feat: Initialize Zastava Webhook service with TLS and Authority authentication

- Added Program.cs to set up the web application with Serilog for logging, health check endpoints, and a placeholder admission endpoint. - Configured Kestrel server to use TLS 1.3 and handle client certificates appropriately. - Created StellaOps.Zastava.Webhook.csproj with necessary dependencies including Serilog and Polly. - Documented tasks in TASKS.md for the Zastava Webhook project, outlining current work and exit criteria for each task.
2025-10-19 18:36:22 +03:00
parent 7e2fa0a42a
commit 5ce40d2eeb
966 changed files with 91038 additions and 1850 deletions
--- a/docs/notify/samples/notify-rule@1.sample.json
+++ b/docs/notify/samples/notify-rule@1.sample.json
@@ -0,0 +1,63 @@
+{
+  "schemaVersion": "notify.rule@1",
+  "ruleId": "rule-secops-critical",
+  "tenantId": "tenant-01",
+  "name": "Critical digests to SecOps",
+  "description": "Escalate KEV-tagged findings to on-call feeds.",
+  "enabled": true,
+  "match": {
+    "eventKinds": [
+      "scanner.report.ready",
+      "scheduler.rescan.delta"
+    ],
+    "namespaces": [
+      "prod-*"
+    ],
+    "repositories": [],
+    "digests": [],
+    "labels": [],
+    "componentPurls": [],
+    "minSeverity": "high",
+    "verdicts": [],
+    "kevOnly": true,
+    "vex": {
+      "includeAcceptedJustifications": false,
+      "includeRejectedJustifications": false,
+      "includeUnknownJustifications": false,
+      "justificationKinds": [
+        "component-remediated",
+        "not-affected"
+      ]
+    }
+  },
+  "actions": [
+    {
+      "actionId": "email-digest",
+      "channel": "email:soc",
+      "digest": "hourly",
+      "template": "digest",
+      "enabled": true,
+      "metadata": {
+        "locale": "en-us"
+      }
+    },
+    {
+      "actionId": "slack-oncall",
+      "channel": "slack:sec-ops",
+      "template": "concise",
+      "throttle": "PT5M",
+      "metadata": {},
+      "enabled": true
+    }
+  ],
+  "labels": {
+    "team": "secops"
+  },
+  "metadata": {
+    "source": "sprint-15"
+  },
+  "createdBy": "ops:zoya",
+  "createdAt": "2025-10-19T04:12:27+00:00",
+  "updatedBy": "ops:zoya",
+  "updatedAt": "2025-10-19T04:45:03+00:00"
+}