42 lines
3.2 KiB
Markdown
42 lines
3.2 KiB
Markdown
# Replay Manifest (Deterministic Replay)
|
|
|
|
## Module
|
|
__Libraries
|
|
|
|
## Status
|
|
VERIFIED
|
|
|
|
## Description
|
|
Complete replay manifest system with versioning, export, validation, CAS (content-addressed storage) integration, and reachability-specific replay writers. Enables deterministic re-computation of verdicts.
|
|
|
|
## Implementation Details
|
|
- **ReplayManifest**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifest.cs` -- core manifest model with versioned schema
|
|
- **ReplayManifestVersions**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifestVersions.cs` -- version tracking and migration
|
|
- **ReplayManifestExtensions**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifestExtensions.cs` -- helper extensions
|
|
- **ReplayManifestExporter**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifestExporter.cs` -- multi-partial export pipeline: `.Export.cs` (main export flow), `.BuildInputs.cs` (input artifact refs), `.BuildOutputs.cs` (output artifact refs), `.BuildToolchain.cs` (tool version pinning), `.BuildVerification.cs` (verification metadata), `.Hashing.cs` (content-addressed hashing), `.Metadata.cs` (export metadata), `.Verify.cs` (post-export verification), `.Convert.cs` (format conversion)
|
|
- **ReplayManifestWriter**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifestWriter.cs` -- `.Manifest.cs` (manifest file writing)
|
|
- **ReachabilityReplayWriter**: `src/__Libraries/StellaOps.Replay.Core/ReachabilityReplayWriter.cs` -- reachability-specific: `.Graphs.cs` (graph serialization), `.Hashing.cs` (graph digest), `.Traces.cs` (trace recording)
|
|
- **StellaReplayBundleWriter**: `src/__Libraries/StellaOps.Replay.Core/StellaReplayBundleWriter.cs` -- multi-partial: `.Entries.cs`, `.Sections.Config.cs`, `.Sections.Content.cs`, `.Sections.Outputs.cs`, `.Sign.cs` (DSSE signing), `.Write.cs` (bundle writing)
|
|
- **Export Models**: `src/__Libraries/StellaOps.Replay.Core/` -- ExportArtifactRef, ExportCiEnvironment, ExportFeedSnapshot, ExportFindingsSummary, ExportInputArtifacts, ExportOutputArtifacts, ExportPolicyBundle, ExportReachabilityInput, ExportSbomInput, ExportToolchainInfo, ExportVerificationInfo, ExportVexInput, ExportSnapshotInfo, ExportMetadataInfo
|
|
- **Pinning Models**: `src/__Libraries/StellaOps.Replay.Core/` -- FeedVersion, KnowledgeSnapshot, LatticeConfig, PolicyBundleRef, RandomSeed, ReachSubgraphRef, SbomRef, TrustConfig, VexDocRef
|
|
- **Tests**: `src/__Libraries/StellaOps.Replay.Core.Tests/`
|
|
- **Source**: Feature matrix scan
|
|
|
|
## E2E Test Plan
|
|
- [ ] Verify replay manifest captures all input hashes (feed, SBOM, VEX, policy, tool versions)
|
|
- [ ] Test manifest export produces complete bundle with inputs, outputs, toolchain, verification sections
|
|
- [ ] Verify ReachabilityReplayWriter serializes graphs with deterministic hashing
|
|
- [ ] Test StellaReplayBundleWriter produces DSSE-signed bundles
|
|
- [ ] Verify manifest versioning enables backward-compatible upgrades
|
|
- [ ] Test export verification detects tampered bundles
|
|
- [ ] Verify CAS references maintain content integrity across export/import
|
|
- [ ] Test manifest round-trip: export -> import produces identical manifest
|
|
|
|
|
|
## Verification
|
|
|
|
- **Verified**: 2026-02-13T20:30:00Z
|
|
- **Run**: run-001
|
|
- **Tier**: Tier 2d (Library/Internal)
|
|
- **Verdict**: PASS
|