stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
e716bc6adca8d1a3ac5a24ad491e5fa99e31cf1c
git.stella-ops.org/docs/features/unchecked/doctor/doctor-diagnostics-runner.md

2.4 KiB
Raw Blame History

Doctor Diagnostics Runner

Module

Doctor

Status

IMPLEMENTED

Description

Doctor plugin infrastructure with multiple plugins (Vex, BinaryAnalysis, Notify, Observability, Timestamping) providing health checks, diagnostics, and remediation commands is implemented.

Implementation Details

  • Plugin interface: src/Doctor/__Plugins/StellaOps.Doctor.Plugins.Core/IDoctorPlugin.cs -- base plugin contract
  • Plugins (14 total):
    • Agent: AgentDoctorPlugin.cs -- agent health (capacity, heartbeat, version, certificates, cluster, task queue)
    • Attestor: AttestorDoctorPlugin.cs -- Rekor, cosign, signing key, transparency log checks
    • Auth: AuthDoctorPlugin.cs -- OIDC, signing key, token service checks
    • BinaryAnalysis: BinaryAnalysisDoctorPlugin.cs -- debuginfod, buildinfo cache, corpus mirror, symbol recovery
    • Compliance: CompliancePlugin.cs -- audit readiness, evidence tamper, provenance completeness, attestation signing
    • Crypto: eIDAS, FIPS, GOST, HSM, SM crypto, cert chain validation checks
    • Environment: EnvironmentDoctorPlugin.cs -- connectivity, capacity, drift, secrets, network policy
    • EvidenceLocker: EvidenceLockerDoctorPlugin.cs -- evidence index, Merkle anchor, provenance chain
    • Notify: NotifyDoctorPlugin.cs -- Slack, Teams, Email, Webhook connectivity checks
    • Observability: ObservabilityDoctorPlugin.cs -- OTLP, Prometheus, log directory checks
    • Operations: OperationsDoctorPlugin.cs -- job queue, dead letter queue, scheduler checks
    • Policy: PolicyEngineHealthCheck.cs
    • Postgres: PostgresDoctorPlugin.cs -- connectivity, connection pool, migration status
    • Release: ReleaseDoctorPlugin.cs -- active release, environment readiness, promotion gates, rollback
    • Scanner: ScannerDoctorPlugin.cs -- SBOM generation, vulnerability scan, reachability, slice cache, witness graph
    • Storage: StorageDoctorPlugin.cs -- disk space, backup directory, evidence locker write
    • Timestamping: TimestampingHealthCheckPlugin.cs -- TSA, OCSP, CRL, time skew, evidence staleness
    • Vex: VexDoctorPlugin.cs -- VEX document validation, issuer trust, schema compliance
  • Source: Feature matrix scan

E2E Test Plan

  • Verify all 14+ plugins register and execute successfully
  • Test plugin discovery and loading mechanism
  • Verify each plugin category produces valid health check results
  • Test failure scenarios for each check type