stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

finish secrets finding work and audit remarks work save

Browse Source
This commit is contained in:
StellaOps Bot
2026-01-04 21:48:13 +02:00
parent 75611a505f
commit 8862e112c4
157 changed files with 11702 additions and 416 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/Scanner/StellaOps.Scanner.WebService/Services/EvidenceBundleExporter.cs
View File

@@ -16,12 +16,23 @@ namespace StellaOps.Scanner.WebService.Services;
/// </summary>
public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
{
private readonly TimeProvider _timeProvider;
private static readonly JsonSerializerOptions JsonOptions = new()
{
WriteIndented = true,
PropertyNamingPolicy = JsonNamingPolicy.CamelCase
};
/// <summary>
/// Initializes a new instance of the <see cref="EvidenceBundleExporter"/> class.
/// </summary>
/// <param name="timeProvider">The time provider for deterministic timestamps. Defaults to system time if null.</param>
public EvidenceBundleExporter(TimeProvider? timeProvider = null)
{
_timeProvider = timeProvider ?? TimeProvider.System;
}
/// <inheritdoc />
public async Task<EvidenceExportResult> ExportAsync(
UnifiedEvidenceResponseDto evidence,
@@ -43,7 +54,7 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
var manifest = new ArchiveManifestDto
{
FindingId = evidence.FindingId,
GeneratedAt = DateTimeOffset.UtcNow,
GeneratedAt = _timeProvider.GetUtcNow(),
CacheKey = evidence.CacheKey ?? string.Empty,
Files = fileEntries,
ScannerVersion = null // Scanner version not directly available in manifests
@@ -136,7 +147,7 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
var findingManifest = new ArchiveManifestDto
{
FindingId = evidence.FindingId,
GeneratedAt = DateTimeOffset.UtcNow,
GeneratedAt = _timeProvider.GetUtcNow(),
CacheKey = evidence.CacheKey ?? string.Empty,
Files = fileEntries,
ScannerVersion = null
@@ -155,7 +166,7 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
var runManifest = new RunArchiveManifestDto
{
ScanId = scanId,
GeneratedAt = DateTimeOffset.UtcNow,
GeneratedAt = _timeProvider.GetUtcNow(),
Findings = findingManifests,
TotalFiles = totalFiles,
ScannerVersion = null
@@ -221,7 +232,7 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
}
}
private static string GenerateRunReadme(
private string GenerateRunReadme(
string scanId,
IReadOnlyList<UnifiedEvidenceResponseDto> findings,
IReadOnlyList<ArchiveManifestDto> manifests)
@@ -233,7 +244,7 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
sb.AppendLine();
sb.AppendLine($"- **Scan ID:** `{scanId}`");
sb.AppendLine($"- **Finding Count:** {findings.Count}");
sb.AppendLine($"- **Generated:** {DateTimeOffset.UtcNow:O}");
sb.AppendLine($"- **Generated:** {_timeProvider.GetUtcNow():O}");
sb.AppendLine();
sb.AppendLine("## Findings");
sb.AppendLine();
@@ -388,12 +399,12 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
await Task.CompletedTask.ConfigureAwait(false);
}
private static string GenerateBashReplayScript(UnifiedEvidenceResponseDto evidence)
private string GenerateBashReplayScript(UnifiedEvidenceResponseDto evidence)
{
var sb = new StringBuilder();
sb.AppendLine("#!/usr/bin/env bash");
sb.AppendLine("# StellaOps Evidence Bundle Replay Script");
sb.AppendLine($"# Generated: {DateTimeOffset.UtcNow:O}");
sb.AppendLine($"# Generated: {_timeProvider.GetUtcNow():O}");
sb.AppendLine($"# Finding: {evidence.FindingId}");
sb.AppendLine($"# CVE: {evidence.CveId}");
sb.AppendLine();
@@ -425,11 +436,11 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
return sb.ToString();
}
private static string GeneratePowerShellReplayScript(UnifiedEvidenceResponseDto evidence)
private string GeneratePowerShellReplayScript(UnifiedEvidenceResponseDto evidence)
{
var sb = new StringBuilder();
sb.AppendLine("# StellaOps Evidence Bundle Replay Script");
sb.AppendLine($"# Generated: {DateTimeOffset.UtcNow:O}");
sb.AppendLine($"# Generated: {_timeProvider.GetUtcNow():O}");
sb.AppendLine($"# Finding: {evidence.FindingId}");
sb.AppendLine($"# CVE: {evidence.CveId}");
sb.AppendLine();
@@ -461,7 +472,7 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
return sb.ToString();
}
private static string GenerateReadme(UnifiedEvidenceResponseDto evidence, List<ArchiveFileEntry> entries)
private string GenerateReadme(UnifiedEvidenceResponseDto evidence, List<ArchiveFileEntry> entries)
{
var sb = new StringBuilder();
sb.AppendLine("# StellaOps Evidence Bundle");
@@ -671,7 +682,7 @@ public sealed class EvidenceBundleExporter : IEvidenceBundleExporter
Encoding.ASCII.GetBytes(sizeOctal).CopyTo(header, 124);
// Mtime (136-147) - current time in octal
var mtime = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
var mtime = _timeProvider.GetUtcNow().ToUnixTimeSeconds();
var mtimeOctal = Convert.ToString(mtime, 8).PadLeft(11, '0');
Encoding.ASCII.GetBytes(mtimeOctal).CopyTo(header, 136);