stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
ac22ee3ce20dd18ddb231ba4e06d75c5003914ef
git.stella-ops.org/docs/features/checked/cli/cli-scan-command-consolidation.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

2.4 KiB
Raw Blame History

CLI Scan Command Consolidation

Module

Cli

Status

VERIFIED

Description

Unified stella scan command hub with run/download/workers/graph/secrets/image subcommands, consolidating previously separate scanning commands.

Implementation Details

  • Command Group: src/Cli/StellaOps.Cli/Commands/Scan/ -- consolidated scan command directory
  • Scan Graph: src/Cli/StellaOps.Cli/Commands/ScanGraphCommandGroup.cs -- scan graph commands
  • Scanner Executor: src/Cli/StellaOps.Cli/Services/ScannerExecutor.cs / IScannerExecutor.cs -- scanner execution service
  • Scanner Installer: src/Cli/StellaOps.Cli/Services/ScannerInstaller.cs / IScannerInstaller.cs -- scanner installation
  • Commands:
    • stella scan run <image> -- run a vulnerability scan. Options: --policy <file>, --format json|table|sarif, --sbom-format cdx|spdx
    • stella scan download -- download scanner binaries
    • stella scan workers -- manage scanner workers
    • stella scan graph -- scan graph operations
    • stella scan secrets <path> -- secrets scanning
    • stella scan image <image> -- image-specific scanning
  • Tests: src/Cli/__Tests/StellaOps.Cli.Tests/GoldenOutput/ScanCommandGoldenTests.cs, ScanCommandGoldenOutputTests.cs, ScannerDownloadVerifyTests.cs, ScannerWorkersCommandTests.cs

E2E Test Plan

  • Run stella scan run myregistry/app:v1.0 and verify scan execution with results
  • Run stella scan run --format sarif --output ./results.sarif and verify SARIF output
  • Run stella scan download and verify scanner binary download
  • Run stella scan workers list and verify worker status
  • Run stella scan secrets ./src and verify secrets scanning
  • Run stella scan image myregistry/app:v1.0 and verify image scanning
  • Verify golden output tests pass for scan commands
  • Verify exit codes: 0=clean, 1=vulnerabilities found, 2=error

Verification

  • Verified: 2026-02-13T15:30:00Z
  • Tier 0 (Source): pass -- all referenced source files exist on disk
  • Tier 1 (Build): pass -- module builds cleanly, 412 tests pass in StellaOps.Cli.Commands.Tests
  • Tier 2d (Integration): pass -- targeted integration tests confirm behavioral correctness
  • Test Project: src/Cli/__Tests/StellaOps.Cli.Commands.Tests/StellaOps.Cli.Commands.Tests.csproj
  • Evidence: docs/qa/feature-checks/runs/cli/cli-scan-command-consolidation/run-001/tier2-integration-check.json