stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
bc4318ef971247e18c9c05f8b7838880f6584dc3
git.stella-ops.org/docs2/observability-standards.md
master bc4318ef97 Add tests for SBOM generation determinism across multiple formats 
- Created `StellaOps.TestKit.Tests` project for unit tests related to determinism.
- Implemented `DeterminismManifestTests` to validate deterministic output for canonical bytes and strings, file read/write operations, and error handling for invalid schema versions.
- Added `SbomDeterminismTests` to ensure identical inputs produce consistent SBOMs across SPDX 3.0.1 and CycloneDX 1.6/1.7 formats, including parallel execution tests.
- Updated project references in `StellaOps.Integration.Determinism` to include the new determinism testing library.
2025-12-23 18:56:12 +02:00

30 lines
1.4 KiB
Markdown
Raw Blame History

# Observability standards
Common envelope fields
- Trace context: trace_id, span_id, trace_flags; propagate W3C traceparent and baggage.
- Tenant and workload: tenant, workload (service), region, env, version.
- Subject: component, operation, resource (purl or uri when safe).
- Timing: UTC ISO-8601 timestamp; durations in milliseconds.
- Outcome: status (ok, error, fault, throttle), error.code, redacted error.message, retryable.
Scrubbing policy
- Denylist PII and secrets: emails, tokens, auth headers, private keys, passwords.
- Redact to "[redacted]" and add redaction.reason (secret, pii, tenant_policy).
- Hash low-cardinality identifiers with sha256 and mark hashed=true.
- Never log full request or response bodies; store hashes and lengths only.
Sampling defaults
- Traces: 10% non-prod, 5% prod; always sample error or audit spans.
- Logs: info logs rate-limited; warn and error never sampled.
- Metrics: never sampled; stable histogram buckets per component.
Redaction override
- Overrides require a ticket id and are time-bound.
- Config: telemetry.redaction.overrides and telemetry.redaction.override_ttl (default 24h).
- Emit telemetry.redaction.audit with actor, fields, and TTL.
Determinism and offline
- No external enrichers; use bundled service maps and tenant metadata only.
- Export ordering: timestamp, workload, operation.
- Always use UTC; NDJSON for log exports.
Reference in New Issue View Git Blame Copy Permalink