up
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Manifest Integrity / Validate Schema Integrity (push) Has been cancelled
Manifest Integrity / Validate Contract Documents (push) Has been cancelled
Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled
Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled
Manifest Integrity / Verify Merkle Roots (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Manifest Integrity / Validate Schema Integrity (push) Has been cancelled
Manifest Integrity / Validate Contract Documents (push) Has been cancelled
Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled
Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled
Manifest Integrity / Verify Merkle Roots (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
This commit is contained in:
StellaOps Bot
@@ -45,6 +45,11 @@ public sealed class SignalsOptions
|
||||
/// </summary>
|
||||
public SignalsOpenApiOptions OpenApi { get; } = new();
|
||||
|
||||
/// <summary>
|
||||
/// Retention policy configuration for runtime facts and artifacts.
|
||||
/// </summary>
|
||||
public SignalsRetentionOptions Retention { get; } = new();
|
||||
|
||||
/// <summary>
|
||||
/// Validates configured options.
|
||||
/// </summary>
|
||||
@@ -57,5 +62,6 @@ public sealed class SignalsOptions
|
||||
Cache.Validate();
|
||||
Events.Validate();
|
||||
OpenApi.Validate();
|
||||
Retention.Validate();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,87 @@
|
||||
namespace StellaOps.Signals.Options;
|
||||
|
||||
/// <summary>
|
||||
/// Retention policy configuration for runtime facts.
|
||||
/// </summary>
|
||||
public sealed class SignalsRetentionOptions
|
||||
{
|
||||
/// <summary>
|
||||
/// Configuration section name.
|
||||
/// </summary>
|
||||
public const string SectionName = "Signals:Retention";
|
||||
|
||||
/// <summary>
|
||||
/// Time-to-live for runtime facts in hours. Default is 720 (30 days).
|
||||
/// Set to 0 to disable automatic expiration.
|
||||
/// </summary>
|
||||
public int RuntimeFactsTtlHours { get; set; } = 720;
|
||||
|
||||
/// <summary>
|
||||
/// Time-to-live for callgraph artifacts in hours. Default is 2160 (90 days).
|
||||
/// Set to 0 to disable automatic expiration.
|
||||
/// </summary>
|
||||
public int CallgraphTtlHours { get; set; } = 2160;
|
||||
|
||||
/// <summary>
|
||||
/// Time-to-live for reachability states in hours. Default is 720 (30 days).
|
||||
/// Set to 0 to disable automatic expiration.
|
||||
/// </summary>
|
||||
public int ReachabilityStateTtlHours { get; set; } = 720;
|
||||
|
||||
/// <summary>
|
||||
/// Maximum number of runtime facts per subject. Default is 10000.
|
||||
/// Older facts are evicted when the limit is reached.
|
||||
/// </summary>
|
||||
public int MaxRuntimeFactsPerSubject { get; set; } = 10000;
|
||||
|
||||
/// <summary>
|
||||
/// Enable automatic cleanup of expired facts. Default is true.
|
||||
/// </summary>
|
||||
public bool EnableAutoCleanup { get; set; } = true;
|
||||
|
||||
/// <summary>
|
||||
/// Cleanup interval in minutes. Default is 60.
|
||||
/// </summary>
|
||||
public int CleanupIntervalMinutes { get; set; } = 60;
|
||||
|
||||
/// <summary>
|
||||
/// Archive expired facts to CAS before deletion. Default is true.
|
||||
/// </summary>
|
||||
public bool ArchiveBeforeDelete { get; set; } = true;
|
||||
|
||||
/// <summary>
|
||||
/// CAS path for archived facts.
|
||||
/// </summary>
|
||||
public string ArchiveCasPath { get; set; } = "cas://signals/archive/runtime-facts";
|
||||
|
||||
/// <summary>
|
||||
/// Validates retention options.
