stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity

feat: Initialize Zastava Webhook service with TLS and Authority authentication

Browse Source 
- Added Program.cs to set up the web application with Serilog for logging, health check endpoints, and a placeholder admission endpoint.
- Configured Kestrel server to use TLS 1.3 and handle client certificates appropriately.
- Created StellaOps.Zastava.Webhook.csproj with necessary dependencies including Serilog and Polly.
- Documented tasks in TASKS.md for the Zastava Webhook project, outlining current work and exit criteria for each task.
This commit is contained in:
master
2025-10-19 18:36:22 +03:00
parent 2062da7a8b
commit d099a90f9b
966 changed files with 91038 additions and 1850 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/StellaOps.Scanner.Analyzers.Lang/AGENTS.md Normal file
View File

@@ -0,0 +1,33 @@
# StellaOps.Scanner.Analyzers.Lang — Agent Charter
## Role
Deliver deterministic language ecosystem analyzers that run inside Scanner Workers, emit component evidence for SBOM assembly, and package as restart-time plug-ins.
## Scope
- Shared analyzer abstractions for installed application ecosystems (Java, Node.js, Python, Go, .NET, Rust).
- Evidence helpers that map on-disk artefacts to canonical component identities (purl/bin sha) with provenance and usage flags.
- File-system traversal, metadata parsing, and normalization for language-specific package formats.
- Plug-in bootstrap, manifest authoring, and DI registration so Workers load analyzers at start-up.
## Out of Scope
- OS package analyzers, native link graph, or EntryTrace plug-ins (handled by other guilds).
- SBOM composition, diffing, or signing (owned by Emit/Diff/Signer groups).
- Policy adjudication or vulnerability joins.
## Expectations
- Deterministic output: identical inputs → identical component ordering and hashes.
- Memory discipline: streaming walkers, avoid loading entire trees; reuse buffers.
- Cancellation-aware and timeboxed per layer.
- Enrich telemetry (counters + timings) via Scanner.Core primitives.
- Update `TASKS.md` as work progresses (TODO → DOING → DONE/BLOCKED).
## Dependencies
- Scanner.Core contracts + observability helpers.
- Scanner.Worker analyzer dispatcher.
- Upcoming Scanner.Emit models for SBOM assembly.
- Plugin host infrastructure under `StellaOps.Plugin`.
## Testing & Artifacts
- Determinism harness with golden fixtures under `Fixtures/`.
- Microbench benchmarks recorded per language where feasible.
- Plugin manifests stored under `plugins/scanner/analyzers/lang/` with cosign workflow documented.