stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Stabilize U

Browse Source
This commit is contained in:
master
2026-02-16 07:33:20 +02:00
parent 45c0f1bb59
commit 70fdbfcf25
166 changed files with 20156 additions and 4833 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
docs/qa/feature-checks/runs/scheduler/scheduler-impactindex-and-surface-fs-pointers/run-002/tier0-source-check.json Normal file
View File

@@ -0,0 +1,69 @@
{
"type": "source",
"module": "scheduler",
"feature": "scheduler-impactindex-and-surface-fs-pointers",
"runId": "run-002",
"capturedAtUtc": "2026-02-15T20:55:00.0000000Z",
"investigationNote": "Previous run-001 only checked WebService paths. Actual implementation lives in __Libraries. This run verifies the LIBRARY implementation paths.",
"featureDocReferencedFiles": [
"src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexService.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexEndpointExtensions.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexContracts.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsPointerService.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsEndpointExtensions.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsContracts.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/Scheduling/ScanScheduleService.cs"
],
"featureDocReferencedFilesStatus": {
"found": [],
"missing": [
"src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexService.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexEndpointExtensions.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexContracts.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsPointerService.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsEndpointExtensions.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsContracts.cs",
"src/Scheduler/StellaOps.Scheduler.WebService/Scheduling/ScanScheduleService.cs"
],
"missingRatio": 1.0,
"note": "Feature doc references WebService paths that do not exist. However, the CORE LOGIC exists in __Libraries paths (see actualImplementationFiles below)."
},
"actualImplementationFiles": {
"impactIndex": {
"found": [
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/IImpactIndex.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/RoaringImpactIndex.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/FixtureImpactIndex.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/ImpactImageRecord.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/ImpactIndexSnapshot.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/ImpactIndexStubOptions.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/ImpactIndexServiceCollectionExtensions.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/Ingestion/BomIndexReader.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/Ingestion/ImpactIndexIngestionRequest.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.ImpactIndex/StellaOps.Scheduler.ImpactIndex.csproj"
],
"description": "Full IImpactIndex interface with RoaringBitmap-backed implementation (RoaringImpactIndex) and fixture-backed stub (FixtureImpactIndex). Supports: ResolveByPurls, ResolveByVulnerabilities, ResolveAll, Remove, CreateSnapshot, RestoreSnapshot. Binary BomIndex ingestion via BomIndexReader."
},
"surfaceFsPointers": {
"found": [
"src/Scheduler/__Libraries/StellaOps.Scheduler.Worker/Planning/SurfaceFsPointer.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.Worker/Planning/SurfaceFsPointerEvaluator.cs",
"src/Scheduler/__Libraries/StellaOps.Scheduler.Worker/Planning/SurfaceManifestPointer.cs"
],
"description": "SurfaceFsPointer record with URI parsing (surfacefs://tenant/dataset/version), cache key generation. SurfaceFsPointerEvaluator with drift detection, validation (dataset allowlist, sealed mode), and batch planning prioritization. InMemorySurfaceFsPointerCache implementation."
}
},
"tests": {
"found": [
"src/Scheduler/__Tests/StellaOps.Scheduler.ImpactIndex.Tests/RoaringImpactIndexTests.cs",
"src/Scheduler/__Tests/StellaOps.Scheduler.ImpactIndex.Tests/FixtureImpactIndexTests.cs"
],
"description": "11 unit tests covering RoaringImpactIndex (ingest, replace, filter by tenant/namespace/tag, resolve all, usageOnly, remove, snapshot/restore) and FixtureImpactIndex (resolve by purls, usage-only, resolve all deterministic, resolve by vulnerabilities, fixture directory loading)."
},
"diWiring": {
"impactIndex": "ImpactIndexServiceCollectionExtensions.AddImpactIndexStub() registers IImpactIndex as FixtureImpactIndex singleton",
"surfaceFsPointer": "No explicit DI registration found in SchedulerWorkerServiceCollectionExtensions. ISurfaceFsPointerEvaluator and ISurfaceFsPointerCache not registered yet."
},
"verdict": "partially_implemented",
"verdictReason": "ImpactIndex core library is FULLY IMPLEMENTED with roaring bitmap index, fixture stub, BOM-Index binary reader, snapshot serialization, and 11 passing tests. SurfaceFsPointer model and evaluator are FULLY IMPLEMENTED with drift detection and planning prioritization. HOWEVER: (1) Feature doc references WebService endpoint paths that do not exist (no REST API surface), (2) SurfaceFsPointer evaluator lacks DI wiring in SchedulerWorkerServiceCollectionExtensions, (3) No ScanScheduleService exists. The core library logic (ImpactIndex + SurfaceFs) is implemented; the HTTP endpoint layer and scheduling integration are not."
}

65
docs/qa/feature-checks/runs/scheduler/scheduler-impactindex-and-surface-fs-pointers/run-002/tier2-integration-check.json Normal file
View File

