stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

stabilizaiton work - projects rework for maintenanceability and ui livening

Browse Source
This commit is contained in:
master
2026-02-03 23:40:04 +02:00
parent 074ce117ba
commit 557feefdc3
3305 changed files with 186813 additions and 107843 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/__Libraries/__Tests/StellaOps.Provenance.Tests/DocumentValueTests.AsHelpers.cs Normal file
View File

@@ -0,0 +1,20 @@
using StellaOps.Provenance;
using StellaOps.TestKit;
using Xunit;
namespace StellaOps.Provenance.Tests;
public sealed partial class DocumentValueTests
{
[Trait("Category", TestCategories.Unit)]
[Fact]
public void AsHelpers_ReturnExpectedValues()
{
Assert.Equal("alpha", "alpha".AsString());
Assert.Equal(7, 7.AsInt32());
Assert.Equal(9L, 9L.AsInt64());
Assert.Equal(1.5, 1.5.AsDouble());
Assert.True(true.AsBoolean());
Assert.Equal(string.Empty, ((object?)null).AsString());
}
}

31
src/__Libraries/__Tests/StellaOps.Provenance.Tests/DocumentValueTests.Containers.cs Normal file
View File

@@ -0,0 +1,31 @@
using StellaOps.Provenance;
using StellaOps.TestKit;
using Xunit;
namespace StellaOps.Provenance.Tests;
public sealed partial class DocumentValueTests
{
[Trait("Category", TestCategories.Unit)]
[Fact]
public void AsDocumentArray_WrapsEnumerable()
{
var values = new object?[] { "alpha", 4 };
var array = values.AsDocumentArray();
Assert.Equal(2, array.Count);
Assert.Equal("alpha", array[0].AsString);
Assert.Equal(4, array[1].AsInt32);
}
[Trait("Category", TestCategories.Unit)]
[Fact]
public void AsDocumentObject_ReturnsDocumentObject()
{
var document = new DocumentObject("key", "value");
var result = ((object?)document).AsDocumentObject();
Assert.Same(document, result);
Assert.Equal("value", result["key"].AsString);
}
}

41
src/__Libraries/__Tests/StellaOps.Provenance.Tests/ProvenanceExtensionsTests.cs → src/__Libraries/__Tests/StellaOps.Provenance.Tests/ProvenanceExtensionsTests.AttachDsseProvenance.cs
View File

@@ -1,15 +1,15 @@
using System;
using System.Collections.Generic;
using System.Linq;
using StellaOps.Provenance;
using StellaOps.TestKit;
using Xunit;
using StellaOps.TestKit;
namespace StellaOps.Provenance.Tests;
public sealed class ProvenanceExtensionsTests
public sealed partial class ProvenanceExtensionsTests
{
[Trait("Category", TestCategories.Unit)]
[Fact]
[Fact]
public void AttachDsseProvenance_WritesNestedDocuments()
{
var document = new DocumentObject
@@ -66,37 +66,4 @@ public sealed class ProvenanceExtensionsTests
Assert.Equal(2, ((DocumentInt32)trustDoc["witnesses"]).Value);
Assert.Equal(0.9, ((DocumentDouble)trustDoc["policyScore"]).Value);
}
[Trait("Category", TestCategories.Unit)]
[Fact]
public void BuildProvenVexFilter_TargetsKindSubjectAndVerified()
{
var filter = ProvenanceExtensions.BuildProvenVexFilter("VEX", "sha256:123");
Assert.Equal("VEX", ((DocumentString)filter["kind"]).Value);
Assert.Equal("sha256:123", ((DocumentString)filter["subject.digest.sha256"]).Value);
Assert.True(filter.ContainsKey("provenance.dsse.rekor.logIndex"));
Assert.True(filter.ContainsKey("trust.verified"));
}
[Trait("Category", TestCategories.Unit)]
[Fact]
public void BuildUnprovenEvidenceFilter_FlagsMissingTrustOrRekor()
{
var filter = ProvenanceExtensions.BuildUnprovenEvidenceFilter(new[] { "SBOM", "VEX" });
var kindClause = (DocumentArray)((DocumentObject)filter["kind"])["$in"];
Assert.Contains("SBOM", kindClause.Select(v => ((DocumentString)v).Value));
Assert.Contains("VEX", kindClause.Select(v => ((DocumentString)v).Value));
var orConditions = (DocumentArray)filter["$or"];
Assert.Equal(2, orConditions.Count);
var trustCondition = (DocumentObject)orConditions[0];
Assert.Equal("$ne", ((DocumentObject)trustCondition["trust.verified"]).Keys.Single());
var rekorCondition = (DocumentObject)orConditions[1];
Assert.Equal("$exists", ((DocumentObject)rekorCondition["provenance.dsse.rekor.logIndex"]).Keys.Single());
Assert.False((bool)((DocumentBoolean)((DocumentObject)rekorCondition["provenance.dsse.rekor.logIndex"])["$exists"]).Value!);
}
}

