# Scheduler ImpactIndex and Surface.FS Pointers

## Module
Scheduler

## Status
IMPLEMENTED

## Description
ImpactIndex computation for prioritizing scheduled vulnerability evaluations, with Surface.FS pointers linking scheduler jobs to filesystem-level SBOM surface data for efficient incremental rescans.

## Implementation Details
- **Impact Index Service**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexService.cs` -- computes impact index scores for scheduled jobs based on vulnerability severity, component exposure, and deployment topology.
- **Impact Index Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexEndpointExtensions.cs` -- REST endpoints for querying and updating impact index scores.
- **Impact Index Contracts**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexContracts.cs` -- DTOs for impact index query/update operations.
- **Surface FS Pointers**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsPointerService.cs` -- manages filesystem-level pointers linking SBOM surface data to scheduler jobs for incremental rescan optimization.
- **Surface FS Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsEndpointExtensions.cs` -- REST endpoints for managing Surface.FS pointers.
- **Surface FS Contracts**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsContracts.cs` -- DTOs for Surface.FS pointer operations.
- **Scan Schedule Service**: `src/Scheduler/StellaOps.Scheduler.WebService/Scheduling/ScanScheduleService.cs` -- schedules vulnerability rescans prioritized by impact index.
- **Tests**: `src/Scheduler/__Tests/StellaOps.Scheduler.WebService.Tests/ImpactIndex/ImpactIndexServiceTests.cs`, `ImpactIndexEndpointsTests.cs`; `src/Scheduler/__Tests/StellaOps.Scheduler.WebService.Tests/SurfaceFs/SurfaceFsPointerServiceTests.cs`

## E2E Test Plan
- [ ] Compute an impact index for a component with a critical CVE in a production deployment and verify the score is higher than for the same CVE in a staging deployment
- [ ] Create a Surface.FS pointer linking a scheduler job to an SBOM surface file and verify the pointer is queryable by job ID
- [ ] Verify incremental rescan: update an SBOM surface file, query the Surface.FS pointer, and confirm the scheduler creates a rescan job only for the changed components
- [ ] Verify impact-based prioritization: submit multiple jobs with different impact indices and verify the scheduler processes higher-impact jobs first
- [ ] Query impact index scores via the REST endpoint and verify results are sorted by score descending