ea970ead2a
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
sdk-generator-smoke / sdk-smoke (push) Has been cancelled
SDK Publish & Sign / sdk-publish (push) Has been cancelled
api-governance / spectral-lint (push) Has been cancelled
oas-ci / oas-validate (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
45 lines
1.5 KiB
C#
45 lines
1.5 KiB
C#
namespace StellaOps.AirGap.Controller.Options;
|
|
|
|
public sealed class AirGapStartupOptions
|
|
{
|
|
/// <summary>
|
|
/// Tenant to validate at startup. Defaults to single-tenant controller deployment.
|
|
/// </summary>
|
|
public string TenantId { get; set; } = "default";
|
|
|
|
/// <summary>
|
|
/// Optional egress allowlist. When null, startup diagnostics consider it missing.
|
|
/// </summary>
|
|
public string[]? EgressAllowlist { get; set; }
|
|
= null;
|
|
|
|
/// <summary>
|
|
/// Trust material required to prove bundles and egress policy inputs are present.
|
|
/// </summary>
|
|
public TrustMaterialOptions Trust { get; set; } = new();
|
|
|
|
/// <summary>
|
|
/// Pending root rotation metadata; validated when pending keys exist.
|
|
/// </summary>
|
|
public RotationOptions Rotation { get; set; } = new();
|
|
}
|
|
|
|
public sealed class TrustMaterialOptions
|
|
{
|
|
public string RootJsonPath { get; set; } = string.Empty;
|
|
public string SnapshotJsonPath { get; set; } = string.Empty;
|
|
public string TimestampJsonPath { get; set; } = string.Empty;
|
|
|
|
public bool IsConfigured =>
|
|
!string.IsNullOrWhiteSpace(RootJsonPath)
|
|
&& !string.IsNullOrWhiteSpace(SnapshotJsonPath)
|
|
&& !string.IsNullOrWhiteSpace(TimestampJsonPath);
|
|
}
|
|
|
|
public sealed class RotationOptions
|
|
{
|
|
public Dictionary<string, string> ActiveKeys { get; set; } = new(StringComparer.Ordinal);
|
|
public Dictionary<string, string> PendingKeys { get; set; } = new(StringComparer.Ordinal);
|
|
public List<string> ApproverIds { get; set; } = new();
|
|
}
|