stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

tests fixes and sprints work

Browse Source
This commit is contained in:
master
2026-01-22 19:08:46 +02:00
parent c32fff8f86
commit 726d70dc7f
881 changed files with 134434 additions and 6228 deletions
Download Patch File Download Diff File Expand all files Collapse all files

183
src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaComplianceModels.cs Normal file
View File

@@ -0,0 +1,183 @@
using System.Collections.Immutable;
using StellaOps.Concelier.SbomIntegration.Models;
namespace StellaOps.Policy.NtiaCompliance;
public interface INtiaComplianceValidator
{
Task<NtiaComplianceReport> ValidateAsync(
ParsedSbom sbom,
NtiaCompliancePolicy policy,
CancellationToken ct = default);
}
public sealed record NtiaComplianceReport
{
public NtiaComplianceStatus OverallStatus { get; init; } = NtiaComplianceStatus.Unknown;
public ImmutableArray<NtiaElementStatus> ElementStatuses { get; init; } = [];
public ImmutableArray<NtiaFinding> Findings { get; init; } = [];
public double ComplianceScore { get; init; }
public SupplierValidationStatus SupplierStatus { get; init; } = SupplierValidationStatus.Unknown;
public SupplierValidationReport? SupplierReport { get; init; }
public SupplierTrustReport? SupplierTrust { get; init; }
public DependencyCompletenessReport? DependencyCompleteness { get; init; }
public FrameworkComplianceReport? Frameworks { get; init; }
public SupplyChainTransparencyReport? SupplyChain { get; init; }
}
public sealed record NtiaElementStatus
{
public NtiaElement Element { get; init; }
public bool Present { get; init; }
public bool Valid { get; init; }
public int ComponentsCovered { get; init; }
public int ComponentsMissing { get; init; }
public string? Notes { get; init; }
}
public sealed record NtiaFinding
{
public NtiaFindingType Type { get; init; }
public NtiaElement? Element { get; init; }
public string? Component { get; init; }
public string? Supplier { get; init; }
public int? Count { get; init; }
public string? Message { get; init; }
}
public sealed record SupplierValidationReport
{
public ImmutableArray<SupplierInventoryEntry> Suppliers { get; init; } = [];
public ImmutableArray<ComponentSupplierEntry> Components { get; init; } = [];
public int ComponentsMissingSupplier { get; init; }
public int ComponentsWithSupplier { get; init; }
public double CoveragePercent { get; init; }
public SupplierValidationStatus Status { get; init; } = SupplierValidationStatus.Unknown;
public ImmutableArray<NtiaFinding> Findings { get; init; } = [];
}
public sealed record SupplierInventoryEntry
{
public required string Name { get; init; }
public string? Url { get; init; }
public int ComponentCount { get; init; }
public bool PlaceholderDetected { get; init; }
}
public sealed record ComponentSupplierEntry
{
public required string ComponentName { get; init; }
public string? SupplierName { get; init; }
public string? SupplierUrl { get; init; }
public bool IsPlaceholder { get; init; }
public bool UrlValid { get; init; }
}
public sealed record SupplierTrustReport
{
public ImmutableArray<SupplierTrustEntry> Suppliers { get; init; } = [];
public int VerifiedSuppliers { get; init; }
public int KnownSuppliers { get; init; }
public int UnknownSuppliers { get; init; }
public int BlockedSuppliers { get; init; }
}
public sealed record SupplierTrustEntry
{
public required string Supplier { get; init; }
public SupplierTrustLevel TrustLevel { get; init; }
public ImmutableArray<string> Components { get; init; } = [];
}
public sealed record DependencyCompletenessReport
{
public int TotalComponents { get; init; }
public int ComponentsWithDependencies { get; init; }
public ImmutableArray<string> OrphanedComponents { get; init; } = [];
public ImmutableArray<string> MissingDependencyRefs { get; init; } = [];
public double CompletenessScore { get; init; }
}
public sealed record FrameworkComplianceReport
{
public ImmutableArray<FrameworkComplianceEntry> Frameworks { get; init; } = [];
}
public sealed record FrameworkComplianceEntry
{
public required RegulatoryFramework Framework { get; init; }
public NtiaComplianceStatus Status { get; init; } = NtiaComplianceStatus.Unknown;
public ImmutableArray<NtiaElement> MissingElements { get; init; } = [];
public ImmutableArray<string> MissingFields { get; init; } = [];
public double ComplianceScore { get; init; }
}
public sealed record SupplyChainTransparencyReport
{
public int TotalSuppliers { get; init; }
public int TotalComponents { get; init; }
public string? TopSupplier { get; init; }
public double TopSupplierShare { get; init; }
public double ConcentrationIndex { get; init; }
public int UnknownSuppliers { get; init; }
public int BlockedSuppliers { get; init; }
public ImmutableArray<SupplierInventoryEntry> Suppliers { get; init; } = [];
public ImmutableArray<string> RiskFlags { get; init; } = [];
}
public enum NtiaComplianceStatus
{
Unknown = 0,
Pass = 1,
Warn = 2,
Fail = 3
}
public enum SupplierValidationStatus
{
Unknown = 0,
Pass = 1,
Warn = 2,
Fail = 3
}
public enum SupplierTrustLevel
{
Verified = 0,
Known = 1,
Unknown = 2,
Blocked = 3
}
public enum NtiaElement
{
SupplierName = 0,
ComponentName = 1,
ComponentVersion = 2,
OtherUniqueIdentifiers = 3,
DependencyRelationship = 4,
AuthorOfSbomData = 5,
Timestamp = 6
}
public enum NtiaFindingType
{
MissingElement = 0,
InvalidElement = 1,
PlaceholderSupplier = 2,
InvalidSupplierUrl = 3,
MissingSupplier = 4,
BlockedSupplier = 5,
UnknownSupplier = 6,
MissingDependency = 7,
MissingIdentifier = 8
}
public enum RegulatoryFramework
{
Ntia = 0,
Fda = 1,
Cisa = 2,
EuCra = 3,
Nist = 4
}