stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

stabilize tests

Browse Source
This commit is contained in:
master
2026-02-01 21:37:40 +02:00
parent 55744f6a39
commit 5d5e80b2e4
6435 changed files with 33984 additions and 13802 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/SbomService/StellaOps.SbomService/AGENTS.md
View File

@@ -1,4 +1,4 @@
# StellaOps.SbomService Agent Charter
# StellaOps.SbomService ??? Agent Charter
## Mission
Expose normalized SBOM projections (components, relationships, scopes, entrypoints) that downstream systems such as Cartographer, Policy Engine, and Scheduler consume. Maintain deterministic SBOM versioning, change events, and tenant-aware access patterns.
@@ -16,8 +16,8 @@ Expose normalized SBOM projections (components, relationships, scopes, entrypoin
## Required Reading
- `docs/modules/platform/architecture-overview.md`
- `docs/modules/sbomservice/architecture.md`
- `docs/implplan/SPRINT_0142_0001_0001_sbomservice.md`
- `docs/modules/sbom-service/architecture.md`
- `docs-archived/implplan/SPRINT_0142_0001_0001_sbomservice.md`
## Working Agreement
- 1. Update task status to `DOING`/`DONE` in both correspoding sprint file `/docs/implplan/SPRINT_*.md` and the local `TASKS.md` when you start or finish work.
@@ -25,3 +25,4 @@ Expose normalized SBOM projections (components, relationships, scopes, entrypoin
- 3. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
- 4. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
- 5. Revert to `TODO` if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.

5
src/SbomService/StellaOps.SbomService/Auth/HeaderAuthenticationHandler.cs
View File

@@ -1,7 +1,8 @@
using System.Security.Claims;
using System.Text.Encodings.Web;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Options;
using System.Security.Claims;
using System.Text.Encodings.Web;
namespace StellaOps.SbomService.Auth;

3
src/SbomService/StellaOps.SbomService/Controllers/RegistrySourceController.cs
View File

@@ -1,9 +1,10 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using System.Security.Claims;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Services;
using System.Security.Claims;
namespace StellaOps.SbomService.Controllers;

1
src/SbomService/StellaOps.SbomService/Controllers/RegistryWebhookController.cs
View File

@@ -1,6 +1,7 @@
// Copyright (c) StellaOps. Licensed under BUSL-1.1.
// SPRINT_20251229_012 REG-SRC-004: Registry webhook endpoints
using Microsoft.AspNetCore.Mvc;
using StellaOps.SbomService.Services;

9
src/SbomService/StellaOps.SbomService/Program.cs
View File

@@ -1,15 +1,16 @@
using System.Globalization;
using System.Diagnostics.Metrics;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using StellaOps.SbomService.Auth;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Services;
using StellaOps.SbomService.Observability;
using StellaOps.SbomService.Repositories;
using System.Text.Json;
using StellaOps.SbomService.Services;
using System.Diagnostics;
using System.Diagnostics.Metrics;
using System.Globalization;
using System.Text.Json;
var builder = WebApplication.CreateBuilder(args);

3
src/SbomService/StellaOps.SbomService/Repositories/FileCatalogRepository.cs
View File

@@ -1,5 +1,6 @@
using System.Text.Json;
using StellaOps.SbomService.Models;
using System.Text.Json;
namespace StellaOps.SbomService.Repositories;

3
src/SbomService/StellaOps.SbomService/Repositories/FileComponentLookupRepository.cs
View File

@@ -1,5 +1,6 @@
using System.Text.Json;
using StellaOps.SbomService.Models;
using System.Text.Json;
namespace StellaOps.SbomService.Repositories;

3
src/SbomService/StellaOps.SbomService/Repositories/FileProjectionRepository.cs
View File

@@ -1,7 +1,8 @@
using StellaOps.SbomService.Models;
using System.Security.Cryptography;
using System.Text.Json;
using System.Text.Json.Nodes;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Repositories;

5
src/SbomService/StellaOps.SbomService/Repositories/ISbomLedgerRepository.cs
View File

@@ -1,8 +1,9 @@
using System;
using StellaOps.SbomService.Models;
using System;
using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Repositories;

3
src/SbomService/StellaOps.SbomService/Repositories/InMemoryEntrypointRepository.cs
View File

@@ -1,5 +1,6 @@
using System.Collections.Concurrent;
using StellaOps.SbomService.Models;
using System.Collections.Concurrent;
namespace StellaOps.SbomService.Repositories;

3
src/SbomService/StellaOps.SbomService/Repositories/InMemoryOrchestratorControlRepository.cs
View File

