save checkpoint
This commit is contained in:
master
@@ -0,0 +1,30 @@
|
||||
# Evidence Packets for Every Decision
|
||||
|
||||
## Module
|
||||
EvidenceLocker
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Evidence bundles with manifests, attestations, and export capabilities are implemented for audit-grade decision records.
|
||||
|
||||
## Implementation Details
|
||||
- **Modules**: `src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/`, `src/EvidenceLocker/__Libraries/StellaOps.EvidenceLocker.Export/`
|
||||
- **Key Classes**:
|
||||
- `EvidenceBundleBuilder` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Builders/EvidenceBundleBuilder.cs`) - builds evidence bundles for decision records
|
||||
- `EvidenceBundlePackagingService` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Services/EvidenceBundlePackagingService.cs`) - packages evidence with attestations
|
||||
- `EvidenceSignatureService` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Infrastructure/Signing/EvidenceSignatureService.cs`) - signs evidence bundles with DSSE
|
||||
- `BundleManifest` (`src/EvidenceLocker/__Libraries/StellaOps.EvidenceLocker.Export/Models/BundleManifest.cs`) - manifest listing bundle contents and hashes
|
||||
- `TarGzBundleExporter` (`src/EvidenceLocker/__Libraries/StellaOps.EvidenceLocker.Export/TarGzBundleExporter.cs`) - exports bundles as tar.gz archives
|
||||
- `EvidenceBundleMetadata` (`src/EvidenceLocker/StellaOps.EvidenceLocker/StellaOps.EvidenceLocker.Core/Domain/EvidenceBundleMetadata.cs`) - metadata for each decision's evidence packet
|
||||
- **Interfaces**: `IEvidenceBundleBuilder`, `IEvidenceSignatureService`, `IEvidenceBundleExporter`
|
||||
- **Source**: Feature matrix scan
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Record a release decision and verify `EvidenceBundleBuilder` creates an evidence packet with the decision context
|
||||
- [ ] Verify `BundleManifest` lists all evidence items with their content-addressed hashes
|
||||
- [ ] Verify `EvidenceSignatureService` signs the evidence packet and the signature is verifiable
|
||||
- [ ] Export the decision evidence packet via `TarGzBundleExporter` and verify the archive is complete
|
||||
- [ ] Verify every decision type (promote, block, rollback, override) generates a corresponding evidence packet
|
||||
- [ ] Verify evidence packets are immutable: attempting to modify after creation fails
|
||||
Reference in New Issue
Block a user