51
src/__Libraries/__Tests/StellaOps.Provenance.Tests/ProvenanceExtensionsTests.AttachDsseProvenanceOptional.cs Normal file
View File

@@ -0,0 +1,51 @@
using StellaOps.Provenance;
using StellaOps.TestKit;
using Xunit;
namespace StellaOps.Provenance.Tests;
public sealed partial class ProvenanceExtensionsTests
{
[Trait("Category", TestCategories.Unit)]
[Fact]
public void AttachDsseProvenance_SkipsOptionalFields_WhenMissing()
{
var document = new DocumentObject
{
{ "kind", "SBOM" }
};
var dsse = new DsseProvenance
{
EnvelopeDigest = "sha256:optional",
PayloadType = "application/vnd.in-toto+json",
Key = new DsseKeyInfo
{
KeyId = "cosign:SHA256-PKIX:TEST"
},
Rekor = null,
Chain = null
};
var trust = new TrustInfo
{
Verified = false,
Verifier = null,
Witnesses = null,
PolicyScore = null
};
document.AttachDsseProvenance(dsse, trust);
var provenanceDoc = (DocumentObject)document["provenance"];
var dsseDoc = (DocumentObject)provenanceDoc["dsse"];
Assert.False(dsseDoc.ContainsKey("rekor"));
Assert.False(dsseDoc.ContainsKey("chain"));
var trustDoc = (DocumentObject)document["trust"];
Assert.False((bool)((DocumentBoolean)trustDoc["verified"]).Value!);
Assert.False(trustDoc.ContainsKey("witnesses"));
Assert.False(trustDoc.ContainsKey("policyScore"));
Assert.IsType<DocumentNull>(trustDoc["verifier"]);
}
}

20
src/__Libraries/__Tests/StellaOps.Provenance.Tests/ProvenanceExtensionsTests.BuildProvenVexFilter.cs Normal file
View File

@@ -0,0 +1,20 @@
using StellaOps.Provenance;
using StellaOps.TestKit;
using Xunit;
namespace StellaOps.Provenance.Tests;
public sealed partial class ProvenanceExtensionsTests
{
[Trait("Category", TestCategories.Unit)]
[Fact]
public void BuildProvenVexFilter_TargetsKindSubjectAndVerified()
{
var filter = ProvenanceExtensions.BuildProvenVexFilter("VEX", "sha256:123");
Assert.Equal("VEX", ((DocumentString)filter["kind"]).Value);
Assert.Equal("sha256:123", ((DocumentString)filter["subject.digest.sha256"]).Value);
Assert.True(filter.ContainsKey("provenance.dsse.rekor.logIndex"));
Assert.True(filter.ContainsKey("trust.verified"));
}
}

30
src/__Libraries/__Tests/StellaOps.Provenance.Tests/ProvenanceExtensionsTests.BuildUnprovenEvidenceFilter.cs Normal file
View File

@@ -0,0 +1,30 @@
using System.Linq;
using StellaOps.Provenance;
using StellaOps.TestKit;
using Xunit;
namespace StellaOps.Provenance.Tests;
public sealed partial class ProvenanceExtensionsTests
{
[Trait("Category", TestCategories.Unit)]
[Fact]
public void BuildUnprovenEvidenceFilter_FlagsMissingTrustOrRekor()
{
var filter = ProvenanceExtensions.BuildUnprovenEvidenceFilter(new[] { "SBOM", "VEX" });
var kindClause = (DocumentArray)((DocumentObject)filter["kind"])["$in"];
Assert.Contains("SBOM", kindClause.Select(v => ((DocumentString)v).Value));
Assert.Contains("VEX", kindClause.Select(v => ((DocumentString)v).Value));
var orConditions = (DocumentArray)filter["$or"];
Assert.Equal(2, orConditions.Count);
var trustCondition = (DocumentObject)orConditions[0];
Assert.Equal("$ne", ((DocumentObject)trustCondition["trust.verified"]).Keys.Single());
var rekorCondition = (DocumentObject)orConditions[1];
Assert.Equal("$exists", ((DocumentObject)rekorCondition["provenance.dsse.rekor.logIndex"]).Keys.Single());
Assert.False((bool)((DocumentBoolean)((DocumentObject)rekorCondition["provenance.dsse.rekor.logIndex"])["$exists"]).Value!);
}
}

51
src/__Libraries/__Tests/StellaOps.Provenance.Tests/ProvenanceJsonParserTests.ParseOverrides.cs Normal file
View File

