stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9add6af2210d139e099243e3d5e412ebbd78dc76
git.stella-ops.org/docs/features/checked/cli/baseline-selection-logic.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

2.9 KiB
Raw Blame History

Baseline Selection Logic (Last Green / Previous Release)

Module

Cli

Status

VERIFIED

Description

Compare feature infrastructure exists with services and CLI builder. The specific baseline selection logic (last green verdict, previous release tag) and its visibility to users may be partially implemented.

What's Implemented

  • Compare Command Builder: src/Cli/StellaOps.Cli/Commands/Compare/CompareCommandBuilder.cs -- CompareCommandBuilder (internal static class)
    • Sprint: SPRINT_4200_0002_0004_cli_compare
    • Implements stella compare --base <digest> --target <digest> with options: --output table|json|sarif, --output-file <path>, --include-unchanged
    • Requires explicit --base and --target digest arguments (manual selection)
  • Delta Scan: src/Cli/StellaOps.Cli/Commands/Scan/DeltaScanCommandGroup.cs -- delta scan with baseline comparison
  • VEX Gen Baseline: src/Cli/StellaOps.Cli/Commands/VexGenCommandGroup.cs -- --baseline <sealId> option for facet drift baseline; defaults to latest seal for image
  • Seal Store: IFacetSealStore.GetLatestSealAsync() for retrieving most recent baseline

What's Missing

  • Automatic "last green" selection: No command or flag like --baseline last-green that automatically selects the most recent scan digest with a passing verdict
  • Previous release tag resolution: No --baseline previous-release that resolves the previous release tag from SCM/registry metadata
  • Baseline suggestion in output: Compare results do not suggest a recommended baseline when none is specified
  • UI baseline picker: Web UI does not surface baseline selection with "last green" / "previous release" presets

Implementation Plan

  • Add --baseline-strategy last-green|previous-release|explicit option to compare and delta-scan commands
  • Implement IBaselineResolver service with strategies for "last green verdict" (query verdict store for latest pass) and "previous release" (query registry for previous tag)
  • Wire baseline resolver into CompareCommandBuilder and DeltaScanCommandGroup
  • Add baseline suggestion panel to Web UI compare view
  • Add tests for each baseline strategy

Related Documentation

  • Compare command: src/Cli/StellaOps.Cli/Commands/Compare/CompareCommandBuilder.cs
  • Delta scan: src/Cli/StellaOps.Cli/Commands/Scan/DeltaScanCommandGroup.cs
  • VEX gen baseline: src/Cli/StellaOps.Cli/Commands/VexGenCommandGroup.cs

Verification

  • Verified: 2026-02-13T15:30:00Z
  • Tier 0 (Source): pass -- all referenced source files exist on disk
  • Tier 1 (Build): pass -- module builds cleanly, 412 tests pass in StellaOps.Cli.Commands.Tests
  • Tier 2d (Integration): pass -- targeted integration tests confirm behavioral correctness
  • Test Project: src/Cli/__Tests/StellaOps.Cli.Commands.Tests/StellaOps.Cli.Commands.Tests.csproj
  • Evidence: docs/qa/feature-checks/runs/cli/baseline-selection-logic/run-001/tier2-integration-check.json