feat: Initialize Zastava Webhook service with TLS and Authority authentication

- Added Program.cs to set up the web application with Serilog for logging, health check endpoints, and a placeholder admission endpoint. - Configured Kestrel server to use TLS 1.3 and handle client certificates appropriately. - Created StellaOps.Zastava.Webhook.csproj with necessary dependencies including Serilog and Polly. - Documented tasks in TASKS.md for the Zastava Webhook project, outlining current work and exit criteria for each task.
2025-10-19 18:36:22 +03:00
parent 2062da7a8b
commit d099a90f9b
966 changed files with 91038 additions and 1850 deletions
--- a/src/StellaOps.Scanner.WebService/Options/ScannerWebServiceOptionsValidator.cs
+++ b/src/StellaOps.Scanner.WebService/Options/ScannerWebServiceOptionsValidator.cs
@@ -28,6 +28,11 @@ public static class ScannerWebServiceOptionsValidator
        "minio"
    };

+    private static readonly HashSet<string> SupportedEventDrivers = new(StringComparer.OrdinalIgnoreCase)
+    {
+        "redis"
+    };
+
    public static void Validate(ScannerWebServiceOptions options)
    {
        ArgumentNullException.ThrowIfNull(options);
@@ -62,6 +67,24 @@ public static class ScannerWebServiceOptionsValidator
        {
            throw new InvalidOperationException("API basePath must be configured.");
        }
+
+        if (string.IsNullOrWhiteSpace(options.Api.ScansSegment))
+        {
+            throw new InvalidOperationException("API scansSegment must be configured.");
+        }
+
+        if (string.IsNullOrWhiteSpace(options.Api.ReportsSegment))
+        {
+            throw new InvalidOperationException("API reportsSegment must be configured.");
+        }
+
+        if (string.IsNullOrWhiteSpace(options.Api.PolicySegment))
+        {
+            throw new InvalidOperationException("API policySegment must be configured.");
+        }
+
+        options.Events ??= new ScannerWebServiceOptions.EventsOptions();
+        ValidateEvents(options.Events);
    }

    private static void ValidateStorage(ScannerWebServiceOptions.StorageOptions storage)
@@ -143,6 +166,39 @@ public static class ScannerWebServiceOptionsValidator
        }
    }

+    private static void ValidateEvents(ScannerWebServiceOptions.EventsOptions eventsOptions)
+    {
+        if (!eventsOptions.Enabled)
+        {
+            return;
+        }
+
+        if (!SupportedEventDrivers.Contains(eventsOptions.Driver))
+        {
+            throw new InvalidOperationException($"Unsupported events driver '{eventsOptions.Driver}'. Supported drivers: redis.");
+        }
+
+        if (string.IsNullOrWhiteSpace(eventsOptions.Dsn))
+        {
+            throw new InvalidOperationException("Events DSN must be configured when event emission is enabled.");
+        }
+
+        if (string.IsNullOrWhiteSpace(eventsOptions.Stream))
+        {
+            throw new InvalidOperationException("Events stream must be configured when event emission is enabled.");
+        }
+
+        if (eventsOptions.PublishTimeoutSeconds <= 0)
+        {
+            throw new InvalidOperationException("Events publishTimeoutSeconds must be greater than zero.");
+        }
+
+        if (eventsOptions.MaxStreamLength < 0)
+        {
+            throw new InvalidOperationException("Events maxStreamLength must be zero or greater.");
+        }
+    }
+
    private static void ValidateTelemetry(ScannerWebServiceOptions.TelemetryOptions telemetry)
    {
        if (string.IsNullOrWhiteSpace(telemetry.MinimumLogLevel))