docs: add parity report templates for vulnerabilities and scheduler

2025-12-06 09:25:58 +00:00
parent a7cd10020a
commit 79d562ea5d
2 changed files with 94 additions and 0 deletions
--- a/docs/db/reports/scheduler-parity-20251214.md
+++ b/docs/db/reports/scheduler-parity-20251214.md
@@ -0,0 +1,44 @@
 # Scheduler Parity Report · 2025-12-14
 ## Scope
 - Backfill and parity verification for Scheduler (Sprint 3402 · PG-T2.9–T2.11).
 - Compare MongoDB source vs PostgreSQL target for job/trigger/lease history.
 ## Inputs
 - Mongo snapshot: <path or connection string>
 - Postgres target: <connection>
 - Backfill tool: `Scheduler.Backfill` (version/hash)
 - Config: `Persistence:Scheduler=Postgres` after backfill? yes/no
 ## Methods
 - Backfill steps:
  1) Restore Mongo snapshot (if applicable)
  2) Run Scheduler.Backfill CLI
  3) Capture logs and row counts per table
 - Parity checks:
  - Table counts: jobs, triggers, leases, job_history, metrics
  - Trigger next_fire_at sampling (top 100 by tenant)
  - Determinism checks: order by next_fire_at, tenant_id, id
  - Advisory-lock contention smoke: Acquire/Release sequence on Postgres
 - Optional clean-start path: if start-clean approved, document rationale and skip Mongo counts.
 ## Results
 - Counts Mongo/Postgres:
  - Jobs: <n>/<n>
  - Triggers: <n>/<n>
  - Leases: <n>/<n>
  - Job history: <n>/<n>
  - Metrics: <n>/<n>
 - Determinism sample: pass/fail; details
 - Lock smoke: pass/fail; details
 - Issues found: <list>
 ## Verdict
 - Parity status: PASS / FAIL / START-CLEAN (approved)
 - Cutover readiness: YES/NO
 ## Next Actions
 - If PASS: mark PG-T2.9–T2.11 DONE and flip Scheduler to Postgres-only.
 - If FAIL: log defects + owners; rerun after fixes.
 - If START-CLEAN: ensure configs set to Postgres-only and document empty baseline.
--- a/docs/db/reports/vuln-parity-20251211.md
+++ b/docs/db/reports/vuln-parity-20251211.md
@@ -0,0 +1,50 @@
 # Vulnerability Parity Report · 2025-12-11
 ## Scope
 - Dual-import parity between MongoDB and PostgreSQL for Concelier vulnerability index (Sprint 3405 · PG-T5b.3–5b.6).
 - Sample size: 10k advisories + associated affected records; SBOM set: TBD (list below).
 ## Inputs
 - Mongo source: <connection / dump path>
 - Postgres target: <connection>
 - Dual-import mode: enabled/disabled (state)
 - SBOM sample set:
  - TODO: populate paths (e.g., tests/fixtures/sbom/...)
 ## Methods
 - Importers used: NVD, OSV, GHSA, vendor.
 - Comparison queries:
  - Advisory count by source
  - Affected count by PURL and version range
  - CVSS vectors/score deltas
  - KEV flags count
  - Full-text search sample (top 20 queries)
 - Matching check:
  - Run matching against SBOM set with Mongo backend
  - Run matching against SBOM set with Postgres backend
  - Diff findings: <path>
 ## Results
 - Counts:
  - Advisories Mongo: <n>
  - Advisories Postgres: <n>
  - Affected Mongo: <n>
  - Affected Postgres: <n>
  - CVSS rows Mongo/Postgres: <n>/<n>
  - KEV rows Mongo/Postgres: <n>/<n>
 - Findings parity on SBOM set:
  - Total findings Mongo/Postgres: <n>/<n>
  - Deltas: <n> (list top examples)
 - Performance snapshot:
  - Import time (Postgres): <>
  - Match time per SBOM (avg/p95): <>
 ## Verdict
 - Parity status: PASS / FAIL
 - Required fixes: <list or "none">
 - Blocking issues: <list>
 ## Next Actions
 - If PASS: proceed to PG-T5b.5 (perf tuning) and schedule PG-T5b.6 cutover window.
 - If FAIL: capture defects and owners; rerun parity after fixes.