Refactor code structure and optimize performance across multiple modules

2025-12-26 20:03:22 +02:00
parent c786faae84
commit b4fc66feb6
3353 changed files with 88254 additions and 1590657 deletions
--- a/policies/starter-day1/overrides/production.yaml
+++ b/policies/starter-day1/overrides/production.yaml
@@ -1,44 +0,0 @@
-# Stella Ops Starter Policy - Production Override
-# Version: 1.0.0
-#
-# Production environment has the strictest settings:
-# - All blocking rules enforced
-# - Lower unknowns threshold
-# - Signed artifacts required
-# - Higher VEX trust score required
-
-apiVersion: policy.stellaops.io/v1
-kind: PolicyOverride
-metadata:
-  name: starter-day1-production
-  version: "1.0.0"
-  parent: starter-day1
-  environment: production
-  description: "Strict settings for production deployments"
-
-spec:
-  # Production settings - stricter than defaults
-  settings:
-    defaultAction: block  # Block by default in production
-    unknownsThreshold: 0.03  # Only 3% unknowns allowed
-    requireSignedSbom: true
-    requireSignedVerdict: true
-    minimumVexTrustScore: 0.7  # Higher trust required
-
-  # No rule overrides - production uses base rules at full strictness
-  ruleOverrides: []
-
-  # Additional production-only rules
-  additionalRules:
-    # Require explicit approval for any blocked findings
-    - name: require-approval-for-exceptions
-      priority: 400
-      description: "Any exception in production requires documented approval"
-      match:
-        hasException: true
-      require:
-        exceptionApproval: true
-        exceptionExpiry:
-          maxDays: 30
-      action: block
-      message: "Production exceptions require approval and must expire within 30 days"