Add sample proof bundle configurations and verification script
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Console CI / console-ci (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
VEX Proof Bundles / verify-bundles (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Console CI / console-ci (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
VEX Proof Bundles / verify-bundles (push) Has been cancelled
- Introduced sample proof bundle configuration files for testing, including `sample-proof-bundle-config.dsse.json`, `sample-proof-bundle.dsse.json`, and `sample-proof-bundle.json`. - Implemented a verification script `test_verify_sample.sh` to validate proof bundles against specified schemas and catalogs. - Updated existing proof bundle configurations with new metadata, including versioning, created timestamps, and justification details. - Enhanced evidence entries with expiration dates and hashes for better integrity checks. - Ensured all new configurations adhere to the defined schema for consistency and reliability in testing.
This commit is contained in:
StellaOps Bot
2
tests/Vex/ProofBundles/cas/config.lock
Normal file
2
tests/Vex/ProofBundles/cas/config.lock
Normal file
@@ -0,0 +1,2 @@
|
||||
FEATURE_X=false
|
||||
MODE=prod
|
||||
16
tests/Vex/ProofBundles/cas/coverage.json
Normal file
16
tests/Vex/ProofBundles/cas/coverage.json
Normal file
@@ -0,0 +1,16 @@
|
||||
{
|
||||
"tool": "reach-cov",
|
||||
"entrypoints": [
|
||||
{
|
||||
"id": "app://api/GET-/healthz",
|
||||
"coverage_percent": 96.3,
|
||||
"negative_tests": true
|
||||
},
|
||||
{
|
||||
"id": "app://worker/queue/default",
|
||||
"coverage_percent": 95.1,
|
||||
"negative_tests": true
|
||||
}
|
||||
],
|
||||
"timestamp": "2025-12-03T23:50:00Z"
|
||||
}
|
||||
19
tests/Vex/ProofBundles/cas/coverage.json.dsse.json
Normal file
19
tests/Vex/ProofBundles/cas/coverage.json.dsse.json
Normal file
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"payloadType": "application/vnd.stellaops+json",
|
||||
"payload": "ewogICJ0b29sIjogInJlYWNoLWNvdiIsCiAgImVudHJ5cG9pbnRzIjogWwogICAgewogICAgICAiaWQiOiAiYXBwOi8vYXBpL0dFVC0vaGVhbHRoeiIsCiAgICAgICJjb3ZlcmFnZV9wZXJjZW50IjogOTYuMywKICAgICAgIm5lZ2F0aXZlX3Rlc3RzIjogdHJ1ZQogICAgfSwKICAgIHsKICAgICAgImlkIjogImFwcDovL3dvcmtlci9xdWV1ZS9kZWZhdWx0IiwKICAgICAgImNvdmVyYWdlX3BlcmNlbnQiOiA5NS4xLAogICAgICAibmVnYXRpdmVfdGVzdHMiOiB0cnVlCiAgICB9CiAgXSwKICAidGltZXN0YW1wIjogIjIwMjUtMTItMDNUMjM6NTA6MDBaIgp9Cg==",
|
||||
"signatures": [
|
||||
{
|
||||
"keyid": "demo-root",
|
||||
"sig": "9MRq4VDHrDJFAkshof/MS6XAPI2U/ivwmuHnQFuaDrM="
|
||||
}
|
||||
],
|
||||
"subject": [
|
||||
{
|
||||
"name": "coverage.json",
|
||||
"hashes": {
|
||||
"sha256": "422f9840d6facaae093d6496eeac472e10b19519854953454107c1b14945f510",
|
||||
