release orchestrator v1 draft and build fixes

src/Excititor/__Libraries/StellaOps.Excititor.Core/AutoVex/AutoVexDowngradeService.cs

@@ -423,19 +423,22 @@ public sealed class AutoVexDowngradeService : IAutoVexDowngradeService
     private readonly IVulnerableSymbolCorrelator _correlator;
     private readonly IVexDowngradeGenerator _generator;
     private readonly AutoVexDowngradeOptions _defaultOptions;
+    private readonly TimeProvider _timeProvider;
 
     public AutoVexDowngradeService(
         ILogger<AutoVexDowngradeService> logger,
         IHotSymbolQueryService hotSymbolService,
         IVulnerableSymbolCorrelator correlator,
         IVexDowngradeGenerator generator,
-        IOptions<AutoVexDowngradeOptions>? options = null)
+        IOptions<AutoVexDowngradeOptions>? options = null,
+        TimeProvider? timeProvider = null)
     {
         _logger = logger ?? throw new ArgumentNullException(nameof(logger));
         _hotSymbolService = hotSymbolService ?? throw new ArgumentNullException(nameof(hotSymbolService));
         _correlator = correlator ?? throw new ArgumentNullException(nameof(correlator));
         _generator = generator ?? throw new ArgumentNullException(nameof(generator));
         _defaultOptions = options?.Value ?? new AutoVexDowngradeOptions();
+        _timeProvider = timeProvider ?? TimeProvider.System;
     }
 
     /// <inheritdoc />
@@ -543,7 +546,7 @@ public sealed class AutoVexDowngradeService : IAutoVexDowngradeService
         CancellationToken cancellationToken = default)
     {
         var effectiveOptions = options ?? _defaultOptions;
-        var processedAt = DateTimeOffset.UtcNow;
+        var processedAt = _timeProvider.GetUtcNow();
 
         _logger.LogInformation("Processing auto-VEX downgrade for image {ImageDigest}", imageDigest);
 

src/Excititor/__Libraries/StellaOps.Excititor.Core/Evidence/PortableEvidenceBundleBuilder.cs

@@ -10,6 +10,7 @@ using System.Text.Json;
 using System.Text.Json.Serialization;
 using System.Threading;
 using System.Threading.Tasks;
+using StellaOps.Determinism;
 
 namespace StellaOps.Excititor.Core.Evidence;
 
@@ -106,6 +107,15 @@ public sealed class PortableEvidenceBundleBuilder : IPortableEvidenceBundleBuild
         DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull,
     };
 
+    private readonly TimeProvider _timeProvider;
+    private readonly IGuidProvider _guidProvider;
+
+    public PortableEvidenceBundleBuilder(TimeProvider? timeProvider = null, IGuidProvider? guidProvider = null)
+    {
+        _timeProvider = timeProvider ?? TimeProvider.System;
+        _guidProvider = guidProvider ?? SystemGuidProvider.Instance;
+    }
+
     public Task<PortableEvidenceBundleResult> BuildAsync(
         PortableEvidenceBundleRequest request,
         CancellationToken cancellationToken)
@@ -113,7 +123,7 @@ public sealed class PortableEvidenceBundleBuilder : IPortableEvidenceBundleBuild
         ArgumentNullException.ThrowIfNull(request);
         ArgumentNullException.ThrowIfNull(request.Manifest);
 
-        var createdAt = DateTimeOffset.UtcNow;
+        var createdAt = _timeProvider.GetUtcNow();
         var bundleId = GenerateBundleId(request.Tenant, createdAt);
 
         using var memoryStream = new MemoryStream();
@@ -166,11 +176,11 @@ public sealed class PortableEvidenceBundleBuilder : IPortableEvidenceBundleBuild
             verification));
     }
 
