432 lines
18 KiB
C#
432 lines
18 KiB
C#
// <copyright file="ConfigCatalog.cs" company="StellaOps">
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
// Sprint: SPRINT_20260112_014_CLI_config_viewer (CLI-CONFIG-010)
|
|
// </copyright>
|
|
|
|
namespace StellaOps.Cli.Commands;
|
|
|
|
/// <summary>
|
|
/// Configuration path catalog entry.
|
|
/// </summary>
|
|
public sealed record ConfigCatalogEntry(
|
|
string Path,
|
|
string SectionName,
|
|
string Category,
|
|
string Description,
|
|
IReadOnlyList<string> Aliases,
|
|
string? ApiEndpoint = null);
|
|
|
|
/// <summary>
|
|
/// Catalog of all StellaOps configuration paths.
|
|
/// Derived from SectionName constants across all modules.
|
|
/// </summary>
|
|
public static class ConfigCatalog
|
|
{
|
|
private static readonly List<ConfigCatalogEntry> Entries =
|
|
[
|
|
// Policy module
|
|
new("policy.determinization", "Determinization", "Policy",
|
|
"Determinization options (entropy thresholds, signal weights, reanalysis triggers)",
|
|
["pol.det", "determinization"],
|
|
"/api/policy/config/determinization"),
|
|
new("policy.exceptions", "Policy:Exceptions:Approval", "Policy",
|
|
"Exception approval settings",
|
|
["pol.exc", "exceptions"]),
|
|
new("policy.exceptions.expiry", "Policy:Exceptions:Expiry", "Policy",
|
|
"Exception expiry configuration",
|
|
["pol.exc.exp"]),
|
|
new("policy.gates", "PolicyGates", "Policy",
|
|
"Policy gate configuration",
|
|
["pol.gates", "gates"]),
|
|
new("policy.engine", "PolicyEngine", "Policy",
|
|
"Policy engine core settings",
|
|
["pol.engine"]),
|
|
new("policy.engine.evidenceweighted", "PolicyEngine:EvidenceWeightedScore", "Policy",
|
|
"Evidence-weighted score configuration",
|
|
["pol.ews"]),
|
|
new("policy.engine.tenancy", "PolicyEngine:Tenancy", "Policy",
|
|
"Policy engine tenancy settings",
|
|
["pol.tenancy"]),
|
|
new("policy.attestation", "PolicyDecisionAttestation", "Policy",
|
|
"Policy decision attestation settings",
|
|
["pol.attest"]),
|
|
new("policy.confidenceweights", "ConfidenceWeights", "Policy",
|
|
"Confidence weight configuration",
|
|
["pol.cw"]),
|
|
new("policy.reachability", "ReachabilitySignals", "Policy",
|
|
"Reachability signal settings",
|
|
["pol.reach"]),
|
|
new("policy.smartdiff", "SmartDiff:Gates", "Policy",
|
|
"SmartDiff gate configuration",
|
|
["pol.smartdiff"]),
|
|
new("policy.toollattice", "ToolLattice", "Policy",
|
|
"Tool lattice configuration",
|
|
["pol.lattice"]),
|
|
new("policy.unknownbudgets", "UnknownBudgets", "Policy",
|
|
"Unknown budgets configuration",
|
|
["pol.budgets"]),
|
|
new("policy.vexsigning", "VexSigning", "Policy",
|
|
"VEX signing configuration",
|
|
["pol.vexsign"]),
|
|
new("policy.gatebypass", "Policy:GateBypassAudit", "Policy",
|
|
"Gate bypass audit settings",
|
|
["pol.bypass"]),
|
|
new("policy.ratelimiting", "RateLimiting", "Policy",
|
|
"Rate limiting configuration",
|
|
["pol.rate"]),
|
|
|
|
// Scanner module
|
|
new("scanner", "scanner", "Scanner",
|
|
"Scanner core configuration",
|
|
["scan"]),
|
|
new("scanner.epss", "Epss", "Scanner",
|
|
"EPSS scoring configuration",
|
|
["scan.epss"]),
|
|
new("scanner.epss.enrichment", "Epss:Enrichment", "Scanner",
|
|
"EPSS enrichment settings",
