audit work, fixed StellaOps.sln warnings/errors, fixed tests, sprints work, new advisories

src/__Libraries/StellaOps.Eventing/Migrations/20260107_001_create_timeline_events.sql

@@ -0,0 +1,57 @@
+-- Migration: 20260107_001_create_timeline_events
+-- Purpose: Create timeline schema and events table for unified event timeline
+
+-- Create schema
+CREATE SCHEMA IF NOT EXISTS timeline;
+
+-- Create events table
+CREATE TABLE timeline.events (
+    event_id        TEXT PRIMARY KEY,
+    t_hlc           TEXT NOT NULL,           -- HLC timestamp (sortable string format)
+    ts_wall         TIMESTAMPTZ NOT NULL,    -- Wall-clock time (informational)
+    service         TEXT NOT NULL,           -- Service name
+    trace_parent    TEXT,                    -- W3C Trace Context traceparent
+    correlation_id  TEXT NOT NULL,           -- Correlation ID linking events
+    kind            TEXT NOT NULL,           -- Event kind (ENQUEUE, EXECUTE, etc.)
+    payload         JSONB NOT NULL,          -- RFC 8785 canonicalized JSON payload
+    payload_digest  BYTEA NOT NULL,          -- SHA-256 digest of payload
+    engine_name     TEXT NOT NULL,           -- Engine/service name
+    engine_version  TEXT NOT NULL,           -- Engine version
+    engine_digest   TEXT NOT NULL,           -- Source/assembly digest
+    dsse_sig        TEXT,                    -- Optional DSSE signature
+    schema_version  INTEGER NOT NULL DEFAULT 1,
+    created_at      TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+-- Create indexes for common query patterns
+CREATE INDEX idx_events_corr_hlc ON timeline.events (correlation_id, t_hlc);
+CREATE INDEX idx_events_svc_hlc ON timeline.events (service, t_hlc);
+CREATE INDEX idx_events_kind ON timeline.events (kind);
+CREATE INDEX idx_events_created_at ON timeline.events (created_at);
+
+-- GIN index for payload queries
+CREATE INDEX idx_events_payload ON timeline.events USING GIN (payload);
+
+-- Create outbox table for transactional outbox pattern
+CREATE TABLE timeline.outbox (
+    id              BIGSERIAL PRIMARY KEY,
+    event_id        TEXT NOT NULL REFERENCES timeline.events(event_id),
+    status          TEXT NOT NULL DEFAULT 'PENDING',  -- PENDING, PROCESSING, COMPLETED, FAILED
+    retry_count     INTEGER NOT NULL DEFAULT 0,
+    next_retry_at   TIMESTAMPTZ,
+    error_message   TEXT,
+    created_at      TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+    updated_at      TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+CREATE INDEX idx_outbox_status_retry ON timeline.outbox (status, next_retry_at)
+    WHERE status IN ('PENDING', 'FAILED');
+
+-- Comments for documentation
+COMMENT ON TABLE timeline.events IS 'Unified timeline events from all StellaOps services';
+COMMENT ON COLUMN timeline.events.event_id IS 'Deterministic event ID: SHA-256(correlation_id || t_hlc || service || kind)[0:32]';
+COMMENT ON COLUMN timeline.events.t_hlc IS 'HLC timestamp in sortable string format: {physical}:{logical}:{nodeId}';
+COMMENT ON COLUMN timeline.events.ts_wall IS 'Wall-clock time for human reference (not used for ordering)';
+COMMENT ON COLUMN timeline.events.correlation_id IS 'Links related events (e.g., scanId, jobId, artifactDigest)';
+COMMENT ON COLUMN timeline.events.kind IS 'Event type: ENQUEUE, EXECUTE, ATTEST, VERIFY, GATE_PASS, etc.';
+COMMENT ON COLUMN timeline.events.payload IS 'RFC 8785 canonicalized JSON payload for deterministic hashing';