stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

Fix build and code structure improvements. New but essential UI functionality. CI improvements. Documentation improvements. AI module improvements.

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-26 21:54:17 +02:00
parent 335ff7da16
commit c2b9cd8d1f
3717 changed files with 264714 additions and 48202 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/Excititor/StellaOps.Excititor.WebService/Program.cs
View File

@@ -23,12 +23,13 @@ using StellaOps.Excititor.Connectors.RedHat.CSAF.DependencyInjection;
using StellaOps.Excititor.Core;
using StellaOps.Excititor.Core.Evidence;
using StellaOps.Excititor.Core.Observations;
using StellaOps.Excititor.Core.Verification;
using StellaOps.Excititor.Export;
using StellaOps.Excititor.Formats.CSAF;
using StellaOps.Excititor.Formats.CycloneDX;
using StellaOps.Excititor.Formats.OpenVEX;
using StellaOps.Excititor.Policy;
using StellaOps.Excititor.Storage.Postgres;
using StellaOps.Excititor.Persistence.Extensions;
using StellaOps.Infrastructure.Postgres.Options;
using StellaOps.Excititor.WebService.Endpoints;
using StellaOps.Excititor.WebService.Extensions;
@@ -41,6 +42,7 @@ using StellaOps.Excititor.WebService.Contracts;
using System.Globalization;
using StellaOps.Excititor.WebService.Graph;
using StellaOps.Excititor.Core.Storage;
using StellaOps.Excititor.Persistence.Postgres;
using StellaOps.Router.AspNet;
var builder = WebApplication.CreateBuilder(args);
@@ -52,15 +54,36 @@ services.AddOptions<VexStorageOptions>()
services.AddOptions<GraphOptions>()
.Bind(configuration.GetSection("Excititor:Graph"));
services.AddExcititorPostgresStorage(configuration);
services.AddExcititorPersistence(configuration);
services.TryAddSingleton<IVexProviderStore, InMemoryVexProviderStore>();
services.TryAddScoped<IVexConnectorStateRepository, InMemoryVexConnectorStateRepository>();
services.TryAddSingleton<IVexClaimStore, InMemoryVexClaimStore>();
services.AddCsafNormalizer();
services.AddCycloneDxNormalizer();
services.AddOpenVexNormalizer();
services.AddSingleton<IVexSignatureVerifier, NoopVexSignatureVerifier>();
// TODO: replace NoopVexSignatureVerifier with hardened verifier once portable bundle signatures are finalized.
// VEX Signature Verification (SPRINT_1227_0004_0001)
// Feature flag controls whether production verification is active.
// When VexSignatureVerification:Enabled is false, NoopVexSignatureVerifier is used.
services.AddVexSignatureVerification(configuration);
// Legacy V1 interface - maintained for backward compatibility during migration
if (configuration.GetValue<bool>("VexSignatureVerification:Enabled", false))
{
services.AddSingleton<IVexSignatureVerifier>(sp =>
{
// Adapter from V2 to V1 interface
return new VexSignatureVerifierV1Adapter(
sp.GetRequiredService<IVexSignatureVerifierV2>(),
sp.GetRequiredService<IOptions<VexSignatureVerifierOptions>>(),
sp.GetRequiredService<ILogger<VexSignatureVerifierV1Adapter>>());
});
}
else
{
services.AddSingleton<IVexSignatureVerifier, NoopVexSignatureVerifier>();
}
services.Configure<AirgapOptions>(configuration.GetSection(AirgapOptions.SectionName));
services.AddSingleton<AirgapImportValidator>();
services.AddSingleton<AirgapSignerTrustService>();
@@ -2264,6 +2287,7 @@ internal sealed record ExcititorTimelineEvent(
string? TraceId,
string OccurredAt);
// Program class public for WebApplicationFactory<Program>
public partial class Program;
internal sealed record StatusResponse(DateTimeOffset UtcNow, int InlineThreshold, string[] ArtifactStores);