125 lines
3.3 KiB
C#
125 lines
3.3 KiB
C#
using System.Text.Json.Serialization;
|
|
|
|
namespace StellaOps.Policy.Determinization.Models;
|
|
|
|
/// <summary>
|
|
/// Guardrails policy configuration for uncertain observations.
|
|
/// Defines monitoring/restrictions when evidence is incomplete.
|
|
/// </summary>
|
|
public sealed record GuardRails
|
|
{
|
|
/// <summary>
|
|
/// Enable runtime monitoring.
|
|
/// </summary>
|
|
[JsonPropertyName("enable_monitoring")]
|
|
public required bool EnableMonitoring { get; init; }
|
|
|
|
/// <summary>
|
|
/// Restrict deployment to non-production environments.
|
|
/// </summary>
|
|
[JsonPropertyName("restrict_to_non_prod")]
|
|
public required bool RestrictToNonProd { get; init; }
|
|
|
|
/// <summary>
|
|
/// Require manual approval before deployment.
|
|
/// </summary>
|
|
[JsonPropertyName("require_approval")]
|
|
public required bool RequireApproval { get; init; }
|
|
|
|
/// <summary>
|
|
/// Schedule automatic re-evaluation after this duration.
|
|
/// </summary>
|
|
[JsonPropertyName("reeval_after")]
|
|
public TimeSpan? ReevalAfter { get; init; }
|
|
|
|
/// <summary>
|
|
/// Additional notes/rationale for guardrails.
|
|
/// </summary>
|
|
[JsonPropertyName("notes")]
|
|
public string? Notes { get; init; }
|
|
|
|
/// <summary>
|
|
/// Default guardrails instance with safe settings.
|
|
/// </summary>
|
|
public static GuardRails Default { get; } = new()
|
|
{
|
|
EnableMonitoring = true,
|
|
RestrictToNonProd = false,
|
|
RequireApproval = false,
|
|
ReevalAfter = TimeSpan.FromDays(7),
|
|
Notes = null
|
|
};
|
|
|
|
/// <summary>
|
|
/// Creates GuardRails with default safe settings.
|
|
/// </summary>
|
|
public static GuardRails CreateDefault() => new()
|
|
{
|
|
EnableMonitoring = true,
|
|
RestrictToNonProd = false,
|
|
RequireApproval = false,
|
|
ReevalAfter = TimeSpan.FromDays(7),
|
|
Notes = null
|
|
};
|
|
|
|
/// <summary>
|
|
/// Creates GuardRails for high-uncertainty observations.
|
|
/// </summary>
|
|
public static GuardRails Strict() => new()
|
|
{
|
|
EnableMonitoring = true,
|
|
RestrictToNonProd = true,
|
|
RequireApproval = true,
|
|
ReevalAfter = TimeSpan.FromDays(3),
|
|
Notes = "High uncertainty - strict guardrails applied"
|
|
};
|
|
|
|
/// <summary>
|
|
/// Creates GuardRails with no restrictions (all evidence present).
|
|
/// </summary>
|
|
public static GuardRails None() => new()
|
|
{
|
|
EnableMonitoring = false,
|
|
RestrictToNonProd = false,
|
|
RequireApproval = false,
|
|
ReevalAfter = null,
|
|
Notes = null
|
|
};
|
|
}
|
|
|
|
/// <summary>
|
|
/// Deployment environment classification.
|
|
/// </summary>
|
|
public enum DeploymentEnvironment
|
|
{
|
|
/// <summary>Development environment.</summary>
|
|
Development = 0,
|
|
|
|
/// <summary>Testing environment.</summary>
|
|
Testing = 1,
|
|
|
|
/// <summary>Staging/pre-production environment.</summary>
|
|
Staging = 2,
|
|
|
|
/// <summary>Production environment.</summary>
|
|
Production = 3
|
|
}
|
|
|
|
/// <summary>
|
|
/// Asset criticality classification.
|
|
/// </summary>
|
|
public enum AssetCriticality
|
|
{
|
|
/// <summary>Low criticality - minimal impact if compromised.</summary>
|
|
Low = 0,
|
|
|
|
/// <summary>Medium criticality - moderate impact.</summary>
|
|
Medium = 1,
|
|
|
|
/// <summary>High criticality - significant impact.</summary>
|
|
High = 2,
|
|
|
|
/// <summary>Critical - severe impact if compromised.</summary>
|
|
Critical = 3
|
|
}
|