{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://schemas.stella-ops.org/policy/policy-preview-sample@1.json", "title": "Policy Preview Sample", "type": "object", "additionalProperties": false, "required": [ "previewRequest", "previewResponse" ], "properties": { "previewRequest": { "type": "object", "additionalProperties": false, "required": [ "imageDigest", "findings" ], "properties": { "imageDigest": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$" }, "findings": { "type": "array", "minItems": 1, "items": { "$ref": "#/$defs/finding" } }, "baseline": { "type": "array", "items": { "$ref": "#/$defs/baselineVerdict" } } } }, "previewResponse": { "type": "object", "additionalProperties": false, "required": [ "success", "policyDigest", "revisionId", "changed", "diffs", "issues" ], "properties": { "success": { "type": "boolean" }, "policyDigest": { "type": "string", "pattern": "^[0-9a-f]{64}$" }, "revisionId": { "type": "string" }, "changed": { "type": "integer", "minimum": 0 }, "diffs": { "type": "array", "minItems": 1, "items": { "type": "object", "additionalProperties": false, "required": [ "findingId", "baseline", "projected", "changed" ], "properties": { "findingId": { "type": "string" }, "baseline": { "$ref": "#/$defs/baselineVerdict" }, "projected": { "$ref": "#/$defs/projectedVerdict" }, "changed": { "type": "boolean" } } } }, "issues": { "type": "array", "items": { "type": "object", "additionalProperties": false, "required": [ "code", "message", "severity", "path" ], "properties": { "code": { "type": "string" }, "message": { "type": "string" }, "severity": { "type": "string" }, "path": { "type": "string" } } } } } } }, "$defs": { "finding": { "type": "object", "required": [ "id", "severity", "source" ], "properties": { "id": { "type": "string" }, "severity": { "type": "string" }, "source": { "type": "string" }, "tags": { "type": "array", "items": { "type": "string" } } }, "additionalProperties": true }, "inputs": { "type": "object", "minProperties": 1, "propertyNames": { "type": "string", "maxLength": 64 }, "additionalProperties": { "type": "number" } }, "baselineVerdict": { "type": "object", "additionalProperties": false, "required": [ "findingId", "status", "configVersion", "score" ], "properties": { "findingId": { "type": "string" }, "status": { "type": "string", "enum": [ "Pass", "Blocked", "Warned", "Ignored", "Deferred", "Escalated", "RequiresVex" ] }, "ruleName": { "type": [ "string", "null" ] }, "ruleAction": { "type": [ "string", "null" ] }, "notes": { "type": [ "string", "null" ] }, "score": { "type": "number" }, "configVersion": { "type": "string" }, "inputs": { "$ref": "#/$defs/inputs" }, "quietedBy": { "type": [ "string", "null" ] }, "quiet": { "type": "boolean" }, "unknownConfidence": { "type": "number", "minimum": 0 }, "confidenceBand": { "type": "string", "enum": [ "low", "medium", "high", "unspecified" ] }, "unknownAgeDays": { "type": "number", "minimum": 0 }, "sourceTrust": { "type": "string" }, "reachability": { "type": "string", "enum": [ "unknown", "runtime", "entrypoint", "direct", "indirect", "unreachable" ] } } }, "projectedVerdict": { "allOf": [ { "$ref": "#/$defs/baselineVerdict" }, { "type": "object", "required": [ "ruleName", "ruleAction", "unknownConfidence", "confidenceBand", "unknownAgeDays", "sourceTrust", "reachability" ], "properties": { "ruleName": { "type": "string" }, "ruleAction": { "type": "string" }, "unknownConfidence": { "type": "number", "minimum": 0 }, "confidenceBand": { "type": "string", "enum": [ "low", "medium", "high", "unspecified" ] }, "unknownAgeDays": { "type": "number", "minimum": 0 }, "sourceTrust": { "type": "string" }, "reachability": { "type": "string", "enum": [ "unknown", "runtime", "entrypoint", "direct", "indirect", "unreachable" ] } } } ] } } }