stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
cf5b72974f923126944f4dcd47e85864ebb31a3b
git.stella-ops.org/docs/features/unchecked/sbomservice/sbom-service-registry-source-integration.md

2.2 KiB
Raw Blame History

SBOM Service Registry Source Integration

Module

SbomService

Status

IMPLEMENTED

Description

Registry webhook and source management endpoints allowing container registries to push SBOM metadata events and manage trusted source configurations.

Implementation Details

  • Registry source controller: src/SbomService/StellaOps.SbomService/Controllers/RegistrySourceController.cs -- REST endpoints for managing trusted registry source configurations
  • Registry webhook controller: src/SbomService/StellaOps.SbomService/Controllers/RegistryWebhookController.cs -- endpoints for receiving container registry push/tag events
  • Registry source service: src/SbomService/StellaOps.SbomService/Services/RegistrySourceService.cs -- source configuration management logic
  • Registry webhook service: src/SbomService/StellaOps.SbomService/Services/RegistryWebhookService.cs -- webhook event processing
  • Registry discovery service: src/SbomService/StellaOps.SbomService/Services/RegistryDiscoveryService.cs -- auto-discovery of registry sources
  • Scan job emitter: src/SbomService/StellaOps.SbomService/Services/ScanJobEmitterService.cs -- emits scan jobs when webhook events arrive
  • Query options: src/SbomService/StellaOps.SbomService/Services/RegistrySourceQueryOptions.cs -- query filtering for registry sources
  • Models: src/SbomService/StellaOps.SbomService/Models/RegistrySourceModels.cs -- registry source configuration models
  • Repository: src/SbomService/StellaOps.SbomService/Repositories/IRegistrySourceRepository.cs, RegistrySourceRepositories.cs -- registry source persistence
  • Tests: src/SbomService/StellaOps.SbomService.Tests/RegistrySourceServiceTests.cs, RegistryDiscoveryServiceTests.cs, RegistryWebhookServiceTests.cs, ScanJobEmitterServiceTests.cs
  • Source: SPRINT_0142_0001_0001_sbomservice.md

E2E Test Plan

  • Verify registry source CRUD operations through REST API
  • Test webhook event processing for container registry push events
  • Verify scan job emission when new images are pushed
  • Test registry auto-discovery service
  • Verify tenant isolation in registry source configurations