# CERT-Bund Offline Kit Seed Data

This directory stores **offline snapshots** for the CERT-Bund connector.
The artefacts mirror the public JSON search and export endpoints so
air‑gapped deployments can hydrate the connector without contacting the
portal.

> ⚠️ **Distribution notice** – CERT-Bund advisories are published by BSI
> (Federal Office for Information Security, Germany). Review the portal
> terms of use before redistributing the snapshots. Always keep the JSON
> payloads and accompanying SHA-256 sums together.

## Recommended layout

```
seed-data/cert-bund/
├── search/                     # paginated search JSON files
│   ├── certbund-search-page-00.json
│   └── …
├── export/                     # yearly export JSON files
│   ├── certbund-export-2014.json
│   └── …
├── manifest/
│   └── certbund-offline-manifest.json
└── certbund-offline-manifest.sha256
```

Use `certbund-offline-manifest.json` to feed the Offline Kit build: every
entry contains `source`, `from`, `to`, `sha256`, `capturedAt`, and the
relative file path. The manifest is deterministic when regenerated with
the tooling described below.

## Tooling

Run the helper under `tools/` to capture fresh snapshots or regenerate
the manifest:

```
python tools/certbund_offline_snapshot.py --output seed-data/cert-bund
```

See the connector operations guide
(`docs/ops/concelier-certbund-operations.md`) for detailed usage,
including how to provide cookies/tokens when the portal requires manual
authentication.

## Git hygiene

- JSON payloads and checksums are **ignored by Git**. Generate them
  locally when preparing an Offline Kit bundle.
- Commit documentation, scripts, and manifest templates only – never the
  exported advisory data itself.