSet(StringComparer.OrdinalIgnoreCase);
_allowedHosts = (allowedHosts ?? Enumerable.Empty<string>())
.ToImmutableHashSet(StringComparer.OrdinalIgnoreCase);
}
/// <inheritdoc />
public bool IsSealed => _isSealed;
/// <inheritdoc />
public void EnsureSourceAllowed(string sourceName, Uri destination)
{
ArgumentException.ThrowIfNullOrWhiteSpace(sourceName);
ArgumentNullException.ThrowIfNull(destination);
if (!_isSealed)
{
return;
}
if (IsAllowed(sourceName, destination))
{
return;
}
RecordViolation(sourceName, destination);
if (_warnOnly)
{
_logger.LogWarning(
"Sealed mode violation (warn-only): source '{SourceName}' attempted to access '{Destination}'",
sourceName, destination);
return;
}
_logger.LogError(
"Sealed mode violation blocked: source '{SourceName}' attempted to access '{Destination}'",
sourceName, destination);
throw new SealedModeViolationException(sourceName, destination);
}
/// <inheritdoc />
public bool IsSourceAllowed(string sourceName, Uri destination)
{
if (!_isSealed)
{
return true;
}
return IsAllowed(sourceName, destination);
}
/// <inheritdoc />
public IReadOnlyList<string> GetBlockedSources()
=> _blockedSources.Keys.ToList();
/// <inheritdoc />
public SealedModeStatus GetStatus()
{
var violations = new List<SealViolation>();
foreach (var v in _recentViolations)
{
violations.Add(v);
}
return new SealedModeStatus
{
IsSealed = _isSealed,
WarnOnly = _warnOnly,
AllowedSources = _allowedSources.ToImmutableArray(),
AllowedHosts = _allowedHosts.ToImmutableArray(),
BlockedSources = _blockedSources.Keys.ToImmutableArray(),
RecentViolations = violations.TakeLast(20).ToImmutableArray(),
ComputedAt = _timeProvider.GetUtcNow()
};
}
private bool IsAllowed(string sourceName, Uri destination)
{
// Check if source is explicitly allowed
if (_allowedSources.Contains(sourceName))
{
return true;
}
// Check if host is explicitly allowed
if (_allowedHosts.Contains(destination.Host))
{
return true;
}
// Check for localhost/internal addresses
if (IsLocalAddress(destination))
{
return true;
}
// Mark source as blocked for status reporting
_blockedSources.TryAdd(sourceName, true);
return false;
}
private static bool IsLocalAddress(Uri uri)
{
var host = uri.Host.ToLowerInvariant();
return host == "localhost" ||
host == "127.0.0.1" ||
host == "::1" ||
host.StartsWith("192.168.") ||
host.StartsWith("10.") ||
host.StartsWith("172.16.") ||
host.EndsWith(".local");
}
private void RecordViolation(string sourceName, Uri destination)
{
var violation = new SealViolation
{
SourceName = sourceName,
Destination = destination.ToString(),
OccurredAt = _timeProvider.GetUtcNow(),
WasBlocked = !_warnOnly
};
_recentViolations.Enqueue(violation);
// Trim old violations
while (_recentViolations.Count > MaxRecentViolations)
{
_recentViolations.TryDequeue(out _);
}
}
}

313
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/GridFsMigrationService.cs Normal file
View File

