stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

fix tests. new product advisories enhancements

Browse Source
This commit is contained in:
master
2026-01-25 19:11:36 +02:00
parent c70e83719e
commit 6e687b523a
504 changed files with 40610 additions and 3785 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
docs/contracts/sigstore-services.example.json Normal file
View File

@@ -0,0 +1,35 @@
{
"version": 1,
"rekor": {
"url": "https://rekor.sigstore.dev",
"tile_base_url": "https://rekor.sigstore.dev/tile/",
"log_id": "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
"public_key_target": "rekor-key-v1"
},
"fulcio": {
"url": "https://fulcio.sigstore.dev",
"root_cert_target": "fulcio-root-2026Q1"
},
"ct_log": {
"url": "https://ctfe.sigstore.dev",
"public_key_target": "ctfe-key-v1"
},
"timestamp_authority": {
"url": "https://tsa.sigstore.dev",
"cert_chain_target": "tsa-chain-2026Q1"
},
"overrides": {
"staging": {
"rekor_url": "https://rekor.sigstage.dev",
"fulcio_url": "https://fulcio.sigstage.dev"
},
"airgap": {
"rekor_url": "https://rekor.internal:8080",
"fulcio_url": "https://fulcio.internal:8081"
}
},
"metadata": {
"updated_at": "2026-01-25T00:00:00Z",
"note": "Production Sigstore endpoints - January 2026"
}
}

122
docs/contracts/sigstore-services.schema.json Normal file
View File

@@ -0,0 +1,122 @@
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://stella-ops.org/schemas/sigstore-services/v1",
"title": "Sigstore Services Map",
"description": "Service discovery map for Sigstore infrastructure endpoints. Distributed via TUF for dynamic endpoint management without client reconfiguration.",
"type": "object",
"required": ["version", "rekor"],
"properties": {
"version": {
"type": "integer",
"minimum": 1,
"description": "Schema version for forward compatibility"
},
"rekor": {
"type": "object",
"description": "Rekor transparency log configuration",
"required": ["url"],
"properties": {
"url": {
"type": "string",
"format": "uri",
"description": "Primary Rekor API endpoint"
},
"tile_base_url": {
"type": "string",
"format": "uri",
"description": "Optional tile endpoint (defaults to {url}/tile/)"
},
"log_id": {
"type": "string",
"pattern": "^[a-f0-9]{64}$",
"description": "SHA-256 hash of log public key (hex-encoded)"
},
"public_key_target": {
"type": "string",
"description": "TUF target name for Rekor public key"
}
}
},
"fulcio": {
"type": "object",
"description": "Fulcio certificate authority configuration",
"properties": {
"url": {
"type": "string",
"format": "uri",
"description": "Fulcio API endpoint"
},
"root_cert_target": {
"type": "string",
"description": "TUF target name for Fulcio root certificate"
}
}
},
"ct_log": {
"type": "object",
"description": "Certificate Transparency log configuration",
"properties": {
"url": {
"type": "string",
"format": "uri",
"description": "CT log API endpoint"
},
"public_key_target": {
"type": "string",
"description": "TUF target name for CT log public key"
}
}
},
"timestamp_authority": {
"type": "object",
"description": "Timestamp authority configuration",
"properties": {
"url": {
"type": "string",
"format": "uri",
"description": "TSA endpoint"
},
"cert_chain_target": {
"type": "string",
"description": "TUF target name for TSA certificate chain"
}
}
},
"overrides": {
"type": "object",
"description": "Site-local endpoint overrides by environment",
"additionalProperties": {
"type": "object",
"properties": {
"rekor_url": {
"type": "string",
"format": "uri"
},
"fulcio_url": {
"type": "string",
"format": "uri"
},
"ct_log_url": {
"type": "string",
"format": "uri"
}
}
}
},
"metadata": {
"type": "object",
"description": "Additional metadata",
"properties": {
"updated_at": {
"type": "string",
"format": "date-time",
"description": "Last update timestamp"
},
"note": {
"type": "string",
"description": "Human-readable note about this configuration"
}
}
}
}
}