2.0 KiB
2.0 KiB
Audit - StellaOps.Zastava.Webhook
Project
- Path:
src/Zastava/StellaOps.Zastava.Webhook/StellaOps.Zastava.Webhook.csproj - Module:
Zastava - Kind:
WebService - SDK:
Microsoft.NET.Sdk.Web - TargetFramework:
net10.0 - Audit date (UTC): 2026-01-30
Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 8
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
Details
- 100-line files:
src/Zastava/StellaOps.Zastava.Webhook/Admission/RuntimeAdmissionPolicyService.cs(359 lines)src/Zastava/StellaOps.Zastava.Webhook/Admission/FacetAdmissionValidator.cs(252 lines)src/Zastava/StellaOps.Zastava.Webhook/Admission/AdmissionResponseBuilder.cs(226 lines)src/Zastava/StellaOps.Zastava.Webhook/Configuration/ZastavaWebhookOptions.cs(179 lines)src/Zastava/StellaOps.Zastava.Webhook/Admission/AdmissionReviewParser.cs(154 lines)src/Zastava/StellaOps.Zastava.Webhook/DependencyInjection/ServiceCollectionExtensions.cs(127 lines)src/Zastava/StellaOps.Zastava.Webhook/Backend/RuntimePolicyClient.cs(115 lines)src/Zastava/StellaOps.Zastava.Webhook/Certificates/SecretFileCertificateSource.cs(103 lines)
- Service locator matches:
- none
Fix Guidance
- Split files over 100 lines into smaller types or partials.
Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Zastava/__Tests/StellaOps.Zastava.Webhook.Tests/StellaOps.Zastava.Webhook.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
Manual checks required
- Observability contract tests for WebService/Worker.
- Offline execution (tests must run without network access).
Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.