@@ -0,0 +1,313 @@
using System.Security.Cryptography;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using MongoDB.Bson;
using MongoDB.Driver;
using MongoDB.Driver.GridFS;
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Service for migrating raw payloads from GridFS to S3-compatible object storage.
/// </summary>
public sealed class GridFsMigrationService
{
private readonly IGridFSBucket _gridFs;
private readonly IObjectStore _objectStore;
private readonly IMigrationTracker _migrationTracker;
private readonly ObjectStorageOptions _options;
private readonly TimeProvider _timeProvider;
private readonly ILogger<GridFsMigrationService> _logger;
public GridFsMigrationService(
IGridFSBucket gridFs,
IObjectStore objectStore,
IMigrationTracker migrationTracker,
IOptions<ObjectStorageOptions> options,
TimeProvider timeProvider,
ILogger<GridFsMigrationService> logger)
{
_gridFs = gridFs ?? throw new ArgumentNullException(nameof(gridFs));
_objectStore = objectStore ?? throw new ArgumentNullException(nameof(objectStore));
_migrationTracker = migrationTracker ?? throw new ArgumentNullException(nameof(migrationTracker));
_options = options?.Value ?? throw new ArgumentNullException(nameof(options));
_timeProvider = timeProvider ?? TimeProvider.System;
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
}
/// <summary>
/// Migrates a single GridFS document to object storage.
/// </summary>
public async Task<MigrationResult> MigrateAsync(
string gridFsId,
string tenantId,
string sourceId,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(gridFsId);
ArgumentException.ThrowIfNullOrWhiteSpace(tenantId);
ArgumentException.ThrowIfNullOrWhiteSpace(sourceId);
// Check if already migrated
if (await _migrationTracker.IsMigratedAsync(gridFsId, cancellationToken).ConfigureAwait(false))
{
_logger.LogDebug("GridFS {GridFsId} already migrated, skipping", gridFsId);
return MigrationResult.AlreadyMigrated(gridFsId);
}
try
{
// Download from GridFS
var objectId = ObjectId.Parse(gridFsId);
using var downloadStream = new MemoryStream();
await _gridFs.DownloadToStreamAsync(objectId, downloadStream, cancellationToken: cancellationToken)
.ConfigureAwait(false);
var data = downloadStream.ToArray();
var sha256 = ComputeSha256(data);
// Get GridFS file info
var filter = Builders<GridFSFileInfo>.Filter.Eq("_id", objectId);
var fileInfo = await _gridFs.Find(filter)
.FirstOrDefaultAsync(cancellationToken)
.ConfigureAwait(false);
var ingestedAt = fileInfo?.UploadDateTime ?? _timeProvider.GetUtcNow().UtcDateTime;
// Create provenance metadata
var provenance = new ProvenanceMetadata
{
SourceId = sourceId,
IngestedAt = new DateTimeOffset(ingestedAt, TimeSpan.Zero),
TenantId = tenantId,
OriginalFormat = DetectFormat(fileInfo?.Filename),
OriginalSize = data.Length,
GridFsLegacyId = gridFsId,
Transformations =
[
new TransformationRecord
{
Type = TransformationType.Migration,
Timestamp = _timeProvider.GetUtcNow(),
Agent = "concelier-gridfs-migration-v1"
}
]
};
// Store in object storage
var reference = await _objectStore.StoreAsync(
tenantId,
data,
provenance,
GetContentType(fileInfo?.Filename),
cancellationToken).ConfigureAwait(false);
// Record migration
await _migrationTracker.RecordMigrationAsync(
gridFsId,
reference.Pointer,
MigrationStatus.Migrated,
cancellationToken).ConfigureAwait(false);
_logger.LogInformation(
"Migrated GridFS {GridFsId} to {Bucket}/{Key}, size {Size} bytes",
gridFsId, reference.Pointer.Bucket, reference.Pointer.Key, data.Length);
return MigrationResult.Success(gridFsId, reference);
}
catch (GridFSFileNotFoundException)
{
_logger.LogWarning("GridFS file not found: {GridFsId}", gridFsId);
return MigrationResult.NotFound(gridFsId);
}
catch (Exception ex)
{
_logger.LogError(ex, "Failed to migrate GridFS {GridFsId}", gridFsId);
return MigrationResult.Failed(gridFsId, ex.Message);
}
}
/// <summary>
/// Verifies a migrated document by comparing hashes.
/// </summary>
public async Task<bool> VerifyMigrationAsync(
string gridFsId,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(gridFsId);
var record = await _migrationTracker.GetByGridFsIdAsync(gridFsId, cancellationToken)
.ConfigureAwait(false);
if (record is null)
{
_logger.LogWarning("No migration record found for {GridFsId}", gridFsId);
return false;
}
// Download original from GridFS
var objectId = ObjectId.Parse(gridFsId);
using var downloadStream = new MemoryStream();
try
{
await _gridFs.DownloadToStreamAsync(objectId, downloadStream, cancellationToken: cancellationToken)
.ConfigureAwait(false);
}
catch (GridFSFileNotFoundException)
{
_logger.LogWarning("Original GridFS file not found for verification: {GridFsId}", gridFsId);
return false;
}
var originalHash = ComputeSha256(downloadStream.ToArray());
// Verify the migrated object
var reference = PayloadReference.CreateObjectStorage(record.Pointer, new ProvenanceMetadata
{
SourceId = string.Empty,
IngestedAt = record.MigratedAt,
TenantId = string.Empty,
});
var verified = await _objectStore.VerifyIntegrityAsync(reference, cancellationToken)
.ConfigureAwait(false);
if (verified && string.Equals(originalHash, record.Pointer.Sha256, StringComparison.OrdinalIgnoreCase))
{
await _migrationTracker.MarkVerifiedAsync(gridFsId, cancellationToken).ConfigureAwait(false);
_logger.LogInformation("Verified migration for {GridFsId}", gridFsId);
return true;
}
_logger.LogWarning(
"Verification failed for {GridFsId}: original hash {Original}, stored hash {Stored}",
gridFsId, originalHash, record.Pointer.Sha256);
return false;
}
/// <summary>
/// Batches migration of multiple GridFS documents.
/// </summary>
public async Task<BatchMigrationResult> MigrateBatchAsync(
IEnumerable<GridFsMigrationRequest> requests,
CancellationToken cancellationToken = default)
{
var results = new List<MigrationResult>();
foreach (var request in requests)
{
if (cancellationToken.IsCancellationRequested)
{
break;
}
var result = await MigrateAsync(
request.GridFsId,
request.TenantId,
request.SourceId,
cancellationToken).ConfigureAwait(false);
results.Add(result);
}
return new BatchMigrationResult(results);
}
private static string ComputeSha256(byte[] data)
{
var hash = SHA256.HashData(data);
return Convert.ToHexStringLower(hash);
}
private static OriginalFormat? DetectFormat(string? filename)
{
if (string.IsNullOrEmpty(filename))
{
return null;
}
return Path.GetExtension(filename).ToLowerInvariant() switch
{
".json" => OriginalFormat.Json,
".xml" => OriginalFormat.Xml,
".csv" => OriginalFormat.Csv,
".ndjson" => OriginalFormat.Ndjson,
".yaml" or ".yml" => OriginalFormat.Yaml,
_ => null
};
}
private static string GetContentType(string? filename)
{
if (string.IsNullOrEmpty(filename))
{
return "application/octet-stream";
}
return Path.GetExtension(filename).ToLowerInvariant() switch
{
".json" => "application/json",
".xml" => "application/xml",
".csv" => "text/csv",
".ndjson" => "application/x-ndjson",
".yaml" or ".yml" => "application/x-yaml",
_ => "application/octet-stream"
};
}
}
/// <summary>
/// Request to migrate a GridFS document.
/// </summary>
public sealed record GridFsMigrationRequest(
string GridFsId,
string TenantId,
string SourceId);
/// <summary>
/// Result of a single migration.
/// </summary>
public sealed record MigrationResult
{
public required string GridFsId { get; init; }
public required MigrationResultStatus Status { get; init; }
public PayloadReference? Reference { get; init; }
public string? ErrorMessage { get; init; }
public static MigrationResult Success(string gridFsId, PayloadReference reference)
=> new() { GridFsId = gridFsId, Status = MigrationResultStatus.Success, Reference = reference };
public static MigrationResult AlreadyMigrated(string gridFsId)
=> new() { GridFsId = gridFsId, Status = MigrationResultStatus.AlreadyMigrated };
public static MigrationResult NotFound(string gridFsId)
=> new() { GridFsId = gridFsId, Status = MigrationResultStatus.NotFound };
public static MigrationResult Failed(string gridFsId, string errorMessage)
=> new() { GridFsId = gridFsId, Status = MigrationResultStatus.Failed, ErrorMessage = errorMessage };
}
/// <summary>
/// Status of a migration result.
/// </summary>
public enum MigrationResultStatus
{
Success,
AlreadyMigrated,
NotFound,
Failed
}
/// <summary>
/// Result of a batch migration.
/// </summary>
public sealed record BatchMigrationResult(IReadOnlyList<MigrationResult> Results)
{
public int TotalCount => Results.Count;
public int SuccessCount => Results.Count(r => r.Status == MigrationResultStatus.Success);
public int AlreadyMigratedCount => Results.Count(r => r.Status == MigrationResultStatus.AlreadyMigrated);
public int NotFoundCount => Results.Count(r => r.Status == MigrationResultStatus.NotFound);
public int FailedCount => Results.Count(r => r.Status == MigrationResultStatus.Failed);
}