|
||||
/// </summary>
|
||||
public void Validate()
|
||||
{
|
||||
if (RuntimeFactsTtlHours < 0)
|
||||
{
|
||||
throw new ArgumentException("RuntimeFactsTtlHours must be >= 0.");
|
||||
}
|
||||
|
||||
if (CallgraphTtlHours < 0)
|
||||
{
|
||||
throw new ArgumentException("CallgraphTtlHours must be >= 0.");
|
||||
}
|
||||
|
||||
if (ReachabilityStateTtlHours < 0)
|
||||
{
|
||||
throw new ArgumentException("ReachabilityStateTtlHours must be >= 0.");
|
||||
}
|
||||
|
||||
if (MaxRuntimeFactsPerSubject <= 0)
|
||||
{
|
||||
throw new ArgumentException("MaxRuntimeFactsPerSubject must be > 0.");
|
||||
}
|
||||
|
||||
if (CleanupIntervalMinutes <= 0)
|
||||
{
|
||||
throw new ArgumentException("CleanupIntervalMinutes must be > 0.");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,3 +1,5 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
using StellaOps.Signals.Models;
|
||||
@@ -9,4 +11,24 @@ public interface IReachabilityFactRepository
|
||||
Task<ReachabilityFactDocument> UpsertAsync(ReachabilityFactDocument document, CancellationToken cancellationToken);
|
||||
|
||||
Task<ReachabilityFactDocument?> GetBySubjectAsync(string subjectKey, CancellationToken cancellationToken);
|
||||
|
||||
/// <summary>
|
||||
/// Gets documents with ComputedAt older than the specified cutoff.
|
||||
/// </summary>
|
||||
Task<IReadOnlyList<ReachabilityFactDocument>> GetExpiredAsync(DateTimeOffset cutoff, int limit, CancellationToken cancellationToken);
|
||||
|
||||
/// <summary>
|
||||
/// Deletes the document with the specified subject key.
|
||||
/// </summary>
|
||||
Task<bool> DeleteAsync(string subjectKey, CancellationToken cancellationToken);
|
||||
|
||||
/// <summary>
|
||||
/// Gets the count of runtime facts for a subject.
|
||||
/// </summary>
|
||||
Task<int> GetRuntimeFactsCountAsync(string subjectKey, CancellationToken cancellationToken);
|
||||
|
||||
/// <summary>
|
||||
/// Trims runtime facts for a subject to the specified limit, keeping most recent.
|
||||
/// </summary>
|
||||
Task TrimRuntimeFactsAsync(string subjectKey, int maxCount, CancellationToken cancellationToken);
|
||||
}
|
||||
|
||||
@@ -1,4 +1,7 @@
|
||||
using System;
|
||||
using System.Collections.Concurrent;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
using StellaOps.Signals.Models;
|
||||
@@ -31,6 +34,66 @@ internal sealed class InMemoryReachabilityFactRepository : IReachabilityFactRepo
|
||||
return Task.FromResult(_store.TryGetValue(subjectKey, out var doc) ? Clone(doc) : null);
|
||||
}
|
||||
|
||||
public Task<IReadOnlyList<ReachabilityFactDocument>> GetExpiredAsync(DateTimeOffset cutoff, int limit, CancellationToken cancellationToken)
|
||||
{
|
||||
var expired = _store.Values
|
||||
.Where(d => d.ComputedAt < cutoff)
|
||||
.OrderBy(d => d.ComputedAt)
|
||||
.Take(limit)
|
||||
.Select(Clone)
|
||||
.ToList();
|
||||
|
||||
return Task.FromResult<IReadOnlyList<ReachabilityFactDocument>>(expired);
|
||||
}
|
||||
|
||||
public Task<bool> DeleteAsync(string subjectKey, CancellationToken cancellationToken)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(subjectKey))
|
||||
{
|
||||
throw new ArgumentException("Subject key is required.", nameof(subjectKey));
|
||||
}
|
||||
|
||||
return Task.FromResult(_store.TryRemove(subjectKey, out _));
|
||||
}
|
||||
|
||||
