stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
80aa16d5a137a6099840ca203ced75fbf178432f
git.stella-ops.org/docs/features/checked/concelier/postgresql-storage-layer.md
master 9ca2de05df more features checks. setup improvements
2026-02-13 02:04:55 +02:00

2.7 KiB
Raw Blame History

PostgreSQL Storage Layer (Proof Evidence Repositories)

Module

Concelier

Status

IMPLEMENTED

Description

Three PostgreSQL repository implementations backed by Dapper/Npgsql. Database schema defines 6 tables across 3 schemas (vuln: distro_advisories, changelog_evidence, patch_evidence, patch_signatures; feedser: binary_fingerprints; attestor: proof_blobs) with 18 indices including GIN indices for CVE array queries and composite indices for CVE+package lookups.

Implementation Details

  • Modules: src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/
  • Key Classes:
    • AdvisoryRepository (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/AdvisoryRepository.cs) - raw advisory CRUD with GIN index support
    • AdvisoryCanonicalRepository (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/AdvisoryCanonicalRepository.cs) - canonical advisory persistence
    • PostgresDtoStore (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/PostgresDtoStore.cs) - DTO storage layer
    • PostgresChangeHistoryStore (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/PostgresChangeHistoryStore.cs) - advisory change history tracking
    • PostgresPsirtFlagStore (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/PostgresPsirtFlagStore.cs) - PSIRT flag persistence
    • PostgresJpFlagStore (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/PostgresJpFlagStore.cs) - JP flag persistence
    • InterestScoreRepository (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/InterestScoreRepository.cs) - interest score persistence
    • FeedSnapshotRepository (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/FeedSnapshotRepository.cs) - feed snapshot persistence
    • SyncLedgerRepository (src/Concelier/__Libraries/StellaOps.Concelier.Persistence/Postgres/Repositories/SyncLedgerRepository.cs) - federation sync ledger
  • Interfaces: IAdvisoryRepository, IAdvisoryCanonicalRepository, IDtoStore, IChangeHistoryStore
  • Source: Feature matrix scan

E2E Test Plan

  • Verify CVE array query: insert advisories with multiple CVE IDs and query using GIN index-backed CVE array search
  • Verify composite index: query by CVE+package combination and confirm efficient lookup
  • Verify change history: update an advisory and confirm PostgresChangeHistoryStore records the change
  • Verify all 6 tables are created during schema migration across the 3 schemas (vuln, feedser, attestor)
  • Verify SyncLedgerRepository persists and retrieves federation sync cursors