60
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/IMigrationTracker.cs Normal file
View File

@@ -0,0 +1,60 @@
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Tracks GridFS to S3 migrations.
/// </summary>
public interface IMigrationTracker
{
/// <summary>
/// Records a migration attempt.
/// </summary>
Task<MigrationRecord> RecordMigrationAsync(
string gridFsId,
ObjectPointer pointer,
MigrationStatus status,
CancellationToken cancellationToken = default);
/// <summary>
/// Updates a migration record status.
/// </summary>
Task UpdateStatusAsync(
string gridFsId,
MigrationStatus status,
string? errorMessage = null,
CancellationToken cancellationToken = default);
/// <summary>
/// Marks a migration as verified.
/// </summary>
Task MarkVerifiedAsync(
string gridFsId,
CancellationToken cancellationToken = default);
/// <summary>
/// Gets a migration record by GridFS ID.
/// </summary>
Task<MigrationRecord?> GetByGridFsIdAsync(
string gridFsId,
CancellationToken cancellationToken = default);
/// <summary>
/// Lists pending migrations.
/// </summary>
Task<IReadOnlyList<MigrationRecord>> ListPendingAsync(
int limit = 100,
CancellationToken cancellationToken = default);
/// <summary>
/// Lists migrations needing verification.
/// </summary>
Task<IReadOnlyList<MigrationRecord>> ListNeedingVerificationAsync(
int limit = 100,
CancellationToken cancellationToken = default);
/// <summary>
/// Checks if a GridFS ID has been migrated.
/// </summary>
Task<bool> IsMigratedAsync(
string gridFsId,
CancellationToken cancellationToken = default);
}

98
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/IObjectStore.cs Normal file
View File

@@ -0,0 +1,98 @@
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Abstraction for S3-compatible object storage operations.
/// </summary>
public interface IObjectStore
{
/// <summary>
/// Stores a payload, returning a reference (either inline or object storage).
/// Automatically decides based on size thresholds.
/// </summary>
/// <param name="tenantId">Tenant identifier for bucket selection.</param>
/// <param name="data">Payload data to store.</param>
/// <param name="provenance">Provenance metadata for the payload.</param>
/// <param name="contentType">MIME type of the content.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Reference to the stored payload.</returns>
Task<PayloadReference> StoreAsync(
string tenantId,
ReadOnlyMemory<byte> data,
ProvenanceMetadata provenance,
string contentType = "application/json",
CancellationToken cancellationToken = default);
/// <summary>
/// Stores a payload from a stream.
/// </summary>
/// <param name="tenantId">Tenant identifier for bucket selection.</param>
/// <param name="stream">Stream containing payload data.</param>
/// <param name="provenance">Provenance metadata for the payload.</param>
/// <param name="contentType">MIME type of the content.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Reference to the stored payload.</returns>
Task<PayloadReference> StoreStreamAsync(
string tenantId,
Stream stream,
ProvenanceMetadata provenance,
string contentType = "application/json",
CancellationToken cancellationToken = default);
/// <summary>
/// Retrieves a payload by its reference.
/// </summary>
/// <param name="reference">Reference to the payload.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Payload data, or null if not found.</returns>
Task<byte[]?> RetrieveAsync(
PayloadReference reference,
CancellationToken cancellationToken = default);
/// <summary>
/// Retrieves a payload as a stream.
/// </summary>
/// <param name="reference">Reference to the payload.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>Stream containing payload data, or null if not found.</returns>
Task<Stream?> RetrieveStreamAsync(
PayloadReference reference,
CancellationToken cancellationToken = default);
/// <summary>
/// Checks if an object exists.
/// </summary>
/// <param name="pointer">Object pointer to check.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>True if object exists.</returns>
Task<bool> ExistsAsync(
ObjectPointer pointer,
CancellationToken cancellationToken = default);
/// <summary>
/// Deletes an object.
/// </summary>
/// <param name="pointer">Object pointer to delete.</param>
/// <param name="cancellationToken">Cancellation token.</param>
Task DeleteAsync(
ObjectPointer pointer,
CancellationToken cancellationToken = default);
/// <summary>
/// Ensures the tenant bucket exists.
/// </summary>
/// <param name="tenantId">Tenant identifier.</param>
/// <param name="cancellationToken">Cancellation token.</param>
Task EnsureBucketExistsAsync(
string tenantId,
CancellationToken cancellationToken = default);
/// <summary>
/// Verifies a payload's integrity by comparing its hash.
/// </summary>
/// <param name="reference">Reference to verify.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>True if hash matches.</returns>
Task<bool> VerifyIntegrityAsync(
PayloadReference reference,
CancellationToken cancellationToken = default);
}

63
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/MigrationRecord.cs Normal file
View File

