//
// Copyright (c) StellaOps. Licensed under the AGPL-3.0-or-later.
//
using System.Collections.Immutable;
namespace StellaOps.Tools.WorkflowGenerator;
///
/// Scan configuration for the workflow.
/// Sprint: SPRINT_20260109_010_003 Task: Create models
///
public sealed record ScanConfig
{
///
/// StellaOps CLI version to use.
///
public string CliVersion { get; init; } = "latest";
///
/// Image to scan (container image reference).
///
public string? ImageRef { get; init; }
///
/// Path to scan (file system path).
///
public string? ScanPath { get; init; } = ".";
///
/// Minimum severity to report.
///
public string MinSeverity { get; init; } = "medium";
///
/// Enable vulnerability scanning.
///
public bool ScanVulnerabilities { get; init; } = true;
///
/// Enable secret scanning.
///
public bool ScanSecrets { get; init; } = true;
///
/// Enable SBOM generation.
///
public bool GenerateSbom { get; init; } = true;
///
/// Include reachability analysis.
///
public bool IncludeReachability { get; init; } = false;
///
/// Fail build on findings above this severity.
///
public string? FailOnSeverity { get; init; }
///
/// Additional CLI arguments.
///
public ImmutableArray AdditionalArgs { get; init; } = [];
///
/// Default configuration for repository scanning.
///
public static ScanConfig DefaultRepository => new()
{
ScanPath = ".",
MinSeverity = "medium",
ScanVulnerabilities = true,
ScanSecrets = true,
GenerateSbom = true
};
///
/// Configuration for container image scanning.
///
public static ScanConfig ContainerImage(string imageRef) => new()
{
ImageRef = imageRef,
ScanPath = null,
MinSeverity = "low",
ScanVulnerabilities = true,
ScanSecrets = false,
GenerateSbom = true
};
}