-    private static string GenerateBundleId(string tenant, DateTimeOffset timestamp)
+    private string GenerateBundleId(string tenant, DateTimeOffset timestamp)
     {
         var normalizedTenant = string.IsNullOrWhiteSpace(tenant) ? "default" : tenant.Trim().ToLowerInvariant();
         var date = timestamp.ToString("yyyyMMdd-HHmmss", CultureInfo.InvariantCulture);
-        var randomSuffix = Guid.NewGuid().ToString("N")[..8];
+        var randomSuffix = _guidProvider.NewGuid().ToString("N")[..8];
         return $"portable-evidence:{normalizedTenant}:{date}:{randomSuffix}";
     }
 

src/Excititor/__Libraries/StellaOps.Excititor.Core/Lattice/ClaimScoreMerger.cs

@@ -20,15 +20,18 @@ public sealed class ClaimScoreMerger
     private readonly ClaimScoreCalculator _calculator;
     private readonly TrustWeights _weights;
     private readonly double _conflictPenalty;
+    private readonly TimeProvider _timeProvider;
 
     public ClaimScoreMerger(
         ClaimScoreCalculator calculator,
         TrustWeights? weights = null,
-        double conflictPenalty = 0.25)
+        double conflictPenalty = 0.25,
+        TimeProvider? timeProvider = null)
     {
         _calculator = calculator ?? throw new ArgumentNullException(nameof(calculator));
         _weights = weights ?? TrustWeights.Default;
         _conflictPenalty = NormalizePenalty(conflictPenalty);
+        _timeProvider = timeProvider ?? TimeProvider.System;
     }
 
     /// <summary>
@@ -48,7 +51,7 @@ public sealed class ClaimScoreMerger
                 AllClaims = ImmutableArray<ScoredClaim>.Empty,
                 HasConflict = false,
                 ConflictPenaltyApplied = 0.0,
-                MergeTimestampUtc = DateTime.UtcNow
+                MergeTimestampUtc = _timeProvider.GetUtcNow().UtcDateTime
             };
         }
 
@@ -74,13 +77,13 @@ public sealed class ClaimScoreMerger
             AllClaims = sorted,
             HasConflict = hasConflict,
             ConflictPenaltyApplied = hasConflict ? _conflictPenalty : 0.0,
-            MergeTimestampUtc = DateTime.UtcNow
+            MergeTimestampUtc = _timeProvider.GetUtcNow().UtcDateTime
         };
     }
 
     private ImmutableArray<ScoredClaim> ScoreClaims(ImmutableArray<ClaimWithContext> claimsWithContext)
     {
-        var cutoff = DateTimeOffset.UtcNow;
+        var cutoff = _timeProvider.GetUtcNow();
 
         return claimsWithContext.Select(cwc =>
         {

src/Excititor/__Libraries/StellaOps.Excititor.Core/StellaOps.Excititor.Core.csproj

@@ -22,5 +22,6 @@
     <ProjectReference Include="../../../Concelier/__Libraries/StellaOps.Concelier.RawModels/StellaOps.Concelier.RawModels.csproj" />
     <ProjectReference Include="../../../__Libraries/StellaOps.Ingestion.Telemetry/StellaOps.Ingestion.Telemetry.csproj" />
     <ProjectReference Include="../../../Policy/__Libraries/StellaOps.Policy/StellaOps.Policy.csproj" />
+    <ProjectReference Include="../../../__Libraries/StellaOps.Determinism.Abstractions/StellaOps.Determinism.Abstractions.csproj" />
   </ItemGroup>
 </Project>

src/Excititor/__Tests/StellaOps.Excititor.Core.UnitTests/StellaOps.Excititor.Core.UnitTests.csproj

@@ -12,9 +12,7 @@
   <ItemGroup>
     <ProjectReference Include="../../__Libraries/StellaOps.Excititor.Core/StellaOps.Excititor.Core.csproj" />
     <ProjectReference Include="../../__Libraries/StellaOps.Excititor.Attestation/StellaOps.Excititor.Attestation.csproj" />
-    <PackageReference Include="FluentAssertions" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" />
-    <PackageReference Include="xunit.v3" />
+    <PackageReference Include="FluentAssertions" />    <PackageReference Include="xunit.v3" />
     <PackageReference Include="xunit.runner.visualstudio" PrivateAssets="all" />
     <ProjectReference Include="../../__Libraries/StellaOps.Excititor.Persistence/StellaOps.Excititor.Persistence.csproj" />
     <ProjectReference Include="../../StellaOps.Excititor.WebService/StellaOps.Excititor.WebService.csproj" />