@@ -0,0 +1,65 @@
{
"type": "integration",
"module": "scheduler",
"feature": "scheduler-impactindex-and-surface-fs-pointers",
"runId": "run-002",
"capturedAtUtc": "2026-02-15T20:55:00.0000000Z",
"testProject": "src/Scheduler/__Tests/StellaOps.Scheduler.ImpactIndex.Tests/StellaOps.Scheduler.ImpactIndex.Tests.csproj",
"testCommand": "dotnet test src/Scheduler/__Tests/StellaOps.Scheduler.ImpactIndex.Tests/StellaOps.Scheduler.ImpactIndex.Tests.csproj -v normal",
"testResult": {
"passed": 11,
"failed": 0,
"skipped": 0,
"total": 11,
"duration": "576ms"
},
"testClassesVerified": [
{
"class": "RoaringImpactIndexTests",
"testCount": 6,
"tests": [
"IngestAsync_RegistersComponentsAndUsage - verifies BOM ingest, purl resolution, image digest, tags, UsedByEntrypoint",
"IngestAsync_ReplacesExistingImageData - verifies re-ingest updates tags and entrypoint status",
"ResolveByPurlsAsync_RespectsTenantNamespaceAndTagFilters - multi-tenant filtering with tag wildcards",
"ResolveAllAsync_UsageOnlyFiltersEntrypointImages - usageOnly=true filters non-entrypoint images",
"RemoveAsync_RemovesImageAndComponents - verifies image removal from bitmap index",
"CreateSnapshotAsync_CompactsIdsAndRestores - snapshot round-trip with id compaction"
],
"assertionQuality": "STRONG - Tests assert actual computed values (image digests, tag contents, image counts, UsedByEntrypoint booleans, snapshot ID regex patterns). Tests exercise ingest->query->remove->snapshot lifecycle."
},
{
"class": "FixtureImpactIndexTests",
"testCount": 5,
"tests": [
"ResolveByPurls_UsesEmbeddedFixtures - resolves specific purl against embedded fixtures, verifies digest/registry/repo/tag/entrypoint/generatedAt/schemaVersion",
"ResolveByPurls_UsageOnlyFiltersInventoryOnlyComponents - verifies usageOnly=true filters inventory-only",
"ResolveAll_ReturnsDeterministicFixtureSet - two calls produce identical 6-image sets",
"ResolveByVulnerabilities_ReturnsEmptySet - stub returns empty for vuln lookup",
"FixtureDirectoryOption_LoadsFromFileSystem - loads from samples directory, verifies 6 images"
],
"assertionQuality": "STRONG - Tests verify specific digests, registries, repositories, tags, counts, determinism, and schema versions. Not shallow checks."
}
],
"codeReviewFindings": {
"impactIndex": {
"interface": "IImpactIndex defines 6 methods: ResolveByPurls, ResolveByVulnerabilities, ResolveAll, Remove, CreateSnapshot, RestoreSnapshot",
"roaringImpl": "RoaringImpactIndex (637 lines) - production-quality roaring bitmap implementation with thread-safe locking, deterministic ID generation via SHA-256, BOM-Index binary ingestion, tenant/namespace/tag/label/digest selector filtering, snapshot serialization with compacted IDs",
"fixtureImpl": "FixtureImpactIndex (673 lines) - fixture-backed stub loading from embedded resources or filesystem, lazy initialization, full selector matching",
"bomReader": "BomIndexReader - binary format parser (BOMIDX1 magic, version 1, entrypoint table support, roaring bitmap deserialization)"
},
"surfaceFsPointers": {
"pointer": "SurfaceFsPointer (116 lines) - record with tenant/dataset/version, surfacefs:// URI format, Parse/TryParse with regex, cache key generation",
"evaluator": "SurfaceFsPointerEvaluator (274 lines) - validates dataset allowlist, sealed mode enforcement, drift detection against cache, batch planning with priority boost for drift-triggered assets, redundant scan skipping",
"cache": "InMemorySurfaceFsPointerCache - thread-safe in-memory cache implementation"
}
},
"gaps": [
"WebService HTTP endpoints (ImpactIndexEndpointExtensions, SurfaceFsEndpointExtensions) do not exist - no REST API surface",
"WebService contracts (ImpactIndexContracts, SurfaceFsContracts) do not exist",
"ScanScheduleService does not exist - no scheduling integration layer",
"SurfaceFsPointerEvaluator and ISurfaceFsPointerCache not registered in SchedulerWorkerServiceCollectionExtensions DI",
"RoaringImpactIndex not registered for production use (only fixture stub is DI-wired)"
],
"verdict": "partially_implemented",
"verdictReason": "Core ImpactIndex library is production-quality with 11 passing tests. SurfaceFsPointer model and evaluator are complete. Missing: REST endpoint layer, DI wiring for production index and evaluator, ScanScheduleService."
}