stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
e9aeadc04084353889b1c9dbf4487f5316f4421e
git.stella-ops.org/docs/features/checked/attestor/postgresql-persistence-layer.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

3.3 KiB
Raw Blame History

PostgreSQL Persistence Layer (Per-Module Schemas, Migrations, RLS)

Module

Attestor

Status

VERIFIED

Description

PostgreSQL persistence is implemented for Attestor, Scanner, Policy, and TrustVerdict modules with Npgsql, migrations, and repository patterns. Full blueprint (RLS scaffolds, temporal tables for Unknowns, materialized views for triage) is partially realized; not all modules have dedicated schemas.

What's Implemented

  • Proof Chain DB Context: src/Attestor/__Libraries/StellaOps.Attestor.Persistence/ProofChainDbContext.cs -- EF Core DbContext for proof chain entities.
  • Proof Chain Repository: Persistence/Repositories/IProofChainRepository.cs -- repository interface for proof chain operations.
  • Verdict Ledger Repository: Persistence/Repositories/PostgresVerdictLedgerRepository.cs -- PostgreSQL verdict ledger with append-only semantics.
  • Trust Verdict Repository: __Libraries/StellaOps.Attestor.TrustVerdict/Persistence/PostgresTrustVerdictRepository.cs (with .Store, .GetById, .Query, .Delete, .Stats) -- PostgreSQL trust verdict persistence.
  • Watchlist Repository: __Libraries/StellaOps.Attestor.Watchlist/Storage/PostgresWatchlistRepository.cs (with .List, .Mapping, .Sql, .Upsert) -- PostgreSQL watchlist persistence.
  • Rekor Checkpoint Store: StellaOps.Attestor.Storage/Rekor/PostgresRekorCheckpointStore.cs -- Rekor checkpoint persistence.
  • Rekor Submission Queue: Infrastructure/Queue/PostgresRekorSubmissionQueue.cs -- PostgreSQL-backed submission queue.
  • Persistence Entities: Persistence/Entities/ -- VerdictLedgerEntry, RekorEntryEntity, TrustAnchorEntity, and others.
  • Migrations: TrustVerdict/Migrations/ -- database migration files.

What's Missing

  • Per-module schema isolation: Not all modules use dedicated PostgreSQL schemas (e.g., attestor., verdict., watchlist.). Some share the default schema.
  • Row-Level Security (RLS): RLS policies for multi-tenant isolation are not scaffolded. Tenant filtering relies on application-level WHERE clauses.
  • Temporal tables for Unknowns: No temporal table implementation for tracking unknown state over time with system-versioned history.
  • Materialized views for triage: No materialized views aggregating triage data for fast dashboard queries.
  • Connection pooling configuration: No explicit PgBouncer or Npgsql connection pool tuning for high-concurrency workloads.
  • Database health checks: No dedicated PostgreSQL health check beyond basic connectivity.

Implementation Plan

  • Implement per-module schema isolation with schema-qualified table names
  • Scaffold RLS policies for tenant isolation with PostgreSQL policies
  • Add temporal tables for Unknowns module using PostgreSQL system versioning
  • Create materialized views for triage dashboard aggregation
  • Configure connection pooling with Npgsql tuning parameters
  • Add PostgreSQL health checks with latency and connection pool monitoring
  • Add migration tests validating schema changes

Related Documentation

  • Source: See feature catalog

Verification

Check Result
Tier 0 - Source Verification PASS
Tier 1 - Build + Code Review PASS
Tier 2 - Behavioral Verification PASS
Verified Date 2026-02-13
Run ID run-001