Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism

- Implement `SbomVexOrderingDeterminismProperties` for testing component list and vulnerability metadata hash consistency. - Create `UnicodeNormalizationDeterminismProperties` to validate NFC normalization and Unicode string handling. - Add project file for `StellaOps.Testing.Determinism.Properties` with necessary dependencies. - Introduce CI/CD template validation tests including YAML syntax checks and documentation content verification. - Create validation script for CI/CD templates ensuring all required files and structures are present.
2025-12-26 15:17:15 +02:00
parent 7792749bb4
commit 907783f625
354 changed files with 79727 additions and 1346 deletions
--- a/src/AdvisoryAI/StellaOps.AdvisoryAI/Remediation/RemediationPlanRequest.cs
+++ b/src/AdvisoryAI/StellaOps.AdvisoryAI/Remediation/RemediationPlanRequest.cs
@@ -0,0 +1,85 @@
+namespace StellaOps.AdvisoryAI.Remediation;
+
+/// <summary>
+/// Type of remediation to apply.
+/// </summary>
+public enum RemediationType
+{
+    /// <summary>
+    /// Bump dependency to patched version.
+    /// </summary>
+    Bump,
+
+    /// <summary>
+    /// Upgrade base image to newer version.
+    /// </summary>
+    Upgrade,
+
+    /// <summary>
+    /// Apply configuration change to mitigate.
+    /// </summary>
+    Config,
+
+    /// <summary>
+    /// Apply backport patch.
+    /// </summary>
+    Backport,
+
+    /// <summary>
+    /// Auto-detect best remediation type.
+    /// </summary>
+    Auto
+}
+
+/// <summary>
+/// Request for generating a remediation plan.
+/// Sprint: SPRINT_20251226_016_AI_remedy_autopilot
+/// Task: REMEDY-01
+/// </summary>
+public sealed record RemediationPlanRequest
+{
+    /// <summary>
+    /// Finding ID to remediate.
+    /// </summary>
+    public required string FindingId { get; init; }
+
+    /// <summary>
+    /// Artifact digest for context.
+    /// </summary>
+    public required string ArtifactDigest { get; init; }
+
+    /// <summary>
+    /// Vulnerability ID (CVE, GHSA, etc.).
+    /// </summary>
+    public required string VulnerabilityId { get; init; }
+
+    /// <summary>
+    /// Affected component PURL.
+    /// </summary>
+    public required string ComponentPurl { get; init; }
+
+    /// <summary>
+    /// Type of remediation to apply.
+    /// </summary>
+    public RemediationType RemediationType { get; init; } = RemediationType.Auto;
+
+    /// <summary>
+    /// Repository URL for PR generation.
+    /// </summary>
+    public string? RepositoryUrl { get; init; }
+
+    /// <summary>
+    /// Target branch for PR (default: main).
+    /// </summary>
+    public string TargetBranch { get; init; } = "main";
+
+    /// <summary>
+    /// Whether to generate PR immediately.
+    /// </summary>
+    public bool AutoCreatePr { get; init; }
+
+    /// <summary>
+    /// Correlation ID for tracing.
+    /// </summary>
+    public string? CorrelationId { get; init; }
+}