stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint: save features

Browse Source
This commit is contained in:
master
2026-02-12 10:27:23 +02:00
parent dca86e1248
commit 5bca406787
8837 changed files with 1796879 additions and 5294 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
docs/features/unimplemented/scheduler/scheduler-exception-lifecycle-worker.md Normal file
View File

@@ -0,0 +1,36 @@
# Scheduler Exception Lifecycle Worker
## Module
Scheduler
## Status
PARTIALLY_IMPLEMENTED
## Description
Background worker that monitors exception expiries and triggers policy re-evaluation when exceptions lapse, enforcing time-bounded risk acceptance.
## Implementation Details
- **Exception Lifecycle Worker**: `src/Scheduler/StellaOps.Scheduler.WebService/ExceptionLifecycle/ExceptionLifecycleWorker.cs` -- background `IHostedService` that periodically scans for expiring or expired policy exceptions and triggers re-evaluation of affected findings.
- **Exception Lifecycle Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/ExceptionLifecycle/ExceptionLifecycleEndpointExtensions.cs` -- REST endpoints for querying exception status and managing exception lifecycle.
- **Exception Lifecycle Contracts**: `src/Scheduler/StellaOps.Scheduler.WebService/ExceptionLifecycle/ExceptionLifecycleContracts.cs` -- DTOs for exception status, expiry notifications, and lifecycle transitions.
- **Exception Repository**: `src/Scheduler/StellaOps.Scheduler.WebService/ExceptionLifecycle/IExceptionRepository.cs` -- persistence contract for policy exceptions with expiry tracking.
- **Failure Signature Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/FailureSignatures/FailureSignatureEndpoints.cs` -- endpoints for managing failure signatures that may trigger exception expiry.
- **Webhook Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/EventWebhooks/EventWebhookEndpointExtensions.cs` -- webhook endpoints for notifying external systems of exception lifecycle events.
- **Tests**: `src/Scheduler/__Tests/StellaOps.Scheduler.WebService.Tests/ExceptionLifecycle/ExceptionLifecycleWorkerTests.cs`, `ExceptionLifecycleEndpointsTests.cs`
## E2E Test Plan
- [ ] Create a policy exception with a 1-minute expiry; after expiry, verify the exception lifecycle worker triggers a re-evaluation event for the affected finding
- [ ] Query the exception lifecycle endpoint and verify active exceptions are listed with their remaining TTL
- [ ] Verify exception renewal: extend an exception's expiry before it lapses and confirm the worker does not trigger re-evaluation
- [ ] Verify webhook notification: configure a webhook endpoint and confirm it receives a notification when an exception expires
- [ ] Create multiple exceptions with staggered expiries and verify the worker processes them in expiry order
## Not Implemented Findings
- Tier 0 source verification (run-002) found 6/8 referenced files missing (ratio: 0.75).
- WebService exception-lifecycle endpoint/contracts/repository files referenced by this feature are absent.
- Referenced exception-lifecycle WebService test files are absent.
- Worker code exists at `src/Scheduler/__Libraries/StellaOps.Scheduler.Worker/Exception/ExceptionLifecycleWorker.cs`, but the documented end-user API surface is not present.
## Verification
- Classified as `not_implemented` at Tier 0 on 2026-02-11 (run-002).
- Evidence: `docs/qa/feature-checks/runs/scheduler/scheduler-exception-lifecycle-worker/run-002/tier0-source-check.json`

32
docs/features/unimplemented/scheduler/scheduler-impactindex-and-surface-fs-pointers.md Normal file
View File

@@ -0,0 +1,32 @@
# Scheduler ImpactIndex and Surface.FS Pointers
## Module
Scheduler
## Status
PARTIALLY_IMPLEMENTED
## Description
ImpactIndex computation for prioritizing scheduled vulnerability evaluations, with Surface.FS pointers linking scheduler jobs to filesystem-level SBOM surface data for efficient incremental rescans.
## Implementation Details
- **Impact Index Service**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexService.cs` -- computes impact index scores for scheduled jobs based on vulnerability severity, component exposure, and deployment topology.
- **Impact Index Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexEndpointExtensions.cs` -- REST endpoints for querying and updating impact index scores.
- **Impact Index Contracts**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexContracts.cs` -- DTOs for impact index query/update operations.
- **Surface FS Pointers**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsPointerService.cs` -- manages filesystem-level pointers linking SBOM surface data to scheduler jobs for incremental rescan optimization.
- **Surface FS Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsEndpointExtensions.cs` -- REST endpoints for managing Surface.FS pointers.
- **Surface FS Contracts**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsContracts.cs` -- DTOs for Surface.FS pointer operations.
- **Scan Schedule Service**: `src/Scheduler/StellaOps.Scheduler.WebService/Scheduling/ScanScheduleService.cs` -- schedules vulnerability rescans prioritized by impact index.
- **Tests**: `src/Scheduler/__Tests/StellaOps.Scheduler.WebService.Tests/ImpactIndex/ImpactIndexServiceTests.cs`, `ImpactIndexEndpointsTests.cs`; `src/Scheduler/__Tests/StellaOps.Scheduler.WebService.Tests/SurfaceFs/SurfaceFsPointerServiceTests.cs`
## E2E Test Plan
- [ ] Compute an impact index for a component with a critical CVE in a production deployment and verify the score is higher than for the same CVE in a staging deployment.
- [ ] Create a Surface.FS pointer linking a scheduler job to an SBOM surface file and verify pointer lookup by job ID.
- [ ] Verify incremental rescan behavior for changed components only.
- [ ] Verify impact-based prioritization order for queued jobs.
- [ ] Query impact index scores via REST and verify descending sort.
## Missing Implementation Evidence
- Tier 0 run-001 found 7/7 referenced implementation files missing under `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex`, `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs`, and `src/Scheduler/StellaOps.Scheduler.WebService/Scheduling`.
- Classification: `not_implemented` per FLOW (>50% key file references absent).
- Evidence: `docs/qa/feature-checks/runs/scheduler/scheduler-impactindex-and-surface-fs-pointers/run-001/tier0-source-check.json`