stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
f4eb64fefcd7d2353b42aed44cb732780e861ea4
git.stella-ops.org/docs/features/checked/cli/key-rotation-cli.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

43 lines
2.1 KiB
Markdown
Raw Blame History

# Key Rotation CLI
## Module
Cli
## Status
VERIFIED
## Description
Comprehensive key rotation lifecycle: list keys (with include-revoked filtering), add, revoke, rotate, check status, view history, and verify validity.
## Implementation Details
- **Command Group**: `src/Cli/StellaOps.Cli/Commands/KeysCommandGroup.cs` -- `KeysCommandGroup` for `stella keys` commands
- **Key Rotation**: `src/Cli/StellaOps.Cli/Commands/Proof/KeyRotationCommandGroup.cs` -- key rotation operations
- **Issuer Keys**: `src/Cli/StellaOps.Cli/Commands/IssuerKeysCommandGroup.cs` -- issuer key management
- **Commands**:
- `stella keys list` -- list signing keys. Options: `--include-revoked`
- `stella keys add --algorithm <alg> --label <label>` -- add a new signing key
- `stella keys revoke <key-id>` -- revoke a signing key
- `stella keys rotate` -- rotate to a new active key
- `stella keys status` -- check key status and validity
- `stella keys history` -- view key rotation history
- `stella keys verify <key-id>` -- verify key validity
## E2E Test Plan
- [ ] Run `stella keys list` and verify active keys displayed
- [ ] Run `stella keys list --include-revoked` and verify revoked keys also shown
- [ ] Run `stella keys add --algorithm ecdsa-sha256 --label "production-2024"` and verify key added
- [ ] Run `stella keys revoke <id>` and verify key revoked
- [ ] Run `stella keys rotate` and verify new active key generated
- [ ] Run `stella keys status` and verify key validity status
- [ ] Run `stella keys history` and verify rotation history timeline
- [ ] Run `stella keys verify <id>` and verify key validity check
## Verification
- **Verified**: 2026-02-13T15:30:00Z
- **Tier 0 (Source)**: pass -- all referenced source files exist on disk
- **Tier 1 (Build)**: pass -- module builds cleanly, 87 tests pass in StellaOps.Cli.Auth.Tests
- **Tier 2d (Integration)**: pass -- targeted integration tests confirm behavioral correctness
- **Test Project**: `src/Cli/__Tests/StellaOps.Cli.Auth.Tests/StellaOps.Cli.Auth.Tests.csproj`
- **Evidence**: `docs/qa/feature-checks/runs/cli/key-rotation-cli/run-001/tier2-integration-check.json`
Reference in New Issue View Git Blame Copy Permalink