stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

wip: doctor/cli/docs/api to vector db consolidation; api hardening for descriptions, tenant, and scopes; migrations and conversions of all DALs to EF v10

Browse Source
This commit is contained in:
master
2026-02-23 15:30:50 +02:00
parent bd8fee6ed8
commit e746577380
1424 changed files with 81225 additions and 25251 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/Policy/StellaOps.Policy.Api/Endpoints/ReplayEndpoints.cs
View File

@@ -10,6 +10,8 @@ using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using StellaOps.Auth.Abstractions;
using StellaOps.Auth.ServerIntegration;
using StellaOps.Policy.Persistence.Postgres.Repositories;
namespace StellaOps.Policy.Api.Endpoints;
@@ -34,6 +36,7 @@ public static class ReplayEndpoints
.WithName("ReplayDecision")
.WithSummary("Replay a historical policy decision")
.WithDescription("Re-evaluates a policy decision using frozen snapshots to verify determinism")
.RequireAuthorization(policy => policy.RequireStellaOpsScopes(StellaOpsScopes.PolicyAudit))
.Produces<ReplayResponse>(StatusCodes.Status200OK)
.Produces<ProblemDetails>(StatusCodes.Status400BadRequest)
.Produces<ProblemDetails>(StatusCodes.Status404NotFound);
@@ -42,29 +45,37 @@ public static class ReplayEndpoints
group.MapPost("/batch", BatchReplayAsync)
.WithName("BatchReplay")
.WithSummary("Replay multiple policy decisions")
.WithDescription("Replay a batch of historical policy decisions by verdict hash or Rekor UUID, returning pass/fail and determinism verification results for each item. Used by compliance automation tools to bulk-verify release audit trails.")
.RequireAuthorization(policy => policy.RequireStellaOpsScopes(StellaOpsScopes.PolicyAudit))
.Produces<BatchReplayResponse>(StatusCodes.Status200OK);
// GET /api/v1/replay/{replayId} - Get replay result
group.MapGet("/{replayId}", GetReplayResultAsync)
.WithName("GetReplayResult")
.WithSummary("Get the result of a replay operation");
.WithSummary("Get the result of a replay operation")
.WithDescription("Retrieve the stored result of a previously executed replay operation by its replay ID, including verdict match status, digest comparison, and replay duration metadata.")
.RequireAuthorization(policy => policy.RequireStellaOpsScopes(StellaOpsScopes.PolicyAudit));
// POST /api/v1/replay/verify-determinism - Verify replay determinism
group.MapPost("/verify-determinism", VerifyDeterminismAsync)
.WithName("VerifyDeterminism")
.WithSummary("Verify that a decision can be deterministically replayed");
.WithSummary("Verify that a decision can be deterministically replayed")
.WithDescription("Execute multiple replay iterations for a verdict hash and report whether all iterations produced the same digest, confirming deterministic reproducibility. Returns the iteration count, number of unique results, and diagnostic details for any non-determinism detected.")
.RequireAuthorization(policy => policy.RequireStellaOpsScopes(StellaOpsScopes.PolicyAudit));
// GET /api/v1/replay/audit - Query replay audit trail
group.MapGet("/audit", QueryReplayAuditAsync)
.WithName("QueryReplayAudit")
.WithSummary("Query replay audit records")
.WithDescription("Returns paginated list of replay audit records for compliance and debugging");
.WithDescription("Returns paginated list of replay audit records for compliance and debugging")
.RequireAuthorization(policy => policy.RequireStellaOpsScopes(StellaOpsScopes.PolicyAudit));
// GET /api/v1/replay/audit/metrics - Get replay metrics
group.MapGet("/audit/metrics", GetReplayMetricsAsync)
.WithName("GetReplayMetrics")
.WithSummary("Get aggregated replay metrics")
.WithDescription("Returns replay_attempts_total and replay_match_rate metrics");
.WithDescription("Returns replay_attempts_total and replay_match_rate metrics")
.RequireAuthorization(policy => policy.RequireStellaOpsScopes(StellaOpsScopes.PolicyAudit));
return endpoints;
}