@@ -1,5 +1,6 @@
using System.Collections.Concurrent;
using StellaOps.SbomService.Services;
using System.Collections.Concurrent;
namespace StellaOps.SbomService.Repositories;

3
src/SbomService/StellaOps.SbomService/Repositories/InMemoryOrchestratorRepository.cs
View File

@@ -1,5 +1,6 @@
using System.Collections.Concurrent;
using StellaOps.SbomService.Models;
using System.Collections.Concurrent;
namespace StellaOps.SbomService.Repositories;

5
src/SbomService/StellaOps.SbomService/Repositories/InMemorySbomLedgerRepository.cs
View File

@@ -1,10 +1,11 @@
using System;
using StellaOps.SbomService.Models;
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Repositories;

3
src/SbomService/StellaOps.SbomService/Repositories/InMemorySbomLineageEdgeRepository.cs
View File

@@ -4,9 +4,10 @@
// Task: In-memory implementation of SBOM lineage edge repository
// -----------------------------------------------------------------------------
using System.Collections.Concurrent;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Services;
using System.Collections.Concurrent;
namespace StellaOps.SbomService.Repositories;

5
src/SbomService/StellaOps.SbomService/Services/ISbomLedgerService.cs
View File

@@ -1,7 +1,8 @@
using System;
using StellaOps.SbomService.Models;
using System;
using System.Threading;
using System.Threading.Tasks;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Services;

5
src/SbomService/StellaOps.SbomService/Services/ISbomUploadService.cs
View File

@@ -1,6 +1,7 @@
using System.Threading;
using System.Threading.Tasks;
using StellaOps.SbomService.Models;
using System.Threading;
using System.Threading.Tasks;
namespace StellaOps.SbomService.Services;

5
src/SbomService/StellaOps.SbomService/Services/InMemoryLineageCompareCache.cs
View File

@@ -5,11 +5,12 @@
// Description: In-memory implementation of lineage compare cache with TTL.
// -----------------------------------------------------------------------------
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using System.Collections.Concurrent;
using System.ComponentModel.DataAnnotations;
using System.Diagnostics;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
namespace StellaOps.SbomService.Services;

73
src/SbomService/StellaOps.SbomService/Services/InMemorySbomQueryService.cs
View File

@@ -1,11 +1,12 @@
using System.Collections.Concurrent;
using System.Globalization;
using System.Diagnostics.Metrics;
using System.Text.Json;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Observability;
using StellaOps.SbomService.Repositories;
using StellaOps.SbomService.Services;
using System.Collections.Concurrent;
using System.Diagnostics.Metrics;
using System.Globalization;
using System.Text.Json;
namespace StellaOps.SbomService.Services;
@@ -171,6 +172,7 @@ internal sealed class InMemorySbomQueryService : ISbomQueryService
var cacheKey = $"projection|{snapshotId}|{tenantId}";
if (_cache.TryGetValue(cacheKey, out var cached) && cached is SbomProjectionResult cachedProjection)
{
await PublishProjectionEventsAsync(cachedProjection, cancellationToken).ConfigureAwait(false);
return cachedProjection;
}
@@ -178,40 +180,45 @@ internal sealed class InMemorySbomQueryService : ISbomQueryService
if (projection is not null)
{
_cache[cacheKey] = projection;
var evt = new SbomVersionCreatedEvent(
projection.SnapshotId,
projection.TenantId,
projection.ProjectionHash,
projection.SchemaVersion,
_clock.UtcNow);
await _eventPublisher.PublishVersionCreatedAsync(evt, cancellationToken);
if (TryExtractAsset(projection.Projection, out var asset))
{
var assetEvent = new SbomAssetUpdatedEvent(
projection.SnapshotId,
projection.TenantId,
asset,
projection.ProjectionHash,
projection.SchemaVersion,
_clock.UtcNow);
await _eventPublisher.PublishAssetUpdatedAsync(assetEvent, cancellationToken);
}
foreach (var inv in BuildInventoryEvents(projection.SnapshotId, projection.TenantId))
{
await _eventPublisher.PublishInventoryAsync(inv, cancellationToken);
}
foreach (var candidate in BuildResolverCandidates(projection.SnapshotId, projection.TenantId))
{
await _eventPublisher.PublishResolverAsync(candidate, cancellationToken);
}
await PublishProjectionEventsAsync(projection, cancellationToken).ConfigureAwait(false);
}
return projection;
}
private async Task PublishProjectionEventsAsync(SbomProjectionResult projection, CancellationToken cancellationToken)
{
var evt = new SbomVersionCreatedEvent(
projection.SnapshotId,
projection.TenantId,
projection.ProjectionHash,
projection.SchemaVersion,
_clock.UtcNow);
await _eventPublisher.PublishVersionCreatedAsync(evt, cancellationToken).ConfigureAwait(false);
if (TryExtractAsset(projection.Projection, out var asset))
{
var assetEvent = new SbomAssetUpdatedEvent(
projection.SnapshotId,
projection.TenantId,
asset,
projection.ProjectionHash,
projection.SchemaVersion,
_clock.UtcNow);
await _eventPublisher.PublishAssetUpdatedAsync(assetEvent, cancellationToken).ConfigureAwait(false);
}
foreach (var inv in BuildInventoryEvents(projection.SnapshotId, projection.TenantId))
{
await _eventPublisher.PublishInventoryAsync(inv, cancellationToken).ConfigureAwait(false);
}
foreach (var candidate in BuildResolverCandidates(projection.SnapshotId, projection.TenantId))
{
await _eventPublisher.PublishResolverAsync(candidate, cancellationToken).ConfigureAwait(false);
}
}
private static bool TryExtractAsset(JsonElement projection, out AssetMetadata asset)
{
asset = default!;