|
|
["scan.epss.enrich"]),
|
|
new("scanner.epss.ingest", "Epss:Ingest", "Scanner",
|
|
"EPSS ingest configuration",
|
|
["scan.epss.ing"]),
|
|
new("scanner.epss.signal", "Epss:Signal", "Scanner",
|
|
"EPSS signal configuration",
|
|
["scan.epss.sig"]),
|
|
new("scanner.reachability", "Scanner:ReachabilitySubgraph", "Scanner",
|
|
"Reachability subgraph settings",
|
|
["scan.reach"]),
|
|
new("scanner.reachability.witness", "Scanner:ReachabilityWitness", "Scanner",
|
|
"Reachability witness configuration",
|
|
["scan.reach.wit"]),
|
|
new("scanner.reachability.prgate", "Scanner:Reachability:PrGate", "Scanner",
|
|
"PR gate reachability settings",
|
|
["scan.reach.pr"]),
|
|
new("scanner.analyzers.native", "Scanner:Analyzers:Native", "Scanner",
|
|
"Native analyzer configuration",
|
|
["scan.native"]),
|
|
new("scanner.analyzers.secrets", "Scanner:Analyzers:Secrets", "Scanner",
|
|
"Secrets analyzer configuration",
|
|
["scan.secrets"]),
|
|
new("scanner.analyzers.entrytrace", "Scanner:Analyzers:EntryTrace", "Scanner",
|
|
"Entry trace analyzer settings",
|
|
["scan.entry"]),
|
|
new("scanner.entrytrace.semantic", "Scanner:EntryTrace:Semantic", "Scanner",
|
|
"Semantic entry trace configuration",
|
|
["scan.entry.sem"]),
|
|
new("scanner.funcproof", "Scanner:FuncProof:Generation", "Scanner",
|
|
"Function proof generation settings",
|
|
["scan.funcproof"]),
|
|
new("scanner.funcproof.dsse", "Scanner:FuncProof:Dsse", "Scanner",
|
|
"Function proof DSSE configuration",
|
|
["scan.funcproof.dsse"]),
|
|
new("scanner.funcproof.oci", "Scanner:FuncProof:Oci", "Scanner",
|
|
"Function proof OCI settings",
|
|
["scan.funcproof.oci"]),
|
|
new("scanner.funcproof.transparency", "Scanner:FuncProof:Transparency", "Scanner",
|
|
"Function proof transparency log settings",
|
|
["scan.funcproof.tlog"]),
|
|
new("scanner.idempotency", "Scanner:Idempotency", "Scanner",
|
|
"Idempotency configuration",
|
|
["scan.idemp"]),
|
|
new("scanner.offlinekit", "Scanner:OfflineKit", "Scanner",
|
|
"Offline kit configuration",
|
|
["scan.offline"]),
|
|
new("scanner.proofspine", "scanner:proofSpine:dsse", "Scanner",
|
|
"Proof spine DSSE settings",
|
|
["scan.spine"]),
|
|
new("scanner.worker", "Scanner:Worker", "Scanner",
|
|
"Scanner worker configuration",
|
|
["scan.worker"]),
|
|
new("scanner.worker.nativeanalyzers", "Scanner:Worker:NativeAnalyzers", "Scanner",
|
|
"Worker native analyzer settings",
|
|
["scan.worker.native"]),
|
|
new("scanner.concelier", "scanner:concelier", "Scanner",
|
|
"Scanner Concelier integration",
|
|
["scan.concel"]),
|
|
new("scanner.drift", "DriftAttestation", "Scanner",
|
|
"Drift attestation settings",
|
|
["scan.drift"]),
|
|
new("scanner.validationgate", "ValidationGate", "Scanner",
|
|
"Validation gate configuration",
|
|
["scan.valgate"]),
|
|
new("scanner.vexgate", "VexGate", "Scanner",
|
|
"VEX gate configuration",
|
|
["scan.vexgate"]),
|
|
|
|
// Notifier module
|
|
new("notifier", "Notifier:Tenant", "Notifier",
|
|
"Notifier tenant configuration",
|
|
["notify", "notif"]),
|
|
new("notifier.channels", "ChannelAdapters", "Notifier",
|
|
"Channel adapter configuration",
|
|
["notify.chan"]),
|
|
new("notifier.inapp", "InAppChannel", "Notifier",