public Task<int> GetRuntimeFactsCountAsync(string subjectKey, CancellationToken cancellationToken)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(subjectKey))
|
||||
{
|
||||
throw new ArgumentException("Subject key is required.", nameof(subjectKey));
|
||||
}
|
||||
|
||||
if (_store.TryGetValue(subjectKey, out var doc))
|
||||
{
|
||||
return Task.FromResult(doc.RuntimeFacts?.Count ?? 0);
|
||||
}
|
||||
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
||||
public Task TrimRuntimeFactsAsync(string subjectKey, int maxCount, CancellationToken cancellationToken)
|
||||
{
|
||||
if (string.IsNullOrWhiteSpace(subjectKey))
|
||||
{
|
||||
throw new ArgumentException("Subject key is required.", nameof(subjectKey));
|
||||
}
|
||||
|
||||
if (_store.TryGetValue(subjectKey, out var doc) && doc.RuntimeFacts is { Count: > 0 })
|
||||
{
|
||||
if (doc.RuntimeFacts.Count > maxCount)
|
||||
{
|
||||
var trimmed = doc.RuntimeFacts
|
||||
.OrderByDescending(f => f.ObservedAt ?? DateTimeOffset.MinValue)
|
||||
.ThenByDescending(f => f.HitCount)
|
||||
.Take(maxCount)
|
||||
.ToList();
|
||||
doc.RuntimeFacts = trimmed;
|
||||
}
|
||||
}
|
||||
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
|
||||
private static ReachabilityFactDocument Clone(ReachabilityFactDocument source) => new()
|
||||
{
|
||||
Id = source.Id,
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
using StellaOps.Signals.Models;
|
||||
@@ -42,4 +44,28 @@ internal sealed class ReachabilityFactCacheDecorator : IReachabilityFactReposito
|
||||
await cache.SetAsync(result, cancellationToken).ConfigureAwait(false);
|
||||
return result;
|
||||
}
|
||||
|
||||
public Task<IReadOnlyList<ReachabilityFactDocument>> GetExpiredAsync(DateTimeOffset cutoff, int limit, CancellationToken cancellationToken)
|
||||
{
|
||||
// Cache decorator doesn't cache expired queries - pass through to inner
|
||||
return inner.GetExpiredAsync(cutoff, limit, cancellationToken);
|
||||
}
|
||||
|
||||
public async Task<bool> DeleteAsync(string subjectKey, CancellationToken cancellationToken)
|
||||
{
|
||||
await cache.InvalidateAsync(subjectKey, cancellationToken).ConfigureAwait(false);
|
||||
return await inner.DeleteAsync(subjectKey, cancellationToken).ConfigureAwait(false);
|
||||
}
|
||||
|
||||
public Task<int> GetRuntimeFactsCountAsync(string subjectKey, CancellationToken cancellationToken)
|
||||
{
|
||||
// Pass through to inner - count queries are not cached
|
||||
return inner.GetRuntimeFactsCountAsync(subjectKey, cancellationToken);
|
||||
}
|
||||
|
||||
public async Task TrimRuntimeFactsAsync(string subjectKey, int maxCount, CancellationToken cancellationToken)
|
||||
{
|
||||
await inner.TrimRuntimeFactsAsync(subjectKey, maxCount, cancellationToken).ConfigureAwait(false);
|
||||
await cache.InvalidateAsync(subjectKey, cancellationToken).ConfigureAwait(false);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,140 @@
|
||||
using System;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.Extensions.Hosting;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Microsoft.Extensions.Options;
|
||||
using StellaOps.Signals.Options;
|
||||
using StellaOps.Signals.Persistence;
|
||||
|
||||
namespace StellaOps.Signals.Services;
|
||||
|
||||
/// <summary>
|
||||
/// Background service that periodically cleans up expired runtime facts
|
||||
/// based on the configured retention policy.
