stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

up
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Policy Simulation / policy-simulate (push) Has been cancelled
Details
SDK Publish & Sign / sdk-publish (push) Has been cancelled
Details
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
devportal-offline / build-offline (push) Has been cancelled
Details

Browse Source
This commit is contained in:
StellaOps Bot
2025-11-25 22:09:44 +02:00
parent 6bee1fdcf5
commit 9f6e6f7fb3
116 changed files with 4495 additions and 730 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
ops/devops/signals/Dockerfile Normal file
View File

@@ -0,0 +1,22 @@
# syntax=docker/dockerfile:1.7
ARG DOTNET_VERSION=10.0
ARG RUNTIME_IMAGE=mcr.microsoft.com/dotnet/aspnet:${DOTNET_VERSION}-rc-alpine
ARG SDK_IMAGE=mcr.microsoft.com/dotnet/sdk:${DOTNET_VERSION}-rc-alpine
FROM ${SDK_IMAGE} AS build
WORKDIR /src
COPY nuget.config nuget.config
COPY src/Signals/StellaOps.Signals/StellaOps.Signals.csproj src/Signals/StellaOps.Signals/
COPY src/Signals/StellaOps.Signals.sln src/Signals/
RUN dotnet restore src/Signals/StellaOps.Signals/StellaOps.Signals.csproj --configfile nuget.config
COPY src/Signals/ src/Signals/
RUN dotnet publish src/Signals/StellaOps.Signals/StellaOps.Signals.csproj -c Release -o /app/publish --no-restore
FROM ${RUNTIME_IMAGE} AS final
WORKDIR /app
ENV ASPNETCORE_URLS=http://+:5088
ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1
COPY --from=build /app/publish .
EXPOSE 5088
ENTRYPOINT ["dotnet", "StellaOps.Signals.dll"]

33
ops/devops/signals/README.md Normal file
View File

@@ -0,0 +1,33 @@
# Signals CI/CD & Local Stack (DEVOPS-SIG-26-001)
Artifacts:
- Compose stack: `ops/devops/signals/docker-compose.signals.yml` (Signals API + Mongo + Redis + artifact volume).
- Sample config: `ops/devops/signals/signals.yaml` (mounted into the container at `/app/signals.yaml` if desired).
- Dockerfile: `ops/devops/signals/Dockerfile` (multi-stage build on .NET 10 RC).
- Build/export helper: `scripts/signals/build.sh` (saves image tar to `out/signals/signals-image.tar`).
Quick start (offline-friendly):
```bash
# build image
scripts/signals/build.sh
# run stack
COMPOSE_FILE=ops/devops/signals/docker-compose.signals.yml docker compose up -d
# hit health
curl -s http://localhost:5088/health
```
Configuration (ENV or YAML):
- `Signals__Mongo__ConnectionString` default `mongodb://signals-mongo:27017/signals`
- `Signals__Cache__ConnectionString` default `signals-redis:6379`
- `Signals__Storage__RootPath` default `/data/artifacts`
- Authority disabled by default for local; enable with `Signals__Authority__Enabled=true` and issuer settings.
CI workflow:
- `.gitea/workflows/signals-ci.yml` restores, builds, tests, builds container, and uploads `signals-image.tar` artifact.
Dependencies:
- Mongo 7 (wiredTiger)
- Redis 7 (cache)
- Artifact volume `signals_artifacts` for callgraph blobs.

52
ops/devops/signals/docker-compose.signals.yml Normal file
View File

@@ -0,0 +1,52 @@
version: "3.9"
services:
signals-api:
build:
context: ../..
dockerfile: ops/devops/signals/Dockerfile
image: stellaops/signals:local
environment:
ASPNETCORE_URLS: "http://+:5088"
Signals__Mongo__ConnectionString: "mongodb://signals-mongo:27017/signals"
Signals__Mongo__Database: "signals"
Signals__Cache__ConnectionString: "signals-redis:6379"
Signals__Storage__RootPath: "/data/artifacts"
Signals__Authority__Enabled: "false"
Signals__OpenApi__Enabled: "true"
ports:
- "5088:5088"
depends_on:
- signals-mongo
- signals-redis
volumes:
- signals_artifacts:/data/artifacts
- ./signals.yaml:/app/signals.yaml:ro
signals-mongo:
image: mongo:7
command: ["mongod", "--quiet", "--storageEngine=wiredTiger"]
ports:
- "57027:27017"
volumes:
- signals_mongo:/data/db
healthcheck:
test: ["CMD", "mongosh", "--quiet", "--eval", "db.adminCommand('ping')"]
interval: 10s
timeout: 5s
retries: 5
signals-redis:
image: redis:7-alpine
ports:
- "56379:6379"
command: ["redis-server", "--save", "", "--appendonly", "no"]
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
volumes:
signals_artifacts:
signals_mongo:

15
ops/devops/signals/signals.yaml Normal file
View File

@@ -0,0 +1,15 @@
# Sample offline configuration for Signals
Signals:
Mongo:
ConnectionString: "mongodb://signals-mongo:27017/signals"
Database: "signals"
Cache:
ConnectionString: "signals-redis:6379"
DefaultTtlSeconds: 600
Storage:
RootPath: "/data/artifacts"
Authority:
Enabled: false
OpenApi:
Enabled: true