@@ -0,0 +1,63 @@
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Record of a migration from GridFS to S3.
/// </summary>
public sealed record MigrationRecord
{
/// <summary>
/// Original GridFS ObjectId.
/// </summary>
public required string GridFsId { get; init; }
/// <summary>
/// Pointer to the migrated object.
/// </summary>
public required ObjectPointer Pointer { get; init; }
/// <summary>
/// Timestamp when migration was performed.
/// </summary>
public required DateTimeOffset MigratedAt { get; init; }
/// <summary>
/// Current status of the migration.
/// </summary>
public required MigrationStatus Status { get; init; }
/// <summary>
/// Timestamp when content hash was verified post-migration.
/// </summary>
public DateTimeOffset? VerifiedAt { get; init; }
/// <summary>
/// Whether GridFS tombstone still exists for rollback.
/// </summary>
public bool RollbackAvailable { get; init; } = true;
/// <summary>
/// Error message if migration failed.
/// </summary>
public string? ErrorMessage { get; init; }
}
/// <summary>
/// Status of a GridFS to S3 migration.
/// </summary>
public enum MigrationStatus
{
/// <summary>Migration pending.</summary>
Pending,
/// <summary>Migration completed.</summary>
Migrated,
/// <summary>Migration verified via hash comparison.</summary>
Verified,
/// <summary>Migration failed.</summary>
Failed,
/// <summary>Original GridFS tombstoned.</summary>
Tombstoned
}

232
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/MongoMigrationTracker.cs Normal file
View File

@@ -0,0 +1,232 @@
using Microsoft.Extensions.Logging;
using MongoDB.Bson;
using MongoDB.Bson.Serialization.Attributes;
using MongoDB.Driver;
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// MongoDB-backed migration tracker for GridFS to S3 migrations.
/// </summary>
public sealed class MongoMigrationTracker : IMigrationTracker
{
private const string CollectionName = "object_storage_migrations";
private readonly IMongoCollection<MigrationDocument> _collection;
private readonly TimeProvider _timeProvider;
private readonly ILogger<MongoMigrationTracker> _logger;
public MongoMigrationTracker(
IMongoDatabase database,
TimeProvider timeProvider,
ILogger<MongoMigrationTracker> logger)
{
ArgumentNullException.ThrowIfNull(database);
_collection = database.GetCollection<MigrationDocument>(CollectionName);
_timeProvider = timeProvider ?? TimeProvider.System;
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
}
public async Task<MigrationRecord> RecordMigrationAsync(
string gridFsId,
ObjectPointer pointer,
MigrationStatus status,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(gridFsId);
ArgumentNullException.ThrowIfNull(pointer);
var now = _timeProvider.GetUtcNow();
var document = new MigrationDocument
{
GridFsId = gridFsId,
Bucket = pointer.Bucket,
Key = pointer.Key,
Sha256 = pointer.Sha256,
Size = pointer.Size,
ContentType = pointer.ContentType,
Encoding = pointer.Encoding.ToString().ToLowerInvariant(),
MigratedAt = now.UtcDateTime,
Status = status.ToString().ToLowerInvariant(),
RollbackAvailable = true,
};
await _collection.InsertOneAsync(document, cancellationToken: cancellationToken)
.ConfigureAwait(false);
_logger.LogInformation(
"Recorded migration for GridFS {GridFsId} to {Bucket}/{Key}",
gridFsId, pointer.Bucket, pointer.Key);
return ToRecord(document);
}
public async Task UpdateStatusAsync(
string gridFsId,
MigrationStatus status,
string? errorMessage = null,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(gridFsId);
var filter = Builders<MigrationDocument>.Filter.Eq(d => d.GridFsId, gridFsId);
var update = Builders<MigrationDocument>.Update
.Set(d => d.Status, status.ToString().ToLowerInvariant())
.Set(d => d.ErrorMessage, errorMessage);
await _collection.UpdateOneAsync(filter, update, cancellationToken: cancellationToken)
.ConfigureAwait(false);
_logger.LogDebug("Updated migration status for {GridFsId} to {Status}", gridFsId, status);
}
public async Task MarkVerifiedAsync(
string gridFsId,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(gridFsId);
var now = _timeProvider.GetUtcNow();
var filter = Builders<MigrationDocument>.Filter.Eq(d => d.GridFsId, gridFsId);
var update = Builders<MigrationDocument>.Update
.Set(d => d.Status, MigrationStatus.Verified.ToString().ToLowerInvariant())
.Set(d => d.VerifiedAt, now.UtcDateTime);
await _collection.UpdateOneAsync(filter, update, cancellationToken: cancellationToken)
.ConfigureAwait(false);
_logger.LogDebug("Marked migration as verified for {GridFsId}", gridFsId);
}
public async Task<MigrationRecord?> GetByGridFsIdAsync(
string gridFsId,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(gridFsId);
var filter = Builders<MigrationDocument>.Filter.Eq(d => d.GridFsId, gridFsId);
var document = await _collection.Find(filter)
.FirstOrDefaultAsync(cancellationToken)
.ConfigureAwait(false);
return document is null ? null : ToRecord(document);
}
public async Task<IReadOnlyList<MigrationRecord>> ListPendingAsync(
int limit = 100,
CancellationToken cancellationToken = default)
{
var filter = Builders<MigrationDocument>.Filter.Eq(
d => d.Status, MigrationStatus.Pending.ToString().ToLowerInvariant());
var documents = await _collection.Find(filter)
.Limit(limit)
.ToListAsync(cancellationToken)
.ConfigureAwait(false);
return documents.Select(ToRecord).ToList();
}
public async Task<IReadOnlyList<MigrationRecord>> ListNeedingVerificationAsync(
int limit = 100,
CancellationToken cancellationToken = default)
{
var filter = Builders<MigrationDocument>.Filter.Eq(
d => d.Status, MigrationStatus.Migrated.ToString().ToLowerInvariant());
var documents = await _collection.Find(filter)
.Limit(limit)
.ToListAsync(cancellationToken)
.ConfigureAwait(false);
return documents.Select(ToRecord).ToList();
}
public async Task<bool> IsMigratedAsync(
string gridFsId,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(gridFsId);
var filter = Builders<MigrationDocument>.Filter.And(
Builders<MigrationDocument>.Filter.Eq(d => d.GridFsId, gridFsId),
Builders<MigrationDocument>.Filter.In(d => d.Status, new[]
{
MigrationStatus.Migrated.ToString().ToLowerInvariant(),
MigrationStatus.Verified.ToString().ToLowerInvariant()
}));
var count = await _collection.CountDocumentsAsync(filter, cancellationToken: cancellationToken)
.ConfigureAwait(false);
return count > 0;
}
private static MigrationRecord ToRecord(MigrationDocument document)
{
return new MigrationRecord
{
GridFsId = document.GridFsId,
Pointer = new ObjectPointer
{
Bucket = document.Bucket,
Key = document.Key,
Sha256 = document.Sha256,
Size = document.Size,
ContentType = document.ContentType,
Encoding = Enum.Parse<ContentEncoding>(document.Encoding, ignoreCase: true),
},
MigratedAt = new DateTimeOffset(document.MigratedAt, TimeSpan.Zero),
Status = Enum.Parse<MigrationStatus>(document.Status, ignoreCase: true),
VerifiedAt = document.VerifiedAt.HasValue
? new DateTimeOffset(document.VerifiedAt.Value, TimeSpan.Zero)
: null,
RollbackAvailable = document.RollbackAvailable,
ErrorMessage = document.ErrorMessage,
};
}
[BsonIgnoreExtraElements]
private sealed class MigrationDocument
{
[BsonId]
[BsonRepresentation(BsonType.ObjectId)]
public string? Id { get; set; }
[BsonElement("gridFsId")]
public required string GridFsId { get; set; }
[BsonElement("bucket")]
public required string Bucket { get; set; }
[BsonElement("key")]
public required string Key { get; set; }
[BsonElement("sha256")]
public required string Sha256 { get; set; }
[BsonElement("size")]
public required long Size { get; set; }
[BsonElement("contentType")]
public required string ContentType { get; set; }
[BsonElement("encoding")]
public required string Encoding { get; set; }
[BsonElement("migratedAt")]
public required DateTime MigratedAt { get; set; }
[BsonElement("status")]
public required string Status { get; set; }
[BsonElement("verifiedAt")]
public DateTime? VerifiedAt { get; set; }
[BsonElement("rollbackAvailable")]
public bool RollbackAvailable { get; set; }
[BsonElement("errorMessage")]
public string? ErrorMessage { get; set; }
}
}

