stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

feat: Add VEX Lens CI and Load Testing Plan
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Details

Browse Source 
- Introduced a comprehensive CI job structure for VEX Lens, including build, test, linting, and load testing.
- Defined load test parameters and SLOs for VEX Lens API and Issuer Directory.
- Created Grafana dashboards and alerting mechanisms for monitoring API performance and error rates.
- Established offline posture guidelines for CI jobs and load testing.

feat: Implement deterministic projection verification script

- Added `verify_projection.sh` script for verifying the integrity of projection exports against expected hashes.
- Ensured robust error handling for missing files and hash mismatches.

feat: Develop Vuln Explorer CI and Ops Plan

- Created CI jobs for Vuln Explorer, including build, test, and replay verification.
- Implemented backup and disaster recovery strategies for MongoDB and Redis.
- Established Merkle anchoring verification and automation for ledger projector.

feat: Introduce EventEnvelopeHasher for hashing event envelopes

- Implemented `EventEnvelopeHasher` to compute SHA256 hashes for event envelopes.

feat: Add Risk Store and Dashboard components

- Developed `RiskStore` for managing risk data and state.
- Created `RiskDashboardComponent` for displaying risk profiles with filtering capabilities.
- Implemented unit tests for `RiskStore` and `RiskDashboardComponent`.

feat: Enhance Vulnerability Detail Component

- Developed `VulnerabilityDetailComponent` for displaying detailed information about vulnerabilities.
- Implemented error handling for missing vulnerability IDs and loading failures.
This commit is contained in:
StellaOps Bot
2025-12-02 07:18:28 +02:00
parent 44171930ff
commit 885ce86af4
83 changed files with 2090 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
ops/devops/docker/verify_health_endpoints.sh Normal file
View File

@@ -0,0 +1,70 @@
#!/usr/bin/env bash
# Smoke-check /health and capability endpoints for a built image (DOCKER-44-003)
# Usage: ./verify_health_endpoints.sh <image-ref> [port]
# Requires: docker, curl or wget
set -euo pipefail
IMAGE=${1:?"image ref required"}
PORT=${2:-8080}
CONTAINER_NAME="healthcheck-$$"
TIMEOUT=30
SLEEP=1
have_curl=1
if ! command -v curl >/dev/null 2>&1; then
have_curl=0
fi
req() {
local path=$1
local url="http://127.0.0.1:${PORT}${path}"
if [[ $have_curl -eq 1 ]]; then
curl -fsS --max-time 3 "$url" >/dev/null
else
wget -qO- --timeout=3 "$url" >/dev/null
fi
}
cleanup() {
docker rm -f "$CONTAINER_NAME" >/dev/null 2>&1 || true
}
trap cleanup EXIT
echo "[info] starting container ${IMAGE} on port ${PORT}" >&2
cleanup
if ! docker run -d --rm --name "$CONTAINER_NAME" -p "${PORT}:${PORT}" "$IMAGE" >/dev/null; then
echo "[error] failed to start image ${IMAGE}" >&2
exit 1
fi
# wait for readiness
start=$(date +%s)
while true; do
if req /health/liveness 2>/dev/null; then break; fi
now=$(date +%s)
if (( now - start > TIMEOUT )); then
echo "[error] liveness endpoint did not come up in ${TIMEOUT}s" >&2
exit 1
fi
sleep $SLEEP
done
# verify endpoints
fail=0
for path in /health/liveness /health/readiness /version /metrics; do
if ! req "$path"; then
echo "[error] missing or failing ${path}" >&2
fail=1
fi
done
# capability endpoint optional; if present ensure merge=false for Concelier/Excititor
if req /capabilities 2>/dev/null; then
body="$(curl -fsS "http://127.0.0.1:${PORT}/capabilities" 2>/dev/null || true)"
if echo "$body" | grep -q '"merge"[[:space:]]*:[[:space:]]*false'; then
:
else
echo "[warn] /capabilities present but merge flag not false" >&2
fi
fi
exit $fail