docs: add parity report templates for vulnerabilities and scheduler
This commit is contained in:
StellaOps Bot
44
docs/db/reports/scheduler-parity-20251214.md
Normal file
44
docs/db/reports/scheduler-parity-20251214.md
Normal file
@@ -0,0 +1,44 @@
|
||||
# Scheduler Parity Report · 2025-12-14
|
||||
|
||||
## Scope
|
||||
- Backfill and parity verification for Scheduler (Sprint 3402 · PG-T2.9–T2.11).
|
||||
- Compare MongoDB source vs PostgreSQL target for job/trigger/lease history.
|
||||
|
||||
## Inputs
|
||||
- Mongo snapshot: <path or connection string>
|
||||
- Postgres target: <connection>
|
||||
- Backfill tool: `Scheduler.Backfill` (version/hash)
|
||||
- Config: `Persistence:Scheduler=Postgres` after backfill? yes/no
|
||||
|
||||
## Methods
|
||||
- Backfill steps:
|
||||
1) Restore Mongo snapshot (if applicable)
|
||||
2) Run Scheduler.Backfill CLI
|
||||
3) Capture logs and row counts per table
|
||||
- Parity checks:
|
||||
- Table counts: jobs, triggers, leases, job_history, metrics
|
||||
- Trigger next_fire_at sampling (top 100 by tenant)
|
||||
- Determinism checks: order by next_fire_at, tenant_id, id
|
||||
- Advisory-lock contention smoke: Acquire/Release sequence on Postgres
|
||||
- Optional clean-start path: if start-clean approved, document rationale and skip Mongo counts.
|
||||
|
||||
## Results
|
||||
- Counts Mongo/Postgres:
|
||||
- Jobs: <n>/<n>
|
||||
- Triggers: <n>/<n>
|
||||
- Leases: <n>/<n>
|
||||
- Job history: <n>/<n>
|
||||
- Metrics: <n>/<n>
|
||||
- Determinism sample: pass/fail; details
|
||||
- Lock smoke: pass/fail; details
|
||||
- Issues found: <list>
|
||||
|
||||
## Verdict
|
||||
- Parity status: PASS / FAIL / START-CLEAN (approved)
|
||||
- Cutover readiness: YES/NO
|
||||
|
||||
## Next Actions
|
||||
- If PASS: mark PG-T2.9–T2.11 DONE and flip Scheduler to Postgres-only.
|
||||
- If FAIL: log defects + owners; rerun after fixes.
|
||||
- If START-CLEAN: ensure configs set to Postgres-only and document empty baseline.
|
||||
|
||||
50
docs/db/reports/vuln-parity-20251211.md
Normal file
50
docs/db/reports/vuln-parity-20251211.md
Normal file
@@ -0,0 +1,50 @@
|
||||
# Vulnerability Parity Report · 2025-12-11
|
||||
|
||||
## Scope
|
||||
- Dual-import parity between MongoDB and PostgreSQL for Concelier vulnerability index (Sprint 3405 · PG-T5b.3–5b.6).
|
||||
- Sample size: 10k advisories + associated affected records; SBOM set: TBD (list below).
|
||||
|
||||
## Inputs
|
||||
- Mongo source: <connection / dump path>
|
||||
- Postgres target: <connection>
|
||||
- Dual-import mode: enabled/disabled (state)
|
||||
- SBOM sample set:
|
||||
- TODO: populate paths (e.g., tests/fixtures/sbom/...)
|
||||
|
||||
## Methods
|
||||
- Importers used: NVD, OSV, GHSA, vendor.
|
||||
- Comparison queries:
|
||||
- Advisory count by source
|
||||
- Affected count by PURL and version range
|
||||
- CVSS vectors/score deltas
|
||||
- KEV flags count
|
||||
- Full-text search sample (top 20 queries)
|
||||
- Matching check:
|
||||
- Run matching against SBOM set with Mongo backend
|
||||
- Run matching against SBOM set with Postgres backend
|
||||
- Diff findings: <path>
|
||||
|
||||
## Results
|
||||
- Counts:
|
||||
- Advisories Mongo: <n>
|
||||
- Advisories Postgres: <n>
|
||||
- Affected Mongo: <n>
|
||||
- Affected Postgres: <n>
|
||||
- CVSS rows Mongo/Postgres: <n>/<n>
|
||||
- KEV rows Mongo/Postgres: <n>/<n>
|
||||
- Findings parity on SBOM set:
|
||||
- Total findings Mongo/Postgres: <n>/<n>
|
||||
- Deltas: <n> (list top examples)
|
||||
- Performance snapshot:
|
||||
- Import time (Postgres): <>
|
||||
- Match time per SBOM (avg/p95): <>
|
||||
|
||||
## Verdict
|
||||
- Parity status: PASS / FAIL
|
||||
- Required fixes: <list or "none">
|
||||
- Blocking issues: <list>
|
||||
|
||||
## Next Actions
|
||||
- If PASS: proceed to PG-T5b.5 (perf tuning) and schedule PG-T5b.6 cutover window.
|
||||
- If FAIL: capture defects and owners; rerun parity after fixes.
|
||||
|
||||
Reference in New Issue
Block a user