stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
cf5b72974f923126944f4dcd47e85864ebb31a3b
git.stella-ops.org/docs/features/unchecked/policy/ci-cd-gate-exit-code-convention.md

3.4 KiB
Raw Blame History

CI/CD Gate Exit Code Convention

Module

Policy

Status

IMPLEMENTED

Description

Standardized CI exit code convention for gate evaluation: 0=Pass, 1=Warn (configurable pass-through), 2=Fail/Block, 10+=errors. The stella gate evaluate CLI command returns these exit codes, enabling direct CI/CD pipeline integration without parsing output.

Implementation Details

  • PolicyGateEvaluator: src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs -- PolicyGateEvaluator (sealed class implements IPolicyGateEvaluator)
    • Sprint: SPRINT_20251226_001_BE_cicd_gate_integration
    • EvaluateAsync(PolicyGateRequest) returns PolicyGateDecision with decision type: Allow, Warn, Block
    • Evaluates gates in sequence: Evidence Completeness -> Lattice State -> VEX Trust -> Uncertainty Tier -> Confidence Threshold
    • Short-circuits on first Block (subsequent gates skipped)
    • Override support: AllowOverride with OverrideJustification and minimum length validation
  • PolicyGateDecision: src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateDecision.cs -- decision model
    • PolicyGateDecisionType: Allow, Warn, Block
    • Contains: GateId, RequestedStatus, Subject, Evidence, Gates (array of results), Advisory, BlockedBy, BlockReason, Suggestion
  • PolicyGateResultType: Pass, PassWithNote, Warn, Block, Skip -- per-gate evaluation outcomes
  • Exit Code Mapping (CLI integration):
    • Allow -> exit 0 (CI pass)
    • Warn -> exit 1 (CI configurable: pass-through or soft fail)
    • Block -> exit 2 (CI hard fail)
    • Error/Exception -> exit 10+ (CI infrastructure error)
  • Gate Types:
    • Evidence Completeness Gate: requires graphHash (DSSE-attested) and pathAnalysis for not_affected
    • Lattice State Gate: checks lattice state compatibility (CU allows not_affected; SR/RO/CR block not_affected)
    • VEX Trust Gate: minimum composite score and signature verification per environment
    • Uncertainty Tier Gate: T1 blocks not_affected, T2 warns, T3 note, T4 pass
    • Confidence Threshold Gate: warns below min confidence for not_affected
  • PolicyGateOptions: src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateOptions.cs -- configuration for gate thresholds
  • CLI Gate Command: src/Cli/StellaOps.Cli/Commands/ -- stella gate evaluate translates decision type to process exit code
  • Endpoints: src/Policy/StellaOps.Policy.Engine/Endpoints/PolicyDecisionEndpoint.cs -- HTTP API for gate evaluation

E2E Test Plan

  • Run stella gate evaluate with a passing scenario (all evidence present, CU lattice state, T4 uncertainty); verify exit code 0
  • Run stella gate evaluate with a warning scenario (SU lattice state for not_affected); verify exit code 1
  • Run stella gate evaluate with a blocking scenario (no graphHash for not_affected); verify exit code 2
  • Run stella gate evaluate with invalid input (missing required arguments); verify exit code >= 10
  • POST to policy decision endpoint with Block decision; verify response includes blockedBy, blockReason, and suggestion
  • POST with AllowOverride=true and valid justification; verify overridden Block becomes Warn with advisory message
  • POST with AllowOverride=true but justification too short; verify Block is not overridden
  • Verify VEX Trust gate returns Block when trust score below threshold for production environment
  • Verify CI pipeline integration: use exit code in if statement to gate deployment