stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

save progress

Browse Source
This commit is contained in:
StellaOps Bot
2026-01-03 11:02:24 +02:00
parent ca578801fd
commit 83c37243e0
446 changed files with 22798 additions and 4031 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/Cartographer/StellaOps.Cartographer/CartographerEntryPoint.cs Normal file
View File

@@ -0,0 +1,5 @@
namespace StellaOps.Cartographer;
public sealed class CartographerEntryPoint
{
}

20
src/Cartographer/StellaOps.Cartographer/Options/CartographerAuthorityOptionsValidator.cs Normal file
View File

@@ -0,0 +1,20 @@
using Microsoft.Extensions.Options;
namespace StellaOps.Cartographer.Options;
internal sealed class CartographerAuthorityOptionsValidator : IValidateOptions<CartographerAuthorityOptions>
{
public ValidateOptionsResult Validate(string? name, CartographerAuthorityOptions options)
{
try
{
CartographerAuthorityOptionsConfigurator.ApplyDefaults(options);
options.Validate();
return ValidateOptionsResult.Success;
}
catch (Exception ex)
{
return ValidateOptionsResult.Fail(ex.Message);
}
}
}

75
src/Cartographer/StellaOps.Cartographer/Program.cs
View File

@@ -1,3 +1,8 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Diagnostics.HealthChecks;
using Microsoft.Extensions.Options;
using StellaOps.Auth.Abstractions;
using StellaOps.Auth.ServerIntegration;
using StellaOps.Cartographer.Options;
var builder = WebApplication.CreateBuilder(args);
@@ -10,17 +15,60 @@ builder.Services.AddOptions();
builder.Services.AddLogging();
var authoritySection = builder.Configuration.GetSection("Cartographer:Authority");
var authorityOptions = new CartographerAuthorityOptions();
authoritySection.Bind(authorityOptions);
builder.Services.AddOptions<CartographerAuthorityOptions>()
.Bind(authoritySection)
.PostConfigure(CartographerAuthorityOptionsConfigurator.ApplyDefaults)
.ValidateOnStart();
builder.Services.AddSingleton<IValidateOptions<CartographerAuthorityOptions>, CartographerAuthorityOptionsValidator>();
var authorityOptions = authoritySection.Get<CartographerAuthorityOptions>() ?? new CartographerAuthorityOptions();
CartographerAuthorityOptionsConfigurator.ApplyDefaults(authorityOptions);
authorityOptions.Validate();
builder.Services.AddSingleton(authorityOptions);
builder.Services.AddOptions<CartographerAuthorityOptions>()
.Bind(authoritySection)
.PostConfigure(CartographerAuthorityOptionsConfigurator.ApplyDefaults);
if (authorityOptions.Enabled)
{
builder.Services.AddStellaOpsResourceServerAuthentication(
builder.Configuration,
configurationSection: null,
configure: resourceOptions =>
{
resourceOptions.Authority = authorityOptions.Issuer;
resourceOptions.RequireHttpsMetadata = authorityOptions.RequireHttpsMetadata;
resourceOptions.MetadataAddress = authorityOptions.MetadataAddress;
resourceOptions.BackchannelTimeout = TimeSpan.FromSeconds(authorityOptions.BackchannelTimeoutSeconds);
resourceOptions.TokenClockSkew = TimeSpan.FromSeconds(authorityOptions.TokenClockSkewSeconds);
resourceOptions.Audiences.Clear();
foreach (var audience in authorityOptions.Audiences)
{
resourceOptions.Audiences.Add(audience);
}
resourceOptions.RequiredScopes.Clear();
foreach (var scope in authorityOptions.RequiredScopes)
{
resourceOptions.RequiredScopes.Add(scope);
}
});
builder.Services.AddAuthorization(options =>
{
if (authorityOptions.AllowAnonymousFallback)
{
return;
}
options.FallbackPolicy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.AddAuthenticationSchemes(StellaOpsAuthenticationDefaults.AuthenticationScheme)
.AddRequirements(new StellaOpsScopeRequirement(authorityOptions.RequiredScopes.ToArray()))
.Build();
});
}
// TODO: register Cartographer graph builders, overlay workers, and Authority client once implementations land.
builder.Services.AddHealthChecks()
.AddCheck("cartographer_ready", () => HealthCheckResult.Healthy(), tags: new[] { "ready" });
var app = builder.Build();
@@ -33,7 +81,18 @@ else if (authorityOptions.AllowAnonymousFallback)
app.Logger.LogWarning("Cartographer Authority allows anonymous fallback; disable fallback before production rollout.");
}
app.MapGet("/healthz", () => Results.Ok(new { status = "ok" }));
app.MapGet("/readyz", () => Results.Ok(new { status = "warming" }));
if (authorityOptions.Enabled)
{
app.UseAuthentication();
app.UseAuthorization();
}
app.MapHealthChecks("/healthz").AllowAnonymous();
app.MapHealthChecks("/readyz", new Microsoft.AspNetCore.Diagnostics.HealthChecks.HealthCheckOptions
{
Predicate = check => check.Tags.Contains("ready")
}).AllowAnonymous();
app.Run();
public partial class Program;

3
src/Cartographer/StellaOps.Cartographer/StellaOps.Cartographer.csproj
View File

@@ -5,7 +5,7 @@
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<LangVersion>preview</LangVersion>
<TreatWarningsAsErrors>false</TreatWarningsAsErrors>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<AspNetCoreHostingModel>InProcess</AspNetCoreHostingModel>
</PropertyGroup>
@@ -14,5 +14,6 @@
<ProjectReference Include="../../__Libraries/StellaOps.DependencyInjection/StellaOps.DependencyInjection.csproj" />
<ProjectReference Include="../../Policy/StellaOps.Policy.Engine/StellaOps.Policy.Engine.csproj" />
<ProjectReference Include="../../Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/StellaOps.Auth.Abstractions.csproj" />
<ProjectReference Include="../../Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration/StellaOps.Auth.ServerIntegration.csproj" />
</ItemGroup>
</Project>

2
src/Cartographer/StellaOps.Cartographer/TASKS.md
View File

@@ -7,4 +7,4 @@ Source of truth: `docs/implplan/SPRINT_20251229_049_BE_csproj_audit_maint_tests.
| --- | --- | --- |
| AUDIT-0134-M | DONE | Maintainability audit for StellaOps.Cartographer. |
| AUDIT-0134-T | DONE | Test coverage audit for StellaOps.Cartographer. |
| AUDIT-0134-A | TODO | Pending approval for changes. |
| AUDIT-0134-A | DONE | Applied WebService wiring, options validation, health checks, and tests. |