stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
822a92faeebbceea6fa005b7eddb7572a8b29b41
git.stella-ops.org/docs/features/checked/scanner/oci-layer-manifest-infrastructure-for-delta-scanning.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

2.9 KiB
Raw Blame History

OCI Layer Manifest Infrastructure for Delta Scanning

Module

Scanner

Status

VERIFIED

Description

Infrastructure for OCI manifest snapshotting with layer digest resolution and diffID-based layer tracking. Provides layer reuse detection across image versions and a registry client abstraction to support delta scanning workflows. Distinct from generic "OCI Ancestry Extraction" in known features.

Implementation Details

  • Manifest Snapshot Service:
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/IOciManifestSnapshotService.cs - IOciManifestSnapshotService interface for manifest snapshot operations
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/OciManifestSnapshotService.cs - OciManifestSnapshotService captures and compares OCI manifest snapshots for delta scanning
  • Manifest Models:
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Models/OciManifestSnapshot.cs - OciManifestSnapshot representing a point-in-time manifest state with layer digests
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Models/ManifestComparisonResult.cs - ManifestComparisonResult identifies added, removed, and unchanged layers between snapshots
  • Layer Digest Resolution:
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Resolution/ILayerDigestResolver.cs - Interface for resolving layer digests to diffIDs
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Resolution/LayerDigestResolver.cs - LayerDigestResolver resolves compressed layer digests to uncompressed diffIDs for consistent tracking
  • Layer Reuse Detection:
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Reuse/LayerReuseDetector.cs - LayerReuseDetector identifies unchanged layers across image versions to skip re-analysis
  • Persistence:
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Persistence/IManifestSnapshotRepository.cs - Repository interface for snapshot storage
    • src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Persistence/ManifestSnapshotRepository.cs - PostgreSQL-backed snapshot persistence
  • DI Registration: src/Scanner/__Libraries/StellaOps.Scanner.Manifest/ManifestServiceCollectionExtensions.cs

E2E Test Plan

  • Scan an image and verify a manifest snapshot is captured with all layer digests and diffIDs
  • Rescan a newer version of the same image and verify manifest comparison correctly identifies added, removed, and unchanged layers
  • Verify layer reuse detection skips unchanged layers in subsequent scans, reducing scan time
  • Verify diffID-based tracking correctly matches layers across manifest versions despite compressed digest differences
  • Verify manifest snapshots are persisted and retrievable for historical comparison

Verification

Check Result
Tier 0 - Source files exist PASS
Tier 1 - Build + code review PASS
Tier 2 - Integration tests PASS
Verified 2026-02-13T18:10:00Z