52
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/ObjectPointer.cs Normal file
View File

@@ -0,0 +1,52 @@
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Deterministic pointer to an object in S3-compatible storage.
/// </summary>
public sealed record ObjectPointer
{
/// <summary>
/// S3 bucket name (tenant-prefixed).
/// </summary>
public required string Bucket { get; init; }
/// <summary>
/// Object key (deterministic, content-addressed).
/// </summary>
public required string Key { get; init; }
/// <summary>
/// SHA-256 hash of object content (hex encoded).
/// </summary>
public required string Sha256 { get; init; }
/// <summary>
/// Object size in bytes.
/// </summary>
public required long Size { get; init; }
/// <summary>
/// MIME type of the object.
/// </summary>
public string ContentType { get; init; } = "application/octet-stream";
/// <summary>
/// Content encoding if compressed.
/// </summary>
public ContentEncoding Encoding { get; init; } = ContentEncoding.Identity;
}
/// <summary>
/// Content encoding for stored objects.
/// </summary>
public enum ContentEncoding
{
/// <summary>No compression.</summary>
Identity,
/// <summary>Gzip compression.</summary>
Gzip,
/// <summary>Zstandard compression.</summary>
Zstd
}

75
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/ObjectStorageOptions.cs Normal file
View File

@@ -0,0 +1,75 @@
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Configuration options for S3-compatible object storage.
/// </summary>
public sealed class ObjectStorageOptions
{
/// <summary>
/// Configuration section name.
/// </summary>
public const string SectionName = "Concelier:ObjectStorage";
/// <summary>
/// S3-compatible endpoint URL (MinIO, AWS S3, etc.).
/// </summary>
public string Endpoint { get; set; } = "http://localhost:9000";
/// <summary>
/// Storage region (use 'us-east-1' for MinIO).
/// </summary>
public string Region { get; set; } = "us-east-1";
/// <summary>
/// Use path-style addressing (required for MinIO).
/// </summary>
public bool UsePathStyle { get; set; } = true;
/// <summary>
/// Prefix for tenant bucket names.
/// </summary>
public string BucketPrefix { get; set; } = "stellaops-concelier-";
/// <summary>
/// Maximum object size in bytes (default 5GB).
/// </summary>
public long MaxObjectSize { get; set; } = 5L * 1024 * 1024 * 1024;
/// <summary>
/// Objects larger than this (bytes) will be compressed.
/// Default: 1MB.
/// </summary>
public int CompressionThreshold { get; set; } = 1024 * 1024;
/// <summary>
/// Objects smaller than this (bytes) will be stored inline.
/// Default: 64KB.
/// </summary>
public int InlineThreshold { get; set; } = 64 * 1024;
/// <summary>
/// Whether object storage is enabled. When false, uses GridFS fallback.
/// </summary>
public bool Enabled { get; set; } = false;
/// <summary>
/// AWS access key ID (or MinIO access key).
/// </summary>
public string? AccessKeyId { get; set; }
/// <summary>
/// AWS secret access key (or MinIO secret key).
/// </summary>
public string? SecretAccessKey { get; set; }
/// <summary>
/// Gets the bucket name for a tenant.
/// </summary>
public string GetBucketName(string tenantId)
{
ArgumentException.ThrowIfNullOrWhiteSpace(tenantId);
// Normalize tenant ID to lowercase and replace invalid characters
var normalized = tenantId.ToLowerInvariant().Replace('_', '-');
return $"{BucketPrefix}{normalized}";
}
}

