save checkpoint
This commit is contained in:
master
40
docs/features/checked/policy/vex-status-promotion-gate.md
Normal file
40
docs/features/checked/policy/vex-status-promotion-gate.md
Normal file
@@ -0,0 +1,40 @@
|
||||
# VEX Status Promotion Gate
|
||||
|
||||
## Module
|
||||
Policy
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Promotion gate that blocks environment promotions based on VEX status thresholds, ensuring only properly triaged artifacts can advance.
|
||||
|
||||
## Implementation Details
|
||||
- **VexTrustGate**: `src/Policy/StellaOps.Policy.Engine/Gates/VexTrustGate.cs` (implements `IVexTrustGate`)
|
||||
- `EvaluateAsync(VexTrustGateRequest)` evaluates VEX trust for status transitions
|
||||
- VexTrustGateRequest: RequestedStatus, Environment, VexTrustStatus, TenantId
|
||||
- VexTrustStatus: TrustScore (0.0-1.0), PolicyTrustThreshold, MeetsPolicyThreshold, TrustBreakdown
|
||||
- Per-environment evaluation: production requires highest trust, development most permissive
|
||||
- **VexTrustGateOptions**: `src/Policy/StellaOps.Policy.Engine/Gates/VexTrustGateOptions.cs`
|
||||
- ApplyToStatuses: ["not_affected", "fixed"] -- statuses requiring trust verification
|
||||
- Per-environment thresholds:
|
||||
- Production: MinCompositeScore=0.80, RequireIssuerVerified=true, MinAccuracyRate=0.85, AcceptableFreshness=["fresh"], FailureAction=Block
|
||||
- Staging: MinCompositeScore=0.60, RequireIssuerVerified=true, AcceptableFreshness=["fresh","stale"], FailureAction=Warn
|
||||
- Development: MinCompositeScore=0.40, RequireIssuerVerified=false, AcceptableFreshness=["fresh","stale","superseded"], FailureAction=Warn
|
||||
- MissingTrustBehavior: Allow, Warn, Block
|
||||
- TenantOverrides for tenant-specific thresholds
|
||||
- **PolicyGateEvaluator**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs`
|
||||
- VEX Trust gate (3rd in pipeline) blocks promotion when trust insufficient
|
||||
- VEX trust evaluation integrated with lattice state and uncertainty tier gates
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Request promotion to production with trust score 0.85; verify gate passes
|
||||
- [ ] Request promotion to production with trust score 0.70; verify gate blocks (threshold 0.80)
|
||||
- [ ] Request promotion to staging with trust score 0.65; verify gate passes (threshold 0.60)
|
||||
- [ ] Request promotion with stale VEX in production; verify gate blocks (only "fresh" acceptable)
|
||||
- [ ] Request promotion with stale VEX in staging; verify gate passes (stale acceptable)
|
||||
- [ ] Request promotion with unverified issuer in production; verify gate blocks
|
||||
- [ ] Request promotion with unverified issuer in development; verify gate passes
|
||||
- [ ] Request promotion with MissingTrustBehavior=Block and no VEX data; verify gate blocks
|
||||
- [ ] Verify tenant-specific overrides apply when TenantId matches
|
||||
- [ ] Verify gate returns descriptive message identifying which threshold was not met
|
||||
Reference in New Issue
Block a user