|
||||
/// </summary>
|
||||
public sealed class RuntimeFactsRetentionService : BackgroundService
|
||||
{
|
||||
private readonly IReachabilityFactRepository _factRepository;
|
||||
private readonly IOptions<SignalsOptions> _options;
|
||||
private readonly TimeProvider _timeProvider;
|
||||
private readonly ILogger<RuntimeFactsRetentionService> _logger;
|
||||
|
||||
public RuntimeFactsRetentionService(
|
||||
IReachabilityFactRepository factRepository,
|
||||
IOptions<SignalsOptions> options,
|
||||
TimeProvider timeProvider,
|
||||
ILogger<RuntimeFactsRetentionService> logger)
|
||||
{
|
||||
_factRepository = factRepository ?? throw new ArgumentNullException(nameof(factRepository));
|
||||
_options = options ?? throw new ArgumentNullException(nameof(options));
|
||||
_timeProvider = timeProvider ?? throw new ArgumentNullException(nameof(timeProvider));
|
||||
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
|
||||
}
|
||||
|
||||
protected override async Task ExecuteAsync(CancellationToken stoppingToken)
|
||||
{
|
||||
var retention = _options.Value.Retention;
|
||||
|
||||
if (!retention.EnableAutoCleanup)
|
||||
{
|
||||
_logger.LogInformation("Runtime facts auto-cleanup is disabled.");
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.LogInformation(
|
||||
"Runtime facts retention service started. TTL={TtlHours}h, Interval={IntervalMinutes}m, MaxPerSubject={MaxPerSubject}",
|
||||
retention.RuntimeFactsTtlHours,
|
||||
retention.CleanupIntervalMinutes,
|
||||
retention.MaxRuntimeFactsPerSubject);
|
||||
|
||||
var interval = TimeSpan.FromMinutes(retention.CleanupIntervalMinutes);
|
||||
|
||||
while (!stoppingToken.IsCancellationRequested)
|
||||
{
|
||||
try
|
||||
{
|
||||
await Task.Delay(interval, _timeProvider, stoppingToken).ConfigureAwait(false);
|
||||
await CleanupExpiredFactsAsync(retention, stoppingToken).ConfigureAwait(false);
|
||||
}
|
||||
catch (OperationCanceledException) when (stoppingToken.IsCancellationRequested)
|
||||
{
|
||||
// Normal shutdown
|
||||
break;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
_logger.LogError(ex, "Error during runtime facts cleanup cycle.");
|
||||
// Continue to next cycle
|
||||
}
|
||||
}
|
||||
|
||||
_logger.LogInformation("Runtime facts retention service stopped.");
|
||||
}
|
||||
|
||||
private async Task CleanupExpiredFactsAsync(SignalsRetentionOptions retention, CancellationToken cancellationToken)
|
||||
{
|
||||
if (retention.RuntimeFactsTtlHours <= 0)
|
||||
{
|
||||
_logger.LogDebug("RuntimeFactsTtlHours is 0, skipping expiration cleanup.");
|
||||
return;
|
||||
}
|
||||
|
||||
var cutoff = _timeProvider.GetUtcNow().AddHours(-retention.RuntimeFactsTtlHours);
|
||||
var expiredDocs = await _factRepository.GetExpiredAsync(cutoff, 100, cancellationToken).ConfigureAwait(false);
|
||||
|
||||
if (expiredDocs.Count == 0)
|
||||
{
|
||||
_logger.LogDebug("No expired runtime facts documents found.");
|
||||
return;
|
||||
}
|
||||
|
||||
_logger.LogInformation("Found {Count} expired runtime facts documents to clean up.", expiredDocs.Count);
|
||||
|
||||
var deletedCount = 0;
|
||||
var archivedCount = 0;
|
||||
|
||||
foreach (var doc in expiredDocs)
|
||||
{
|
||||
try
|
||||
{
|
||||
if (retention.ArchiveBeforeDelete)
|
||||
{
|
||||
await ArchiveDocumentAsync(doc, retention, cancellationToken).ConfigureAwait(false);
