stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
docs/features/checked/scanner/per-layer-sbom-content-addressable-storage.md Normal file
View File

@@ -0,0 +1,41 @@
# Per-Layer SBOM Content-Addressable Storage
## Module
Scanner
## Status
VERIFIED
## Description
Content-addressable storage for per-layer SBOMs keyed by diffID with PostgreSQL metadata and gzip-compressed content storage. Supports TTL-based eviction for cold layers and provides cache hit/miss metrics. While "Layer-SBOM Cache with Hash-Based Reuse" exists in known features, this specific CAS implementation with PostgreSQL persistence and TTL eviction is a distinct shipped capability.
## Implementation Details
- **Content-Addressable Storage**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Cache/LayerSbomCas/ILayerSbomCas.cs` - `ILayerSbomCas` interface for content-addressable SBOM storage keyed by diffID
- `src/Scanner/__Libraries/StellaOps.Scanner.Cache/LayerSbomCas/PostgresLayerSbomCas.cs` - `PostgresLayerSbomCas` PostgreSQL-backed CAS with gzip-compressed content storage and TTL-based eviction
- **Cache Infrastructure**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Cache/Abstractions/ILayerCacheStore.cs` - Layer cache store interface
- `src/Scanner/__Libraries/StellaOps.Scanner.Cache/Abstractions/LayerCacheEntry.cs` - Cache entry with metadata (diffID, TTL, creation time)
- `src/Scanner/__Libraries/StellaOps.Scanner.Cache/LayerCache/LayerCacheStore.cs` - Cache store implementation
- **Maintenance**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Cache/Maintenance/ScannerCacheMaintenanceService.cs` - TTL-based eviction for cold/stale layer SBOMs
- **DI Registration**: `src/Scanner/__Libraries/StellaOps.Scanner.Cache/ScannerCacheServiceCollectionExtensions.cs`
## E2E Test Plan
- [ ] Store a per-layer SBOM via CAS keyed by diffID and verify it is retrievable by the same key
- [ ] Verify stored content is gzip-compressed and decompresses correctly on retrieval
- [ ] Verify TTL-based eviction removes cold layer SBOMs after the configured TTL expires
- [ ] Verify cache hit/miss metrics are tracked and exposed for monitoring
- [ ] Verify duplicate puts for the same diffID are idempotent (content-addressable deduplication)
- [ ] Verify PostgreSQL metadata correctly tracks creation time, last access time, and TTL for each entry
---
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source files exist | PASS |
| Tier 1 - Build + code review | PASS |
| Tier 2 - Integration tests | PASS |
| Verified | 2026-02-13T18:10:00Z |