stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
main
git.stella-ops.org/docs/features/checked/concelier/advisory-connector-architecture.md
master 9ca2de05df more features checks. setup improvements
2026-02-13 02:04:55 +02:00

2.7 KiB
Raw Permalink Blame History

Advisory Connector Architecture (NVD, OSV, GHSA, Vendor Feeds)

Module

Concelier

Status

VERIFIED

Description

Extensive advisory connector ecosystem with vendor-specific connectors for VMware, Oracle, MSRC, Cisco, Chromium, Apple, plus NVD, OSV, GHSA, RedHat, SUSE, Debian, Alpine, Ubuntu, KEV, EPSS, CERT-FR, CERT-CC, CERT-Bund feeds.

Implementation Details

  • Modules: src/Concelier/__Libraries/StellaOps.Concelier.Connector.*, src/Concelier/__Connectors/, src/Concelier/StellaOps.Concelier.Plugin.Unified/
  • Key Classes:
    • Plugin System: FeedPluginAdapterFactory, FeedPluginAdapter (src/Concelier/StellaOps.Concelier.Plugin.Unified/) - unified plugin adapter for IConnectorPlugin implementations
    • Orchestration: ConnectorRegistrationService (src/Concelier/__Libraries/StellaOps.Concelier.Core/Orchestration/ConnectorRegistrationService.cs) - discovers and registers connector plugins
    • ConnectorWorker (src/Concelier/__Libraries/StellaOps.Concelier.Core/Orchestration/ConnectorWorker.cs) - executes connector ingestion cycles
    • Vendor Connectors: CiscoConnector, VmwareConnector, OracleConnector, MsrcConnector, AppleConnector, ChromiumConnector, AdobeConnector (each in src/Concelier/__Libraries/StellaOps.Concelier.Connector.Vndr.*)
    • Feed Connectors: NvdConnector, OsvConnector, GhsaConnector, EpssConnector, KevConnector, CveConnector (each in src/Concelier/__Libraries/StellaOps.Concelier.Connector.*)
    • CERT Connectors: CertBundConnector, CertFrConnector, CertCcConnector, CertInConnector (each in src/Concelier/__Libraries/StellaOps.Concelier.Connector.Cert*)
    • Distro Connectors: AlpineConnector, DebianConnector, RedHatConnector, SuseConnector, UbuntuConnector (each in src/Concelier/__Libraries/StellaOps.Concelier.Connector.Distro.*)
    • Regional Connectors: AcscConnector, KisaConnector, JvnConnector, IcsCisaConnector, KasperskyConnector, RuBduConnector, RuNkckiConnector, AstraConnector, StellaOpsMirrorConnector
  • Interfaces: IFeedConnector, IConnectorPlugin
  • Source: Feature matrix scan

E2E Test Plan

  • Verify ConnectorRegistrationService discovers all connector plugins via DI
  • Trigger a connector ingestion cycle via ConnectorWorker for NVD and verify advisories are stored
  • Verify GHSA connector fetches GitHub Security Advisories and maps to canonical format
  • Verify EPSS connector fetches exploit prediction scores and associates with CVE IDs
  • Verify at least one vendor connector (e.g., Cisco) fetches vendor-specific advisories
  • Verify at least one distro connector (e.g., Debian) fetches distro-specific patch data