stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
b851aa8300b7febfb2e661443c8e39df13fa4e22
git.stella-ops.org/docs/features/checked/cli/scan-reproducibility-verification-flag.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

1.5 KiB
Raw Blame History

Scan Reproducibility Verification Flag

Module

Cli

Status

VERIFIED

Description

CLI flag to trigger reproducibility verification (rebuild) during scans, verifying whether builds are reproducible as part of the build provenance verification pipeline.

Implementation Details

  • Scan Commands: src/Cli/StellaOps.Cli/Commands/Scan/ -- scan command extensions
  • Provenance Commands: src/Cli/StellaOps.Cli/Commands/ProvCommandGroup.cs -- provenance verification
  • Commands:
    • stella scan run <image> --verify-reproducibility -- scan with reproducibility verification
    • stella prov verify <image> -- verify build provenance

E2E Test Plan

  • Run stella scan run myregistry/app:v1.0 --verify-reproducibility and verify reproducibility check
  • Verify reproducible build produces matching digest
  • Verify non-reproducible build is flagged
  • Run stella prov verify myregistry/app:v1.0 and verify provenance verification

Verification

  • Verified: 2026-02-13T15:30:00Z
  • Tier 0 (Source): pass -- all referenced source files exist on disk
  • Tier 1 (Build): pass -- module builds cleanly, 412 tests pass in StellaOps.Cli.Commands.Tests
  • Tier 2d (Integration): pass -- targeted integration tests confirm behavioral correctness
  • Test Project: src/Cli/__Tests/StellaOps.Cli.Commands.Tests/StellaOps.Cli.Commands.Tests.csproj
  • Evidence: docs/qa/feature-checks/runs/cli/scan-reproducibility-verification-flag/run-001/tier2-integration-check.json