2eb6852d34
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Implement `SbomIngestServiceCollectionExtensionsTests` to verify the SBOM ingestion pipeline exports snapshots correctly. - Create `SbomIngestTransformerTests` to ensure the transformation produces expected nodes and edges, including deduplication of license nodes and normalization of timestamps. - Add `SbomSnapshotExporterTests` to test the export functionality for manifest, adjacency, nodes, and edges. - Introduce `VexOverlayTransformerTests` to validate the transformation of VEX nodes and edges. - Set up project file for the test project with necessary dependencies and configurations. - Include JSON fixture files for testing purposes.
48 lines
2.6 KiB
Markdown
48 lines
2.6 KiB
Markdown
# Attestor TTL Validation Runbook
|
||
|
||
> **Purpose:** confirm MongoDB TTL indexes and Redis expirations for the attestation dedupe store behave as expected on a production-like stack.
|
||
|
||
## Prerequisites
|
||
- Docker Desktop or compatible daemon with the Compose plugin enabled.
|
||
- Local ports `27017` and `6379` free.
|
||
- `dotnet` SDK 10.0 preview (same as repo toolchain).
|
||
- Network access to pull `mongo:7` and `redis:7` images.
|
||
|
||
## Quickstart
|
||
1. From the repo root export any required proxy settings, then run
|
||
```bash
|
||
scripts/run-attestor-ttl-validation.sh
|
||
```
|
||
The helper script:
|
||
- Spins up `mongo:7` and `redis:7` containers.
|
||
- Sets `ATTESTOR_LIVE_MONGO_URI` / `ATTESTOR_LIVE_REDIS_URI`.
|
||
- Executes the live TTL test suite (`Category=LiveTTL`) in `StellaOps.Attestor.Tests`.
|
||
- Tears the stack down automatically.
|
||
|
||
2. Capture the test output (`ttl-validation-<timestamp>.log`) and attach it to the sprint evidence folder (`docs/modules/attestor/evidence/`).
|
||
|
||
## Result handling
|
||
- **Success:** Tests complete in ~3–4 minutes with `Total tests: 2, Passed: 2`. Store the log and note the run in `SPRINT_100_identity_signing.md` under ATTESTOR-72-003.
|
||
- **Failure:** Preserve:
|
||
- `docker compose logs` for both services.
|
||
- `mongosh` output of `db.dedupe.getIndexes()` and sample documents.
|
||
- `redis-cli --raw ttl attestor:ttl:live:bundle:<id>`.
|
||
File an incident in the Attestor Guild channel and link the captured artifacts.
|
||
|
||
## Manual verification (optional)
|
||
If the helper script cannot be used:
|
||
1. Start MongoDB and Redis manually with equivalent configuration.
|
||
2. Set `ATTESTOR_LIVE_MONGO_URI` and `ATTESTOR_LIVE_REDIS_URI`.
|
||
3. Run `dotnet test src/Attestor/StellaOps.Attestor.sln --no-build --filter "Category=LiveTTL"`.
|
||
4. Follow the evidence handling steps above.
|
||
|
||
## Ownership
|
||
- Primary: Attestor Service Guild.
|
||
- Partner: QA Guild (observes TTL metrics, confirms evidence archiving).
|
||
|
||
## 2025-11-03 validation summary
|
||
- **Stack:** `mongod` 7.0.5 (tarball) + `mongosh` 2.0.2, `redis-server` 7.2.4 (source build) running on localhost without Docker.
|
||
- **Mongo results:** `dedupe` TTL index (`ttlAt`, `expireAfterSeconds: 0`) confirmed; document inserted with 20 s TTL expired automatically after ~80 s (expected allocator sweep). Evidence: `docs/modules/attestor/evidence/2025-11-03-mongo-ttl-validation.txt`.
|
||
- **Redis results:** Key `attestor:ttl:live:bundle:validation` set with 45 s TTL reached `TTL=-2` after ~47 s confirming expiry propagation. Evidence: `docs/modules/attestor/evidence/2025-11-03-redis-ttl-validation.txt`.
|
||
- **Notes:** Local binaries built/run to accommodate sandbox without Docker; services shut down after validation.
|