save checkpoint

2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
--- a/docs/features/checked/zastava/windows-container-runtime-support.md
+++ b/docs/features/checked/zastava/windows-container-runtime-support.md
@@ -0,0 +1,27 @@
+# Windows Container Runtime Support
+
+## Module
+Zastava
+
+## Status
+IMPLEMENTED
+
+## Description
+Windows container runtime monitoring with ETW event source integration, PE format library hashing, and Windows-specific container lifecycle tracking within the Zastava Observer.
+
+## Implementation Details
+- **IWindowsContainerRuntimeClient interface**: `src/Zastava/StellaOps.Zastava.Observer/ContainerRuntime/Windows/IWindowsContainerRuntimeClient.cs` -- Windows-specific container runtime client
+- **DockerWindowsRuntimeClient**: `src/Zastava/StellaOps.Zastava.Observer/ContainerRuntime/Windows/DockerWindowsRuntimeClient.cs` -- Docker for Windows runtime client implementation
+- **WindowsContainerInfo**: `src/Zastava/StellaOps.Zastava.Observer/ContainerRuntime/Windows/WindowsContainerInfo.cs` -- Windows container metadata model
+- **WindowsLibraryHashCollector**: `src/Zastava/StellaOps.Zastava.Observer/ContainerRuntime/Windows/WindowsLibraryHashCollector.cs` -- PE format library hashing for Windows DLLs
+- **ContainerStateTracker**: `src/Zastava/StellaOps.Zastava.Observer/ContainerRuntime/ContainerStateTracker.cs` -- shared container lifecycle state tracking
+- **ContainerStateTrackerFactory**: `src/Zastava/StellaOps.Zastava.Observer/ContainerRuntime/ContainerStateTrackerFactory.cs` -- factory for creating state trackers per runtime type
+- **Tests**: `src/Zastava/__Tests/StellaOps.Zastava.Observer.Tests/ContainerRuntime/Windows/WindowsContainerRuntimeTests.cs`
+- **Source**: SPRINT_0420_0001_0001_zastava_hybrid_gaps.md
+
+## E2E Test Plan
+- [ ] Verify Docker for Windows runtime client enumerates running Windows containers
+- [ ] Test PE format library hashing collects DLL hashes for SBOM correlation
+- [ ] Verify Windows container lifecycle tracking (start/stop/restart)
+- [ ] Test container state tracker handles Windows-specific container states
+- [ ] Verify Windows library hash collector supports .NET Framework and .NET Core DLLs