128
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/ObjectStorageServiceCollectionExtensions.cs Normal file
View File

@@ -0,0 +1,128 @@
using Amazon;
using Amazon.Runtime;
using Amazon.S3;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Options;
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Extension methods for registering object storage services.
/// </summary>
public static class ObjectStorageServiceCollectionExtensions
{
/// <summary>
/// Adds object storage services for Concelier raw payload storage.
/// </summary>
public static IServiceCollection AddConcelierObjectStorage(
this IServiceCollection services,
IConfiguration configuration)
{
ArgumentNullException.ThrowIfNull(services);
ArgumentNullException.ThrowIfNull(configuration);
// Bind options
services.Configure<ObjectStorageOptions>(
configuration.GetSection(ObjectStorageOptions.SectionName));
// Register TimeProvider if not already registered
services.TryAddSingleton(TimeProvider.System);
// Register S3 client
services.TryAddSingleton<IAmazonS3>(sp =>
{
var options = sp.GetRequiredService<IOptions<ObjectStorageOptions>>().Value;
var config = new AmazonS3Config
{
RegionEndpoint = RegionEndpoint.GetBySystemName(options.Region),
ForcePathStyle = options.UsePathStyle,
};
if (!string.IsNullOrEmpty(options.Endpoint))
{
config.ServiceURL = options.Endpoint;
}
if (!string.IsNullOrEmpty(options.AccessKeyId) &&
!string.IsNullOrEmpty(options.SecretAccessKey))
{
var credentials = new BasicAWSCredentials(
options.AccessKeyId,
options.SecretAccessKey);
return new AmazonS3Client(credentials, config);
}
// Use default credentials chain (env vars, IAM role, etc.)
return new AmazonS3Client(config);
});
// Register object store
services.TryAddSingleton<IObjectStore, S3ObjectStore>();
// Register migration tracker
services.TryAddSingleton<IMigrationTracker, MongoMigrationTracker>();
// Register migration service
services.TryAddSingleton<GridFsMigrationService>();
return services;
}
/// <summary>
/// Adds object storage services with explicit options.
/// </summary>
public static IServiceCollection AddConcelierObjectStorage(
this IServiceCollection services,
Action<ObjectStorageOptions> configureOptions)
{
ArgumentNullException.ThrowIfNull(services);
ArgumentNullException.ThrowIfNull(configureOptions);
services.Configure(configureOptions);
// Register TimeProvider if not already registered
services.TryAddSingleton(TimeProvider.System);
// Register S3 client
services.TryAddSingleton<IAmazonS3>(sp =>
{
var options = sp.GetRequiredService<IOptions<ObjectStorageOptions>>().Value;
var config = new AmazonS3Config
{
RegionEndpoint = RegionEndpoint.GetBySystemName(options.Region),
ForcePathStyle = options.UsePathStyle,
};
if (!string.IsNullOrEmpty(options.Endpoint))
{
config.ServiceURL = options.Endpoint;
}
if (!string.IsNullOrEmpty(options.AccessKeyId) &&
!string.IsNullOrEmpty(options.SecretAccessKey))
{
var credentials = new BasicAWSCredentials(
options.AccessKeyId,
options.SecretAccessKey);
return new AmazonS3Client(credentials, config);
}
return new AmazonS3Client(config);
});
// Register object store
services.TryAddSingleton<IObjectStore, S3ObjectStore>();
// Register migration tracker
services.TryAddSingleton<IMigrationTracker, MongoMigrationTracker>();
// Register migration service
services.TryAddSingleton<GridFsMigrationService>();
return services;
}
}

79
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/PayloadReference.cs Normal file
View File

@@ -0,0 +1,79 @@
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Reference to a large payload stored in object storage (used in advisory_observations).
/// </summary>
public sealed record PayloadReference
{
/// <summary>
/// Discriminator for payload type.
/// </summary>
public const string TypeDiscriminator = "object-storage-ref";
/// <summary>
/// Type discriminator value.
/// </summary>
public string Type { get; init; } = TypeDiscriminator;
/// <summary>
/// Pointer to the object in storage.
/// </summary>
public required ObjectPointer Pointer { get; init; }
/// <summary>
/// Provenance metadata for the payload.
/// </summary>
public required ProvenanceMetadata Provenance { get; init; }
/// <summary>
/// If true, payload is small enough to be inline (not in object storage).
/// </summary>
public bool Inline { get; init; }
/// <summary>
/// Base64-encoded inline data (only if Inline=true and size less than threshold).
/// </summary>
public string? InlineData { get; init; }
/// <summary>
/// Creates a reference for inline data.
/// </summary>
public static PayloadReference CreateInline(
byte[] data,
string sha256,
ProvenanceMetadata provenance,
string contentType = "application/octet-stream")
{
return new PayloadReference
{
Pointer = new ObjectPointer
{
Bucket = string.Empty,
Key = string.Empty,
Sha256 = sha256,
Size = data.Length,
ContentType = contentType,
Encoding = ContentEncoding.Identity,
},
Provenance = provenance,
Inline = true,
InlineData = Convert.ToBase64String(data),
};
}
/// <summary>
/// Creates a reference for object storage data.
/// </summary>
public static PayloadReference CreateObjectStorage(
ObjectPointer pointer,
ProvenanceMetadata provenance)
{
return new PayloadReference
{
Pointer = pointer,
Provenance = provenance,
Inline = false,
InlineData = null,
};
}
}

86
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/ProvenanceMetadata.cs Normal file
View File

