TenantAtlas/app/Services/Baselines/Evidence/ResolvedEvidence.php

<?php

declare(strict_types=1);

namespace App\Services\Baselines\Evidence;

use Carbon\CarbonImmutable;

final class ResolvedEvidence
{
    /**
     * @param  array<string, mixed>  $meta
     */
    public function __construct(
        public readonly string $policyType,
        public readonly string $subjectExternalId,
        public readonly string $hash,
        public readonly string $fidelity,
        public readonly string $source,
        public readonly ?CarbonImmutable $observedAt,
        public readonly ?int $observedOperationRunId = null,
        public readonly array $meta = [],
    ) {}

    public function key(): string
    {
        return $this->policyType.'|'.$this->subjectExternalId;
    }

    /**
     * @return array{
     *   fidelity: string,
     *   source: string,
     *   observed_at: ?string,
     *   observed_operation_run_id: ?int
     * }
     */
    public function provenance(): array
    {
        return EvidenceProvenance::build(
            fidelity: $this->fidelity,
            source: $this->source,
            observedAt: $this->observedAt,
            observedOperationRunId: $this->observedOperationRunId,
        );
    }

    /**
     * Tenant-scoped provenance including additional metadata (e.g. policy_version_id).
     *
     * Do NOT use this for workspace-owned baseline snapshot items.
     *
     * @return array<string, mixed>
     */
    public function tenantProvenance(): array
    {
        return array_merge($this->provenance(), $this->meta);
    }

    /**
     * @return array{hash: string, provenance: array<string, mixed>}
     */
    public function toFindingSideEvidence(): array
    {
        return [
            'hash' => $this->hash,
            'provenance' => $this->tenantProvenance(),
        ];
    }
}