|
|
"In-app notification channel settings",
|
|
["notify.inapp"]),
|
|
new("notifier.ackbridge", "Notifier:AckBridge", "Notifier",
|
|
"Acknowledgment bridge configuration",
|
|
["notify.ack"]),
|
|
new("notifier.correlation", "Notifier:Correlation", "Notifier",
|
|
"Correlation settings",
|
|
["notify.corr"]),
|
|
new("notifier.digest", "Notifier:Digest", "Notifier",
|
|
"Digest notification settings",
|
|
["notify.digest"]),
|
|
new("notifier.digestschedule", "Notifier:DigestSchedule", "Notifier",
|
|
"Digest schedule configuration",
|
|
["notify.digest.sched"]),
|
|
new("notifier.fallback", "Notifier:Fallback", "Notifier",
|
|
"Fallback channel configuration",
|
|
["notify.fallback"]),
|
|
new("notifier.incidentmanager", "Notifier:IncidentManager", "Notifier",
|
|
"Incident manager settings",
|
|
["notify.incident"]),
|
|
new("notifier.integrations.opsgenie", "Notifier:Integrations:OpsGenie", "Notifier",
|
|
"OpsGenie integration settings",
|
|
["notify.opsgenie"]),
|
|
new("notifier.integrations.pagerduty", "Notifier:Integrations:PagerDuty", "Notifier",
|
|
"PagerDuty integration settings",
|
|
["notify.pagerduty"]),
|
|
new("notifier.localization", "Notifier:Localization", "Notifier",
|
|
"Localization settings",
|
|
["notify.l10n"]),
|
|
new("notifier.quiethours", "Notifier:QuietHours", "Notifier",
|
|
"Quiet hours configuration",
|
|
["notify.quiet"]),
|
|
new("notifier.stormbreaker", "Notifier:StormBreaker", "Notifier",
|
|
"Storm breaker settings",
|
|
["notify.storm"]),
|
|
new("notifier.throttler", "Notifier:Throttler", "Notifier",
|
|
"Throttler configuration",
|
|
["notify.throttle"]),
|
|
new("notifier.template", "TemplateRenderer", "Notifier",
|
|
"Template renderer settings",
|
|
["notify.template"]),
|
|
|
|
// Concelier module
|
|
new("concelier.cache", "Concelier:Cache", "Concelier",
|
|
"Concelier cache configuration",
|
|
["concel.cache"]),
|
|
new("concelier.epss", "Concelier:Epss", "Concelier",
|
|
"Concelier EPSS settings",
|
|
["concel.epss"]),
|
|
new("concelier.interest", "Concelier:Interest", "Concelier",
|
|
"Interest tracking configuration",
|
|
["concel.interest"]),
|
|
new("concelier.federation", "Federation", "Concelier",
|
|
"Federation settings",
|
|
["concel.fed"]),
|
|
|
|
// Attestor module
|
|
new("attestor.binarydiff", "Attestor:BinaryDiff", "Attestor",
|
|
"Binary diff attestation settings",
|
|
["attest.bindiff"]),
|
|
new("attestor.graphroot", "Attestor:GraphRoot", "Attestor",
|
|
"Graph root attestation configuration",
|
|
["attest.graph"]),
|
|
new("attestor.rekor", "Attestor:Rekor", "Attestor",
|
|
"Rekor transparency log settings",
|
|
["attest.rekor"]),
|
|
|
|
// BinaryIndex module
|
|
new("binaryindex.builders", "BinaryIndex:Builders", "BinaryIndex",
|
|
"Binary index builder configuration",
|
|
["binidx.build"]),
|
|
new("binaryindex.funcextraction", "BinaryIndex:FunctionExtraction", "BinaryIndex",
|
|
"Function extraction settings",
|
|
["binidx.func"]),
|
|
new("binaryindex.goldenset", "BinaryIndex:GoldenSet", "BinaryIndex",
|
|
"Golden set configuration",
|
|
["binidx.golden"]),
|
|
new("binaryindex.bsim", "BSim", "BinaryIndex",
|
|
"BSim configuration",
|
|
["binidx.bsim"]),
|
|
new("binaryindex.disassembly", "Disassembly", "BinaryIndex",
