stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

audit notes work completed, test fixes work (95% done), new sprints, new data sources setup and configuration

Browse Source
This commit is contained in:
master
2026-01-14 10:48:00 +02:00
parent d7be6ba34b
commit 95d5898650
379 changed files with 40695 additions and 19041 deletions
Download Patch File Download Diff File Expand all files Collapse all files

208
src/SbomService/__Tests/StellaOps.SbomService.Lineage.Tests/Domain/LineageModelsTests.cs Normal file
View File

@@ -0,0 +1,208 @@
using StellaOps.SbomService.Lineage.Domain;
using Xunit;
namespace StellaOps.SbomService.Lineage.Tests.Domain;
/// <summary>
/// Tests for lineage domain models.
/// </summary>
public sealed class LineageModelsTests
{
[Fact]
public void LineageNode_RequiredProperties_MustBeSet()
{
var node = new LineageNode(
ArtifactDigest: "sha256:abc123",
SbomVersionId: Guid.NewGuid(),
SequenceNumber: 1,
CreatedAt: DateTimeOffset.UtcNow,
Metadata: null);
Assert.Equal("sha256:abc123", node.ArtifactDigest);
Assert.Equal(1, node.SequenceNumber);
}
[Fact]
public void LineageNode_WithMetadata_ContainsLabels()
{
var metadata = new LineageNodeMetadata(
ImageReference: "myregistry.io/app:v1",
Repository: "myorg/app",
Tag: "v1.0.0",
CommitSha: "abc123def456",
Labels: new Dictionary<string, string> { ["env"] = "prod" });
var node = new LineageNode(
ArtifactDigest: "sha256:metadata",
SbomVersionId: null,
SequenceNumber: 2,
CreatedAt: DateTimeOffset.UtcNow,
Metadata: metadata);
Assert.NotNull(node.Metadata);
Assert.Equal("myregistry.io/app:v1", node.Metadata.ImageReference);
Assert.Equal("prod", node.Metadata.Labels!["env"]);
}
[Fact]
public void LineageEdge_RequiredProperties_MustBeSet()
{
var edge = new LineageEdge(
Id: Guid.NewGuid(),
ParentDigest: "sha256:parent",
ChildDigest: "sha256:child",
Relationship: LineageRelationship.Parent,
TenantId: Guid.NewGuid(),
CreatedAt: DateTimeOffset.UtcNow);
Assert.Equal("sha256:parent", edge.ParentDigest);
Assert.Equal("sha256:child", edge.ChildDigest);
Assert.Equal(LineageRelationship.Parent, edge.Relationship);
}
[Theory]
[InlineData(LineageRelationship.Parent)]
[InlineData(LineageRelationship.Build)]
[InlineData(LineageRelationship.Base)]
public void LineageRelationship_AllValues_AreValid(LineageRelationship relationship)
{
var edge = new LineageEdge(
Id: Guid.NewGuid(),
ParentDigest: "sha256:p",
ChildDigest: "sha256:c",
Relationship: relationship,
TenantId: Guid.NewGuid(),
CreatedAt: DateTimeOffset.UtcNow);
Assert.Equal(relationship, edge.Relationship);
}
[Fact]
public void LineageGraph_ContainsNodesAndEdges()
{
var nodes = new List<LineageNode>
{
new("sha256:root", null, 1, DateTimeOffset.UtcNow, null),
new("sha256:child", null, 2, DateTimeOffset.UtcNow, null)
};
var edges = new List<LineageEdge>
{
new(Guid.NewGuid(), "sha256:root", "sha256:child", LineageRelationship.Parent, Guid.NewGuid(), DateTimeOffset.UtcNow)
};
var graph = new LineageGraph(nodes, edges);
Assert.Equal(2, graph.Nodes.Count);
Assert.Single(graph.Edges);
}
[Fact]
public void VexDelta_RequiredProperties_MustBeSet()
{
var delta = new VexDelta(
Id: Guid.NewGuid(),
TenantId: Guid.NewGuid(),
FromArtifactDigest: "sha256:from",
ToArtifactDigest: "sha256:to",
Cve: "CVE-2026-0001",
FromStatus: VexStatus.Affected,
ToStatus: VexStatus.Fixed,
Rationale: new VexDeltaRationale("Patched", ["commit:abc"], null),
ReplayHash: "blake3:replay",
AttestationDigest: "sha256:attest",
CreatedAt: DateTimeOffset.UtcNow);
Assert.Equal("CVE-2026-0001", delta.Cve);
Assert.Equal(VexStatus.Affected, delta.FromStatus);
Assert.Equal(VexStatus.Fixed, delta.ToStatus);
}
[Theory]
[InlineData(VexStatus.Unknown)]
[InlineData(VexStatus.UnderInvestigation)]
[InlineData(VexStatus.Affected)]
[InlineData(VexStatus.NotAffected)]
[InlineData(VexStatus.Fixed)]
public void VexStatus_AllValues_AreValid(VexStatus status)
{
var delta = new VexDelta(
Id: Guid.NewGuid(),
TenantId: Guid.NewGuid(),
FromArtifactDigest: "sha256:f",
ToArtifactDigest: "sha256:t",
Cve: "CVE-2026-0002",
FromStatus: status,
ToStatus: status,
Rationale: new VexDeltaRationale("test", [], null),
ReplayHash: "blake3:test",
AttestationDigest: null,
CreatedAt: DateTimeOffset.UtcNow);
Assert.Equal(status, delta.FromStatus);
}
[Fact]
public void VexDeltaRationale_WithEvidencePointers_ContainsEvidence()
{
var rationale = new VexDeltaRationale(
Reason: "Vulnerability patched in upstream",
EvidencePointers: [
"commit:abc123",
"advisory:DSA-1234",
"proof:blake3:xyz"
],
Metadata: new Dictionary<string, string>
{
["confidence"] = "0.95",
["source"] = "oval"
});
Assert.Equal(3, rationale.EvidencePointers.Count);
Assert.Contains("commit:abc123", rationale.EvidencePointers);
Assert.Equal("0.95", rationale.Metadata!["confidence"]);
}
[Fact]
public void SbomVerdictLink_RequiredProperties_MustBeSet()
{
var link = new SbomVerdictLink(
SbomVersionId: Guid.NewGuid(),
Cve: "CVE-2026-0003",
ConsensusProjectionId: Guid.NewGuid(),
VerdictStatus: VexStatus.NotAffected,
ConfidenceScore: 0.92m,
TenantId: Guid.NewGuid(),
LinkedAt: DateTimeOffset.UtcNow);
Assert.Equal("CVE-2026-0003", link.Cve);
Assert.Equal(VexStatus.NotAffected, link.VerdictStatus);
Assert.Equal(0.92m, link.ConfidenceScore);
}
[Fact]
public void LineageQueryOptions_DefaultValues_AreSet()
{
var options = new LineageQueryOptions();
Assert.Equal(10, options.MaxDepth);
Assert.True(options.IncludeVerdicts);
Assert.True(options.IncludeBadges);
Assert.False(options.IncludeReachability);
}
[Fact]
public void LineageQueryOptions_CanBeCustomized()
{
var options = new LineageQueryOptions(
MaxDepth: 5,
IncludeVerdicts: false,
IncludeBadges: false,
IncludeReachability: true);
Assert.Equal(5, options.MaxDepth);
Assert.False(options.IncludeVerdicts);
Assert.False(options.IncludeBadges);
Assert.True(options.IncludeReachability);
}
}

