stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
9ca2de05dff9c7db11eb49df6d4e47bbfe7a99f6
git.stella-ops.org/docs/features/checked/scanner/base-image-detection-and-recommendations.md
master 5bca406787 save checkpoint: save features
2026-02-12 10:27:23 +02:00

50 lines
2.7 KiB
Markdown
Raw Blame History

# Base Image Detection and Recommendations
## Module
Scanner
## Status
VERIFIED
## Description
Base image detection via layer diffID fingerprinting with PostgreSQL-backed fingerprint storage and deterministic in-memory matching. The detector now supports exact and fuzzy matching, ranked recommendations, and bulk recommendation queries for multiple image references.
## Implementation Details
- **Core detection contract**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Resolution/IBaseImageDetector.cs`
- `DetectBaseImageAsync` (single-layer lookup)
- `GetRecommendationsAsync` (ranked exact/fuzzy recommendations)
- `GetRecommendationsBulkAsync` (bulk recommendations)
- **Detector implementation**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Resolution/BaseImageDetector.cs`
- PostgreSQL-backed fingerprint persistence and load
- deterministic in-memory index
- fuzzy fallback by nearest layer index + lexical tie-break
- **Recommendation scoring engine**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Resolution/BaseImageMatchEngine.cs`
- deterministic exact/fuzzy scoring with confidence and rationale
- **Layer resolution + reuse integration**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Resolution/ILayerDigestResolver.cs`
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Resolution/LayerDigestResolver.cs`
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Resolution/LayerProvenance.cs`
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Reuse/ILayerReuseDetector.cs`
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/Reuse/LayerReuseDetector.cs`
- **DI registration**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Manifest/ManifestServiceCollectionExtensions.cs`
- **Behavioral tests**:
- `src/Scanner/__Tests/StellaOps.Scanner.Core.Tests/BaseImageRecommendationTests.cs`
## E2E Test Plan
- [x] Scan an image built on a known base image and verify exact base image attribution is returned.
- [x] Verify exact layer prefix match identifies the correct base image with confidence `1.0`.
- [x] Verify fuzzy matching returns ranked recommendations when base layers are partially modified.
- [x] Verify bulk recommendations return deterministic per-image results for multiple image references.
- [x] Verify non-overlapping layers return no recommendations (negative path).
## Verification
- Run ID: `run-001`
- Date (UTC): 2026-02-12
- Tier 0: Source files and symbols present (`tier0-source-check.json`).
- Tier 1: `StellaOps.Scanner.Manifest` + `StellaOps.Scanner.Core.Tests` build passed; focused recommendation tests passed (`tier1-build-check.json`, `tier1-tests-base-image.log`).
- Tier 2: Behavioral integration checks passed via targeted class run (`tier2-e2e-check.json`).
Reference in New Issue View Git Blame Copy Permalink