feat: Initialize Zastava Webhook service with TLS and Authority authentication

- Added Program.cs to set up the web application with Serilog for logging, health check endpoints, and a placeholder admission endpoint. - Configured Kestrel server to use TLS 1.3 and handle client certificates appropriately. - Created StellaOps.Zastava.Webhook.csproj with necessary dependencies including Serilog and Polly. - Documented tasks in TASKS.md for the Zastava Webhook project, outlining current work and exit criteria for each task.
2025-10-19 18:36:22 +03:00
parent 7e2fa0a42a
commit 5ce40d2eeb
966 changed files with 91038 additions and 1850 deletions
--- a/docs/events/scanner.report.ready@1.json
+++ b/docs/events/scanner.report.ready@1.json
@@ -21,14 +21,28 @@
      "type": "object",
      "required": ["verdict", "delta", "links"],
      "properties": {
+        "reportId": {"type": "string"},
+        "generatedAt": {"type": "string", "format": "date-time"},
        "verdict": {"enum": ["pass", "warn", "fail"]},
+        "summary": {
+          "type": "object",
+          "properties": {
+            "total": {"type": "integer", "minimum": 0},
+            "blocked": {"type": "integer", "minimum": 0},
+            "warned": {"type": "integer", "minimum": 0},
+            "ignored": {"type": "integer", "minimum": 0},
+            "quieted": {"type": "integer", "minimum": 0}
+          },
+          "additionalProperties": false
+        },
        "delta": {
          "type": "object",
          "properties": {
            "newCritical": {"type": "integer", "minimum": 0},
            "newHigh": {"type": "integer", "minimum": 0},
            "kev": {"type": "array", "items": {"type": "string"}}
-          }
+          },
+          "additionalProperties": false
        },
        "links": {
          "type": "object",
@@ -37,6 +51,30 @@
            "rekor": {"type": "string", "format": "uri"}
          },
          "additionalProperties": false
+        },
+        "quietedFindingCount": {"type": "integer", "minimum": 0},
+        "report": {"type": "object"},
+        "dsse": {
+          "type": "object",
+          "required": ["payloadType", "payload", "signatures"],
+          "properties": {
+            "payloadType": {"type": "string"},
+            "payload": {"type": "string"},
+            "signatures": {
+              "type": "array",
+              "items": {
+                "type": "object",
+                "required": ["keyId", "algorithm", "signature"],
+                "properties": {
+                  "keyId": {"type": "string"},
+                  "algorithm": {"type": "string"},
+                  "signature": {"type": "string"}
+                },
+                "additionalProperties": false
+              }
+            }
+          },
+          "additionalProperties": false
        }
      },
      "additionalProperties": true