5
src/SbomService/StellaOps.SbomService/Services/LineageCompareService.cs
View File

@@ -5,11 +5,12 @@
// Description: Implementation of full artifact comparison service.
// -----------------------------------------------------------------------------
using System.Diagnostics;
using Microsoft.Extensions.Logging;
using StellaOps.Excititor.Persistence.Repositories;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
using StellaOps.Excititor.Persistence.Repositories;
using System.Diagnostics;
namespace StellaOps.SbomService.Services;

5
src/SbomService/StellaOps.SbomService/Services/LineageExportService.cs
View File

@@ -4,11 +4,12 @@
// Task: Evidence pack export service implementation
// -----------------------------------------------------------------------------
using Microsoft.Extensions.Logging;
using StellaOps.SbomService.Models;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;
using Microsoft.Extensions.Logging;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Services;

7
src/SbomService/StellaOps.SbomService/Services/LineageHoverCache.cs
View File

@@ -4,13 +4,14 @@
// Task: Add Valkey caching for hover card data with 5-minute TTL
// -----------------------------------------------------------------------------
using System.Diagnostics;
using System.ComponentModel.DataAnnotations;
using System.Text.Json;
using Microsoft.Extensions.Caching.Distributed;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using StellaOps.SbomService.Models;
using System.ComponentModel.DataAnnotations;
using System.Diagnostics;
using System.Text.Json;
namespace StellaOps.SbomService.Services;

3
src/SbomService/StellaOps.SbomService/Services/OrchestratorControlService.cs
View File

@@ -1,6 +1,7 @@
using StellaOps.SbomService.Repositories;
using System.Collections.Concurrent;
using System.Diagnostics.Metrics;
using StellaOps.SbomService.Repositories;
namespace StellaOps.SbomService.Services;

7
src/SbomService/StellaOps.SbomService/Services/RegistryDiscoveryService.cs
View File

@@ -1,12 +1,13 @@
// Copyright (c) StellaOps. Licensed under BUSL-1.1.
// SPRINT_20251229_012 REG-SRC-005: Registry discovery service
using System.Net.Http.Headers;
using System.Text.Json;
using System.Text.RegularExpressions;
using Microsoft.Extensions.Options;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
using System.Net.Http.Headers;
using System.Text.Json;
using System.Text.RegularExpressions;
namespace StellaOps.SbomService.Services;

5
src/SbomService/StellaOps.SbomService/Services/RegistryWebhookService.cs
View File

@@ -1,12 +1,13 @@
// Copyright (c) StellaOps. Licensed under BUSL-1.1.
// SPRINT_20251229_012 REG-SRC-004: Registry webhook ingestion service
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;
using System.Text.Json.Serialization;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
namespace StellaOps.SbomService.Services;

3
src/SbomService/StellaOps.SbomService/Services/ReplayHashService.cs
View File

@@ -7,10 +7,11 @@
// policy_version + vex_verdicts_digest + timestamp)
// -----------------------------------------------------------------------------
using Microsoft.Extensions.Logging;
using System.Diagnostics;
using System.Security.Cryptography;
using System.Text;
using Microsoft.Extensions.Logging;
namespace StellaOps.SbomService.Services;

3
src/SbomService/StellaOps.SbomService/Services/ReplayVerificationService.cs
View File

@@ -5,11 +5,12 @@
// Description: Implementation of replay hash verification with drift detection.
// -----------------------------------------------------------------------------
using Microsoft.Extensions.Logging;
using System.Collections.Concurrent;
using System.Collections.Immutable;
using System.Diagnostics;
using System.Globalization;
using Microsoft.Extensions.Logging;
namespace StellaOps.SbomService.Services;

