Explore Help

Register Sign In

stella-ops.org/git.stella-ops.org

1

0

You've already forked git.stella-ops.org

Code Issues Pull Requests Actions 2 Releases Wiki Activity

Files

8578065675d58596016eaeaa0eb53bd3897d09fd

git.stella-ops.org/docs/features/checked/policy/gate-level-selection.md

master 9ca2de05df more features checks. setup improvements

2026-02-13 02:04:55 +02:00

2.9 KiB

Raw Blame History

Gate Level Selection (G0-G4)

Module

Policy

Status

IMPLEMENTED

Description

Diff-aware release gate levels G0-G4 with automatic gate selection based on RRS score and budget status, exposed via API endpoints.

Implementation Details

PolicyGateEvaluator: src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs
- Multi-gate evaluation pipeline with 5 sequential gates: Evidence Completeness, Lattice State, VEX Trust, Uncertainty Tier, Confidence Threshold
- Gate result types: Pass, PassWithNote, Warn, Block, Skip
- Short-circuits on first Block; accumulates warnings
- Override support with justification requirements
- Gate decision model: PolicyGateDecision.cs with overall decision and per-gate details
PolicyGateOptions: src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateOptions.cs -- configurable gate thresholds and behaviors
VexTrustGate: src/Policy/StellaOps.Policy.Engine/Gates/VexTrustGate.cs -- per-environment trust thresholds (prod: 0.80, staging: 0.60, dev: 0.40)
DeterminizationGate: src/Policy/StellaOps.Policy.Engine/Gates/Determinization/DeterminizationGate.cs -- determinism verification gate using DecayedConfidenceCalculator
StabilityDampingGate: src/Policy/StellaOps.Policy.Engine/Gates/StabilityDampingGate.cs -- prevents oscillation in gate decisions
DriftGateEvaluator: src/Policy/StellaOps.Policy.Engine/Gates/DriftGateEvaluator.cs -- evaluates SBOM drift for diff-aware gating
RiskSimulationService: src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationService.cs -- signal-based scoring that feeds gate selection
- Severity mapping: Critical>=90, High>=70, Medium>=40, Low>=10
WhatIfSimulationService: src/Policy/StellaOps.Policy.Engine/WhatIfSimulation/WhatIfSimulationService.cs -- delta computation for diff-aware gates
Gate endpoints: src/Policy/StellaOps.Policy.Engine/Endpoints/ -- REST API for gate evaluation results

E2E Test Plan

Evaluate artifact with all evidence present and high confidence; verify all gates pass (G0 level)
Evaluate artifact with missing VEX evidence; verify Evidence Completeness gate warns or blocks
Evaluate artifact with VEX trust score below production threshold (0.80); verify VexTrustGate blocks in prod
Evaluate artifact with VEX trust score 0.65 in staging; verify VexTrustGate passes (threshold 0.60)
Evaluate artifact with unknown reachability (U state); verify Lattice State gate applies appropriate action
Evaluate artifact with Uncertainty Tier T1 (high uncertainty); verify Uncertainty gate blocks
Evaluate artifact with confidence below threshold; verify Confidence gate blocks
Override a blocked gate with justification; verify PassWithNote result
Evaluate with DriftGateEvaluator detecting SBOM changes; verify drift-aware gating triggers
Verify StabilityDampingGate prevents rapid oscillation between Pass and Block

Powered by Gitea Version: 1.24.5 Page: 43ms Template: 3ms

English

Bahasa Indonesia Deutsch English Español Français Gaeilge Italiano Latviešu Magyar nyelv Nederlands Polski Português de Portugal Português do Brasil Suomi Svenska Türkçe Čeština Ελληνικά Български Русский Українська فارسی മലയാളം 日本語简体中文繁體中文（台灣）繁體中文（香港） 한국어

Licenses API