ahmido
7620144ab6
Implements Spec 116 baseline drift engine v1 (meta fidelity) with coverage guard, stable finding identity, and Filament UI surfaces. Highlights - Baseline capture/compare jobs and supporting services (meta contract hashing via InventoryMetaContract + DriftHasher) - Coverage proof parsing + compare partial outcome behavior - Filament pages/resources/widgets for baseline compare + drift landing improvements - Pest tests for capture/compare/coverage guard and UI start surfaces - Research report: docs/research/golden-master-baseline-drift-deep-analysis.md Validation - `vendor/bin/sail bin pint --dirty` - `vendor/bin/sail artisan test --compact --filter="Baseline"` Notes - No destructive user actions added; compare/capture remain queued jobs. - Provider registration unchanged (Laravel 11+/12 uses bootstrap/providers.php for panel providers; not touched here). Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #141
69 lines
2.1 KiB
PHP
69 lines
2.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Services\Baselines;
|
|
|
|
use App\Services\Drift\DriftHasher;
|
|
|
|
/**
|
|
* Computes the snapshot_identity_hash for baseline snapshot content dedupe.
|
|
*
|
|
* The identity hash is a sha256 over normalized snapshot items, enabling
|
|
* detection of "nothing changed" when capturing the same inventory state.
|
|
*/
|
|
final class BaselineSnapshotIdentity
|
|
{
|
|
public function __construct(
|
|
private readonly DriftHasher $hasher,
|
|
private readonly InventoryMetaContract $metaContract,
|
|
) {}
|
|
|
|
/**
|
|
* Compute identity hash over a set of snapshot items.
|
|
*
|
|
* Each item is represented as an associative array with:
|
|
* - subject_type, subject_external_id, policy_type, baseline_hash
|
|
*
|
|
* @param array<int, array{subject_type: string, subject_external_id: string, policy_type: string, baseline_hash: string}> $items
|
|
*/
|
|
public function computeIdentity(array $items): string
|
|
{
|
|
if ($items === []) {
|
|
return hash('sha256', '[]');
|
|
}
|
|
|
|
$normalized = array_map(
|
|
fn (array $item): string => implode('|', [
|
|
trim((string) ($item['subject_type'] ?? '')),
|
|
trim((string) ($item['subject_external_id'] ?? '')),
|
|
trim((string) ($item['policy_type'] ?? '')),
|
|
trim((string) ($item['baseline_hash'] ?? '')),
|
|
]),
|
|
$items,
|
|
);
|
|
|
|
sort($normalized, SORT_STRING);
|
|
|
|
return hash('sha256', implode("\n", $normalized));
|
|
}
|
|
|
|
/**
|
|
* Compute a stable content hash for a single inventory item's metadata.
|
|
*
|
|
* Hashes ONLY the Spec 116 meta contract output (not the full meta_jsonb payload).
|
|
*
|
|
* @param array<string, mixed> $metaJsonb
|
|
*/
|
|
public function hashItemContent(string $policyType, string $subjectExternalId, array $metaJsonb): string
|
|
{
|
|
$contract = $this->metaContract->build(
|
|
policyType: $policyType,
|
|
subjectExternalId: $subjectExternalId,
|
|
metaJsonb: $metaJsonb,
|
|
);
|
|
|
|
return $this->hasher->hashNormalized($contract);
|
|
}
|
|
}
|