stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9ca2de05dff9c7db11eb49df6d4e47bbfe7a99f6
git.stella-ops.org/docs/features/unchecked/cli/policy-publish-and-sign-cli.md

1.1 KiB
Raw Blame History

Policy Publish and Sign CLI

Module

Cli

Status

IMPLEMENTED

Description

Publish approved policy revisions with optional cryptographic signing using configurable algorithm (ecdsa-sha256, ed25519) and key ID selection.

Implementation Details

  • Command Group: src/Cli/StellaOps.Cli/Commands/PolicyCommandGroup.cs -- policy publish commands
  • Sign Commands: src/Cli/StellaOps.Cli/Commands/SignCommandGroup.cs -- signing operations
  • Command Handlers: src/Cli/StellaOps.Cli/Commands/CommandHandlers.Sign.cs -- signing handlers
  • Commands:
    • stella policy publish <file> -- publish approved policy revision. Options: --sign, --algorithm ecdsa-sha256|ed25519, --key-id <id>

E2E Test Plan

  • Run stella policy publish ./policy.stella and verify policy published
  • Run with --sign --algorithm ecdsa-sha256 and verify DSSE-signed publication
  • Run with --sign --algorithm ed25519 --key-id <id> and verify Ed25519 signing
  • Verify published policy is retrievable via stella policy show
  • Verify signing key selection with --key-id
  • Verify error when trying to publish unapproved policy