stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
49cdebe2f14e62a0d60962854e7bb4f3bac855df
git.stella-ops.org/docs/modules/evidence-locker/README.md
master cf5b72974f save checkpoint
2026-02-11 01:32:14 +02:00

58 lines
2.2 KiB
Markdown
Raw Blame History

# EvidenceLocker
**Status:** Implemented
**Source:** `src/EvidenceLocker/`
**Owner:** Platform Team
## Purpose
EvidenceLocker provides sealed, immutable storage for vulnerability scan evidence and audit logs. Ensures tamper-proof evidence chains for compliance and forensic analysis with content-addressable storage and cryptographic sealing.
## Components
**Services:**
- `StellaOps.EvidenceLocker.WebService` - HTTP API for evidence submission and retrieval
- `StellaOps.EvidenceLocker.Worker` - Background sealing and archival workers
**Libraries:**
- `StellaOps.EvidenceLocker.Core` - Evidence sealing, verification, and chain validation
- `StellaOps.EvidenceLocker.Infrastructure` - Storage adapters and evidence bundle management
## Configuration
See `etc/evidence-locker.yaml.sample` for configuration options (if available).
Key settings:
- Storage backend (filesystem, object storage)
- Sealing policy (immediate vs. batch)
- Retention policies
- Export destinations
- Authority integration for access control
## Dependencies
- PostgreSQL (schema: `evidence_locker`)
- Authority (authentication and authorization)
- Signer (cryptographic sealing operations)
- ExportCenter (evidence bundle export)
## Related Documentation
- Operations: `./operations/` (if exists)
- Portable pack contract: `./portable-audit-pack-contract.md`
- Portable manifest schema: `./schemas/portable-audit-pack-manifest.v1.schema.json`
- Portable compatibility mapping: `./portable-audit-pack-compatibility.md`
- Portable determinism profile: `./portable-audit-pack-determinism.md`
- Portable Rekor offline profile: `./portable-audit-pack-rekor-offline.md`
- Portable CLI runbook: `./portable-audit-pack-cli-runbook.md`
- Portable Parquet profile: `./portable-audit-pack-parquet-profile.md`
- Portable verification matrix: `./portable-audit-pack-test-matrix.md`
- Promotion evidence contract: `./promotion-evidence-contract.md`
- ExportCenter: `../export-center/`
- Attestor: `../attestor/`
- High-Level Architecture: `../../ARCHITECTURE_OVERVIEW.md`
## Current Status
Implemented with WebService and Worker components. Supports sealed evidence storage with cryptographic verification. Integrated with ExportCenter for audit bundle generation.
Reference in New Issue View Git Blame Copy Permalink