stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
3d01bf9edc04bde2b0480003a640e13ce6532ef2
git.stella-ops.org/ops/devops/sbom-ci-runner
History
StellaOps Bot 808ab87b21 up
2025-11-30 21:01:00 +02:00
..
README.md
up
2025-11-30 21:01:00 +02:00
run-sbom-ci.sh
up
2025-11-30 21:01:00 +02:00

README.md

SBOM Service CI Runner Harness (DEVOPS-SBOM-23-001)

Purpose: deterministic, offline-friendly CI harness for SBOM Service. Produces warmed-cache restore, build binlog, TRX outputs, and a NuGet cache hash to unblock SBOM console/consumer sprints.

Usage

  • From repo root run: ops/devops/sbom-ci-runner/run-sbom-ci.sh
  • Outputs land in ops/devops/artifacts/sbom-ci/<UTC timestamp>/:
    • build.binlog (solution build)
    • tests/sbom.trx (VSTest results)
    • nuget-cache.hash (sha256 over file name+size listing for offline cache traceability)
    • summary.json (paths + sources + cache hash)

Environment defaults

  • DOTNET_CLI_TELEMETRY_OPTOUT=1, DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1, DOTNET_RESTORE_DISABLE_PARALLEL=1
  • NUGET_PACKAGES=$REPO/.nuget/packages
  • NUGET_SOURCES=$REPO/local-nugets;$REPO/.nuget/packages
  • TEST_FILTER empty (set to narrow tests)

What it does

  1. Warm NuGet cache from local-nugets/ into $NUGET_PACKAGES for air-gap parity.
  2. dotnet restore + dotnet build on src/SbomService/StellaOps.SbomService.sln with /bl.
  3. Run StellaOps.SbomService.Tests with TRX output (honors TEST_FILTER).
  4. Produce nuget-cache.hash using sorted file name+size list hashed with sha256 (lightweight evidence of cache contents).
  5. Emit summary.json with artefact paths and cache hash value.

Notes

  • Offline-only; no external services required.
  • Timestamped output folders keep ordering deterministic; consumers should sort lexicographically.
  • Extend test_project in the script if additional SBOM test projects are added.