stella-ops.org/git.stella-ops.org

Files

master 75f6942769

Docs CI / lint-and-preview (push) Has been cancelled

Details

Policy Lint & Smoke / policy-lint (push) Has been cancelled

Details

Concelier Attestation Tests / attestation-tests (push) Has been cancelled

Details

AOC Guard CI / aoc-guard (push) Has been cancelled

Details

AOC Guard CI / aoc-verify (push) Has been cancelled

Details

Add integration tests for migration categories and execution

- Implemented MigrationCategoryTests to validate migration categorization for startup, release, seed, and data migrations.
- Added tests for edge cases, including null, empty, and whitespace migration names.
- Created StartupMigrationHostTests to verify the behavior of the migration host with real PostgreSQL instances using Testcontainers.
- Included tests for migration execution, schema creation, and handling of pending release migrations.
- Added SQL migration files for testing: creating a test table, adding a column, a release migration, and seeding data.

2025-12-04 19:10:54 +02:00

5.0 KiB

Raw Blame History

CLI Auth.Client Migration Plan

Created: 2025-12-04 Status: COMPLETED Completed: 2025-12-04

Problem Statement

The CLI services used an older IStellaOpsTokenClient API that no longer exists. This document outlines the migration strategy and tracks completion.

Summary of Changes

Files Created

src/Cli/StellaOps.Cli/Extensions/StellaOpsTokenClientExtensions.cs - Compatibility shim methods

Files Modified

Service Files (Auth.Client API Migration)

OrchestratorClient.cs - Updated scope references
VexObservationsClient.cs - Updated to use GetAccessTokenAsync(string) extension, removed IsSuccess check
SbomerClient.cs - Fixed GetTokenAsync to use AccessToken property
ExceptionClient.cs - Updated token acquisition pattern
NotifyClient.cs - Updated token acquisition pattern
ObservabilityClient.cs - Updated token acquisition pattern
PackClient.cs - Updated token acquisition pattern
SbomClient.cs - Updated token acquisition pattern

Command Handlers (Signature Fixes)

CommandHandlers.cs:
- Fixed CreateLogger<CommandHandlers>() static type error (line 80)
- Fixed PolicyDsl diagnostic rendering (removed Line/Column/Suggestion, added Path)
CommandFactory.cs:
- Fixed HandleExceptionsListAsync argument order and count
- Fixed HandleExceptionsCreateAsync argument order, expiration type conversion
- Fixed HandleExceptionsPromoteAsync argument order
- Fixed HandleExceptionsExportAsync argument order and count
- Fixed HandleExceptionsImportAsync argument order

Model Updates

PolicyWorkspaceModels.cs - Updated PolicyDiagnostic class (replaced Line/Column/Span/Suggestion with Path)

Old API (Removed)

// Methods that no longer exist
Task<StellaOpsTokenResult> GetTokenAsync(StellaOpsTokenRequest request, CancellationToken ct);
Task<StellaOpsTokenResult> GetAccessTokenAsync(string[] scopes, CancellationToken ct);

// Types that no longer exist
class StellaOpsTokenRequest { string[] Scopes; }
static class StellaOpsScope { const string OrchRead = "orch:read"; }

// Properties removed from StellaOpsTokenResult
bool IsSuccess;

New API (Current)

interface IStellaOpsTokenClient
{
    Task<StellaOpsTokenResult> RequestClientCredentialsTokenAsync(
        string? scope = null,
        IReadOnlyDictionary<string, string>? additionalParameters = null,
        CancellationToken cancellationToken = default);

    ValueTask<StellaOpsTokenCacheEntry?> GetCachedTokenAsync(string key, CancellationToken ct);
    ValueTask CacheTokenAsync(string key, StellaOpsTokenCacheEntry entry, CancellationToken ct);
}

// StellaOpsTokenResult record properties:
// - AccessToken (string)
// - TokenType (string)
// - ExpiresAtUtc (DateTimeOffset)
// - Scopes (IReadOnlyList<string>)

Migration Approach

Extension Methods Created

public static class StellaOpsTokenClientExtensions
{
    // Single scope version
    public static async Task<StellaOpsTokenResult> GetAccessTokenAsync(
        this IStellaOpsTokenClient client,
        string scope,
        CancellationToken cancellationToken = default);

    // Multi-scope version
    public static async Task<StellaOpsTokenResult> GetAccessTokenAsync(
        this IStellaOpsTokenClient client,
        IEnumerable<string> scopes,
        CancellationToken cancellationToken = default);

    // Cached token version
    public static async Task<StellaOpsTokenCacheEntry> GetCachedAccessTokenAsync(
        this IStellaOpsTokenClient client,
        string scope,
        CancellationToken cancellationToken = default);

    // Parameterless version
    public static async Task<StellaOpsTokenResult> GetTokenAsync(
        this IStellaOpsTokenClient client,
        CancellationToken cancellationToken = default);
}

Scope Constants

Used StellaOpsScopes from StellaOps.Auth.Abstractions namespace (e.g., StellaOpsScopes.OrchRead, StellaOpsScopes.VexRead).

Build Results

Build succeeded with 0 errors, 6 warnings:

3x CS8629 nullable warnings in OutputRenderer.cs
1x CS0618 obsolete warning (VulnRead → VulnView)
1x SYSLIB0057 obsolete X509Certificate2 constructor
1x CS0219 unused variable warning

Implementation Checklist

Create StellaOpsTokenClientExtensions.cs
Verify StellaOpsScopes exists in Auth.Abstractions
Update OrchestratorClient.cs
Update VexObservationsClient.cs
Update SbomerClient.cs
Update ExceptionClient.cs
Update NotifyClient.cs
Update ObservabilityClient.cs
Update PackClient.cs
Update SbomClient.cs
Fix CommandHandlers static type error
Fix PolicyDsl API changes (PolicyIssue properties)
Fix HandleExceptionsListAsync signature
Fix HandleExceptionsCreateAsync signature
Fix HandleExceptionsPromoteAsync signature
Fix HandleExceptionsExportAsync signature
Fix HandleExceptionsImportAsync signature
Update PolicyDiagnostic model
Build verification passed