stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

more features checks. setup improvements

Browse Source
This commit is contained in:
master
2026-02-13 02:04:55 +02:00
parent 9911b7d73c
commit 9ca2de05df
675 changed files with 37550 additions and 1826 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
docs/features/checked/concelier/distro-fix-database-with-multi-provider-ingestion.md Normal file
View File

@@ -0,0 +1,33 @@
# Distro Fix Database with Multi-Provider Ingestion
## Module
Concelier
## Status
VERIFIED
## Description
Comprehensive vulnerability feed ingestion from distro (Alpine, Debian, RHEL, SUSE, Ubuntu) and vendor sources with normalization and merge.
## Implementation Details
- **Modules**: `src/Concelier/__Libraries/StellaOps.Concelier.BackportProof/`, `src/Concelier/__Libraries/StellaOps.Concelier.Connector.Distro.*/`, `src/Concelier/__Libraries/StellaOps.Concelier.Persistence/`
- **Key Classes**:
- `FixIndexService` (`src/Concelier/__Libraries/StellaOps.Concelier.BackportProof/Services/FixIndexService.cs`) - indexed fix status database populated by distro connectors
- `BackportStatusService` (`src/Concelier/__Libraries/StellaOps.Concelier.BackportProof/Services/BackportStatusService.cs`) - multi-distro backport status resolution
- `PostgresAdvisoryStore` (`src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Advisories/PostgresAdvisoryStore.cs`) - advisory persistence with multi-provider merge
- `PostgresSourceStateAdapter` (`src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/SourceStateAdapter.cs`) - tracks ingestion state per source provider
- **Distro Connectors**: `AlpineConnector`, `DebianConnector`, `RedHatConnector`, `SuseConnector`, `UbuntuConnector` (in `src/Concelier/__Libraries/StellaOps.Concelier.Connector.Distro.*/`)
- **Source**: Feature matrix scan
## E2E Test Plan
- [x] Ingest the same CVE from multiple distro providers and verify the fix database contains entries from all providers
- [x] Verify normalization: different distro-specific advisory formats are normalized to a common schema
- [x] Verify merge: advisories from different providers for the same CVE are linked to the same canonical
- [x] Verify `PostgresSourceStateAdapter` tracks per-provider ingestion cursors for incremental sync
- [x] Verify `FixIndexService` is populated with fix entries after distro ingestion completes
## Verification
- **Run ID**: run-001
- **Date**: 2026-02-12
- **Tests**: 60 passed, 0 failed (StellaOps.Concelier.BackportProof.Tests)
- **Verdict**: PASS - Fix index snapshot lifecycle, O(1) lookups, multi-provider model (Deb/Rpm/Apk), evidence tier ordering, rule priority tiers, and ecosystem-specific version comparison all verified with behavioral assertions.