{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://stella-ops.org/schemas/export-profiles.schema.json", "title": "StellaOps Export Profiles Schema", "description": "Schema for CLI export profiles, scheduling, and distribution configuration. Unblocks CLI-EXPORT-35-001.", "type": "object", "definitions": { "ExportProfile": { "type": "object", "required": ["profile_id", "name", "format", "created_at"], "properties": { "profile_id": { "type": "string", "format": "uuid", "description": "Unique identifier for the export profile" }, "name": { "type": "string", "minLength": 1, "maxLength": 128, "description": "Human-readable profile name" }, "description": { "type": "string", "maxLength": 512 }, "format": { "$ref": "#/definitions/ExportFormat" }, "filters": { "$ref": "#/definitions/ExportFilters" }, "schedule": { "$ref": "#/definitions/ExportSchedule" }, "distribution": { "$ref": "#/definitions/Distribution" }, "retention": { "$ref": "#/definitions/RetentionPolicy" }, "signing": { "$ref": "#/definitions/SigningConfig" }, "metadata": { "type": "object", "additionalProperties": true }, "enabled": { "type": "boolean", "default": true }, "tenant_id": { "type": "string", "format": "uuid" }, "created_at": { "type": "string", "format": "date-time" }, "updated_at": { "type": "string", "format": "date-time" }, "created_by": { "type": "string" } } }, "ExportFormat": { "type": "object", "required": ["type"], "properties": { "type": { "type": "string", "enum": ["sbom", "vex", "attestation", "evidence", "risk-report", "compliance-report", "airgap-bundle"] }, "variant": { "type": "string", "enum": ["cyclonedx-1.6", "spdx-3.0.1", "openvex", "csaf-vex", "in-toto", "dsse", "json", "csv", "pdf"], "description": "Format variant for the export type" }, "options": { "type": "object", "properties": { "include_signatures": { "type": "boolean", "default": true }, "include_provenance": { "type": "boolean", "default": false }, "include_rekor_receipts": { "type": "boolean", "default": false }, "compress": { "type": "boolean", "default": true }, "compression_algorithm": { "type": "string", "enum": ["gzip", "zstd", "none"], "default": "gzip" } } } } }, "ExportFilters": { "type": "object", "description": "Filters to apply when selecting data for export", "properties": { "date_range": { "type": "object", "properties": { "from": { "type": "string", "format": "date-time" }, "to": { "type": "string", "format": "date-time" }, "relative": { "type": "string", "pattern": "^-?[0-9]+[hdwmy]$", "description": "Relative time range (e.g., -7d for last 7 days)" } } }, "severity": { "type": "array", "items": { "type": "string", "enum": ["critical", "high", "medium", "low", "info", "unknown"] } }, "vex_status": { "type": "array", "items": { "type": "string", "enum": ["affected", "not_affected", "fixed", "under_investigation"] } }, "components": { "type": "array", "items": { "type": "string" }, "description": "PURL patterns to include" }, "exclude_components": { "type": "array", "items": { "type": "string" }, "description": "PURL patterns to exclude" }, "cve_ids": { "type": "array", "items": { "type": "string", "pattern": "^CVE-[0-9]{4}-[0-9]+$" } }, "tags": { "type": "array", "items": { "type": "string" } }, "environments": { "type": "array", "items": { "type": "string" } } } }, "ExportSchedule": { "type": "object", "description": "Schedule for automated exports", "properties": { "enabled": { "type": "boolean", "default": false }, "cron": { "type": "string", "pattern": "^(@(annually|yearly|monthly|weekly|daily|hourly))|((\\*|[0-9,\\-\\/]+)\\s+){4,5}(\\*|[0-9,\\-\\/]+)$", "description": "Cron expression for scheduling (5 or 6 fields)" }, "timezone": { "type": "string", "default": "UTC", "description": "IANA timezone identifier" }, "next_run": { "type": "string", "format": "date-time", "readOnly": true }, "last_run": { "type": "string", "format": "date-time", "readOnly": true }, "last_status": { "type": "string", "enum": ["success", "partial", "failed", "pending"], "readOnly": true } } }, "Distribution": { "type": "object", "description": "Distribution targets for exports", "properties": { "targets": { "type": "array", "items": { "$ref": "#/definitions/DistributionTarget" } }, "notify_on_completion": { "type": "boolean", "default": true }, "notify_on_failure": { "type": "boolean", "default": true } } }, "DistributionTarget": { "type": "object", "required": ["type"], "properties": { "type": { "type": "string", "enum": ["s3", "azure-blob", "gcs", "sftp", "webhook", "email", "local"] }, "name": { "type": "string" }, "enabled": { "type": "boolean", "default": true }, "config": { "type": "object", "description": "Target-specific configuration", "additionalProperties": true } }, "allOf": [ { "if": { "properties": { "type": { "const": "s3" } } }, "then": { "properties": { "config": { "type": "object", "required": ["bucket", "region"], "properties": { "bucket": { "type": "string" }, "region": { "type": "string" }, "prefix": { "type": "string" }, "credentials_secret": { "type": "string" } } } } } }, { "if": { "properties": { "type": { "const": "webhook" } } }, "then": { "properties": { "config": { "type": "object", "required": ["url"], "properties": { "url": { "type": "string", "format": "uri" }, "method": { "type": "string", "enum": ["POST", "PUT"], "default": "POST" }, "headers": { "type": "object", "additionalProperties": { "type": "string" } }, "auth_secret": { "type": "string" } } } } } } ] }, "RetentionPolicy": { "type": "object", "description": "Retention policy for exported artifacts", "properties": { "max_age_days": { "type": "integer", "minimum": 1, "maximum": 3650, "default": 365 }, "max_count": { "type": "integer", "minimum": 1, "description": "Maximum number of exports to retain" }, "delete_on_success": { "type": "boolean", "default": false, "description": "Delete source data after successful export" } } }, "SigningConfig": { "type": "object", "description": "Signing configuration for exports", "properties": { "enabled": { "type": "boolean", "default": true }, "key_id": { "type": "string", "description": "Key identifier for signing" }, "algorithm": { "type": "string", "enum": ["ES256", "RS256", "EdDSA"], "default": "ES256" }, "include_rekor": { "type": "boolean", "default": false, "description": "Include Rekor transparency log receipt" }, "timestamp_authority": { "type": "string", "format": "uri", "description": "RFC 3161 timestamp authority URL" } } }, "ExportJob": { "type": "object", "description": "Export job status", "required": ["job_id", "profile_id", "status", "created_at"], "properties": { "job_id": { "type": "string", "format": "uuid" }, "profile_id": { "type": "string", "format": "uuid" }, "status": { "type": "string", "enum": ["pending", "running", "success", "partial", "failed", "cancelled"] }, "progress": { "type": "object", "properties": { "percent": { "type": "integer", "minimum": 0, "maximum": 100 }, "items_processed": { "type": "integer" }, "items_total": { "type": "integer" } } }, "artifacts": { "type": "array", "items": { "$ref": "#/definitions/ExportArtifact" } }, "errors": { "type": "array", "items": { "type": "string" } }, "created_at": { "type": "string", "format": "date-time" }, "started_at": { "type": "string", "format": "date-time" }, "completed_at": { "type": "string", "format": "date-time" } } }, "ExportArtifact": { "type": "object", "required": ["artifact_id", "digest", "size"], "properties": { "artifact_id": { "type": "string", "format": "uuid" }, "filename": { "type": "string" }, "digest": { "type": "string", "pattern": "^sha256:[a-f0-9]{64}$" }, "size": { "type": "integer", "description": "Size in bytes" }, "format": { "type": "string" }, "signature": { "type": "string", "description": "Base64-encoded signature" }, "download_url": { "type": "string", "format": "uri" }, "expires_at": { "type": "string", "format": "date-time" } } } }, "properties": { "profiles": { "type": "array", "items": { "$ref": "#/definitions/ExportProfile" } } }, "examples": [ { "profiles": [ { "profile_id": "550e8400-e29b-41d4-a716-446655440001", "name": "Weekly SBOM Export", "description": "Export all SBOMs in CycloneDX format weekly", "format": { "type": "sbom", "variant": "cyclonedx-1.6", "options": { "include_signatures": true, "compress": true } }, "filters": { "date_range": { "relative": "-7d" } }, "schedule": { "enabled": true, "cron": "0 2 * * 0", "timezone": "UTC" }, "distribution": { "targets": [ { "type": "s3", "name": "compliance-bucket", "config": { "bucket": "company-compliance-exports", "region": "us-east-1", "prefix": "sboms/" } } ] }, "retention": { "max_age_days": 365, "max_count": 52 }, "enabled": true, "created_at": "2025-12-01T00:00:00Z" } ] } ] }