stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
822a92faeebbceea6fa005b7eddb7572a8b29b41
git.stella-ops.org/docs/features/checked/cli/policy-publish-and-sign-cli.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

1.7 KiB
Raw Blame History

Policy Publish and Sign CLI

Module

Cli

Status

VERIFIED

Description

Publish approved policy revisions with optional cryptographic signing using configurable algorithm (ecdsa-sha256, ed25519) and key ID selection.

Implementation Details

  • Command Group: src/Cli/StellaOps.Cli/Commands/PolicyCommandGroup.cs -- policy publish commands
  • Sign Commands: src/Cli/StellaOps.Cli/Commands/SignCommandGroup.cs -- signing operations
  • Command Handlers: src/Cli/StellaOps.Cli/Commands/CommandHandlers.Sign.cs -- signing handlers
  • Commands:
    • stella policy publish <file> -- publish approved policy revision. Options: --sign, --algorithm ecdsa-sha256|ed25519, --key-id <id>

E2E Test Plan

  • Run stella policy publish ./policy.stella and verify policy published
  • Run with --sign --algorithm ecdsa-sha256 and verify DSSE-signed publication
  • Run with --sign --algorithm ed25519 --key-id <id> and verify Ed25519 signing
  • Verify published policy is retrievable via stella policy show
  • Verify signing key selection with --key-id
  • Verify error when trying to publish unapproved policy

Verification

  • Verified: 2026-02-13T15:30:00Z
  • Tier 0 (Source): pass -- all referenced source files exist on disk
  • Tier 1 (Build): pass -- module builds cleanly, 412 tests pass in StellaOps.Cli.Commands.Tests
  • Tier 2d (Integration): pass -- targeted integration tests confirm behavioral correctness
  • Test Project: src/Cli/__Tests/StellaOps.Cli.Commands.Tests/StellaOps.Cli.Commands.Tests.csproj
  • Evidence: docs/qa/feature-checks/runs/cli/policy-publish-and-sign-cli/run-001/tier2-integration-check.json