@@ -0,0 +1,86 @@
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// Provenance metadata preserved from original ingestion.
/// </summary>
public sealed record ProvenanceMetadata
{
/// <summary>
/// Identifier of the original data source (URI).
/// </summary>
public required string SourceId { get; init; }
/// <summary>
/// UTC timestamp of original ingestion.
/// </summary>
public required DateTimeOffset IngestedAt { get; init; }
/// <summary>
/// Tenant identifier for multi-tenant isolation.
/// </summary>
public required string TenantId { get; init; }
/// <summary>
/// Original format before normalization.
/// </summary>
public OriginalFormat? OriginalFormat { get; init; }
/// <summary>
/// Original size before any transformation.
/// </summary>
public long? OriginalSize { get; init; }
/// <summary>
/// List of transformations applied.
/// </summary>
public IReadOnlyList<TransformationRecord> Transformations { get; init; } = [];
/// <summary>
/// Original GridFS ObjectId for migration tracking.
/// </summary>
public string? GridFsLegacyId { get; init; }
}
/// <summary>
/// Original format of ingested data.
/// </summary>
public enum OriginalFormat
{
Json,
Xml,
Csv,
Ndjson,
Yaml
}
/// <summary>
/// Record of a transformation applied to the payload.
/// </summary>
public sealed record TransformationRecord
{
/// <summary>
/// Type of transformation.
/// </summary>
public required TransformationType Type { get; init; }
/// <summary>
/// Timestamp when transformation was applied.
/// </summary>
public required DateTimeOffset Timestamp { get; init; }
/// <summary>
/// Agent/service that performed the transformation.
/// </summary>
public required string Agent { get; init; }
}
/// <summary>
/// Types of transformations that can be applied.
/// </summary>
public enum TransformationType
{
Compression,
Normalization,
Redaction,
Migration
}

320
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/ObjectStorage/S3ObjectStore.cs Normal file
View File

