tests fixes and some product advisories tunes ups

2026-01-30 07:57:43 +02:00
parent 644887997c
commit 55744f6a39
345 changed files with 26290 additions and 2267 deletions
--- a/src/Notifier/StellaOps.Notifier/docs/attestation-rules.sample.json
+++ b/src/Notifier/StellaOps.Notifier/docs/attestation-rules.sample.json
@@ -51,6 +51,31 @@
          "template": "tmpl-attest-transparency-anomaly"
        }
      ]
+    },
+    {
+      "ruleId": "identity-watchlist-alert",
+      "name": "Identity watchlist match",
+      "enabled": true,
+      "tenantId": "<tenant-id>",
+      "match": {
+        "eventKinds": [
+          "attestor.identity.matched"
+        ]
+      },
+      "actions": [
+        {
+          "actionId": "slack-watchlist",
+          "enabled": true,
+          "channel": "slack-attestation-alerts",
+          "template": "identity-matched"
+        },
+        {
+          "actionId": "webhook-watchlist",
+          "enabled": true,
+          "channel": "webhook-siem",
+          "template": "identity-matched"
+        }
+      ]
    }
  ],
  "channels": [
@@ -81,6 +106,14 @@
      "name": "SIEM ingest",
      "endpoint": "https://siem.example.internal/hooks/notifier",
      "secretRef": "ref://notify/channels/webhook/siem"
+    },
+    {
+      "channelId": "slack-attestation-alerts",
+      "type": "slack",
+      "name": "Attestation alerts",
+      "endpoint": "https://hooks.slack.com/services/T000/B000/ATTESTATION",
+      "secretRef": "ref://notify/channels/slack/attestation-alerts",
+      "description": "Slack channel for identity watchlist alerts"
    }
  ]
 }