Refactor code structure for improved readability and maintainability; optimize performance in key functions.

2025-12-22 19:06:31 +02:00
parent dfaa2079aa
commit 4602ccc3a3
1444 changed files with 109919 additions and 8058 deletions
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Storage.Oci/SliceOciManifestBuilder.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Storage.Oci/SliceOciManifestBuilder.cs
@@ -0,0 +1,130 @@
+using System.Text.Json;
+
+namespace StellaOps.Scanner.Storage.Oci;
+
+/// <summary>
+/// Builds OCI manifests for reachability slices.
+/// Sprint: SPRINT_3850_0001_0001
+/// </summary>
+public sealed class SliceOciManifestBuilder
+{
+    private static readonly JsonSerializerOptions SerializerOptions = new(JsonSerializerDefaults.Web)
+    {
+        WriteIndented = false
+    };
+
+    /// <summary>
+    /// Build OCI push request for a slice artifact.
+    /// </summary>
+    public OciArtifactPushRequest BuildSlicePushRequest(SliceArtifactInput input)
+    {
+        ArgumentNullException.ThrowIfNull(input);
+        ArgumentNullException.ThrowIfNull(input.Slice);
+        ArgumentException.ThrowIfNullOrWhiteSpace(input.Reference);
+
+        var layers = new List<OciLayerContent>
+        {
+            BuildSliceLayer(input.Slice, input.SliceQuery)
+        };
+
+        if (input.DsseEnvelope is not null)
+        {
+            layers.Add(BuildDsseLayer(input.DsseEnvelope));
+        }
+
+        var annotations = BuildAnnotations(input.SliceQuery, input.Slice);
+
+        return new OciArtifactPushRequest
+        {
+            Reference = input.Reference,
+            ArtifactType = OciMediaTypes.SliceArtifact,
+            Layers = layers,
+            SubjectDigest = input.SubjectImageDigest,
+            Annotations = annotations
+        };
+    }
+
+    private OciLayerContent BuildSliceLayer(object slice, SliceQueryMetadata? query)
+    {
+        var sliceJson = JsonSerializer.SerializeToUtf8Bytes(slice, SerializerOptions);
+
+        var annotations = new Dictionary<string, string>();
+        if (query is not null)
+        {
+            if (!string.IsNullOrWhiteSpace(query.CveId))
+                annotations["org.stellaops.slice.cve"] = query.CveId;
+
+            if (!string.IsNullOrWhiteSpace(query.Purl))
+                annotations["org.stellaops.slice.purl"] = query.Purl;
+
+            if (!string.IsNullOrWhiteSpace(query.Verdict))
+                annotations["org.stellaops.slice.verdict"] = query.Verdict;
+        }
+
+        return new OciLayerContent
+        {
+            Content = sliceJson,
+            MediaType = OciMediaTypes.ReachabilitySlice,
+            Annotations = annotations
+        };
+    }
+
+    private OciLayerContent BuildDsseLayer(byte[] dsseEnvelope)
+    {
+        return new OciLayerContent
+        {
+            Content = dsseEnvelope,
+            MediaType = OciMediaTypes.DsseEnvelope,
+            Annotations = new Dictionary<string, string>
+            {
+                ["org.stellaops.attestation.type"] = "in-toto/dsse"
+            }
+        };
+    }
+
+    private Dictionary<string, string> BuildAnnotations(SliceQueryMetadata? query, object slice)
+    {
+        var annotations = new Dictionary<string, string>
+        {
+            ["org.opencontainers.image.vendor"] = "StellaOps",
+            ["org.stellaops.artifact.type"] = "reachability-slice"
+        };
+
+        if (query is not null)
+        {
+            if (!string.IsNullOrWhiteSpace(query.CveId))
+                annotations["org.stellaops.slice.query.cve"] = query.CveId;
+
+            if (!string.IsNullOrWhiteSpace(query.Purl))
+                annotations["org.stellaops.slice.query.purl"] = query.Purl;
+
+            if (!string.IsNullOrWhiteSpace(query.ScanId))
+                annotations["org.stellaops.slice.scan-id"] = query.ScanId;
+        }
+
+        return annotations;
+    }
+}
+
+/// <summary>
+/// Input for building a slice OCI artifact.
+/// </summary>
+public sealed record SliceArtifactInput
+{
+    public required string Reference { get; init; }
+    public required object Slice { get; init; }
+    public byte[]? DsseEnvelope { get; init; }
+    public SliceQueryMetadata? SliceQuery { get; init; }
+    public string? SubjectImageDigest { get; init; }
+}
+
+/// <summary>
+/// Query metadata for slice annotations.
+/// </summary>
+public sealed record SliceQueryMetadata
+{
+    public string? CveId { get; init; }
+    public string? Purl { get; init; }
+    public string? Verdict { get; init; }
+    public string? ScanId { get; init; }
+}