stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
fa4823f46c4bc090294580a9136fb6b0e11e50f9
git.stella-ops.org/docs/features/unchecked/attestor/verdict-rekor-publisher.md

3.1 KiB
Raw Blame History

Verdict Rekor Publisher (Transparency Log Publishing)

Module

Attestor

Status

IMPLEMENTED

Description

Publishes verdict attestations to Rekor transparency log, linking verdict decisions to tamper-evident public record.

Implementation Details

  • Verdict Rekor Publisher: src/Attestor/__Libraries/StellaOps.Attestor.Infrastructure/Rekor/VerdictRekorPublisher.cs -- publishes signed verdict attestations to Rekor, returning log entry IDs and inclusion proofs.
  • IRekorClient: StellaOps.Attestor.Core/Rekor/IRekorClient.cs -- client interface for submitting entries to Rekor.
  • HttpRekorClient: StellaOps.Attestor.Infrastructure/Rekor/HttpRekorClient.cs -- HTTP implementation of Rekor client.
  • ResilientRekorClient: Infrastructure/Rekor/ResilientRekorClient.cs -- resilient wrapper with retry and circuit breaker policies.
  • IRekorSubmissionQueue: Core/Queue/IRekorSubmissionQueue.cs -- queue interface for asynchronous Rekor submissions.
  • PostgresRekorSubmissionQueue: Infrastructure/Queue/PostgresRekorSubmissionQueue.cs -- PostgreSQL-backed submission queue with at-least-once delivery.
  • Rekor Queue Item: Core/Queue/RekorQueueItem.cs -- individual queue item containing the verdict attestation to publish.
  • Rekor Submission Status: Core/Queue/RekorSubmissionStatus.cs -- status tracking (Pending, Submitted, Confirmed, Failed).
  • Rekor Submission Response: Core/Rekor/RekorSubmissionResponse.cs -- response from Rekor containing log index and inclusion proof.
  • Rekor Receipt: Core/Rekor/RekorReceipt.cs -- receipt from Rekor for anchored entries.
  • Rekor Retry Worker: Infrastructure/Workers/RekorRetryWorker.cs -- background worker retrying failed submissions.
  • Rekor Circuit Breaker Policy: Infrastructure/Resilience/RekorCircuitBreakerPolicy.cs -- circuit breaker preventing cascade failures during Rekor outages.
  • Rekor Entry Entity: __Libraries/StellaOps.Attestor.Persistence/Entities/RekorEntryEntity.cs -- persisted Rekor entry with log index, entry hash, and inclusion proof.
  • Tests: __Tests/StellaOps.Attestor.Infrastructure.Tests/HttpRekorClientTests.cs, StellaOps.Attestor.Tests/RekorSubmissionQueueTests.cs, RekorRetryWorkerTests.cs

E2E Test Plan

  • Publish a signed verdict attestation via VerdictRekorPublisher and verify a RekorSubmissionResponse with log index is returned
  • Verify the Rekor receipt contains a valid inclusion proof by checking it against the Rekor tree root
  • Queue a verdict for asynchronous submission via PostgresRekorSubmissionQueue and verify status transitions: Pending -> Submitted -> Confirmed
  • Simulate a Rekor outage and verify the RekorCircuitBreakerPolicy opens after threshold failures
  • Verify RekorRetryWorker picks up failed submissions and retries them after the circuit breaker resets
  • Publish 10 verdicts concurrently and verify all receive unique log indices
  • Verify the published entry is persisted as RekorEntryEntity with correct log index and entry hash
  • Publish a verdict, retrieve it by log index via HttpRekorClient, and verify the attestation content matches