2.1 KiB
2.1 KiB
Key Rotation CLI
Module
Cli
Status
VERIFIED
Description
Comprehensive key rotation lifecycle: list keys (with include-revoked filtering), add, revoke, rotate, check status, view history, and verify validity.
Implementation Details
- Command Group:
src/Cli/StellaOps.Cli/Commands/KeysCommandGroup.cs--KeysCommandGroupforstella keyscommands - Key Rotation:
src/Cli/StellaOps.Cli/Commands/Proof/KeyRotationCommandGroup.cs-- key rotation operations - Issuer Keys:
src/Cli/StellaOps.Cli/Commands/IssuerKeysCommandGroup.cs-- issuer key management - Commands:
stella keys list-- list signing keys. Options:--include-revokedstella keys add --algorithm <alg> --label <label>-- add a new signing keystella keys revoke <key-id>-- revoke a signing keystella keys rotate-- rotate to a new active keystella keys status-- check key status and validitystella keys history-- view key rotation historystella keys verify <key-id>-- verify key validity
E2E Test Plan
- Run
stella keys listand verify active keys displayed - Run
stella keys list --include-revokedand verify revoked keys also shown - Run
stella keys add --algorithm ecdsa-sha256 --label "production-2024"and verify key added - Run
stella keys revoke <id>and verify key revoked - Run
stella keys rotateand verify new active key generated - Run
stella keys statusand verify key validity status - Run
stella keys historyand verify rotation history timeline - Run
stella keys verify <id>and verify key validity check
Verification
- Verified: 2026-02-13T15:30:00Z
- Tier 0 (Source): pass -- all referenced source files exist on disk
- Tier 1 (Build): pass -- module builds cleanly, 87 tests pass in StellaOps.Cli.Auth.Tests
- Tier 2d (Integration): pass -- targeted integration tests confirm behavioral correctness
- Test Project:
src/Cli/__Tests/StellaOps.Cli.Auth.Tests/StellaOps.Cli.Auth.Tests.csproj - Evidence:
docs/qa/feature-checks/runs/cli/key-rotation-cli/run-001/tier2-integration-check.json