stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Add LDAP Distinguished Name Helper and Credential Audit Context
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details

Browse Source 
- Implemented LdapDistinguishedNameHelper for escaping RDN and filter values.
- Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context.
- Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events.
- Introduced AuthorityAuditSink for persisting audit records with structured logging.
- Added CryptoPro related classes for certificate resolution and signing operations.
This commit is contained in:
master
2025-11-09 12:21:38 +02:00
parent ba4c935182
commit 75c2bcafce
385 changed files with 7354 additions and 7344 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/Mirror/StellaOps.Mirror.Creator/TASKS.md
View File

@@ -1,19 +0,0 @@
# Mirror Creator Task Board — Epic 16: Air-Gapped Mode
## Sprint 56 Bundle Assembly
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| MIRROR-CRT-56-001 | TODO | Mirror Creator Guild | EXPORT-OBS-51-001 | Implement deterministic bundle assembler supporting advisories, VEX, policy packs with Zstandard compression and manifest generation. | Bundle build produces deterministic manifest; unit tests compare against golden outputs. |
| MIRROR-CRT-56-002 | TODO | Mirror Creator Guild, Security Guild | MIRROR-CRT-56-001, PROV-OBS-53-001 | Integrate DSSE signing and TUF metadata generation (`root`, `snapshot`, `timestamp`, `targets`). | Signed bundle verified by importer tests; root rotation procedure documented. |
## Sprint 57 OCI Images & Time Anchors
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| MIRROR-CRT-57-001 | TODO | Mirror Creator Guild, DevOps Guild | MIRROR-CRT-56-001 | Add optional OCI image collection producing oci-archive layout with digests recorded in manifest. | Image bundles integrate with air-gapped registry; tests confirm digest equality. |
| MIRROR-CRT-57-002 | TODO | Mirror Creator Guild, AirGap Time Guild | MIRROR-CRT-56-002, AIRGAP-TIME-57-001 | Embed signed time anchor metadata (`meta/time-anchor.json`) sourced from trusted authority. | Time anchor included in bundles; verification tests confirm signature; docs updated. |
## Sprint 58 CLI and Scheduling
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|----|--------|----------|------------|-------------|---------------|
| MIRROR-CRT-58-001 | TODO | Mirror Creator Guild, CLI Guild | MIRROR-CRT-56-002, CLI-AIRGAP-56-001 | Deliver CLI `stella mirror create|verify` commands with content selection flags, delta mode, and dry-run verification. | CLI builds bundles deterministically; verify command reports DSSE/TUF status; integration tests cover options. |
| MIRROR-CRT-58-002 | TODO | Mirror Creator Guild, Exporter Guild | MIRROR-CRT-56-002, EXPORT-OBS-54-001 | Integrate with Export Center scheduling to automate mirror bundle creation with audit logs. | Scheduler triggers bundle builds; audit entries recorded; docs updated. |