|
|
"Disassembly settings",
|
|
["binidx.disasm"]),
|
|
new("binaryindex.ghidra", "Ghidra", "BinaryIndex",
|
|
"Ghidra configuration",
|
|
["binidx.ghidra"]),
|
|
new("binaryindex.ghidriff", "Ghidriff", "BinaryIndex",
|
|
"Ghidriff settings",
|
|
["binidx.ghidriff"]),
|
|
new("binaryindex.resolution", "Resolution", "BinaryIndex",
|
|
"Resolution configuration",
|
|
["binidx.res"]),
|
|
|
|
// Signals module
|
|
new("signals", "Signals", "Signals",
|
|
"Signals core configuration",
|
|
["sig"]),
|
|
new("signals.evidencenorm", "EvidenceNormalization", "Signals",
|
|
"Evidence normalization settings",
|
|
["sig.evnorm"]),
|
|
new("signals.evidenceweighted", "EvidenceWeightedScore", "Signals",
|
|
"Evidence-weighted score settings",
|
|
["sig.ews"]),
|
|
new("signals.retention", "Signals:Retention", "Signals",
|
|
"Signal retention configuration",
|
|
["sig.ret"]),
|
|
new("signals.unknownsdecay", "Signals:UnknownsDecay", "Signals",
|
|
"Unknowns decay settings",
|
|
["sig.decay"]),
|
|
new("signals.unknownsrescan", "Signals:UnknownsRescan", "Signals",
|
|
"Unknowns rescan configuration",
|
|
["sig.rescan"]),
|
|
new("signals.unknownsscoring", "Signals:UnknownsScoring", "Signals",
|
|
"Unknowns scoring settings",
|
|
["sig.scoring"]),
|
|
|
|
// Signer module
|
|
new("signer.keyless", "Signer:Keyless", "Signer",
|
|
"Keyless signing configuration",
|
|
["sign.keyless"]),
|
|
new("signer.sigstore", "Sigstore", "Signer",
|
|
"Sigstore configuration",
|
|
["sign.sigstore"]),
|
|
|
|
// AdvisoryAI module
|
|
new("advisoryai.chat", "AdvisoryAI:Chat", "AdvisoryAI",
|
|
"Chat configuration",
|
|
["ai.chat"]),
|
|
new("advisoryai.inference", "AdvisoryAI:Inference:Offline", "AdvisoryAI",
|
|
"Offline inference settings",
|
|
["ai.inference"]),
|
|
new("advisoryai.llmproviders", "AdvisoryAI:LlmProviders", "AdvisoryAI",
|
|
"LLM provider configuration",
|
|
["ai.llm"]),
|
|
new("advisoryai.ratelimits", "AdvisoryAI:RateLimits", "AdvisoryAI",
|
|
"Rate limits for AI features",
|
|
["ai.rate"]),
|
|
|
|
// AirGap module
|
|
new("airgap.bundlesigning", "AirGap:BundleSigning", "AirGap",
|
|
"Bundle signing configuration",
|
|
["air.sign"]),
|
|
new("airgap.quarantine", "AirGap:Quarantine", "AirGap",
|
|
"Quarantine settings",
|
|
["air.quar"]),
|
|
|
|
// Excititor module
|
|
new("excititor.autovex", "AutoVex:Downgrade", "Excititor",
|
|
"Auto VEX downgrade settings",
|
|
["exc.autovex"]),
|
|
new("excititor.airgap", "Excititor:Airgap", "Excititor",
|
|
"Excititor airgap configuration",
|
|
["exc.airgap"]),
|
|
new("excititor.evidence", "Excititor:Evidence:Linking", "Excititor",
|
|
"Evidence linking settings",
|
|
["exc.evidence"]),
|
|
new("excititor.mirror", "Excititor:Mirror", "Excititor",
|
|
"Mirror configuration",
|
|
["exc.mirror"]),
|
|
new("excititor.vexverify", "VexSignatureVerification", "Excititor",
|
|
"VEX signature verification settings",
|
|
["exc.vexverify"]),
|
|
|
|
// ExportCenter module
|
|
new("exportcenter", "ExportCenter", "ExportCenter",
|
|
"Export center core configuration",
|
|
["export"]),
|
|
new("exportcenter.trivy", "ExportCenter:Adapters:Trivy", "ExportCenter",
|
|
"Trivy adapter settings",
|
|
["export.trivy"]),
|
|
