feat: Add initial implementation of Vulnerability Resolver Jobs

- Created project for StellaOps.Scanner.Analyzers.Native.Tests with necessary dependencies. - Documented roles and guidelines in AGENTS.md for Scheduler module. - Implemented IResolverJobService interface and InMemoryResolverJobService for handling resolver jobs. - Added ResolverBacklogNotifier and ResolverBacklogService for monitoring job metrics. - Developed API endpoints for managing resolver jobs and retrieving metrics. - Defined models for resolver job requests and responses. - Integrated dependency injection for resolver job services. - Implemented ImpactIndexSnapshot for persisting impact index data. - Introduced SignalsScoringOptions for configurable scoring weights in reachability scoring. - Added unit tests for ReachabilityScoringService and RuntimeFactsIngestionService. - Created dotnet-filter.sh script to handle command-line arguments for dotnet. - Established nuget-prime project for managing package downloads.
2025-11-18 07:52:15 +02:00
parent e69b57d467
commit 8355e2ff75
299 changed files with 13293 additions and 2444 deletions
--- a/src/Scheduler/StellaOps.Scheduler.WebService/PolicySimulations/PolicySimulationEndpointExtensions.cs
+++ b/src/Scheduler/StellaOps.Scheduler.WebService/PolicySimulations/PolicySimulationEndpointExtensions.cs
@@ -25,6 +25,7 @@ internal static class PolicySimulationEndpointExtensions
        group.MapGet("/{simulationId}/stream", StreamSimulationAsync);
        group.MapGet("/metrics", GetMetricsAsync);
        group.MapPost("/", CreateSimulationAsync);
+        group.MapPost("/preview", PreviewSimulationAsync);
        group.MapPost("/{simulationId}/cancel", CancelSimulationAsync);
        group.MapPost("/{simulationId}/retry", RetrySimulationAsync);
    }
@@ -198,6 +199,75 @@ internal static class PolicySimulationEndpointExtensions
        }
    }

+    private static async Task<IResult> PreviewSimulationAsync(
+        HttpContext httpContext,
+        PolicySimulationCreateRequest request,
+        [FromServices] ITenantContextAccessor tenantAccessor,
+        [FromServices] IScopeAuthorizer scopeAuthorizer,
+        [FromServices] IPolicyRunService policyRunService,
+        CancellationToken cancellationToken)
+    {
+        try
+        {
+            scopeAuthorizer.EnsureScope(httpContext, Scope);
+            var tenant = tenantAccessor.GetTenant(httpContext);
+            var actor = SchedulerEndpointHelpers.ResolveActorId(httpContext);
+
+            if (string.IsNullOrWhiteSpace(request.PolicyId))
+            {
+                throw new ValidationException("policyId must be provided.");
+            }
+
+            if (request.PolicyVersion is null || request.PolicyVersion <= 0)
+            {
+                throw new ValidationException("policyVersion must be provided and greater than zero.");
+            }
+
+            var normalizedMetadata = NormalizeMetadata(request.Metadata);
+            var inputs = request.Inputs ?? PolicyRunInputs.Empty;
+
+            var policyRequest = new PolicyRunRequest(
+                tenant.TenantId,
+                request.PolicyId,
+                PolicyRunMode.Simulate,
+                inputs,
+                request.Priority,
+                runId: null,
+                policyVersion: request.PolicyVersion,
+                requestedBy: actor,
+                queuedAt: null,
+                correlationId: request.CorrelationId,
+                metadata: normalizedMetadata);
+
+            var status = await policyRunService
+                .EnqueueAsync(tenant.TenantId, policyRequest, cancellationToken)
+                .ConfigureAwait(false);
+
+            var preview = new
+            {
+                candidates = inputs.Targets?.Count ?? 0,
+                estimatedRuns = inputs.Targets?.Count ?? 0,
+                message = "preview pending execution; actual diff will be available once job starts"
+            };
+
+            return Results.Created(
+                $"/api/v1/scheduler/policies/simulations/{status.RunId}",
+                new { simulation = new PolicySimulationResponse(status), preview });
+        }
+        catch (UnauthorizedAccessException ex)
+        {
+            return Results.Json(new { error = ex.Message }, statusCode: StatusCodes.Status401Unauthorized);
+        }
+        catch (InvalidOperationException ex)
+        {
+            return Results.Json(new { error = ex.Message }, statusCode: StatusCodes.Status403Forbidden);
+        }
+        catch (ValidationException ex)
+        {
+            return Results.BadRequest(new { error = ex.Message });
+        }
+    }
+
    private static async Task<IResult> CancelSimulationAsync(
        HttpContext httpContext,
        string simulationId,