master
7b5bdcf4d3
- Introduced AGENTS.md, README.md, TASKS.md, and implementation_plan.md for Vexer, detailing mission, responsibilities, key components, and operational notes. - Established similar documentation structure for Vulnerability Explorer and Zastava modules, including their respective workflows, integrations, and observability notes. - Created risk scoring profiles documentation outlining the core workflow, factor model, governance, and deliverables. - Ensured all modules adhere to the Aggregation-Only Contract and maintain determinism and provenance in outputs.
26 lines
1.2 KiB
Markdown
26 lines
1.2 KiB
Markdown
# Policy Samples
|
|
|
|
Curated fixtures used by CI smoke/determinism checks and example documentation.
|
|
|
|
| Scenario | Policy | Findings | Expected Diff | UI/CLI Diff Fixture |
|
|
|----------|--------|----------|---------------|---------------------|
|
|
| `baseline` | `docs/examples/policies/baseline.yaml` | `samples/policy/baseline/findings.json` | `samples/policy/baseline/diffs.json` | `samples/policy/simulations/baseline/diff.json` |
|
|
| `serverless` | `docs/examples/policies/serverless.yaml` | `samples/policy/serverless/findings.json` | `samples/policy/serverless/diffs.json` | `samples/policy/simulations/serverless/diff.json` |
|
|
| `internal-only` | `docs/examples/policies/internal-only.yaml` | `samples/policy/internal-only/findings.json` | `samples/policy/internal-only/diffs.json` | `samples/policy/simulations/internal-only/diff.json` |
|
|
|
|
Run the simulation harness locally:
|
|
|
|
```bash
|
|
dotnet run \
|
|
--project src/Tools/PolicySimulationSmoke/PolicySimulationSmoke.csproj \
|
|
-- \
|
|
--scenario-root samples/policy/simulations \
|
|
--output out/policy-simulations
|
|
```
|
|
|
|
Then inspect `out/policy-simulations/policy-simulation-summary.json` for verdict changes.
|
|
|
|
---
|
|
|
|
*Last updated: 2025-10-26.*
|