Add determinism tests for verdict artifact generation and update SHA256 sums script
- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering. - Created helper methods for generating sample verdict inputs and computing canonical hashes. - Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics. - Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.
This commit is contained in:
StellaOps Bot
@@ -1,11 +1,52 @@
|
||||
# Archived: Console Air-Gap Notes
|
||||
# Console Air-Gap UX (Sealed Mode)
|
||||
|
||||
This page was consolidated into canonical docs:
|
||||
This document describes the Console surfaces and operator expectations when running against Offline Kit snapshots or in sealed/air-gapped deployments.
|
||||
|
||||
- `docs/15_UI_GUIDE.md`
|
||||
- `docs/24_OFFLINE_KIT.md`
|
||||
- `docs/airgap/` (deep dive workflows)
|
||||
## Goals
|
||||
|
||||
The previous note has been archived to:
|
||||
- Make offline operation explicit (never “pretend online”).
|
||||
- Show snapshot identity and staleness budgets so operators can reason about freshness.
|
||||
- Keep import workflows auditable and tenant-scoped.
|
||||
|
||||
- `docs/_archive/console/airgap.md`
|
||||
## Required Surfaces
|
||||
|
||||
### Offline / Sealed Status Badge
|
||||
|
||||
The Console should surface:
|
||||
|
||||
- Whether the site is operating in **sealed/offline mode**.
|
||||
- The current **snapshot identity** (bundle ID / generation / content digest).
|
||||
- The **last import time** and configured freshness/staleness budgets.
|
||||
|
||||
### Import Workflow
|
||||
|
||||
When imports are supported via Console:
|
||||
|
||||
- Use a clear stepper flow: select bundle → verify → apply → confirm.
|
||||
- Display verification results (signature status, digest) without exposing secrets.
|
||||
- Emit an auditable event: who imported what, when, and which snapshot became active.
|
||||
|
||||
### Staleness Dashboard
|
||||
|
||||
Operators need a quick view of:
|
||||
|
||||
- Advisory/VEX/policy ages relative to configured budgets
|
||||
- Tenants/environments nearing expiry thresholds
|
||||
- “Why stale?” explanations (missing time anchor, expired bundle, etc.)
|
||||
|
||||
## Staleness Rules
|
||||
|
||||
- Treat staleness as **a first-class signal**: show it prominently when it affects decision confidence.
|
||||
- Use UTC timestamps; avoid local time ambiguity.
|
||||
- When a time anchor is missing, surface “unknown staleness” instead of silently defaulting.
|
||||
|
||||
## Security and Guardrails
|
||||
|
||||
- Import is an admin operation (scoped and audited).
|
||||
- Always display tenant context for imports and status surfaces.
|
||||
- Avoid displaying long hashes without context; prefer short digests with a “copy full digest” action.
|
||||
|
||||
## References
|
||||
|
||||
- Offline Kit packaging and verification: `docs/24_OFFLINE_KIT.md`
|
||||
- Air-gap workflows: `docs/airgap/`
|
||||
|
||||
Reference in New Issue
Block a user