|
||||
archivedCount++;
|
||||
}
|
||||
|
||||
var deleted = await _factRepository.DeleteAsync(doc.SubjectKey, cancellationToken).ConfigureAwait(false);
|
||||
if (deleted)
|
||||
{
|
||||
deletedCount++;
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
_logger.LogWarning(ex, "Failed to cleanup expired document for subject {SubjectKey}.", doc.SubjectKey);
|
||||
}
|
||||
}
|
||||
|
||||
_logger.LogInformation(
|
||||
"Cleanup complete: deleted={DeletedCount}, archived={ArchivedCount}",
|
||||
deletedCount,
|
||||
archivedCount);
|
||||
}
|
||||
|
||||
private Task ArchiveDocumentAsync(
|
||||
StellaOps.Signals.Models.ReachabilityFactDocument document,
|
||||
SignalsRetentionOptions retention,
|
||||
CancellationToken cancellationToken)
|
||||
{
|
||||
// Archive to CAS is a placeholder - actual implementation would write to CAS storage
|
||||
// using the configured ArchiveCasPath
|
||||
_logger.LogDebug(
|
||||
"Archiving document for subject {SubjectKey} to {CasPath}",
|
||||
document.SubjectKey,
|
||||
retention.ArchiveCasPath);
|
||||
|
||||
// TODO: Implement actual CAS archival via ICasStore when available
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
}
|
||||
@@ -1,7 +1,9 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Threading;
|
||||
using System.Threading.Tasks;
|
||||
using FluentAssertions;
|
||||
using Microsoft.Extensions.Logging.Abstractions;
|
||||
using StellaOps.Signals.Models;
|
||||
using StellaOps.Signals.Persistence;
|
||||
@@ -148,4 +150,344 @@ public class RuntimeFactsIngestionServiceTests
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
#region Tenant Isolation Tests
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_IsolatesFactsBySubjectKey_NoDataLeakBetweenTenants()
|
||||
{
|
||||
// Arrange: Two tenants with different subjects
|
||||
var factRepository = new TenantAwareFactRepository();
|
||||
var service = CreateService(factRepository);
|
||||
|
||||
var tenant1Request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { ScanId = "scan-tenant1" },
|
||||
CallgraphId = "cg-tenant1",
|
||||
Events = new List<RuntimeFactEvent>
|
||||
{
|
||||
new() { SymbolId = "tenant1.secret.func", HitCount = 1 }
|
||||
}
|
||||
};
|
||||
|
||||
var tenant2Request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { ScanId = "scan-tenant2" },
|
||||
CallgraphId = "cg-tenant2",
|
||||
Events = new List<RuntimeFactEvent>
|
||||
{
|
||||
new() { SymbolId = "tenant2.public.func", HitCount = 1 }
|
||||
}
|
||||
};
|
||||
|
||||
// Act
|
||||
await service.IngestAsync(tenant1Request, CancellationToken.None);
|
||||
await service.IngestAsync(tenant2Request, CancellationToken.None);
|
||||
|
||||
// Assert: Each tenant only sees their own data
|
||||
var tenant1Facts = await factRepository.GetBySubjectAsync("scan-tenant1", CancellationToken.None);
|
||||
var tenant2Facts = await factRepository.GetBySubjectAsync("scan-tenant2", CancellationToken.None);
|
||||
|
||||
tenant1Facts.Should().NotBeNull();
|
||||
tenant1Facts!.RuntimeFacts.Should().ContainSingle(f => f.SymbolId == "tenant1.secret.func");
|
||||
tenant1Facts.RuntimeFacts.Should().NotContain(f => f.SymbolId == "tenant2.public.func");
|
||||
|
||||
tenant2Facts.Should().NotBeNull();
|
||||
tenant2Facts!.RuntimeFacts.Should().ContainSingle(f => f.SymbolId == "tenant2.public.func");
