up
Some checks failed
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Policy Simulation / policy-simulate (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Some checks failed
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Policy Simulation / policy-simulate (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
This commit is contained in:
StellaOps Bot
@@ -4,7 +4,6 @@
|
||||
<Nullable>enable</Nullable>
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
<LangVersion>preview</LangVersion>
|
||||
<PackageTargetFallback></PackageTargetFallback>
|
||||
<AssetTargetFallback></AssetTargetFallback>
|
||||
</PropertyGroup>
|
||||
</Project>
|
||||
|
||||
@@ -5,7 +5,6 @@
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
<Nullable>enable</Nullable>
|
||||
<LangVersion>preview</LangVersion>
|
||||
<PackageTargetFallback></PackageTargetFallback>
|
||||
<AssetTargetFallback></AssetTargetFallback>
|
||||
</PropertyGroup>
|
||||
</Project>
|
||||
|
||||
67
ops/mongo/indices/reachability_store_indices.js
Normal file
67
ops/mongo/indices/reachability_store_indices.js
Normal file
@@ -0,0 +1,67 @@
|
||||
/**
|
||||
* MongoDB indexes for the shared reachability store collections used by Signals/Policy/Scanner.
|
||||
* Run with: mongosh stellaops_db < reachability_store_indices.js
|
||||
*
|
||||
* Collections:
|
||||
* - func_nodes: canonical function nodes keyed by graph + symbol ID and joinable by (purl, symbolDigest)
|
||||
* - call_edges: canonical call edges keyed by graph and joinable by (purl, symbolDigest)
|
||||
* - cve_func_hits: per-subject mapping of CVE -> affected/reachable functions with evidence pointers
|
||||
*
|
||||
* Created: 2025-12-13 (SIG-STORE-401-016)
|
||||
*/
|
||||
|
||||
// Switch to the target database (override via --eval "var dbName='custom'" if needed)
|
||||
const targetDb = typeof dbName !== 'undefined' ? dbName : 'stellaops';
|
||||
db = db.getSiblingDB(targetDb);
|
||||
|
||||
print(`Creating reachability store indexes on ${targetDb}...`);
|
||||
|
||||
print(`- func_nodes`);
|
||||
db.func_nodes.createIndex(
|
||||
{ "graphHash": 1, "symbolId": 1 },
|
||||
{ name: "func_nodes_by_graph_symbol", unique: true, background: true }
|
||||
);
|
||||
db.func_nodes.createIndex(
|
||||
{ "purl": 1, "symbolDigest": 1 },
|
||||
{ name: "func_nodes_by_purl_symboldigest", background: true, sparse: true }
|
||||
);
|
||||
db.func_nodes.createIndex(
|
||||
{ "codeId": 1 },
|
||||
{ name: "func_nodes_by_code_id", background: true, sparse: true }
|
||||
);
|
||||
|
||||
print(`- call_edges`);
|
||||
db.call_edges.createIndex(
|
||||
{ "graphHash": 1, "sourceId": 1, "targetId": 1, "type": 1 },
|
||||
{ name: "call_edges_by_graph_edge", unique: true, background: true }
|
||||
);
|
||||
db.call_edges.createIndex(
|
||||
{ "graphHash": 1, "sourceId": 1 },
|
||||
{ name: "call_edges_by_graph_source", background: true }
|
||||
);
|
||||
db.call_edges.createIndex(
|
||||
{ "graphHash": 1, "targetId": 1 },
|
||||
{ name: "call_edges_by_graph_target", background: true }
|
||||
);
|
||||
db.call_edges.createIndex(
|
||||
{ "purl": 1, "symbolDigest": 1 },
|
||||
{ name: "call_edges_by_purl_symboldigest", background: true, sparse: true }
|
||||
);
|
||||
|
||||
print(`- cve_func_hits`);
|
||||
db.cve_func_hits.createIndex(
|
||||
{ "subjectKey": 1, "cveId": 1 },
|
||||
{ name: "cve_func_hits_by_subject_cve", background: true }
|
||||
);
|
||||
db.cve_func_hits.createIndex(
|
||||
{ "cveId": 1, "purl": 1, "symbolDigest": 1 },
|
||||
{ name: "cve_func_hits_by_cve_purl_symboldigest", background: true, sparse: true }
|
||||
);
|
||||
db.cve_func_hits.createIndex(
|
||||
{ "graphHash": 1 },
|
||||
{ name: "cve_func_hits_by_graph", background: true, sparse: true }
|
||||
);
|
||||
|
||||
print("\nReachability store indexes created successfully.");
|
||||
print("Run db.func_nodes.getIndexes(), db.call_edges.getIndexes(), db.cve_func_hits.getIndexes() to verify.");
|
||||
|
||||
Reference in New Issue
Block a user