save work

2025-12-19 07:28:23 +02:00
parent 6410a6d082
commit 2eafe98d44
97 changed files with 5040 additions and 1443 deletions
--- a/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/Queue/PostgresRekorSubmissionQueue.cs
+++ b/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/Queue/PostgresRekorSubmissionQueue.cs
@@ -5,6 +5,8 @@
 // Description: PostgreSQL implementation of the Rekor submission queue
 // -----------------------------------------------------------------------------

+#if STELLAOPS_EXPERIMENTAL_REKOR_QUEUE
+
 using System.Text.Json;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
@@ -522,3 +524,5 @@ public sealed class PostgresRekorSubmissionQueue : IRekorSubmissionQueue
        };
    }
 }
+
+#endif
--- a/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/ServiceCollectionExtensions.cs
+++ b/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/ServiceCollectionExtensions.cs
@@ -14,12 +14,17 @@ using StellaOps.Attestor.Core.Submission;
 using StellaOps.Attestor.Core.Transparency;
 using StellaOps.Attestor.Core.Verification;
 using StellaOps.Attestor.Core.Bulk;
+using StellaOps.Attestor.Core.Offline;
 using StellaOps.Attestor.Infrastructure.Rekor;
+using StellaOps.Attestor.Infrastructure.Offline;
+using StellaOps.Attestor.Infrastructure.Signing;
 using StellaOps.Attestor.Infrastructure.Storage;
 using StellaOps.Attestor.Infrastructure.Submission;
 using StellaOps.Attestor.Infrastructure.Transparency;
 using StellaOps.Attestor.Infrastructure.Verification;
 using StellaOps.Attestor.Infrastructure.Bulk;
+using StellaOps.Attestor.Core.Signing;
+using StellaOps.Attestor.Verify;

 namespace StellaOps.Attestor.Infrastructure;

@@ -37,8 +42,28 @@ public static class ServiceCollectionExtensions
            return new AttestorSubmissionValidator(canonicalizer, options.Security.SignerIdentity.Mode);
        });
        services.AddSingleton<AttestorMetrics>();
+        services.AddSingleton<AttestorActivitySource>();
+        services.AddSingleton<ITimeSkewValidator>(sp =>
+        {
+            var options = sp.GetRequiredService<IOptions<AttestorOptions>>().Value;
+            return new TimeSkewValidator(options.TimeSkew);
+        });
+        services.AddSingleton<IAttestorVerificationCache>(sp =>
+        {
+            var options = sp.GetRequiredService<IOptions<AttestorOptions>>().Value;
+            if (!options.Cache.Verification.Enabled)
+            {
+                return new NoOpAttestorVerificationCache();
+            }
+
+            return ActivatorUtilities.CreateInstance<InMemoryAttestorVerificationCache>(sp);
+        });
+        services.AddSingleton<IAttestorVerificationEngine, AttestorVerificationEngine>();
        services.AddSingleton<IAttestorSubmissionService, AttestorSubmissionService>();
        services.AddSingleton<IAttestorVerificationService, AttestorVerificationService>();
+        services.AddSingleton<IAttestorBundleService, AttestorBundleService>();
+        services.AddSingleton<AttestorSigningKeyRegistry>();
+        services.AddSingleton<IAttestationSigningService, AttestorSigningService>();
        services.AddHttpClient<HttpRekorClient>(client =>
        {
            client.Timeout = TimeSpan.FromSeconds(30);
--- a/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/Submission/AttestorSubmissionService.cs
+++ b/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/Submission/AttestorSubmissionService.cs
@@ -235,7 +235,8 @@ internal sealed class AttestorSubmissionService : IAttestorSubmissionService
            {
                Backend = canonicalOutcome.Backend,
                Url = submission.LogUrl ?? canonicalOutcome.Url,
-                LogId = null
+                LogId = null,
+                IntegratedTime = submission.IntegratedTime
            },
            CreatedAt = now,
            Status = submission.Status ?? "included",
--- a/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/Verification/AttestorVerificationService.cs
+++ b/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/Verification/AttestorVerificationService.cs
@@ -133,7 +133,7 @@ internal sealed class AttestorVerificationService : IAttestorVerificationService
            Status = entry.Status,
            Issues = allIssues,
            CheckedAt = evaluationTime,
-            Report = report with { Succeeded = succeeded, Issues = allIssues }
+            Report = report
        };
    }

--- a/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/Workers/RekorRetryWorker.cs
+++ b/src/Attestor/StellaOps.Attestor/StellaOps.Attestor.Infrastructure/Workers/RekorRetryWorker.cs
@@ -5,6 +5,8 @@
 // Description: Background service for processing the Rekor retry queue
 // -----------------------------------------------------------------------------

+#if STELLAOPS_EXPERIMENTAL_REKOR_QUEUE
+
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
@@ -224,3 +226,5 @@ public sealed class AttestorSubmissionRequest
    public string BundleSha256 { get; init; } = string.Empty;
    public byte[] DssePayload { get; init; } = Array.Empty<byte>();
 }
+
+#endif