1.5 KiB
1.5 KiB
EvidenceLocker Replay API (draft) — 2025-11-18
Scope: EVID-REPLAY-187-001 baseline API surface using shared orchestrator/advisory evidence schemas.
Endpoints (prefix /api/evidencelocker/replay)
POST /records— ingest replay bundle (DSSE + manifest). Request: multipart or JSON with CAS URIs; Response:{ recordId, bundleDigest }.POST /verify— verify replay bundle signatures/hashes. Request:{ bundleDigest | bundleUri }; Response:{ status: "pass|fail", findings: [] }.POST /replay— schedule replay job against stored records. Request:{ recordId, targetTenant, policyRevisionId? }; Response:{ jobId }.POST /prune— enforce retention policy. Request:{ maxAgeDays, keepLatestPerDigest: bool }; Response:{ pruned: int }.
Models (draft)
{
"recordId": "uuid",
"bundleDigest": "sha256:...",
"bundleUri": "cas://evidence/replay/{digest}",
"tenant": "string",
"ingestedAt": "2025-11-18T12:00:00Z",
"dsse": {
"payloadType": "application/vnd.stellaops.replay+json",
"payload": "base64",
"signatures": [ { "keyid": "...", "sig": "..." } ]
}
}
Retention policy draft
- Default:
maxAgeDays = 30,keepLatestPerDigest = true. - Deterministic pruning order: sort by
ingestedAtascending, thenrecordId.
Notes
- Align request/response DTOs with
StellaOps.Orchestrator.Schemasnaming (camelCase, UTC ISO-8601). - CLI verbs
stella evidence replay record|verify|replayto mirror these routes (see CLI-REPLAY-187-002). - Update
docs/replay/DETERMINISTIC_REPLAY.mdonce finalized.