"blake3": "43bdea3c8b0bc1e0c52d317c5b03d08deb75c5017b6f52a9d703a60efbd87e29"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
1
tests/Vex/ProofBundles/cas/flags.json
Normal file
1
tests/Vex/ProofBundles/cas/flags.json
Normal file
@@ -0,0 +1 @@
|
||||
{"feature_gates":{"allow_unknown":false,"strict_vex":true},"release":"2025.12.0"}
|
||||
18
tests/Vex/ProofBundles/cas/graph.json
Normal file
18
tests/Vex/ProofBundles/cas/graph.json
Normal file
@@ -0,0 +1,18 @@
|
||||
{
|
||||
"graph_version": "richgraph-v1",
|
||||
"root": "pkg:demo/app@1.0.0",
|
||||
"nodes": 3,
|
||||
"edges": 2,
|
||||
"hashing": "blake3-256",
|
||||
"generated_at": "2025-12-03T23:45:00Z",
|
||||
"paths": [
|
||||
{
|
||||
"from": "pkg:demo/app@1.0.0#main",
|
||||
"to": "pkg:demo/lib@1.0.0#render"
|
||||
},
|
||||
{
|
||||
"from": "pkg:demo/lib@1.0.0#render",
|
||||
"to": "pkg:demo/lib@1.0.0#helper"
|
||||
}
|
||||
]
|
||||
}
|
||||
19
tests/Vex/ProofBundles/cas/graph.json.dsse.json
Normal file
19
tests/Vex/ProofBundles/cas/graph.json.dsse.json
Normal file
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"payloadType": "application/vnd.stellaops+json",
|
||||
"payload": "ewogICJncmFwaF92ZXJzaW9uIjogInJpY2hncmFwaC12MSIsCiAgInJvb3QiOiAicGtnOmRlbW8vYXBwQDEuMC4wIiwKICAibm9kZXMiOiAzLAogICJlZGdlcyI6IDIsCiAgImhhc2hpbmciOiAiYmxha2UzLTI1NiIsCiAgImdlbmVyYXRlZF9hdCI6ICIyMDI1LTEyLTAzVDIzOjQ1OjAwWiIsCiAgInBhdGhzIjogWwogICAgewogICAgICAiZnJvbSI6ICJwa2c6ZGVtby9hcHBAMS4wLjAjbWFpbiIsCiAgICAgICJ0byI6ICJwa2c6ZGVtby9saWJAMS4wLjAjcmVuZGVyIgogICAgfSwKICAgIHsKICAgICAgImZyb20iOiAicGtnOmRlbW8vbGliQDEuMC4wI3JlbmRlciIsCiAgICAgICJ0byI6ICJwa2c6ZGVtby9saWJAMS4wLjAjaGVscGVyIgogICAgfQogIF0KfQo=",
|
||||
"signatures": [
|
||||
{
|
||||
"keyid": "demo-root",
|
||||
"sig": "USa7UXD1aQyBm6v4gGSBsbQAnMd7IXG1Kw+HwQBXpnU="
|
||||
}
|
||||
],
|
||||
"subject": [
|
||||
{
|
||||
"name": "graph.json",
|
||||
"hashes": {
|
||||
"sha256": "34d8051bb97bd3c034e6a2221474ce2faaaca59357721fa1b47df88a281d057b",
|
||||
"blake3": "74640754695e6e5cda4156a0ef1fd3a557d802ef118fef8afaed67089cd39cb1"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
2
tests/Vex/ProofBundles/cas/negative-tests.ndjson
Normal file
2
tests/Vex/ProofBundles/cas/negative-tests.ndjson
Normal file
@@ -0,0 +1,2 @@
|
||||
{"name": "healthz-no-repro", "result": "pass", "seed": 42}
|
||||
{"name": "worker-queue-no-exec", "result": "pass", "seed": 84}
|
||||
2
tests/Vex/ProofBundles/cas/runtime-trace.ndjson
Normal file
2
tests/Vex/ProofBundles/cas/runtime-trace.ndjson
Normal file
@@ -0,0 +1,2 @@
|
||||
{"function": "pkg:demo/app@1.0.0#main", "probe": "eventpipe", "ts": "2025-12-03T23:46:00Z"}
|
||||
{"function": "pkg:demo/lib@1.0.0#render", "probe": "eventpipe", "ts": "2025-12-03T23:46:01Z"}
|
||||
Reference in New Issue
Block a user