Add Policy DSL Validator, Schema Exporter, and Simulation Smoke tools

- Implemented PolicyDslValidator with command-line options for strict mode and JSON output. - Created PolicySchemaExporter to generate JSON schemas for policy-related models. - Developed PolicySimulationSmoke tool to validate policy simulations against expected outcomes. - Added project files and necessary dependencies for each tool. - Ensured proper error handling and usage instructions across tools.
2025-10-27 08:00:11 +02:00
parent 2b7b88ca77
commit 799f787de2
712 changed files with 49449 additions and 6124 deletions
--- a/etc/policy-engine.yaml.sample
+++ b/etc/policy-engine.yaml.sample
@@ -0,0 +1,33 @@
+# StellaOps Policy Engine configuration template.
+# Copy to ../etc/policy-engine.yaml (relative to the Policy Engine content root)
+# and adjust values to fit your environment. Environment variables prefixed with
+# STELLAOPS_POLICY_ENGINE_ override these values at runtime.
+
+schemaVersion: 1
+
+authority:
+  enabled: true
+  issuer: "https://authority.stella-ops.local"
+  clientId: "policy-engine"
+  clientSecret: "change-me"
+  scopes: [ "policy:run", "findings:read", "effective:write" ]
+  backchannelTimeoutSeconds: 30
+
+storage:
+  connectionString: "mongodb://localhost:27017/policy-engine"
+  databaseName: "policy_engine"
+  commandTimeoutSeconds: 30
+
+workers:
+  schedulerIntervalSeconds: 15
+  maxConcurrentEvaluations: 4
+
+resourceServer:
+  authority: "https://authority.stella-ops.local"
+  requireHttpsMetadata: true
+  audiences: [ "api://policy-engine" ]
+  requiredScopes: [ "policy:run" ]
+  requiredTenants: [ ]
+  bypassNetworks:
+    - "127.0.0.1/32"
+    - "::1/128"