|
||||
tenant2Facts.RuntimeFacts.Should().NotContain(f => f.SymbolId == "tenant1.secret.func");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_SubjectKeyIsDeterministic_ForSameInput()
|
||||
{
|
||||
// Arrange
|
||||
var factRepository = new TenantAwareFactRepository();
|
||||
var service = CreateService(factRepository);
|
||||
|
||||
var subject = new ReachabilitySubject { Component = "mylib", Version = "1.0.0" };
|
||||
var request1 = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = subject,
|
||||
CallgraphId = "cg-1",
|
||||
Events = new List<RuntimeFactEvent> { new() { SymbolId = "sym1", HitCount = 1 } }
|
||||
};
|
||||
|
||||
var request2 = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { Component = "mylib", Version = "1.0.0" },
|
||||
CallgraphId = "cg-2",
|
||||
Events = new List<RuntimeFactEvent> { new() { SymbolId = "sym2", HitCount = 1 } }
|
||||
};
|
||||
|
||||
// Act
|
||||
var response1 = await service.IngestAsync(request1, CancellationToken.None);
|
||||
var response2 = await service.IngestAsync(request2, CancellationToken.None);
|
||||
|
||||
// Assert: Same subject produces same key (deterministic)
|
||||
response1.SubjectKey.Should().Be(response2.SubjectKey);
|
||||
response1.SubjectKey.Should().Be("mylib|1.0.0");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_BuildIdCorrelation_PreservesPerFactBuildId()
|
||||
{
|
||||
// Arrange
|
||||
var factRepository = new TenantAwareFactRepository();
|
||||
var service = CreateService(factRepository);
|
||||
|
||||
var request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { ImageDigest = "sha256:abc123" },
|
||||
CallgraphId = "cg-buildid-test",
|
||||
Events = new List<RuntimeFactEvent>
|
||||
{
|
||||
new()
|
||||
{
|
||||
SymbolId = "libssl.SSL_read",
|
||||
BuildId = "gnu-build-id:5f0c7c3cab2eb9bc",
|
||||
HitCount = 10
|
||||
},
|
||||
new()
|
||||
{
|
||||
SymbolId = "libcrypto.EVP_encrypt",
|
||||
BuildId = "gnu-build-id:a1b2c3d4e5f6",
|
||||
HitCount = 5
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
// Act
|
||||
var response = await service.IngestAsync(request, CancellationToken.None);
|
||||
|
||||
// Assert: Build-IDs are preserved per runtime fact
|
||||
var persisted = await factRepository.GetBySubjectAsync(response.SubjectKey, CancellationToken.None);
|
||||
persisted.Should().NotBeNull();
|
||||
persisted!.RuntimeFacts.Should().HaveCount(2);
|
||||
|
||||
var sslFact = persisted.RuntimeFacts.Single(f => f.SymbolId == "libssl.SSL_read");
|
||||
sslFact.BuildId.Should().Be("gnu-build-id:5f0c7c3cab2eb9bc");
|
||||
|
||||
var cryptoFact = persisted.RuntimeFacts.Single(f => f.SymbolId == "libcrypto.EVP_encrypt");
|
||||
cryptoFact.BuildId.Should().Be("gnu-build-id:a1b2c3d4e5f6");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_CodeIdCorrelation_PreservesPerFactCodeId()
|
||||
{
|
||||
// Arrange
|
||||
var factRepository = new TenantAwareFactRepository();
|
||||
var service = CreateService(factRepository);
|
||||
|
||||
var request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { Component = "native-lib", Version = "2.0.0" },
|
||||
CallgraphId = "cg-codeid-test",
|
||||
Events = new List<RuntimeFactEvent>
|
||||
{
|
||||
new()
|
||||
{
|
||||
SymbolId = "stripped_func_0x1234",
|
||||
CodeId = "code:binary:abc123xyz",
|
||||
