[roadmap] Add evidence object storage client#46
Draft
ewilhelm1979-netizen wants to merge 1 commit into
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problemstellung und Ziel
Evidence-Artefakte sollen perspektivisch produktionsnah an S3-kompatible Object-Storage-Backends angebunden werden, ohne die bestehenden ISCY-Sicherheitsgrenzen aufzuweichen. Dieser PR ergänzt deshalb den sicheren Backend-, Konfigurations-, Metadaten-, Audit- und Drill-Unterbau für Evidence Object Storage.
Der PR implementiert bewusst keine Live-S3-Datenoperationen mit echten Credentials. Stattdessen werden Secret-Referenzen, Endpoint-/Bucket-/Key-Validierung, tenantgebundene Objekt-Referenzen, Mock-/Contract-Drills und Management-Review-Signale eingeführt. Damit ist der fachliche Pfad vorbereitet, ohne Secrets, vollständige Objekt-Keys oder Objektinhalte zu persistieren.
Geänderte Funktionen
s3_compatible,local_filesystemunddisabledStorage-Backends.Betroffene Dateien
rust/iscy-backend/src/evidence_object_storage.rsrust/iscy-backend/src/evidence_store.rsrust/iscy-backend/src/lib.rsrust/iscy-backend/src/db_admin.rsrust/iscy-backend/src/report_store.rsrust/iscy-backend/tests/http_tests.rsCHANGELOG.mddocs/ISCY_Handbuch.mddocs/ISCY_Handbuch.pdfdocs/ISCY_STRATEGIC_ROADMAP.mddocs/GUI_SCREENSHOTS.mdDatenbankmigrationen
Neue Migration:
0038_rust_evidence_object_storage_clientNeue Tabellen:
evidence_storage_backend_configevidence_storage_secret_reference_statusevidence_object_referenceevidence_storage_backend_eventDie Migration ist additiv und enthält tenantgebundene Unique Keys, Indizes und Foreign Keys zwischen Backend-Konfiguration, Secret-Status und Object-References. Bestehende Evidence-Daten werden nicht verändert oder gelöscht.
Neue oder geänderte API-Endpunkte
Geändert:
GET /api/v1/evidence/storage/backendsergänzt tenantgebundene konfigurierte Backends.Neu:
POST /api/v1/evidence/storage/backendsPATCH /api/v1/evidence/storage/backends/{backend_id}POST /api/v1/evidence/storage/backends/{backend_id}/validateGET /api/v1/evidence/storage/backends/{backend_id}/eventsGET /api/v1/evidence/{evidence_id}/storage/object-referencePOST /api/v1/evidence/{evidence_id}/storage/object-referencePOST /api/v1/evidence/{evidence_id}/storage/attach-objectPOST /api/v1/evidence/{evidence_id}/storage/verify-objectPOST /api/v1/evidence/{evidence_id}/storage/object-drillGUI-Änderungen
Tenant- und Berechtigungsgrenzen
Security-Entscheidungen
Cargo.toml/Cargo.lock.env:,file:,vault:,secret:oderexternal:..localin Production-Policy.tenants/{tenant_id}/evidence/{evidence_id}/erfüllen.Ausgeführte Tests
Lokal erfolgreich:
cargo fmt --manifest-path rust/iscy-backend/Cargo.toml -- --checkcargo clippy --locked --manifest-path rust/iscy-backend/Cargo.toml --all-targets -- -D warningscargo test --locked --manifest-path rust/iscy-backend/Cargo.tomlcargo audit --file rust/iscy-backend/Cargo.lock --ignore RUSTSEC-2023-0071cargo deny --manifest-path rust/iscy-backend/Cargo.toml check advisories licenses sourcesmake rust-smokemake rust-restore-smokemake docs-pdfAdditional local checks performed earlier in the same branch validation:
Local Docker image build was not completed because the local Docker daemon/socket was unavailable in this environment. CI should provide the authoritative hardened Docker build result.
Bekannte Einschränkungen
Bewusst nicht umgesetzt
Notes for reviewers
This PR should remain a Draft until GitHub CI, CodeQL Default Setup and the hardened Docker build have completed successfully and a human review confirms that the metadata-only Object-Storage boundary is the desired first production step.