Frontend gaps fill work. Testing fixes work. Auditing in progress.

2025-12-30 01:22:58 +02:00
parent 1dc4bcbf10
commit 7a5210e2aa
928 changed files with 183942 additions and 3941 deletions
--- a/src/__Tests/Tools/FixtureHarvester/Program.cs
+++ b/src/__Tests/Tools/FixtureHarvester/Program.cs
@@ -67,9 +67,98 @@ internal static class Program
        regenCommand.AddOption(regenConfirmOption);
        regenCommand.SetHandler(RegenCommand.ExecuteAsync, regenFixtureOption, regenAllOption, regenConfirmOption);

+        // OCI Pin command (FH-004)
+        var ociPinCommand = new Command("oci-pin", "Pin OCI image digests for deterministic testing");
+        var ociImageOption = new Option<string>(
+            "--image",
+            description: "Image reference (e.g., alpine:3.19, myregistry.io/app:v1)") { IsRequired = true };
+        var ociOutputOption = new Option<string>(
+            "--output",
+            description: "Output directory",
+            getDefaultValue: () => "src/__Tests/fixtures/oci");
+        var ociVerifyOption = new Option<bool>(
+            "--verify",
+            description: "Verify digest by re-fetching manifest",
+            getDefaultValue: () => true);
+
+        ociPinCommand.AddOption(ociImageOption);
+        ociPinCommand.AddOption(ociOutputOption);
+        ociPinCommand.AddOption(ociVerifyOption);
+        ociPinCommand.SetHandler(OciPinCommand.ExecuteAsync, ociImageOption, ociOutputOption, ociVerifyOption);
+
+        // Feed Snapshot command (FH-005)
+        var feedSnapshotCommand = new Command("feed-snapshot", "Capture vulnerability feed snapshots");
+        var feedTypeOption = new Option<string>(
+            "--feed",
+            description: "Feed type: osv, ghsa, nvd, epss, kev, oval") { IsRequired = true };
+        var feedUrlOption = new Option<string>(
+            "--url",
+            description: "Concelier base URL",
+            getDefaultValue: () => "http://localhost:5010");
+        var feedCountOption = new Option<int>(
+            "--count",
+            description: "Number of advisories to capture",
+            getDefaultValue: () => 30);
+        var feedOutputOption = new Option<string>(
+            "--output",
+            description: "Output directory",
+            getDefaultValue: () => "src/__Tests/fixtures/feeds");
+
+        feedSnapshotCommand.AddOption(feedTypeOption);
+        feedSnapshotCommand.AddOption(feedUrlOption);
+        feedSnapshotCommand.AddOption(feedCountOption);
+        feedSnapshotCommand.AddOption(feedOutputOption);
+        feedSnapshotCommand.SetHandler(FeedSnapshotCommand.ExecuteAsync, feedTypeOption, feedUrlOption, feedCountOption, feedOutputOption);
+
+        // VEX Source command (FH-006)
+        var vexSourceCommand = new Command("vex", "Acquire OpenVEX and CSAF samples");
+        var vexSourceArg = new Argument<string>(
+            "source",
+            description: "Source name (list, all, openvex-examples, csaf-redhat, alpine-secdb) or 'list' to see all");
+        var vexCustomUrlOption = new Option<string>(
+            "--url",
+            description: "Custom VEX document URL");
+        var vexOutputOption = new Option<string>(
+            "--output",
+            description: "Output directory",
+            getDefaultValue: () => "src/__Tests/fixtures/vex");
+
+        vexSourceCommand.AddArgument(vexSourceArg);
+        vexSourceCommand.AddOption(vexCustomUrlOption);
+        vexSourceCommand.AddOption(vexOutputOption);
+        vexSourceCommand.SetHandler(VexSourceCommand.ExecuteAsync, vexSourceArg, vexCustomUrlOption, vexOutputOption);
+
+        // SBOM Golden command (FH-007)
+        var sbomGoldenCommand = new Command("sbom-golden", "Generate SBOM golden fixtures from container images");
+        var sbomImageArg = new Argument<string>(
+            "image",
+            description: "Image key (list, all, alpine-minimal, debian-slim, distroless-static) or custom image ref");
+        var sbomFormatOption = new Option<string>(
+            "--format",
+            description: "SBOM format: cyclonedx, spdx",
+            getDefaultValue: () => "cyclonedx");
+        var sbomScannerOption = new Option<string>(
+            "--scanner",
+            description: "Scanner tool: syft, trivy",
+            getDefaultValue: () => "syft");
+        var sbomOutputOption = new Option<string>(
+            "--output",
+            description: "Output directory",
+            getDefaultValue: () => "src/__Tests/fixtures/sbom");
+
+        sbomGoldenCommand.AddArgument(sbomImageArg);
+        sbomGoldenCommand.AddOption(sbomFormatOption);
+        sbomGoldenCommand.AddOption(sbomScannerOption);
+        sbomGoldenCommand.AddOption(sbomOutputOption);
+        sbomGoldenCommand.SetHandler(SbomGoldenCommand.ExecuteAsync, sbomImageArg, sbomFormatOption, sbomScannerOption, sbomOutputOption);
+
        rootCommand.AddCommand(harvestCommand);
        rootCommand.AddCommand(validateCommand);
        rootCommand.AddCommand(regenCommand);
+        rootCommand.AddCommand(ociPinCommand);
+        rootCommand.AddCommand(feedSnapshotCommand);
+        rootCommand.AddCommand(vexSourceCommand);
+        rootCommand.AddCommand(sbomGoldenCommand);

        return await rootCommand.InvokeAsync(args);
    }