# Doctor Diagnostics Runner

## Module
Doctor

## Status
IMPLEMENTED

## Description
Doctor plugin infrastructure with multiple plugins (Vex, BinaryAnalysis, Notify, Observability, Timestamping) providing health checks, diagnostics, and remediation commands is implemented.

## Implementation Details
- **Plugin interface**: `src/Doctor/__Plugins/StellaOps.Doctor.Plugins.Core/IDoctorPlugin.cs` -- base plugin contract
- **Plugins** (14 total):
  - Agent: `AgentDoctorPlugin.cs` -- agent health (capacity, heartbeat, version, certificates, cluster, task queue)
  - Attestor: `AttestorDoctorPlugin.cs` -- Rekor, cosign, signing key, transparency log checks
  - Auth: `AuthDoctorPlugin.cs` -- OIDC, signing key, token service checks
  - BinaryAnalysis: `BinaryAnalysisDoctorPlugin.cs` -- debuginfod, buildinfo cache, corpus mirror, symbol recovery
  - Compliance: `CompliancePlugin.cs` -- audit readiness, evidence tamper, provenance completeness, attestation signing
  - Crypto: eIDAS, FIPS, GOST, HSM, SM crypto, cert chain validation checks
  - Environment: `EnvironmentDoctorPlugin.cs` -- connectivity, capacity, drift, secrets, network policy
  - EvidenceLocker: `EvidenceLockerDoctorPlugin.cs` -- evidence index, Merkle anchor, provenance chain
  - Notify: `NotifyDoctorPlugin.cs` -- Slack, Teams, Email, Webhook connectivity checks
  - Observability: `ObservabilityDoctorPlugin.cs` -- OTLP, Prometheus, log directory checks
  - Operations: `OperationsDoctorPlugin.cs` -- job queue, dead letter queue, scheduler checks
  - Policy: `PolicyEngineHealthCheck.cs`
  - Postgres: `PostgresDoctorPlugin.cs` -- connectivity, connection pool, migration status
  - Release: `ReleaseDoctorPlugin.cs` -- active release, environment readiness, promotion gates, rollback
  - Scanner: `ScannerDoctorPlugin.cs` -- SBOM generation, vulnerability scan, reachability, slice cache, witness graph
  - Storage: `StorageDoctorPlugin.cs` -- disk space, backup directory, evidence locker write
  - Timestamping: `TimestampingHealthCheckPlugin.cs` -- TSA, OCSP, CRL, time skew, evidence staleness
  - Vex: `VexDoctorPlugin.cs` -- VEX document validation, issuer trust, schema compliance
- **Source**: Feature matrix scan

## E2E Test Plan
- [ ] Verify all 14+ plugins register and execute successfully
- [ ] Test plugin discovery and loading mechanism
- [ ] Verify each plugin category produces valid health check results
- [ ] Test failure scenarios for each check type