stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
main
git.stella-ops.org/docs/data/replay_schema.md
master 3a2100aa78 Add unit and integration tests for VexCandidateEmitter and SmartDiff repositories 
- Implemented comprehensive unit tests for VexCandidateEmitter to validate candidate emission logic based on various scenarios including absent and present APIs, confidence thresholds, and rate limiting.
- Added integration tests for SmartDiff PostgreSQL repositories, covering snapshot storage and retrieval, candidate storage, and material risk change handling.
- Ensured tests validate correct behavior for storing, retrieving, and querying snapshots and candidates, including edge cases and expected outcomes.
2025-12-16 19:00:43 +02:00

1.6 KiB
Raw Permalink Blame History

Replay PostgreSQL Schema

Status: draft · applies to net10 replay pipeline (Sprint 0185)

Tables

replay_runs

  • id: scan UUID (string, primary key)
  • manifest_hash: sha256:<hex> (unique)
  • status: pending|verified|failed|replayed
  • created_at / updated_at: UTC ISO-8601
  • signatures: JSONB [{ profile, verified }] (multi-profile DSSE verification)
  • outputs: JSONB { sbom, findings, vex?, log? } (all SHA-256 digests)

Indexes

  • runs_manifest_hash_unique: (manifest_hash) (unique)
  • runs_status_created_at: (status, created_at DESC)

replay_bundles

  • id: bundle digest hex (no sha256: prefix)
  • type: input|output|rootpack|reachability
  • size: bytes
  • location: CAS URI cas://replay/<prefix>/<digest>.tar.zst
  • created_at: UTC ISO-8601

Indexes

  • bundles_type: (type, created_at DESC)
  • bundles_location: (location)

replay_subjects

  • id: OCI image digest (sha256:<hex>)
  • layers: JSONB [{ layer_digest, merkle_root, leaf_count }]

Indexes

  • subjects_layer_digest: GIN index on layers for layer_digest lookups

Determinism & constraints

  • All timestamps stored as UTC.
  • Digests are lowercase hex; CAS URIs must follow cas://<prefix>/<shard>/<digest>.tar.zst where <shard> = first two hex chars.
  • No external references; embed minimal metadata only (feed/policy hashes live in replay manifest).

Client models

  • Implemented in src/__Libraries/StellaOps.Replay.Core/ReplayPostgresModels.cs with matching index name constants (ReplayIndexes).
  • Serialization uses System.Text.Json with snake_case property naming; field names match table schema above.