save progress

2026-01-09 18:27:36 +02:00
parent e608752924
commit a21d3dbc1f
361 changed files with 63068 additions and 1192 deletions
--- a/src/Tools/StellaOps.Tools.WorkflowGenerator/ScanConfig.cs
+++ b/src/Tools/StellaOps.Tools.WorkflowGenerator/ScanConfig.cs
@@ -0,0 +1,89 @@
+// <copyright file="ScanConfig.cs" company="StellaOps">
+// Copyright (c) StellaOps. Licensed under the AGPL-3.0-or-later.
+// </copyright>
+
+using System.Collections.Immutable;
+
+namespace StellaOps.Tools.WorkflowGenerator;
+
+/// <summary>
+/// Scan configuration for the workflow.
+/// Sprint: SPRINT_20260109_010_003 Task: Create models
+/// </summary>
+public sealed record ScanConfig
+{
+    /// <summary>
+    /// StellaOps CLI version to use.
+    /// </summary>
+    public string CliVersion { get; init; } = "latest";
+
+    /// <summary>
+    /// Image to scan (container image reference).
+    /// </summary>
+    public string? ImageRef { get; init; }
+
+    /// <summary>
+    /// Path to scan (file system path).
+    /// </summary>
+    public string? ScanPath { get; init; } = ".";
+
+    /// <summary>
+    /// Minimum severity to report.
+    /// </summary>
+    public string MinSeverity { get; init; } = "medium";
+
+    /// <summary>
+    /// Enable vulnerability scanning.
+    /// </summary>
+    public bool ScanVulnerabilities { get; init; } = true;
+
+    /// <summary>
+    /// Enable secret scanning.
+    /// </summary>
+    public bool ScanSecrets { get; init; } = true;
+
+    /// <summary>
+    /// Enable SBOM generation.
+    /// </summary>
+    public bool GenerateSbom { get; init; } = true;
+
+    /// <summary>
+    /// Include reachability analysis.
+    /// </summary>
+    public bool IncludeReachability { get; init; } = false;
+
+    /// <summary>
+    /// Fail build on findings above this severity.
+    /// </summary>
+    public string? FailOnSeverity { get; init; }
+
+    /// <summary>
+    /// Additional CLI arguments.
+    /// </summary>
+    public ImmutableArray<string> AdditionalArgs { get; init; } = [];
+
+    /// <summary>
+    /// Default configuration for repository scanning.
+    /// </summary>
+    public static ScanConfig DefaultRepository => new()
+    {
+        ScanPath = ".",
+        MinSeverity = "medium",
+        ScanVulnerabilities = true,
+        ScanSecrets = true,
+        GenerateSbom = true
+    };
+
+    /// <summary>
+    /// Configuration for container image scanning.
+    /// </summary>
+    public static ScanConfig ContainerImage(string imageRef) => new()
+    {
+        ImageRef = imageRef,
+        ScanPath = null,
+        MinSeverity = "low",
+        ScanVulnerabilities = true,
+        ScanSecrets = false,
+        GenerateSbom = true
+    };
+}