HitCount = 3
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
// Act
|
||||
var response = await service.IngestAsync(request, CancellationToken.None);
|
||||
|
||||
// Assert: Code-ID is preserved for stripped binaries
|
||||
var persisted = await factRepository.GetBySubjectAsync(response.SubjectKey, CancellationToken.None);
|
||||
persisted.Should().NotBeNull();
|
||||
persisted!.RuntimeFacts.Should().ContainSingle();
|
||||
persisted.RuntimeFacts[0].CodeId.Should().Be("code:binary:abc123xyz");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_RejectsRequest_WhenSubjectMissing()
|
||||
{
|
||||
// Arrange
|
||||
var service = CreateService(new TenantAwareFactRepository());
|
||||
|
||||
var request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = null!,
|
||||
CallgraphId = "cg-1",
|
||||
Events = new List<RuntimeFactEvent> { new() { SymbolId = "sym", HitCount = 1 } }
|
||||
};
|
||||
|
||||
// Act & Assert
|
||||
await Assert.ThrowsAsync<RuntimeFactsValidationException>(
|
||||
() => service.IngestAsync(request, CancellationToken.None));
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_RejectsRequest_WhenCallgraphIdMissing()
|
||||
{
|
||||
// Arrange
|
||||
var service = CreateService(new TenantAwareFactRepository());
|
||||
|
||||
var request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { ScanId = "scan-1" },
|
||||
CallgraphId = null!,
|
||||
Events = new List<RuntimeFactEvent> { new() { SymbolId = "sym", HitCount = 1 } }
|
||||
};
|
||||
|
||||
// Act & Assert
|
||||
await Assert.ThrowsAsync<RuntimeFactsValidationException>(
|
||||
() => service.IngestAsync(request, CancellationToken.None));
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_RejectsRequest_WhenEventsEmpty()
|
||||
{
|
||||
// Arrange
|
||||
var service = CreateService(new TenantAwareFactRepository());
|
||||
|
||||
var request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { ScanId = "scan-1" },
|
||||
CallgraphId = "cg-1",
|
||||
Events = new List<RuntimeFactEvent>()
|
||||
};
|
||||
|
||||
// Act & Assert
|
||||
await Assert.ThrowsAsync<RuntimeFactsValidationException>(
|
||||
() => service.IngestAsync(request, CancellationToken.None));
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_RejectsRequest_WhenEventMissingSymbolId()
|
||||
{
|
||||
// Arrange
|
||||
var service = CreateService(new TenantAwareFactRepository());
|
||||
|
||||
var request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { ScanId = "scan-1" },
|
||||
CallgraphId = "cg-1",
|
||||
Events = new List<RuntimeFactEvent>
|
||||
{
|
||||
new() { SymbolId = null!, HitCount = 1 }
|
||||
}
|
||||
};
|
||||
|
||||
// Act & Assert
|
||||
await Assert.ThrowsAsync<RuntimeFactsValidationException>(
|
||||
() => service.IngestAsync(request, CancellationToken.None));
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Evidence URI Tests
|
||||
|
||||
[Fact]
|
||||
public async Task IngestAsync_PreservesEvidenceUri_FromRuntimeEvent()
|
||||
{
|
||||
// Arrange
|
||||
var factRepository = new TenantAwareFactRepository();
|
||||
var service = CreateService(factRepository);
|
||||
|
||||
var request = new RuntimeFactsIngestRequest
|
||||
{
|
||||
Subject = new ReachabilitySubject { ScanId = "scan-evidence" },
|
||||
CallgraphId = "cg-evidence",
|
||||
Events = new List<RuntimeFactEvent>
|
||||
{
|
||||
new()
|
||||
