documentation cleanse, sprints work and planning. remaining non EF DAL migration to EF

2026-02-25 01:24:07 +02:00
parent b07d27772e
commit 4db038123b
9090 changed files with 4836 additions and 2909 deletions
--- a/docs-archived/qa/feature-checks/runs/policy/signature-required-policy-gate/run-002/tier2-integration-check.json
+++ b/docs-archived/qa/feature-checks/runs/policy/signature-required-policy-gate/run-002/tier2-integration-check.json
@@ -0,0 +1,60 @@
+{
+    "type": "integration",
+    "capturedAtUtc": "2026-02-13T17:10:00Z",
+    "testCommand": "dotnet test src/Policy/__Tests/StellaOps.Policy.Tests/StellaOps.Policy.Tests.csproj --no-restore -v normal && dotnet test src/Policy/__Tests/StellaOps.Policy.Engine.Tests/StellaOps.Policy.Engine.Tests.csproj --no-restore -v normal",
+    "testFilter": "FullyQualifiedName~SignatureRequired|FullyQualifiedName~PolicyGateEvaluator|FullyQualifiedName~VexTrustGate|FullyQualifiedName~EvidenceRequirement",
+    "testsRun": 2059,
+    "testsPassed": 2059,
+    "testsFailed": 0,
+    "targetedTestMethods": [
+        "SignatureRequiredGateTests.EvaluateAsync_Disabled_ReturnsPass",
+        "SignatureRequiredGateTests.EvaluateAsync_MissingSignature_ReturnsFail",
+        "SignatureRequiredGateTests.EvaluateAsync_AllValidSignatures_ReturnsPass",
+        "SignatureRequiredGateTests.EvaluateAsync_InvalidSignature_ReturnsFail",
+        "SignatureRequiredGateTests.EvaluateAsync_NotRequiredType_PassesWithoutSignature",
+        "SignatureRequiredGateTests.EvaluateAsync_IssuerValidation_EnforcesConstraints(4 cases)",
+        "SignatureRequiredGateTests.EvaluateAsync_AlgorithmValidation_EnforcesAccepted(4 cases)",
+        "SignatureRequiredGateTests.EvaluateAsync_KeyIdValidation_EnforcesConstraints",
+        "SignatureRequiredGateTests.EvaluateAsync_KeylessSignature_ValidWithTransparencyLog",
+        "SignatureRequiredGateTests.EvaluateAsync_KeylessSignature_FailsWithoutTransparencyLog",
+        "SignatureRequiredGateTests.EvaluateAsync_KeylessDisabled_FailsKeylessSignature",
+        "SignatureRequiredGateTests.EvaluateAsync_EnvironmentOverride_SkipsTypes",
+        "SignatureRequiredGateTests.EvaluateAsync_EnvironmentOverride_AddsIssuers",
+        "SignatureRequiredGateTests.EvaluateAsync_InvalidCertificateChain_Fails",
+        "SignatureRequiredGateTests.EvaluateAsync_WildcardIssuerMatch_MatchesSubdomains",
+        "PolicyGateEvaluatorTests.NotAffected_WithoutGraphHash_Blocks",
+        "PolicyGateEvaluatorTests.NotAffected_WithoutPathLength_Blocks",
+        "PolicyGateEvaluatorTests.NotAffected_WithGraphHashAndPath_Allows",
+        "PolicyGateEvaluatorTests.Decision_ContainsEvidence",
+        "PolicyGateEvaluatorTests.Decision_ContainsGateResults"
+    ],
+    "behaviorVerified": [
+        "SignatureRequiredGate disabled returns pass",
+        "Missing signatures block gate evaluation",
+        "All valid signatures pass gate evaluation",
+        "Invalid signature (bad hash) returns fail with failure details",
+        "Non-required evidence types pass without signature",
+        "Issuer allowlist validation with exact match and wildcard patterns (*@company.com, *@*.company.com)",
+        "Algorithm validation enforces accepted algorithms (ES256, RS256, EdDSA) and rejects unknown",
+        "Key ID validation against trusted key ID allowlist",
+        "Keyless signature valid with transparency log inclusion and certificate chain",
+        "Keyless signature fails without transparency log when required",
+        "Keyless verification disabled rejects keyless signatures",
+        "Environment-specific overrides skip evidence types for development",
+        "Environment-specific overrides add additional trusted issuers for staging",
+        "Invalid certificate chain fails verification",
+        "PolicyGateEvaluator evidence completeness gate verifies graphHash and pathLength for not_affected",
+        "DSSE-attested evidence referenced in gate decision document",
+        "TrustBundleRef in KnowledgeSnapshotManifest verified"
+    ],
+    "assertionTypes": [
+        "Assert.True/False for gate pass/fail",
+        "Assert.Equal for reason codes",
+        "Assert.Contains for failure detail keys",
+        "Theory InlineData for parameterized issuer/algorithm validation"
+    ],
+    "newTestsWritten": [],
+    "bugsFixed": [],
+    "rawOutput": "Policy.Tests: Passed! - Failed: 0, Passed: 781, Skipped: 0, Total: 781, Duration: 4s 601ms. Engine.Tests: Passed! - Failed: 0, Passed: 1278, Skipped: 0, Total: 1278, Duration: 8s 227ms. Total: 2059/2059 pass. SignatureRequiredGateTests: 15+ tests verify signature validation pipeline (disabled, missing, valid, invalid, issuer allowlists with wildcards, algorithm validation, key ID, keyless with/without transparency log, environment overrides, certificate chain). PolicyGateEvaluator EvidenceCompleteness gate verifies graphHash/pathLength for not_affected.",
+    "verdict": "pass"
+}