stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

stabilizaiton work - projects rework for maintenanceability and ui livening

Browse Source
This commit is contained in:
master
2026-02-03 23:40:04 +02:00
parent 074ce117ba
commit 557feefdc3
3305 changed files with 186813 additions and 107843 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
src/__Libraries/StellaOps.Configuration/AuthoritySealedModeOptions.cs Normal file
View File

@@ -0,0 +1,57 @@
using System;
namespace StellaOps.Configuration;
public sealed class AuthoritySealedModeOptions
{
private static readonly TimeSpan _defaultMaxEvidenceAge = TimeSpan.FromHours(6);
private static readonly TimeSpan _defaultCacheLifetime = TimeSpan.FromMinutes(1);
/// <summary>
/// Enables sealed-mode enforcement for clients that declare the requirement.
/// </summary>
public bool EnforcementEnabled { get; set; }
/// <summary>
/// Path to the latest authority-sealed-ci.json artefact emitted by sealed-mode CI.
/// </summary>
public string EvidencePath { get; set; } = "artifacts/sealed-mode-ci/latest/authority-sealed-ci.json";
/// <summary>
/// Maximum age accepted for the sealed evidence document.
/// </summary>
public TimeSpan MaxEvidenceAge { get; set; } = _defaultMaxEvidenceAge;
/// <summary>
/// Cache lifetime for parsed evidence to avoid re-reading the artefact on every request.
/// </summary>
public TimeSpan CacheLifetime { get; set; } = _defaultCacheLifetime;
public bool RequireAuthorityHealthPass { get; set; } = true;
public bool RequireSignerHealthPass { get; set; } = true;
public bool RequireAttestorHealthPass { get; set; } = true;
public bool RequireEgressProbePass { get; set; } = true;
internal void Validate()
{
if (!EnforcementEnabled)
{
return;
}
if (string.IsNullOrWhiteSpace(EvidencePath))
{
throw new InvalidOperationException("AirGap.SealedMode.EvidencePath must be provided when enforcement is enabled.");
}
if (MaxEvidenceAge <= TimeSpan.Zero || MaxEvidenceAge > TimeSpan.FromDays(7))
{
throw new InvalidOperationException("AirGap.SealedMode.MaxEvidenceAge must be between 00:00:01 and 7.00:00:00.");
}
if (CacheLifetime <= TimeSpan.Zero || CacheLifetime > MaxEvidenceAge)
{
throw new InvalidOperationException("AirGap.SealedMode.CacheLifetime must be greater than zero and less than or equal to AirGap.SealedMode.MaxEvidenceAge.");
}
}
}