new("exportcenter.oci", "ExportCenter:Distribution:Oci", "ExportCenter",
|
|
"OCI distribution configuration",
|
|
["export.oci"]),
|
|
new("exportcenter.encryption", "ExportCenter:Encryption", "ExportCenter",
|
|
"Encryption settings",
|
|
["export.encrypt"]),
|
|
|
|
// Orchestrator module
|
|
new("orchestrator", "Orchestrator", "Orchestrator",
|
|
"Orchestrator core configuration",
|
|
["orch"]),
|
|
new("orchestrator.firstsignal", "FirstSignal", "Orchestrator",
|
|
"First signal configuration",
|
|
["orch.first"]),
|
|
new("orchestrator.incidentmode", "Orchestrator:IncidentMode", "Orchestrator",
|
|
"Incident mode settings",
|
|
["orch.incident"]),
|
|
new("orchestrator.stream", "Orchestrator:Stream", "Orchestrator",
|
|
"Stream processing configuration",
|
|
["orch.stream"]),
|
|
|
|
// Scheduler module
|
|
new("scheduler.hlc", "Scheduler:HlcOrdering", "Scheduler",
|
|
"HLC ordering configuration",
|
|
["sched.hlc"]),
|
|
|
|
// VexLens module
|
|
new("vexlens", "VexLens", "VexLens",
|
|
"VexLens core configuration",
|
|
["lens"]),
|
|
new("vexlens.noisegate", "VexLens:NoiseGate", "VexLens",
|
|
"Noise gate configuration",
|
|
["lens.noise"]),
|
|
|
|
// Zastava module
|
|
new("zastava.agent", "zastava:agent", "Zastava",
|
|
"Zastava agent configuration",
|
|
["zast.agent"]),
|
|
new("zastava.observer", "zastava:observer", "Zastava",
|
|
"Observer configuration",
|
|
["zast.obs"]),
|
|
new("zastava.runtime", "zastava:runtime", "Zastava",
|
|
"Runtime configuration",
|
|
["zast.runtime"]),
|
|
new("zastava.webhook", "zastava:webhook", "Zastava",
|
|
"Webhook configuration",
|
|
["zast.webhook"]),
|
|
|
|
// Platform module
|
|
new("platform", "Platform", "Platform",
|
|
"Platform core configuration",
|
|
["plat"]),
|
|
|
|
// Authority module
|
|
new("authority", "Authority", "Authority",
|
|
"Authority core configuration",
|
|
["auth"]),
|
|
new("authority.plugins", "Authority:Plugins", "Authority",
|
|
"Authority plugins configuration",
|
|
["auth.plugins"]),
|
|
new("authority.passwordpolicy", "Authority:PasswordPolicy", "Authority",
|
|
"Password policy configuration",
|
|
["auth.password"]),
|
|
|
|
// Setup prefixes
|
|
new("setup.database", "database", "Setup",
|
|
"Database connection settings",
|
|
["db"]),
|
|
new("setup.cache", "cache", "Setup",
|
|
"Cache configuration",
|
|
["cache"]),
|
|
new("setup.registry", "registry", "Setup",
|
|
"Registry configuration",
|
|
["reg"])
|
|
];
|
|
|
|
/// <summary>
|
|
/// Gets all catalog entries.
|
|
/// </summary>
|
|
public static IReadOnlyList<ConfigCatalogEntry> GetAll() => Entries;
|
|
|
|
/// <summary>
|
|
/// Finds a catalog entry by path or alias.
|
|
/// </summary>
|
|
public static ConfigCatalogEntry? Find(string pathOrAlias)
|
|
{
|
|
var normalized = pathOrAlias.Replace(':', '.').ToLowerInvariant();
|
|
|
|
return Entries.FirstOrDefault(e =>
|
|
e.Path.Equals(normalized, StringComparison.OrdinalIgnoreCase) ||
|
|
e.Aliases.Any(a => a.Equals(normalized, StringComparison.OrdinalIgnoreCase)));
|
|
}
|
|
|
|
/// <summary>
|
|
/// Gets all categories.
|
|
/// </summary>
|
|
public static IReadOnlyList<string> GetCategories() =>
|
|
Entries.Select(e => e.Category).Distinct().OrderBy(c => c).ToList();
|
|
}
|