31
src/SbomService/__Tests/StellaOps.SbomService.Lineage.Tests/StellaOps.SbomService.Lineage.Tests.csproj Normal file
View File

@@ -0,0 +1,31 @@
<?xml version="1.0" encoding="utf-8"?>
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net10.0</TargetFramework>
<Nullable>enable</Nullable>
<ImplicitUsings>enable</ImplicitUsings>
<LangVersion>preview</LangVersion>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<IsPackable>false</IsPackable>
<OutputType>Exe</OutputType>
<UseXunitV3>true</UseXunitV3>
</PropertyGroup>
<ItemGroup>
<Using Include="Xunit" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.Caching.Abstractions" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" />
<PackageReference Include="Moq" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\__Libraries\StellaOps.SbomService.Lineage\StellaOps.SbomService.Lineage.csproj" />
</ItemGroup>
<ItemGroup>
<Content Include="xunit.runner.json" CopyToOutputDirectory="PreserveNewest" />
</ItemGroup>
</Project>

7
src/SbomService/__Tests/StellaOps.SbomService.Lineage.Tests/xunit.runner.json Normal file
View File

@@ -0,0 +1,7 @@
{
"$schema": "https://xunit.net/schema/current/xunit.runner.schema.json",
"diagnosticMessages": true,
"parallelizeAssembly": true,
"parallelizeTestCollections": true,
"maxParallelThreads": -1
}