git.stella-ops.org/src/ExportCenter/StellaOps.ExportCenter.RiskBundles/RiskBundleModels.cs

using System.Text.Json.Serialization;

namespace StellaOps.ExportCenter.RiskBundles;

public sealed record RiskBundleProviderInput(
    string ProviderId,
    string SourcePath,
    string Source,
    string? SignaturePath = null,
    bool Optional = false,
    DateOnly? SnapshotDate = null);

public sealed record RiskBundleProviderEntry(
    string ProviderId,
    string Source,
    DateOnly? SnapshotDate,
    string Sha256,
    string? SignatureSha256,
    long SizeBytes,
    bool Optional,
    string BundlePath,
    string SourceFilePath,
    string? SignaturePath);

public sealed record RiskBundleManifest(
    string Version,
    Guid BundleId,
    DateTimeOffset CreatedAt,
    IReadOnlyList<RiskBundleProviderEntry> Providers,
    string InputsHash);

public sealed record RiskBundleBuildRequest(
    Guid BundleId,
    IReadOnlyList<RiskBundleProviderInput> Providers,
    string? BundleFileName = null,
    string BundlePrefix = "risk-bundles",
    string ManifestFileName = "provider-manifest.json",
    string ManifestDsseFileName = "provider-manifest.dsse",
    bool AllowMissingOptional = true,
    bool AllowStaleOptional = true,
    bool IncludeOsv = false);

public sealed record RiskBundleBuildResult(
    RiskBundleManifest Manifest,
    string ManifestJson,
    string RootHash,
    MemoryStream BundleStream);