git.stella-ops.org/docs/features/unchecked/cli/evidence-pack-download-and-verification.md

Evidence Pack Download and Verification

Module

Cli

Status

IMPLEMENTED

Description

Full evidence pack system with UI for browsing, exporting, and ribbon/thread views. CLI for bundle export and verification. Dedicated Evidence Locker module for evidence storage.

Implementation Details

• Bundle Export: src/Cli/StellaOps.Cli/Commands/BundleExportCommand.cs -- BuildExportBundleCommand() for evidence bundle export
• Bundle Verify: src/Cli/StellaOps.Cli/Commands/BundleVerifyCommand.cs -- BuildVerifyBundleEnhancedCommand() for bundle verification
• Bundle Command Group: src/Cli/StellaOps.Cli/Commands/BundleCommandGroup.cs -- stella bundle commands
• Pack Client: src/Cli/StellaOps.Cli/Services/PackClient.cs / IPackClient.cs -- evidence pack API client
• DevPortal Verifier: src/Cli/StellaOps.Cli/Services/DevPortalBundleVerifier.cs / IDevPortalBundleVerifier.cs
• Tests: src/Cli/__Tests/StellaOps.Cli.Tests/Commands/VerifyBundleCommandTests.cs, src/Cli/__Tests/StellaOps.Cli.Tests/Services/DevPortalBundleVerifierTests.cs
• Commands:
  • stella bundle export <digest> --output <path> -- export evidence bundle
  • stella bundle verify <path> -- verify bundle integrity with manifest hash checking
  • stella evidence list-packs -- list available evidence packs

E2E Test Plan

• Run stella bundle export sha256:abc123 --output ./bundle/ and verify bundle created
• Run stella bundle verify ./bundle/ and verify integrity check passes
• Run stella bundle verify with tampered bundle and verify failure detected
• Run stella evidence list-packs and verify packs listed
• Verify bundle contains all evidence artifacts (verdict, policy, SBOM, attestations)
• Verify --format json output