e923880694
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
- Introduced DigestUpsertRequest for handling digest upsert requests with properties like ChannelId, Recipient, DigestKey, Events, and CollectUntil. - Created LockEntity to represent a lightweight distributed lock entry with properties such as Id, TenantId, Resource, Owner, ExpiresAt, and CreatedAt. feat: Implement ILockRepository interface and LockRepository class - Defined ILockRepository interface with methods for acquiring and releasing locks. - Implemented LockRepository class with methods to try acquiring a lock and releasing it, using SQL for upsert operations. feat: Add SurfaceManifestPointer record for manifest pointers - Introduced SurfaceManifestPointer to represent a minimal pointer to a Surface.FS manifest associated with an image digest. feat: Create PolicySimulationInputLock and related validation logic - Added PolicySimulationInputLock record to describe policy simulation inputs and expected digests. - Implemented validation logic for policy simulation inputs, including checks for digest drift and shadow mode requirements. test: Add unit tests for ReplayVerificationService and ReplayVerifier - Created ReplayVerificationServiceTests to validate the behavior of the ReplayVerificationService under various scenarios. - Developed ReplayVerifierTests to ensure the correctness of the ReplayVerifier logic. test: Implement PolicySimulationInputLockValidatorTests - Added tests for PolicySimulationInputLockValidator to verify the validation logic against expected inputs and conditions. chore: Add cosign key example and signing scripts - Included a placeholder cosign key example for development purposes. - Added a script for signing Signals artifacts using cosign with support for both v2 and v3. chore: Create script for uploading evidence to the evidence locker - Developed a script to upload evidence to the evidence locker, ensuring required environment variables are set.
37 lines
1.4 KiB
JSON
37 lines
1.4 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "https://stellaops.local/airgap/av-report.schema.json",
|
|
"title": "Offline AV/YARA Scan Report",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["scanner", "scannerVersion", "startedAt", "completedAt", "status", "artifacts"],
|
|
"properties": {
|
|
"scanner": { "type": "string" },
|
|
"scannerVersion": { "type": "string" },
|
|
"startedAt": { "type": "string", "format": "date-time" },
|
|
"completedAt": { "type": "string", "format": "date-time" },
|
|
"status": { "type": "string", "enum": ["clean", "findings", "error"] },
|
|
"signature": { "type": "string", "description": "Optional detached signature over this report (base64)" },
|
|
"artifacts": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["path", "sha256", "result"],
|
|
"properties": {
|
|
"path": { "type": "string" },
|
|
"sha256": { "type": "string", "pattern": "^[A-Fa-f0-9]{64}$" },
|
|
"result": { "type": "string", "enum": ["clean", "suspicious", "malicious", "error"] },
|
|
"yaraRules": { "type": "array", "items": { "type": "string" }, "uniqueItems": true },
|
|
"notes": { "type": "string" }
|
|
}
|
|
},
|
|
"uniqueItems": true
|
|
},
|
|
"errors": {
|
|
"type": "array",
|
|
"items": { "type": "string" }
|
|
}
|
|
}
|
|
}
|