18f28168f0
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Added ScannerSurfaceSecretConfigurator to configure ScannerWebServiceOptions using surface secrets. - Integrated ISurfaceSecretProvider to fetch and apply secrets for artifact store configuration. - Enhanced logging for secret retrieval and application processes. feat: Implement ScannerStorageSurfaceSecretConfigurator for worker options - Introduced ScannerStorageSurfaceSecretConfigurator to configure ScannerStorageOptions with surface secrets. - Utilized ISurfaceSecretProvider to retrieve and apply secrets for object store settings. - Improved logging for secret handling and configuration. feat: Create SurfaceManifestPublisher for publishing surface manifests - Developed SurfaceManifestPublisher to handle the creation and storage of surface manifests. - Implemented methods for serializing manifest documents and storing payloads in the object store. - Added dual write functionality for mirror storage of manifests. feat: Add SurfaceManifestStageExecutor for processing scan stages - Created SurfaceManifestStageExecutor to execute the manifest publishing stage in scan jobs. - Integrated with SurfaceManifestPublisher to publish manifests based on collected payloads. - Enhanced logging for job processing and manifest storage. feat: Define SurfaceManifest models for manifest structure - Established SurfaceManifestDocument, SurfaceManifestSource, SurfaceManifestArtifact, and SurfaceManifestStorage records. - Implemented serialization attributes for JSON handling of manifest models. feat: Implement CasAccessSecret and SurfaceSecretParser for secret handling - Created CasAccessSecret record to represent surface access secrets. - Developed SurfaceSecretParser to parse and validate surface secrets from JSON payloads. test: Add unit tests for CasAccessSecretParser - Implemented tests for parsing CasAccessSecret from JSON payloads and metadata fallbacks. - Verified expected values and behavior for secret parsing logic. test: Add unit tests for ScannerSurfaceSecretConfigurator - Created tests for ScannerSurfaceSecretConfigurator to ensure correct application of surface secrets to web service options. - Validated artifact store settings after configuration. test: Add unit tests for ScannerStorageSurfaceSecretConfigurator - Implemented tests for ScannerStorageSurfaceSecretConfigurator to verify correct application of surface secrets to storage options. - Ensured accurate configuration of object store settings.
3.6 KiB
3.6 KiB
TASKS
| Task | Owner(s) | Depends on | Notes |
|---|---|---|---|
| Link-Not-Merge version provenance coordination | BE-Merge | CONCELIER-LNM-21-001 | DONE (2025-11-04) – Coordinated connector rollout: updated docs/dev/normalized-rule-recipes.md with a per-connector status table + follow-up IDs, enabled Normalized version rules missing diagnostics in AdvisoryPrecedenceMerger, and confirmed Linkset validation metrics reflect remaining upstream gaps (ACSC/CCCS/CERTBUND/Cisco/RU-BDU awaiting structured ranges). |
| FEEDMERGE-COORD-02-901 Connector deadline check-ins | BE-Merge | FEEDMERGE-COORD-02-900 | TODO (due 2025-10-21) – Confirm Cccs/Cisco version-provenance updates land, capture LinksetVersionCoverage dashboard snapshots (expect zero missing-range warnings), and update coordination docs with the results.2025-10-29: Observation metrics now surface version_entries_total/missing_version_entries_total; include screenshots for both when closing this task. |
| FEEDMERGE-COORD-02-902 ICS-CISA version comparison support | BE-Merge, Models | FEEDMERGE-COORD-02-900 | TODO (due 2025-10-23) – Review ICS-CISA sample advisories, validate reuse of existing comparison helpers, and pre-stage Models ticket template only if a new firmware comparator is required. Document the outcome and observation coverage logs in coordination docs + tracker files. 2025-10-29: docs/dev/normalized-rule-recipes.md (§2–§3) now covers observation entries; attach decision summary + log sample when handing off to Models. |
| FEEDMERGE-COORD-02-903 KISA firmware scheme review | BE-Merge, Models | FEEDMERGE-COORD-02-900 | TODO (due 2025-10-24) – Pair with KISA team on proposed firmware comparison helper (kisa.build or variant), ensure observation mapper alignment, and open Models ticket only if a new comparator is required. Log the final helper signature and observation coverage metrics in coordination docs + tracker files. |
Link-Not-Merge v1 Transition
| Task | Owner(s) | Depends on | Notes |
|---|---|---|---|
| MERGE-LNM-21-001 Migration plan authoring | BE-Merge, Architecture Guild | CONCELIER-LNM-21-101 | DONE (2025-11-03) – Authored docs/migration/no-merge.md with rollout phases, backfill/validation checklists, rollback guidance, and ownership matrix for the Link-Not-Merge cutover. |
| MERGE-LNM-21-002 Merge service deprecation | BE-Merge | MERGE-LNM-21-001 | DOING (2025-11-06) – Defaulted concelier:features:noMergeEnabled to true, added merge job allowlist gate, and began rewiring guard/tier tests; follow-up work required to restore Concelier WebService test suite before declaring completion.2025-11-05 14:42Z: Implemented concelier:features:noMergeEnabled gate, merge job allowlist checks, [Obsolete] markings, and analyzer scaffolding to steer consumers toward linkset APIs.2025-11-06 16:10Z: Introduced Roslyn analyzer ( CONCELIER0002) referenced by Concelier WebService + tests, documented suppression guidance, and updated migration playbook.2025-11-07 03:25Z: Default-on toggle + job gating break existing Concelier WebService tests; guard + seed fixes pending to unblock ingest/mirror suites. |
2025-11-03: Catalogued call sites (WebService Program
AddMergeModule, built-in job registrationmerge:reconcile,MergeReconcileJob) and confirmed unit tests are the only directMergeAsynccallers; next step is to define analyzer + replacement observability coverage. |MERGE-LNM-21-003 Determinism/test updates|QA Guild, BE-Merge|MERGE-LNM-21-002|Replace merge determinism suites with observation/linkset regression tests verifying no data mutation and conflicts remain visible.|