Add tests for SBOM generation determinism across multiple formats
- Created `StellaOps.TestKit.Tests` project for unit tests related to determinism. - Implemented `DeterminismManifestTests` to validate deterministic output for canonical bytes and strings, file read/write operations, and error handling for invalid schema versions. - Added `SbomDeterminismTests` to ensure identical inputs produce consistent SBOMs across SPDX 3.0.1 and CycloneDX 1.6/1.7 formats, including parallel execution tests. - Updated project references in `StellaOps.Integration.Determinism` to include the new determinism testing library.
This commit is contained in:
master
27
docs2/security/multi-tenancy.md
Normal file
27
docs2/security/multi-tenancy.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# Multi-tenancy
|
||||
|
||||
Purpose
|
||||
- Ensure strict tenant isolation across APIs, storage, and observability.
|
||||
|
||||
Tenant lifecycle
|
||||
- Create tenants with scoped roles and default policies.
|
||||
- Suspend or retire tenants with audit records.
|
||||
- Migrations and data retention follow governance policy.
|
||||
|
||||
Isolation model
|
||||
- Tokens carry tenant identifiers and scopes.
|
||||
- APIs require tenant headers; cross-tenant actions are explicit.
|
||||
- Datastores enforce tenant_id and RLS where supported.
|
||||
|
||||
Observability
|
||||
- Metrics, logs, and traces always include tenant.
|
||||
- Cross-tenant access attempts emit audit events.
|
||||
|
||||
Offline posture
|
||||
- Offline bundles are tenant scoped.
|
||||
- Tenant list in offline mode is limited to snapshot contents.
|
||||
|
||||
Related references
|
||||
- security/identity-tenancy-and-scopes.md
|
||||
- security/row-level-security.md
|
||||
- docs/operations/multi-tenancy.md
|
||||
Reference in New Issue
Block a user