ahmido
ce0615a9c1
## Summary - move the Laravel application into `apps/platform` and keep the repository root for orchestration, docs, and tooling - update the local command model, Sail/Docker wiring, runtime paths, and ignore rules around the new platform location - add relocation quickstart/contracts plus focused smoke coverage for bootstrap, command model, routes, and runtime behavior ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/PlatformRelocation` - integrated browser smoke validated `/up`, `/`, `/admin`, `/admin/choose-workspace`, and tenant route semantics for `200`, `403`, and `404` ## Remaining Rollout Checks - validate Dokploy build context and working-directory assumptions against the new `apps/platform` layout - confirm web, queue, and scheduler processes all start from the expected working directory in staging/production - verify no legacy volume mounts or asset-publish paths still point at the old root-level `public/` or `storage/` locations Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #213
79 lines
2.5 KiB
PHP
79 lines
2.5 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Services\Baselines;
|
|
|
|
use App\Services\Drift\DriftHasher;
|
|
use App\Support\Baselines\BaselineSubjectKey;
|
|
|
|
/**
|
|
* Computes the snapshot_identity_hash for baseline snapshot content dedupe.
|
|
*
|
|
* The identity hash is a sha256 over normalized snapshot items, enabling
|
|
* detection of "nothing changed" when capturing the same inventory state.
|
|
*/
|
|
final class BaselineSnapshotIdentity
|
|
{
|
|
public function __construct(
|
|
private readonly DriftHasher $hasher,
|
|
private readonly InventoryMetaContract $metaContract,
|
|
) {}
|
|
|
|
/**
|
|
* Compute identity hash over a set of snapshot items.
|
|
*
|
|
* Each item is represented as an associative array with:
|
|
* - policy_type, subject_key, baseline_hash
|
|
*
|
|
* @param array<int, array{policy_type: string, subject_key: ?string, baseline_hash: string}> $items
|
|
*/
|
|
public function computeIdentity(array $items): string
|
|
{
|
|
if ($items === []) {
|
|
return hash('sha256', '[]');
|
|
}
|
|
|
|
$normalized = array_map(
|
|
fn (array $item): string => implode('|', [
|
|
trim((string) ($item['policy_type'] ?? '')),
|
|
trim((string) ($item['subject_key'] ?? '')),
|
|
trim((string) ($item['baseline_hash'] ?? '')),
|
|
]),
|
|
$items,
|
|
);
|
|
|
|
sort($normalized, SORT_STRING);
|
|
|
|
return hash('sha256', implode("\n", $normalized));
|
|
}
|
|
|
|
public function subjectKey(string $policyType, ?string $displayName = null, ?string $subjectExternalId = null): ?string
|
|
{
|
|
return BaselineSubjectKey::forPolicy($policyType, $displayName, $subjectExternalId);
|
|
}
|
|
|
|
public function workspaceSafeSubjectExternalId(string $policyType, ?string $displayName = null, ?string $subjectExternalId = null): ?string
|
|
{
|
|
return BaselineSubjectKey::workspaceSafeSubjectExternalIdForPolicy($policyType, $displayName, $subjectExternalId);
|
|
}
|
|
|
|
/**
|
|
* Compute a stable content hash for a single inventory item's metadata.
|
|
*
|
|
* Hashes ONLY the Spec 116 meta contract output (not the full meta_jsonb payload).
|
|
*
|
|
* @param array<string, mixed> $metaJsonb
|
|
*/
|
|
public function hashItemContent(string $policyType, string $subjectExternalId, array $metaJsonb): string
|
|
{
|
|
$contract = $this->metaContract->build(
|
|
policyType: $policyType,
|
|
subjectExternalId: $subjectExternalId,
|
|
metaJsonb: $metaJsonb,
|
|
);
|
|
|
|
return $this->hasher->hashNormalized($contract);
|
|
}
|
|
}
|