stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
4bdc298ec1fc821ee0d9dda6d2d4643dcedf6b35
git.stella-ops.org/docs/features/unchecked/cli/scan-reproducibility-verification-flag.md

973 B
Raw Blame History

Scan Reproducibility Verification Flag

Module

Cli

Status

IMPLEMENTED

Description

CLI flag to trigger reproducibility verification (rebuild) during scans, verifying whether builds are reproducible as part of the build provenance verification pipeline.

Implementation Details

  • Scan Commands: src/Cli/StellaOps.Cli/Commands/Scan/ -- scan command extensions
  • Provenance Commands: src/Cli/StellaOps.Cli/Commands/ProvCommandGroup.cs -- provenance verification
  • Commands:
    • stella scan run <image> --verify-reproducibility -- scan with reproducibility verification
    • stella prov verify <image> -- verify build provenance

E2E Test Plan

  • Run stella scan run myregistry/app:v1.0 --verify-reproducibility and verify reproducibility check
  • Verify reproducible build produces matching digest
  • Verify non-reproducible build is flagged
  • Run stella prov verify myregistry/app:v1.0 and verify provenance verification