2.3 KiB
2.3 KiB
TASKS
| Task | Owner(s) | Depends on | Notes |
|---|---|---|---|
| Fix method name typo GetExportRoot' -> GetExportRoot | BE-Export | Exporters | DONE – TrivyDbExportOptions.GetExportRoot helper added with unit coverage. |
| Implement BoltDB builder integration (v0 via trivy-db CLI) | BE-Export | Env | DONE – TrivyDbBoltBuilder shells trivy-db build against our JSON tree with deterministic packaging. |
| Pack db.tar.gz + metadata.json | BE-Export | Exporters | DONE – Builder output re-packed with fixed timestamps and zeroed gzip mtime. |
| ORAS push support | BE-Export | Exporters | DONE – Optional TrivyDbOrasPusher shells oras cp --from-oci-layout with configurable args/env. |
| Offline bundle toggle | BE-Export | Exporters | DONE – Deterministic OCI layout bundle emitted when enabled. |
| Deterministic ordering of advisories | BE-Export | Models | DONE – exporter now loads advisories, sorts by advisoryKey, and emits sorted JSON trees with deterministic OCI payloads. |
| End-to-end tests with small dataset | QA | Exporters | DONE – added deterministic round-trip test covering OCI layout, media types, and digest stability w/ repeated inputs. |
| ExportState persistence & idempotence | BE-Export | Storage.Mongo | DONE – baseline resets wired into ExportStateManager, planner signals resets after delta runs, and exporters update state w/ repository-aware baseline rotation + tests. |
| Streamed package building to avoid large copies | BE-Export | Exporters | DONE – metadata/config now reuse backing arrays and OCI writer streams directly without double buffering. |
| Plan incremental/delta exports | BE-Export | Exporters | DONE – state captures per-file manifests, planner schedules delta vs full resets, layer reuse smoke test verifies OCI reuse, and operator guide documents the validation flow. |
| Advisory schema parity export (description/CWEs/canonical metric) | BE-Export | Models, Core | DONE (2025-10-15) – exporter/test fixtures updated to handle description/CWEs/canonical metric fields during Trivy DB packaging; dotnet test src/StellaOps.Concelier.Exporter.TrivyDb.Tests re-run 2025-10-15 to confirm coverage. |
| CONCELIER-EXPORT-08-202 – Mirror-ready Trivy DB bundles | Team Concelier Export | CONCELIER-EXPORT-08-201 | TODO – Generate domain-specific Trivy DB archives + metadata manifest, ensure deterministic digests, and document sync process for downstream Concelier nodes. |