stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
eca4e964d3b7c65aeecca0c43b309b6157f623ee
git.stella-ops.org/src/EvidenceLocker/StellaOps.EvidenceLocker/Storage/IVerdictRepository.cs
StellaOps Bot eca4e964d3 save audit remarks applications progress
2026-01-04 22:49:53 +02:00

100 lines
3.5 KiB
C#
Raw Blame History

namespace StellaOps.EvidenceLocker.Storage;
/// <summary>
/// Repository for storing and retrieving verdict attestations.
/// </summary>
public interface IVerdictRepository
{
/// <summary>
/// Stores a verdict attestation.
/// </summary>
Task<string> StoreVerdictAsync(
VerdictAttestationRecord record,
CancellationToken cancellationToken = default);
/// <summary>
/// Retrieves a verdict attestation by ID.
/// </summary>
Task<VerdictAttestationRecord?> GetVerdictAsync(
string verdictId,
CancellationToken cancellationToken = default);
/// <summary>
/// Lists verdict attestations for a policy run.
/// </summary>
Task<IReadOnlyList<VerdictAttestationSummary>> ListVerdictsForRunAsync(
string runId,
VerdictListOptions options,
CancellationToken cancellationToken = default);
/// <summary>
/// Lists verdict attestations for a tenant with filters.
/// </summary>
Task<IReadOnlyList<VerdictAttestationSummary>> ListVerdictsAsync(
string tenantId,
VerdictListOptions options,
CancellationToken cancellationToken = default);
/// <summary>
/// Counts verdict attestations for a policy run.
/// </summary>
Task<int> CountVerdictsForRunAsync(
string runId,
VerdictListOptions options,
CancellationToken cancellationToken = default);
}
/// <summary>
/// Complete verdict attestation record (includes DSSE envelope).
/// </summary>
public sealed record VerdictAttestationRecord
{
public required string VerdictId { get; init; }
public required string TenantId { get; init; }
public required string RunId { get; init; }
public required string PolicyId { get; init; }
public required int PolicyVersion { get; init; }
public required string FindingId { get; init; }
public required string VerdictStatus { get; init; }
public required string VerdictSeverity { get; init; }
public required decimal VerdictScore { get; init; }
public required DateTimeOffset EvaluatedAt { get; init; }
public required string Envelope { get; init; } // JSONB as string
public required string PredicateDigest { get; init; }
public string? DeterminismHash { get; init; }
public long? RekorLogIndex { get; init; }
public required DateTimeOffset CreatedAt { get; init; }
}
/// <summary>
/// Summary of a verdict attestation (without full envelope).
/// </summary>
public sealed record VerdictAttestationSummary
{
public required string VerdictId { get; init; }
public required string TenantId { get; init; }
public required string RunId { get; init; }
public required string PolicyId { get; init; }
public required int PolicyVersion { get; init; }
public required string FindingId { get; init; }
public required string VerdictStatus { get; init; }
public required string VerdictSeverity { get; init; }
public required decimal VerdictScore { get; init; }
public required DateTimeOffset EvaluatedAt { get; init; }
public required string PredicateDigest { get; init; }
public string? DeterminismHash { get; init; }
public long? RekorLogIndex { get; init; }
public DateTimeOffset CreatedAt { get; init; }
}
/// <summary>
/// Options for filtering verdict lists.
/// </summary>
public sealed class VerdictListOptions
{
public string? Status { get; set; }
public string? Severity { get; set; }
public int Limit { get; set; } = 50;
public int Offset { get; set; } = 0;
}
Reference in New Issue View Git Blame Copy Permalink