stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
feature/docs-mdx-skeletons
git.stella-ops.org/ops/devops/scanner-ci-runner
History
StellaOps Bot 71e9a56cfd
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Airgap Sealed CI Smoke / sealed-smoke (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
feat: Add Scanner CI runner and related artifacts 
- Implemented `run-scanner-ci.sh` to build and run tests for the Scanner solution with a warmed NuGet cache.
- Created `excititor-vex-traces.json` dashboard for monitoring Excititor VEX observations.
- Added Docker Compose configuration for the OTLP span sink in `docker-compose.spansink.yml`.
- Configured OpenTelemetry collector in `otel-spansink.yaml` to receive and process traces.
- Developed `run-spansink.sh` script to run the OTLP span sink for Excititor traces.
- Introduced `FileSystemRiskBundleObjectStore` for storing risk bundle artifacts in the filesystem.
- Built `RiskBundleBuilder` for creating risk bundles with associated metadata and providers.
- Established `RiskBundleJob` to execute the risk bundle creation and storage process.
- Defined models for risk bundle inputs, entries, and manifests in `RiskBundleModels.cs`.
- Implemented signing functionality for risk bundle manifests with `HmacRiskBundleManifestSigner`.
- Created unit tests for `RiskBundleBuilder`, `RiskBundleJob`, and signing functionality to ensure correctness.
- Added filesystem artifact reader tests to validate manifest parsing and artifact listing.
- Included test manifests for egress scenarios in the task runner tests.
- Developed timeline query service tests to verify tenant and event ID handling.
2025-11-30 19:12:35 +02:00
..
README.md
feat: Add Scanner CI runner and related artifacts
2025-11-30 19:12:35 +02:00
run-scanner-ci.sh
feat: Add Scanner CI runner and related artifacts
2025-11-30 19:12:35 +02:00

README.md

Scanner CI Runner Harness (DEVOPS-SCANNER-CI-11-001)

Purpose: deterministic, offline-friendly harness that restores, builds, and exercises the Scanner analyzers + WebService/Worker tests with warmed NuGet cache and TRX/binlog outputs.

Usage

  • From repo root run: ops/devops/scanner-ci-runner/run-scanner-ci.sh
  • Outputs land in ops/devops/artifacts/scanner-ci/<UTC timestamp>/:
    • build.binlog (solution build)
    • tests/*.trx for grouped test runs
    • summary.json listing artefact paths and SHA256s

Environment

  • Defaults: DOTNET_CLI_TELEMETRY_OPTOUT=1, DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1, NUGET_PACKAGES=$REPO/.nuget/packages.
  • Sources: NUGET_SOURCES (semicolon-separated) defaults to local-nugets then warmed cache; no internet required when cache is primed.
  • TEST_FILTER can narrow tests (empty = all).

What it does

  1. Warm NuGet cache from local-nugets/ into $NUGET_PACKAGES.
  2. dotnet restore + dotnet build on src/Scanner/StellaOps.Scanner.sln with /bl.
  3. Run Scanner test buckets (core/analyzers/web/worker) with TRX outputs; buckets can be adjusted via TEST_FILTER or script edits.
  4. Emit summary.json with artefact paths/hashes for reproducibility.

Notes

  • Buckets are ordered to keep runtime predictable; adjust filters to target a subset when iterating.
  • Timestamped output directories keep ordering deterministic in offline pipelines.