//
// Copyright (c) StellaOps. Licensed under AGPL-3.0-or-later.
//
// Sprint: SPRINT_20260105_002_002_TEST_trace_replay_evidence
// Task: TREP-001, TREP-002
using System.Collections.Immutable;
namespace StellaOps.Replay.Anonymization;
///
/// Anonymizes production traces for safe use in testing.
///
public interface ITraceAnonymizer
{
///
/// Anonymize a production trace, removing PII and sensitive data.
///
/// The production trace to anonymize.
/// Anonymization options.
/// Cancellation token.
/// The anonymized trace.
Task AnonymizeAsync(
ProductionTrace trace,
AnonymizationOptions options,
CancellationToken ct = default);
///
/// Validate that a trace is properly anonymized.
///
/// The anonymized trace to validate.
/// Cancellation token.
/// Validation result.
Task ValidateAnonymizationAsync(
AnonymizedTrace trace,
CancellationToken ct = default);
}
///
/// Options controlling trace anonymization behavior.
///
/// Whether to redact container image names.
/// Whether to redact user identifiers.
/// Whether to redact IP addresses.
/// Whether to redact file paths.
/// Whether to redact environment variables.
/// Whether to preserve relative timing patterns.
/// Additional regex patterns to treat as PII.
/// Values to preserve without redaction.
public sealed record AnonymizationOptions(
bool RedactImageNames = true,
bool RedactUserIds = true,
bool RedactIpAddresses = true,
bool RedactFilePaths = true,
bool RedactEnvironmentVariables = true,
bool PreserveTimingPatterns = true,
ImmutableArray AdditionalPiiPatterns = default,
ImmutableArray AllowlistedValues = default)
{
///
/// Default anonymization options with all redactions enabled.
///
public static AnonymizationOptions Default => new();
///
/// Minimal anonymization that only redacts obvious PII.
///
public static AnonymizationOptions Minimal => new(
RedactFilePaths: false,
RedactEnvironmentVariables: false);
}
///
/// Result of anonymization validation.
///
/// Whether the trace is properly anonymized.
/// Any detected PII violations.
/// Non-critical warnings about the trace.
public sealed record AnonymizationValidationResult(
bool IsValid,
ImmutableArray Violations,
ImmutableArray Warnings)
{
///
/// Creates a successful validation result.
///
public static AnonymizationValidationResult Success() =>
new(true, ImmutableArray.Empty, ImmutableArray.Empty);
///
/// Creates a failed validation result with violations.
///
public static AnonymizationValidationResult Failure(params PiiViolation[] violations) =>
new(false, [.. violations], ImmutableArray.Empty);
}
///
/// A detected PII violation in an anonymized trace.
///
/// The span containing the violation.
/// Path to the field containing PII.
/// Type of PII detected.
/// Masked sample of the detected value.
public sealed record PiiViolation(
string SpanId,
string FieldPath,
PiiType ViolationType,
string SampleValue);
///
/// Types of PII that can be detected.
///
public enum PiiType
{
IpAddress,
Email,
UserId,
FilePath,
ImageName,
EnvironmentVariable,
Uuid,
Custom
}