1.6 KiB
1.6 KiB
Replay Mongo Schema
Status: draft · applies to net10 replay pipeline (Sprint 0185)
Collections
replay_runs
- _id: scan UUID (string, primary key)
- manifestHash:
sha256:<hex>(unique) - status:
pending|verified|failed|replayed - createdAt / updatedAt: UTC ISO-8601
- signatures[]:
{ profile, verified }(multi-profile DSSE verification) - outputs:
{ sbom, findings, vex?, log? }(all SHA-256 digests)
Indexes
runs_manifestHash_unique:{ manifestHash: 1 }(unique)runs_status_createdAt:{ status: 1, createdAt: -1 }
replay_bundles
- _id: bundle digest hex (no
sha256:prefix) - type:
input|output|rootpack|reachability - size: bytes
- location: CAS URI
cas://replay/<prefix>/<digest>.tar.zst - createdAt: UTC ISO-8601
Indexes
bundles_type:{ type: 1, createdAt: -1 }bundles_location:{ location: 1 }
replay_subjects
- _id: OCI image digest (
sha256:<hex>) - layers[]:
{ layerDigest, merkleRoot, leafCount }
Indexes
subjects_layerDigest:{ "layers.layerDigest": 1 }
Determinism & constraints
- All timestamps stored as UTC.
- Digests are lowercase hex; CAS URIs must follow
cas://<prefix>/<shard>/<digest>.tar.zstwhere<shard>= first two hex chars. - No external references; embed minimal metadata only (feed/policy hashes live in replay manifest).
Client models
- Implemented in
src/__Libraries/StellaOps.Replay.Core/ReplayMongoModels.cswith matching index name constants (ReplayIndexes). - Serialization uses MongoDB.Bson defaults; camelCase field names match collection schema above.