stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
359fafa9da86cf6722ed82bf90d67db9c8f81b17
git.stella-ops.org/docs/features/checked/scanner/surface-validation-framework.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

2.7 KiB
Raw Blame History

Surface.Validation Framework

Module

Scanner

Status

VERIFIED

Description

Preflight validation framework for scanner surfaces, allowing validators to check secrets availability, environment correctness, and required capabilities before scan execution.

Implementation Details

  • Validator Runner:
    • src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation/SurfaceValidatorRunner.cs - SurfaceValidatorRunner executing all registered validators and collecting results
    • src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation/ISurfaceValidatorRunner.cs - Interface for validator runner
  • Validator Interface:
    • src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation/ISurfaceValidator.cs - ISurfaceValidator interface for individual validation checks
  • Built-in Validators:
    • src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation/Validators/SurfaceSecretsValidator.cs - SurfaceSecretsValidator checking that required secrets (signing keys, registry credentials, CAS tokens) are available
    • src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation/Validators/SurfaceCacheValidator.cs - SurfaceCacheValidator checking cache availability and write permissions
    • src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation/Validators/SurfaceEndpointValidator.cs - SurfaceEndpointValidator checking that required service endpoints are reachable
  • Builder:
    • src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation/SurfaceValidationBuilder.cs - SurfaceValidationBuilder fluent API for configuring which validators to run
  • DI Registration:
    • src/Scanner/__Libraries/StellaOps.Scanner.Surface.Validation/ServiceCollectionExtensions.cs - DI registration for validation services
  • Tests:
    • src/Scanner/__Tests/StellaOps.Scanner.Surface.Validation.Tests/SurfaceValidatorRunnerTests.cs - Validator runner tests

E2E Test Plan

  • Run preflight validation with all required secrets available and verify all validators pass
  • Run preflight validation with a missing signing key and verify SurfaceSecretsValidator reports the failure
  • Verify SurfaceCacheValidator detects when cache directory is not writable and reports the issue
  • Verify SurfaceEndpointValidator correctly checks reachability of required service endpoints
  • Verify SurfaceValidationBuilder allows selective configuration of which validators to run
  • Verify the validator runner aggregates all validation results and provides a clear pass/fail summary

Verification

Check Result
Tier 0 - Source files exist PASS
Tier 1 - Build + code review PASS
Tier 2 - Integration tests PASS
Verified 2026-02-13T18:10:00Z