7
src/SbomService/StellaOps.SbomService/Services/SbomAnalysisTrigger.cs
View File

@@ -1,8 +1,9 @@
using System;
using System.Threading;
using System.Threading.Tasks;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
using System;
using System.Threading;
using System.Threading.Tasks;
namespace StellaOps.SbomService.Services;

3
src/SbomService/StellaOps.SbomService/Services/SbomContextAssembler.cs
View File

@@ -1,9 +1,10 @@
using StellaOps.SbomService.Models;
using System.Collections.Immutable;
using System.Globalization;
using System.Security.Cryptography;
using System.Text;
using System.Text.Json;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Services;

3
src/SbomService/StellaOps.SbomService/Services/SbomEvents.cs
View File

@@ -1,5 +1,6 @@
using System.Collections.Concurrent;
using StellaOps.SbomService.Models;
using System.Collections.Concurrent;
namespace StellaOps.SbomService.Services;

11
src/SbomService/StellaOps.SbomService/Services/SbomLedgerService.cs
View File

@@ -1,13 +1,14 @@
using System;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
using System;
using System.Collections.Generic;
using System.Globalization;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
namespace StellaOps.SbomService.Services;

7
src/SbomService/StellaOps.SbomService/Services/SbomLineageGraphService.cs
View File

@@ -5,12 +5,13 @@
// Task: Implement SBOM lineage graph service
// -----------------------------------------------------------------------------
using System.Diagnostics;
using System.Security.Cryptography;
using System.Text;
using Microsoft.Extensions.Logging;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
using System.Diagnostics;
using System.Security.Cryptography;
using System.Text;
namespace StellaOps.SbomService.Services;

5
src/SbomService/StellaOps.SbomService/Services/SbomNormalizationService.cs
View File

@@ -1,9 +1,10 @@
using System;
using StellaOps.SbomService.Models;
using System;
using System.Collections.Generic;
using System.Globalization;
using System.Linq;
using System.Text.Json;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Services;

5
src/SbomService/StellaOps.SbomService/Services/SbomQualityScorer.cs
View File

@@ -1,7 +1,8 @@
using System;
using StellaOps.SbomService.Models;
using System;
using System.Collections.Generic;
using System.Linq;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Services;

5
src/SbomService/StellaOps.SbomService/Services/SbomUploadService.cs
View File

@@ -1,4 +1,6 @@
using System;
using StellaOps.SbomService.Models;
using System;
using System.Collections.Generic;
using System.Globalization;
using System.Linq;
@@ -7,7 +9,6 @@ using System.Text;
using System.Text.Json;
using System.Threading;
using System.Threading.Tasks;
using StellaOps.SbomService.Models;
namespace StellaOps.SbomService.Services;

7
src/SbomService/StellaOps.SbomService/Services/ScanJobEmitterService.cs
View File

@@ -1,12 +1,13 @@
// Copyright (c) StellaOps. Licensed under BUSL-1.1.
// SPRINT_20251229_012 REG-SRC-006: Scan job emission service
using System.Net.Http.Json;
using System.Text.Json;
using System.Text.Json.Serialization;
using Microsoft.Extensions.Options;
using StellaOps.SbomService.Models;
using StellaOps.SbomService.Repositories;
using System.Net.Http.Json;
using System.Text.Json;
using System.Text.Json.Serialization;
namespace StellaOps.SbomService.Services;

5
src/SbomService/StellaOps.SbomService/Services/ValkeyLineageCompareCache.cs
View File

@@ -5,11 +5,12 @@
// Description: Valkey/Redis implementation of lineage compare cache with 10-minute TTL.
// -----------------------------------------------------------------------------
using System.Diagnostics;
using System.Text.Json;
using Microsoft.Extensions.Caching.Distributed;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using System.Diagnostics;
using System.Text.Json;
namespace StellaOps.SbomService.Services;

8
src/SbomService/StellaOps.SbomService/TASKS.md Normal file
View File

@@ -0,0 +1,8 @@
# StellaOps.SbomService Task Board
This board mirrors active sprint tasks for this module.
Source of truth: `docs/implplan/SPRINT_20260130_002_Tools_csproj_remediation_solid_review.md`.
| Task ID | Status | Notes |
| --- | --- | --- |
| REMED-05 | TODO | Remediation checklist: docs/implplan/audits/csproj-standards/remediation/checklists/src/SbomService/StellaOps.SbomService/StellaOps.SbomService.md. |
| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |