33 lines
2.8 KiB
Markdown
33 lines
2.8 KiB
Markdown
# Scheduler ImpactIndex and Surface.FS Pointers
|
|
|
|
## Module
|
|
Scheduler
|
|
|
|
## Status
|
|
PARTIALLY_IMPLEMENTED
|
|
|
|
## Description
|
|
ImpactIndex computation for prioritizing scheduled vulnerability evaluations, with Surface.FS pointers linking scheduler jobs to filesystem-level SBOM surface data for efficient incremental rescans.
|
|
|
|
## Implementation Details
|
|
- **Impact Index Service**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexService.cs` -- computes impact index scores for scheduled jobs based on vulnerability severity, component exposure, and deployment topology.
|
|
- **Impact Index Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexEndpointExtensions.cs` -- REST endpoints for querying and updating impact index scores.
|
|
- **Impact Index Contracts**: `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex/ImpactIndexContracts.cs` -- DTOs for impact index query/update operations.
|
|
- **Surface FS Pointers**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsPointerService.cs` -- manages filesystem-level pointers linking SBOM surface data to scheduler jobs for incremental rescan optimization.
|
|
- **Surface FS Endpoints**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsEndpointExtensions.cs` -- REST endpoints for managing Surface.FS pointers.
|
|
- **Surface FS Contracts**: `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs/SurfaceFsContracts.cs` -- DTOs for Surface.FS pointer operations.
|
|
- **Scan Schedule Service**: `src/Scheduler/StellaOps.Scheduler.WebService/Scheduling/ScanScheduleService.cs` -- schedules vulnerability rescans prioritized by impact index.
|
|
- **Tests**: `src/Scheduler/__Tests/StellaOps.Scheduler.WebService.Tests/ImpactIndex/ImpactIndexServiceTests.cs`, `ImpactIndexEndpointsTests.cs`; `src/Scheduler/__Tests/StellaOps.Scheduler.WebService.Tests/SurfaceFs/SurfaceFsPointerServiceTests.cs`
|
|
|
|
## E2E Test Plan
|
|
- [ ] Compute an impact index for a component with a critical CVE in a production deployment and verify the score is higher than for the same CVE in a staging deployment.
|
|
- [ ] Create a Surface.FS pointer linking a scheduler job to an SBOM surface file and verify pointer lookup by job ID.
|
|
- [ ] Verify incremental rescan behavior for changed components only.
|
|
- [ ] Verify impact-based prioritization order for queued jobs.
|
|
- [ ] Query impact index scores via REST and verify descending sort.
|
|
|
|
## Missing Implementation Evidence
|
|
- Tier 0 run-001 found 7/7 referenced implementation files missing under `src/Scheduler/StellaOps.Scheduler.WebService/ImpactIndex`, `src/Scheduler/StellaOps.Scheduler.WebService/SurfaceFs`, and `src/Scheduler/StellaOps.Scheduler.WebService/Scheduling`.
|
|
- Classification: `not_implemented` per FLOW (>50% key file references absent).
|
|
- Evidence: `docs/qa/feature-checks/runs/scheduler/scheduler-impactindex-and-surface-fs-pointers/run-001/tier0-source-check.json`
|