stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity

Add Policy DSL Validator, Schema Exporter, and Simulation Smoke tools
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details

Browse Source 
- Implemented PolicyDslValidator with command-line options for strict mode and JSON output.
- Created PolicySchemaExporter to generate JSON schemas for policy-related models.
- Developed PolicySimulationSmoke tool to validate policy simulations against expected outcomes.
- Added project files and necessary dependencies for each tool.
- Ensured proper error handling and usage instructions across tools.
This commit is contained in:
master
2025-10-27 08:00:11 +02:00
parent 651b8e0fa3
commit 96d52884e8
712 changed files with 49449 additions and 6124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

258
docs/schemas/policy-explain-trace.schema.json Normal file
View File

@@ -0,0 +1,258 @@
{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "PolicyExplainTrace",
"type": "object",
"additionalProperties": false,
"properties": {
"SchemaVersion": {
"type": "string"
},
"FindingId": {
"type": "string"
},
"PolicyId": {
"type": "string"
},
"PolicyVersion": {
"type": "integer",
"format": "int32"
},
"TenantId": {
"type": "string"
},
"RunId": {
"type": "string"
},
"EvaluatedAt": {
"type": "string",
"format": "date-time"
},
"Verdict": {
"$ref": "#/definitions/PolicyExplainVerdict"
},
"RuleChain": {
"type": "array",
"items": {
"$ref": "#/definitions/PolicyExplainRule"
}
},
"Evidence": {
"type": "array",
"items": {
"$ref": "#/definitions/PolicyExplainEvidence"
}
},
"VexImpacts": {
"type": "array",
"items": {
"$ref": "#/definitions/PolicyExplainVexImpact"
}
},
"History": {
"type": "array",
"items": {
"$ref": "#/definitions/PolicyExplainHistoryEvent"
}
},
"Metadata": {
"type": "object",
"additionalProperties": {
"type": "string"
}
}
},
"definitions": {
"PolicyExplainVerdict": {
"type": "object",
"additionalProperties": false,
"properties": {
"Status": {
"$ref": "#/definitions/PolicyVerdictStatus"
},
"Severity": {
"oneOf": [
{
"type": "null"
},
{
"$ref": "#/definitions/SeverityRank"
}
]
},
"Quiet": {
"type": "boolean"
},
"Score": {
"type": [
"null",
"number"
],
"format": "double"
},
"Rationale": {
"type": [
"null",
"string"
]
}
}
},
"PolicyVerdictStatus": {
"type": "integer",
"description": "",
"x-enumNames": [
"Passed",
"Warned",
"Blocked",
"Quieted",
"Ignored"
],
"enum": [
0,
1,
2,
3,
4
]
},
"SeverityRank": {
"type": "integer",
"description": "",
"x-enumNames": [
"None",
"Info",
"Low",
"Medium",
"High",
"Critical",
"Unknown"
],
"enum": [
0,
1,
2,
3,
4,
5,
6
]
},
"PolicyExplainRule": {
"type": "object",
"additionalProperties": false,
"properties": {
"RuleId": {
"type": "string"
},
"RuleName": {
"type": "string"
},
"Action": {
"type": "string"
},
"Decision": {
"type": "string"
},
"Score": {
"type": "number",
"format": "double"
},
"Condition": {
"type": [
"null",
"string"
]
}
}
},
"PolicyExplainEvidence": {
"type": "object",
"additionalProperties": false,
"properties": {
"Type": {
"type": "string"
},
"Reference": {
"type": "string"
},
"Source": {
"type": "string"
},
"Status": {
"type": "string"
},
"Weight": {
"type": "number",
"format": "double"
},
"Justification": {
"type": [
"null",
"string"
]
},
"Metadata": {
"type": "object",
"additionalProperties": {
"type": "string"
}
}
}
},
"PolicyExplainVexImpact": {
"type": "object",
"additionalProperties": false,
"properties": {
"StatementId": {
"type": "string"
},
"Provider": {
"type": "string"
},
"Status": {
"type": "string"
},
"Accepted": {
"type": "boolean"
},
"Justification": {
"type": [
"null",
"string"
]
},
"Confidence": {
"type": [
"null",
"string"
]
}
}
},
"PolicyExplainHistoryEvent": {
"type": "object",
"additionalProperties": false,
"properties": {
"Status": {
"type": "string"
},
"OccurredAt": {
"type": "string",
"format": "date-time"
},
"Actor": {
"type": [
"null",
"string"
]
},
"Note": {
"type": [
"null",
"string"
]
}
}
}
}
}