stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
aaae7d771d32c0428ded19aa3fa414b38ce0f590
git.stella-ops.org/docs/features/checked/packsregistry/packs-registry-service-with-mirroring-and-compliance-dashboards.md
master 5bca406787 save checkpoint: save features
2026-02-12 10:27:23 +02:00

6.4 KiB
Raw Blame History

Packs Registry Service with Mirroring and Compliance Dashboards

Module

PacksRegistry

Status

VERIFIED

Description

Registry service for managing pack lifecycle (publish, version, deprecate) with mirroring support for air-gapped environments, attestation integration, and compliance dashboard APIs.

Implementation Details

  • Pack Service: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Services/PackService.cs -- core pack lifecycle operations: publish, query, version, and deprecate packs.
  • Mirror Service: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Services/MirrorService.cs -- manages mirror sources for air-gapped pack distribution.
  • Attestation Service: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Services/AttestationService.cs -- manages attestation records for packs, verifying pack provenance and signatures.
  • Compliance Service: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Services/ComplianceService.cs -- computes compliance summaries for pack registries (attestation coverage, signature verification status).
  • Lifecycle Service: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Services/LifecycleService.cs -- manages pack lifecycle transitions (active, deprecated, archived).
  • Parity Service: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Services/ParityService.cs -- tracks parity between primary and mirror registries.
  • Export Service: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Services/ExportService.cs -- exports pack data for offline/air-gap seeding.
  • Core Contracts: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Contracts/ -- interfaces: IPackRepository.cs, IMirrorRepository.cs, IAttestationRepository.cs, IAuditRepository.cs, ILifecycleRepository.cs, IParityRepository.cs, IPackSignatureVerifier.cs.
  • Core Models: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Core/Models/ -- PackRecord.cs, MirrorSourceRecord.cs, AttestationRecord.cs, AuditRecord.cs, LifecycleRecord.cs, ParityRecord.cs, PackPolicyOptions.cs.
  • Web API Contracts: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.WebService/Contracts/ -- DTOs: PackUploadRequest.cs, PackResponse.cs, PackManifestResponse.cs, MirrorRequest.cs, MirrorResponse.cs, MirrorSyncRequest.cs, AttestationUploadRequest.cs, AttestationResponse.cs, ComplianceSummaryResponse.cs, LifecycleRequest.cs, LifecycleResponse.cs, ParityRequest.cs, ParityResponse.cs, OfflineSeedRequest.cs, RotateSignatureRequest.cs.
  • Infrastructure (File System): src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Infrastructure/FileSystem/ -- file-based repository implementations: FilePackRepository.cs, FileMirrorRepository.cs, FileAttestationRepository.cs, FileAuditRepository.cs, FileLifecycleRepository.cs, FileParityRepository.cs.
  • Infrastructure (InMemory): src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Infrastructure/InMemory/ -- in-memory repository implementations for testing.
  • Signature Verification: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Infrastructure/Verification/RsaSignatureVerifier.cs, SimpleSignatureVerifier.cs -- RSA and simple signature verification for pack integrity.
  • Postgres Persistence: src/PacksRegistry/__Libraries/StellaOps.PacksRegistry.Persistence/Postgres/Repositories/ -- PostgresPackRepository.cs, PostgresMirrorRepository.cs, PostgresAttestationRepository.cs, PostgresAuditRepository.cs, PostgresLifecycleRepository.cs, PostgresParityRepository.cs.
  • EF Core Context: src/PacksRegistry/__Libraries/StellaOps.PacksRegistry.Persistence/EfCore/Context/PacksRegistryDbContext.cs -- Entity Framework Core context.
  • Worker: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Worker/Worker.cs -- background worker for mirror sync and parity checks.
  • Tests: src/PacksRegistry/StellaOps.PacksRegistry/StellaOps.PacksRegistry.Tests/PackServiceTests.cs, PacksApiTests.cs, FilePackRepositoryTests.cs, ExportServiceTests.cs, RsaSignatureVerifierTests.cs; src/PacksRegistry/__Tests/StellaOps.PacksRegistry.Persistence.Tests/PostgresPackRepositoryTests.cs

E2E Test Plan

  • Publish a pack via the REST API and verify it is stored in the registry with correct metadata (name, version, digest)
  • Configure a mirror source and trigger a sync; verify the pack is replicated to the mirror with matching digest
  • Upload an attestation for a published pack and verify the compliance dashboard endpoint reports the pack as attested
  • Deprecate a pack via lifecycle API and verify it is no longer returned in active pack queries but remains queryable with a deprecated filter
  • Verify parity check: publish a pack, sync to mirror, then update parity state and confirm the mirror is reported as out-of-sync
  • Export packs for offline seeding and verify the exported bundle contains all pack data and attestations needed for air-gap import
  • Verify RSA signature verification logic via RsaSignatureVerifierTests in Tier 1.

Verification

  • Verified on 2026-02-11 via FLOW Tier 0/1/2 loop.
  • Initial behavioral replay (run-001) failed on three contract gaps (attestation coverage metric, deprecated-list filtering, attestation export artifacts):
    • docs/qa/feature-checks/runs/packsregistry/packs-registry-service-with-mirroring-and-compliance-dashboards/run-001/tier2-api-check.json
    • docs/qa/feature-checks/runs/packsregistry/packs-registry-service-with-mirroring-and-compliance-dashboards/run-001/triage.json
  • Gaps were fixed in-module and retested with full pass (run-002):
    • Tier 0 source check: docs/qa/feature-checks/runs/packsregistry/packs-registry-service-with-mirroring-and-compliance-dashboards/run-002/tier0-source-check.json
    • Tier 1 build/tests: docs/qa/feature-checks/runs/packsregistry/packs-registry-service-with-mirroring-and-compliance-dashboards/run-002/tier1-build-check.json
    • Tier 2 API replay: docs/qa/feature-checks/runs/packsregistry/packs-registry-service-with-mirroring-and-compliance-dashboards/run-002/tier2-api-check.json
    • Retest closure: docs/qa/feature-checks/runs/packsregistry/packs-registry-service-with-mirroring-and-compliance-dashboards/run-002/retest-result.json