stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: Add initial implementation of Vulnerability Resolver Jobs
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details

Browse Source 
- Created project for StellaOps.Scanner.Analyzers.Native.Tests with necessary dependencies.
- Documented roles and guidelines in AGENTS.md for Scheduler module.
- Implemented IResolverJobService interface and InMemoryResolverJobService for handling resolver jobs.
- Added ResolverBacklogNotifier and ResolverBacklogService for monitoring job metrics.
- Developed API endpoints for managing resolver jobs and retrieving metrics.
- Defined models for resolver job requests and responses.
- Integrated dependency injection for resolver job services.
- Implemented ImpactIndexSnapshot for persisting impact index data.
- Introduced SignalsScoringOptions for configurable scoring weights in reachability scoring.
- Added unit tests for ReachabilityScoringService and RuntimeFactsIngestionService.
- Created dotnet-filter.sh script to handle command-line arguments for dotnet.
- Established nuget-prime project for managing package downloads.
This commit is contained in:
master
2025-11-18 07:52:15 +02:00
parent e69b57d467
commit 8355e2ff75
299 changed files with 13293 additions and 2444 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/SampleStatementDigestTests.cs Normal file
View File

@@ -0,0 +1,84 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text.Json;
using FluentAssertions;
using StellaOps.Provenance.Attestation;
using Xunit;
namespace StellaOps.Provenance.Attestation.Tests;
public class SampleStatementDigestTests
{
private static readonly JsonSerializerOptions SerializerOptions = new()
{
PropertyNamingPolicy = null,
WriteIndented = false
};
private static string RepoRoot
{
get
{
var dir = AppContext.BaseDirectory;
while (!string.IsNullOrEmpty(dir))
{
var candidate = Path.Combine(dir, "samples", "provenance");
if (Directory.Exists(candidate))
{
return dir;
}
var parent = Directory.GetParent(dir);
dir = parent?.FullName ?? string.Empty;
}
throw new DirectoryNotFoundException("Could not locate repository root containing samples/provenance.");
}
}
private static IEnumerable<(string Name, BuildStatement Statement)> LoadSamples()
{
var samplesDir = Path.Combine(RepoRoot, "samples", "provenance");
foreach (var path in Directory.EnumerateFiles(samplesDir, "*.json").OrderBy(p => p, StringComparer.Ordinal))
{
var json = File.ReadAllText(path);
var statement = JsonSerializer.Deserialize<BuildStatement>(json, SerializerOptions);
if (statement is null)
{
continue;
}
yield return (Path.GetFileName(path), statement);
}
}
[Fact]
public void Sha256_hashes_match_expected_samples()
{
var expectations = new Dictionary<string, string>(StringComparer.Ordinal)
{
["build-statement-sample.json"] = "7e458d1e5ba14f72432b3f76808e95d6ed82128c775870dd8608175e6c76a374",
["export-service-statement.json"] = "3124e44f042ad6071d965b7f03bb736417640680feff65f2f0d1c5bfb2e56ec6",
["job-runner-statement.json"] = "8b8b58d12685b52ab73d5b0abf4b3866126901ede7200128f0b22456a1ceb6fc",
["orchestrator-statement.json"] = "975501f7ee7f319adb6fa88d913b227f0fa09ac062620f03bb0f2b0834c4be8a"
};
foreach (var (name, statement) in LoadSamples())
{
BuildStatementDigest.ComputeSha256Hex(statement)
.Should()
.Be(expectations[name], because: $"{name} hash must be deterministic");
}
}
[Fact]
public void Merkle_root_is_stable_across_sample_set()
{
var statements = LoadSamples().Select(pair => pair.Statement).ToArray();
BuildStatementDigest.ComputeMerkleRootHex(statements)
.Should()
.Be("e3a89fe0d08e2b16a6c7f1feb1d82d9e7ef9e8b74363bf60da64f36078d80eea");
}
}