@@ -0,0 +1,51 @@
using System;
using StellaOps.Provenance;
using StellaOps.TestKit;
using Xunit;
namespace StellaOps.Provenance.Tests;
public sealed partial class ProvenanceJsonParserTests
{
private const string DsseOnlyJson =
@"{""dsse"": {""envelopeDigest"": ""sha256:abc"", ""payloadType"": ""application/vnd.in-toto+json"", ""key"": {""keyId"": ""cosign:SHA256-PKIX:TEST""}}}";
private const string DsseWithStringNumbersJson =
@"{""dsse"": {""envelopeDigest"": ""sha256:abc"", ""payloadType"": ""application/vnd.in-toto+json"", ""key"": {""keyId"": ""cosign:SHA256-PKIX:TEST""}, ""rekor"": {""logIndex"": ""42"", ""uuid"": ""rekor-1"", ""integratedTime"": ""100"", ""mirrorSeq"": ""5""}}, ""trust"": {""verified"": false}}";
[Trait("Category", TestCategories.Unit)]
[Fact]
public void Parse_UsesTrustOverride_WhenMissingTrust()
{
var overrideTrust = new TrustInfo
{
Verified = true,
Verifier = "override"
};
var result = ProvenanceJsonParser.Parse(DsseOnlyJson, overrideTrust);
Assert.Same(overrideTrust, result.Trust);
Assert.True(result.Trust.Verified);
}
[Trait("Category", TestCategories.Unit)]
[Fact]
public void Parse_ThrowsWhenMissingTrust()
{
var exception = Assert.Throws<InvalidOperationException>(() => ProvenanceJsonParser.Parse(DsseOnlyJson));
Assert.Equal("Provenance metadata missing trust block.", exception.Message);
}
[Trait("Category", TestCategories.Unit)]
[Fact]
public void Parse_ReadsRekorNumbersFromStrings()
{
var result = ProvenanceJsonParser.Parse(DsseWithStringNumbersJson);
Assert.Equal(42, result.Dsse.Rekor?.LogIndex);
Assert.Equal(100, result.Dsse.Rekor?.IntegratedTime);
Assert.Equal(5, result.Dsse.Rekor?.MirrorSeq);
}
}

39
src/__Libraries/__Tests/StellaOps.Provenance.Tests/ProvenanceJsonParserTests.ParseValid.cs Normal file
View File

@@ -0,0 +1,39 @@
using StellaOps.Provenance;
using StellaOps.TestKit;
using Xunit;
namespace StellaOps.Provenance.Tests;
public sealed partial class ProvenanceJsonParserTests
{
[Trait("Category", TestCategories.Unit)]
[Fact]
public void Parse_ReturnsDsseAndTrust()
{
var json = @"{
""dsse"": {
""envelopeDigest"": ""sha256:deadbeef"",
""payloadType"": ""application/vnd.in-toto+json"",
""key"": { ""keyId"": ""cosign:SHA256-PKIX:TEST"", ""issuer"": ""fulcio"", ""algo"": ""ECDSA"" },
""rekor"": { ""logIndex"": 12, ""uuid"": ""rekor-1"", ""integratedTime"": 1234, ""mirrorSeq"": 5 },
""chain"": [ { ""type"": ""build"", ""id"": ""att:build#1"", ""digest"": ""sha256:chain"" } ]
},
""trust"": { ""verified"": true, ""verifier"": ""Authority@stella"", ""witnesses"": 2, ""policyScore"": 0.75 }
}";
var result = ProvenanceJsonParser.Parse(json);
Assert.Equal("sha256:deadbeef", result.Dsse.EnvelopeDigest);
Assert.Equal("application/vnd.in-toto+json", result.Dsse.PayloadType);
Assert.Equal("cosign:SHA256-PKIX:TEST", result.Dsse.Key.KeyId);
Assert.Equal(12, result.Dsse.Rekor?.LogIndex);
Assert.Equal("rekor-1", result.Dsse.Rekor?.Uuid);
Assert.NotNull(result.Dsse.Chain);
var link = Assert.Single(result.Dsse.Chain);
Assert.Equal("build", link.Type);
Assert.True(result.Trust.Verified);
Assert.Equal("Authority@stella", result.Trust.Verifier);
Assert.Equal(2, result.Trust.Witnesses);
Assert.Equal(0.75, result.Trust.PolicyScore);
}
}

2
src/__Libraries/__Tests/StellaOps.Provenance.Tests/TASKS.md
View File

@@ -9,3 +9,5 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
| AUDIT-0033-T | DONE | Revalidated 2026-01-08; open findings tracked in audit report. |
| AUDIT-0033-A | DONE | Waived (test project; revalidated 2026-01-08). |
| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
| REMED-03 | DONE | Tier 0 remediation (usings sorted); dotnet test passed 2026-02-02. |
| REMED-05 | DONE | File split <= 100 lines and tests enriched; dotnet test passed 2026-02-02. |