stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
main
git.stella-ops.org/docs/policy/auth-signals-lib-115.md
master 10212d67c0
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
api-governance / spectral-lint (push) Has been cancelled
Details
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00

1.9 KiB
Raw Permalink Blame History

POLICY-AUTH-SIGNALS-LIB-115 · Shared P/A/S contracts (draft v0.1)

Purpose: deliver shared models/schemas for Policy, Authority, and Signals so Concelier/Excititor consumers can bind without merge logic.

Core models (C#-friendly, JSON schema inline)

  • PolicyAuthSignal:
    • id (string, required) — stable identifier (ULID preferred)
    • tenant (string, required)
    • subject (string, required) — e.g., purl, sbom://, service://
    • signal_type (string, enum: reachability, attestation, risk, vex)
    • source (string, required) — producer service
    • confidence (float?, optional)
    • evidence (array of EvidenceRef)
    • created (string, UTC ISO-8601, required)
  • EvidenceRef:
    • kind (string, enum: linkset, runtime, attestation, bundle)
    • uri (string, required) — CAS or storage pointer
    • digest (string, sha256, required)
    • scope (string) — tenant/scopes
  • Provenance:
    • pipeline (string) — build id
    • inputs (array) — hashes of inputs
    • signer (string)
    • transparency (object: rekor_uuid or skip_reason)

JSON schema stub (add-only)

See schemas/policy-auth-signals-lib-115.json (to be emitted with the NuGet package).

Package plan

  • Project: StellaOps.Policy.AuthSignals (net10.0)
  • Deliverables: models, JSON schema, sample fixtures, PolicyAuthSignalJsonContext for source generators, deterministic serialization.
  • Publish target: local-nugets/ (version 0.1.0-alpha+draft), then promote after guild ratification.

Fixtures (to include in package)

  • fixtures/policy-auth-signal-sample.json
  • fixtures/policy-auth-signal-reachability.json
  • Schema: schemas/policy-auth-signals-lib-115.json

Status

  • NuGet package StellaOps.Policy.AuthSignals 0.1.0-alpha built and placed in local-nugets/ (sha256: 8ab5aa6c0daf5e56e1355d4d6bcaf110a8bc28b28a5ee1970864bcd4b6ba6750). Awaiting guild ratification to promote beyond alpha.