@@ -0,0 +1,320 @@
using System.IO.Compression;
using System.Security.Cryptography;
using Amazon.S3;
using Amazon.S3.Model;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
namespace StellaOps.Concelier.Storage.Mongo.ObjectStorage;
/// <summary>
/// S3-compatible object store implementation for raw advisory payloads.
/// </summary>
public sealed class S3ObjectStore : IObjectStore
{
private readonly IAmazonS3 _s3;
private readonly ObjectStorageOptions _options;
private readonly TimeProvider _timeProvider;
private readonly ILogger<S3ObjectStore> _logger;
public S3ObjectStore(
IAmazonS3 s3,
IOptions<ObjectStorageOptions> options,
TimeProvider timeProvider,
ILogger<S3ObjectStore> logger)
{
_s3 = s3 ?? throw new ArgumentNullException(nameof(s3));
_options = options?.Value ?? throw new ArgumentNullException(nameof(options));
_timeProvider = timeProvider ?? TimeProvider.System;
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
}
public async Task<PayloadReference> StoreAsync(
string tenantId,
ReadOnlyMemory<byte> data,
ProvenanceMetadata provenance,
string contentType = "application/json",
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(tenantId);
ArgumentNullException.ThrowIfNull(provenance);
var dataArray = data.ToArray();
var sha256 = ComputeSha256(dataArray);
// Use inline storage for small payloads
if (dataArray.Length < _options.InlineThreshold)
{
_logger.LogDebug(
"Storing inline payload for tenant {TenantId}, size {Size} bytes",
tenantId, dataArray.Length);
return PayloadReference.CreateInline(dataArray, sha256, provenance, contentType);
}
// Store in S3
var bucket = _options.GetBucketName(tenantId);
await EnsureBucketExistsAsync(tenantId, cancellationToken).ConfigureAwait(false);
var shouldCompress = dataArray.Length >= _options.CompressionThreshold;
var encoding = ContentEncoding.Identity;
byte[] payloadToStore = dataArray;
if (shouldCompress)
{
payloadToStore = CompressGzip(dataArray);
encoding = ContentEncoding.Gzip;
_logger.LogDebug(
"Compressed payload from {OriginalSize} to {CompressedSize} bytes",
dataArray.Length, payloadToStore.Length);
}
var key = GenerateKey(sha256, provenance.IngestedAt, contentType, encoding);
var request = new PutObjectRequest
{
BucketName = bucket,
Key = key,
InputStream = new MemoryStream(payloadToStore),
ContentType = encoding == ContentEncoding.Gzip ? "application/gzip" : contentType,
AutoCloseStream = true,
};
// Add metadata
request.Metadata["x-stellaops-sha256"] = sha256;
request.Metadata["x-stellaops-original-size"] = dataArray.Length.ToString();
request.Metadata["x-stellaops-encoding"] = encoding.ToString().ToLowerInvariant();
request.Metadata["x-stellaops-source-id"] = provenance.SourceId;
request.Metadata["x-stellaops-ingested-at"] = provenance.IngestedAt.ToString("O");
await _s3.PutObjectAsync(request, cancellationToken).ConfigureAwait(false);
_logger.LogDebug(
"Stored object {Bucket}/{Key}, size {Size} bytes, encoding {Encoding}",
bucket, key, payloadToStore.Length, encoding);
var pointer = new ObjectPointer
{
Bucket = bucket,
Key = key,
Sha256 = sha256,
Size = payloadToStore.Length,
ContentType = contentType,
Encoding = encoding,
};
return PayloadReference.CreateObjectStorage(pointer, provenance);
}
public async Task<PayloadReference> StoreStreamAsync(
string tenantId,
Stream stream,
ProvenanceMetadata provenance,
string contentType = "application/json",
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(tenantId);
ArgumentNullException.ThrowIfNull(stream);
ArgumentNullException.ThrowIfNull(provenance);
// Read stream to memory for hash computation
using var memoryStream = new MemoryStream();
await stream.CopyToAsync(memoryStream, cancellationToken).ConfigureAwait(false);
var data = memoryStream.ToArray();
return await StoreAsync(tenantId, data, provenance, contentType, cancellationToken)
.ConfigureAwait(false);
}
public async Task<byte[]?> RetrieveAsync(
PayloadReference reference,
CancellationToken cancellationToken = default)
{
ArgumentNullException.ThrowIfNull(reference);
// Handle inline data
if (reference.Inline && reference.InlineData is not null)
{
return Convert.FromBase64String(reference.InlineData);
}
var stream = await RetrieveStreamAsync(reference, cancellationToken).ConfigureAwait(false);
if (stream is null)
{
return null;
}
using (stream)
{
using var memoryStream = new MemoryStream();
await stream.CopyToAsync(memoryStream, cancellationToken).ConfigureAwait(false);
return memoryStream.ToArray();
}
}
public async Task<Stream?> RetrieveStreamAsync(
PayloadReference reference,
CancellationToken cancellationToken = default)
{
ArgumentNullException.ThrowIfNull(reference);
// Handle inline data
if (reference.Inline && reference.InlineData is not null)
{
return new MemoryStream(Convert.FromBase64String(reference.InlineData));
}
var pointer = reference.Pointer;
try
{
var response = await _s3.GetObjectAsync(pointer.Bucket, pointer.Key, cancellationToken)
.ConfigureAwait(false);
Stream resultStream = response.ResponseStream;
// Decompress if needed
if (pointer.Encoding == ContentEncoding.Gzip)
{
var decompressed = new MemoryStream();
using (var gzip = new GZipStream(response.ResponseStream, CompressionMode.Decompress))
{
await gzip.CopyToAsync(decompressed, cancellationToken).ConfigureAwait(false);
}
decompressed.Position = 0;
resultStream = decompressed;
}
return resultStream;
}
catch (AmazonS3Exception ex) when (ex.StatusCode == System.Net.HttpStatusCode.NotFound)
{
_logger.LogWarning("Object not found: {Bucket}/{Key}", pointer.Bucket, pointer.Key);
return null;
}
}
public async Task<bool> ExistsAsync(
ObjectPointer pointer,
CancellationToken cancellationToken = default)
{
ArgumentNullException.ThrowIfNull(pointer);
try
{
var metadata = await _s3.GetObjectMetadataAsync(pointer.Bucket, pointer.Key, cancellationToken)
.ConfigureAwait(false);
return metadata.HttpStatusCode == System.Net.HttpStatusCode.OK;
}
catch (AmazonS3Exception ex) when (ex.StatusCode == System.Net.HttpStatusCode.NotFound)
{
return false;
}
}
public async Task DeleteAsync(
ObjectPointer pointer,
CancellationToken cancellationToken = default)
{
ArgumentNullException.ThrowIfNull(pointer);
await _s3.DeleteObjectAsync(pointer.Bucket, pointer.Key, cancellationToken)
.ConfigureAwait(false);
_logger.LogDebug("Deleted object {Bucket}/{Key}", pointer.Bucket, pointer.Key);
}
public async Task EnsureBucketExistsAsync(
string tenantId,
CancellationToken cancellationToken = default)
{
ArgumentException.ThrowIfNullOrWhiteSpace(tenantId);
var bucket = _options.GetBucketName(tenantId);
try
{
await _s3.EnsureBucketExistsAsync(bucket).ConfigureAwait(false);
_logger.LogDebug("Ensured bucket exists: {Bucket}", bucket);
}
catch (AmazonS3Exception ex)
{
_logger.LogError(ex, "Failed to ensure bucket exists: {Bucket}", bucket);
throw;
}
}
public async Task<bool> VerifyIntegrityAsync(
PayloadReference reference,
CancellationToken cancellationToken = default)
{
ArgumentNullException.ThrowIfNull(reference);
var data = await RetrieveAsync(reference, cancellationToken).ConfigureAwait(false);
if (data is null)
{
return false;
}
var computedHash = ComputeSha256(data);
var matches = string.Equals(computedHash, reference.Pointer.Sha256, StringComparison.OrdinalIgnoreCase);
if (!matches)
{
_logger.LogWarning(
"Integrity check failed for {Bucket}/{Key}: expected {Expected}, got {Actual}",
reference.Pointer.Bucket, reference.Pointer.Key,
reference.Pointer.Sha256, computedHash);
}
return matches;
}
private static string ComputeSha256(byte[] data)
{
var hash = SHA256.HashData(data);
return Convert.ToHexStringLower(hash);
}
private static byte[] CompressGzip(byte[] data)
{
using var output = new MemoryStream();
using (var gzip = new GZipStream(output, CompressionLevel.Optimal, leaveOpen: true))
{
gzip.Write(data);
}
return output.ToArray();
}
private static string GenerateKey(
string sha256,
DateTimeOffset ingestedAt,
string contentType,
ContentEncoding encoding)
{
var date = ingestedAt.UtcDateTime;
var extension = GetExtension(contentType, encoding);
// Format: advisories/raw/YYYY/MM/DD/sha256-{hash}.{extension}
return $"advisories/raw/{date:yyyy}/{date:MM}/{date:dd}/sha256-{sha256[..16]}{extension}";
}
private static string GetExtension(string contentType, ContentEncoding encoding)
{
var baseExt = contentType switch
{
"application/json" => ".json",
"application/xml" or "text/xml" => ".xml",
"text/csv" => ".csv",
"application/x-ndjson" => ".ndjson",
"application/x-yaml" or "text/yaml" => ".yaml",
_ => ".bin"
};
return encoding switch
{
ContentEncoding.Gzip => baseExt + ".gz",
ContentEncoding.Zstd => baseExt + ".zst",
_ => baseExt
};
}
}

11
src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo/StellaOps.Concelier.Storage.Mongo.csproj
View File

@@ -4,7 +4,18 @@
<LangVersion>preview</LangVersion>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="AWSSDK.S3" Version="3.7.305.6" />
<PackageReference Include="MongoDB.Driver" Version="3.5.0" />
<PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.0" />
<PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="10.0.0" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="10.0.0" />
<PackageReference Include="Microsoft.Extensions.Options" Version="10.0.0" />
<PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="10.0.0" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="../StellaOps.Concelier.RawModels/StellaOps.Concelier.RawModels.csproj" />
<ProjectReference Include="../StellaOps.Concelier.Models/StellaOps.Concelier.Models.csproj" />