stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
e716bc6adca8d1a3ac5a24ad491e5fa99e31cf1c
git.stella-ops.org/docs/features/unchecked/attestor/multi-tenant-postgresql-with-rls-and-schema-isolation.md

2.7 KiB
Raw Blame History

Multi-tenant PostgreSQL with RLS and Schema Isolation

Module

Attestor

Status

IMPLEMENTED

Description

Module-scoped PostgreSQL schemas with RLS policies, tenant-scoped tables with required columns (id, tenant_id, created_at, updated_at), JSONB-first patterns, and queue patterns (SKIP LOCKED).

Implementation Details

  • DbContext: src/Attestor/__Libraries/StellaOps.Attestor.Persistence/ProofChainDbContext.cs -- EF Core DbContext with tenant-scoped queries, RLS policy application, and schema isolation.
  • Entities:
    • Entities/DsseEnvelopeEntity.cs -- persisted DSSE envelope with tenant_id, created_at, updated_at.
    • Entities/RekorEntryEntity.cs -- persisted Rekor log entry with tenant_id.
    • Entities/SbomEntryEntity.cs -- persisted SBOM entry with tenant_id.
    • Entities/SpineEntity.cs -- persisted proof spine with tenant_id.
    • Entities/TrustAnchorEntity.cs -- persisted trust anchor with tenant_id.
    • Entities/VerdictLedgerEntry.cs -- persisted verdict ledger entry with tenant_id.
    • Entities/AuditLogEntity.cs -- audit log with tenant_id.
  • Repositories:
    • Repositories/IProofChainRepository.cs -- repository interface for proof chain entities.
    • Repositories/IVerdictLedgerRepository.cs -- repository interface for verdict ledger.
    • Repositories/PostgresVerdictLedgerRepository.cs -- PostgreSQL implementation with tenant-scoped queries.
  • Migrations: Migrations/ -- EF Core migrations defining schema, RLS policies, and indexes.
  • Queue: StellaOps.Attestor.Core/Queue/IRekorSubmissionQueue.cs -- durable queue using SKIP LOCKED pattern for concurrent processing.
  • Services: __Libraries/StellaOps.Attestor.Persistence/Services/ -- data access services.
  • Performance: __Libraries/StellaOps.Attestor.Persistence/Perf/ -- performance-related configurations.
  • Tests: __Tests/StellaOps.Attestor.Persistence.Tests/

E2E Test Plan

  • Create entities (DsseEnvelope, RekorEntry, Spine) for tenant A and verify they are not visible when querying as tenant B (RLS enforcement)
  • Verify all entities have required columns: id, tenant_id, created_at, updated_at
  • Create a VerdictLedgerEntry via PostgresVerdictLedgerRepository and verify it is persisted with correct tenant_id
  • Submit items to IRekorSubmissionQueue from multiple tenants and verify SKIP LOCKED processing handles concurrent consumers without duplicates
  • Verify JSONB columns store and retrieve complex predicate data correctly
  • Run a migration against a fresh database and verify the schema is created with RLS policies enabled
  • Verify AuditLogEntity captures creation/update events with tenant context