ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
dd9512ed10
TenantAtlas/apps/platform/app/Services/Baselines/BaselineSnapshotIdentity.php
Ahmed Darrazi dd9512ed10
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m12s
Details
feat(baselines): implement baseline matching canonicalization 
Replaced legacy tenant and environment bindings in the BaselineDriftEngine with the new ProviderResourceIdentity framework as defined in Spec 382.
2026-06-16 00:48:01 +02:00

68 lines
2.0 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace App\Services\Baselines;
use App\Services\Drift\DriftHasher;
/**
* Computes the snapshot_identity_hash for baseline snapshot content dedupe.
*
* The identity hash is a sha256 over normalized snapshot items, enabling
* detection of "nothing changed" when capturing the same inventory state.
*/
final class BaselineSnapshotIdentity
{
public function __construct(
private readonly DriftHasher $hasher,
private readonly InventoryMetaContract $metaContract,
) {}
/**
* Compute identity hash over a set of snapshot items.
*
* Each item is represented as an associative array with:
* - policy_type, subject_key, baseline_hash
*
* @param array<int, array{policy_type: string, subject_key: ?string, baseline_hash: string}> $items
*/
public function computeIdentity(array $items): string
{
if ($items === []) {
return hash('sha256', '[]');
}
$normalized = array_map(
fn (array $item): string => implode('|', [
trim((string) ($item['policy_type'] ?? '')),
trim((string) ($item['subject_key'] ?? '')),
trim((string) ($item['baseline_hash'] ?? '')),
]),
$items,
);
sort($normalized, SORT_STRING);
return hash('sha256', implode("\n", $normalized));
}
/**
* Compute a stable content hash for a single inventory item's metadata.
*
* Hashes ONLY the Spec 116 meta contract output (not the full meta_jsonb payload).
*
* @param array<string, mixed> $metaJsonb
*/
public function hashItemContent(string $policyType, string $subjectExternalId, array $metaJsonb): string
{
$contract = $this->metaContract->build(
policyType: $policyType,
subjectExternalId: $subjectExternalId,
metaJsonb: $metaJsonb,
);
return $this->hasher->hashNormalized($contract);
}
}
Reference in New Issue View Git Blame Copy Permalink