{
|
||||
SymbolId = "vulnerable.func",
|
||||
HitCount = 1,
|
||||
EvidenceUri = "cas://signals/evidence/sha256:deadbeef"
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
// Act
|
||||
var response = await service.IngestAsync(request, CancellationToken.None);
|
||||
|
||||
// Assert
|
||||
var persisted = await factRepository.GetBySubjectAsync(response.SubjectKey, CancellationToken.None);
|
||||
persisted.Should().NotBeNull();
|
||||
persisted!.RuntimeFacts.Should().ContainSingle();
|
||||
persisted.RuntimeFacts[0].EvidenceUri.Should().Be("cas://signals/evidence/sha256:deadbeef");
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Helper Methods
|
||||
|
||||
private static RuntimeFactsIngestionService CreateService(IReachabilityFactRepository factRepository)
|
||||
{
|
||||
return new RuntimeFactsIngestionService(
|
||||
factRepository,
|
||||
TimeProvider.System,
|
||||
new InMemoryReachabilityCache(),
|
||||
new RecordingEventsPublisher(),
|
||||
new RecordingScoringService(),
|
||||
new RuntimeFactsProvenanceNormalizer(),
|
||||
NullLogger<RuntimeFactsIngestionService>.Instance);
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Test Doubles
|
||||
|
||||
private sealed class TenantAwareFactRepository : IReachabilityFactRepository
|
||||
{
|
||||
private readonly Dictionary<string, ReachabilityFactDocument> _store = new(StringComparer.Ordinal);
|
||||
|
||||
public Task<ReachabilityFactDocument?> GetBySubjectAsync(string subjectKey, CancellationToken cancellationToken)
|
||||
{
|
||||
return Task.FromResult(_store.TryGetValue(subjectKey, out var doc) ? doc : null);
|
||||
}
|
||||
|
||||
public Task<ReachabilityFactDocument> UpsertAsync(ReachabilityFactDocument document, CancellationToken cancellationToken)
|
||||
{
|
||||
_store[document.SubjectKey] = document;
|
||||
return Task.FromResult(document);
|
||||
}
|
||||
|
||||
public Task<IReadOnlyList<ReachabilityFactDocument>> GetExpiredAsync(DateTimeOffset cutoff, int limit, CancellationToken cancellationToken)
|
||||
{
|
||||
var expired = _store.Values
|
||||
.Where(d => d.ComputedAt < cutoff)
|
||||
.OrderBy(d => d.ComputedAt)
|
||||
.Take(limit)
|
||||
.ToList();
|
||||
return Task.FromResult<IReadOnlyList<ReachabilityFactDocument>>(expired);
|
||||
}
|
||||
|
||||
public Task<bool> DeleteAsync(string subjectKey, CancellationToken cancellationToken)
|
||||
{
|
||||
return Task.FromResult(_store.Remove(subjectKey));
|
||||
}
|
||||
|
||||
public Task<int> GetRuntimeFactsCountAsync(string subjectKey, CancellationToken cancellationToken)
|
||||
{
|
||||
if (_store.TryGetValue(subjectKey, out var doc))
|
||||
{
|
||||
return Task.FromResult(doc.RuntimeFacts?.Count ?? 0);
|
||||
}
|
||||
return Task.FromResult(0);
|
||||
}
|
||||
|
||||
public Task TrimRuntimeFactsAsync(string subjectKey, int maxCount, CancellationToken cancellationToken)
|
||||
{
|
||||
if (_store.TryGetValue(subjectKey, out var doc) && doc.RuntimeFacts is { Count: > 0 })
|
||||
{
|
||||
if (doc.RuntimeFacts.Count > maxCount)
|
||||
{
|
||||
doc.RuntimeFacts = doc.RuntimeFacts
|
||||
.OrderByDescending(f => f.ObservedAt ?? DateTimeOffset.MinValue)
|
||||
.Take(maxCount)
|
||||
.ToList();
|
||||
}
|
||||
}
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
}
|
||||
|
||||
#endregion
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user