lmxopcua

dohertj2/lmxopcua

Fork 0

Commit Graph

Author	SHA1	Message	Date
Joseph Doherty	933dd1a874	feat(audit): OtOpcUa adopt canonical ZB.MOM.WW.Audit.AuditEvent + AuditWriterActor:IAuditWriter + Outcome derivation (Task 2.1) Deep-adopt the shared audit record. Deletes the bespoke 8-field positional Commons AuditEvent and repoints the writer path at ZB.MOM.WW.Audit.AuditEvent (0.1.0, feed-mapped via dohertj2-gitea). Adds the package reference to both Commons and ControlPlane. - AuditWriterActor now implements IAuditWriter: WriteAsync(evt, ct) is a best-effort, never-throwing entry point that Self.Tell()s the event onto the same batching/dedup/flush pipeline and returns Task.CompletedTask. Existing Receive<AuditEvent> + 500/5s batching + two-layer dedup unchanged. - Flush mapping updated for the canonical field types: OccurredAtUtc is now DateTimeOffset (.UtcDateTime into the datetime2 column), SourceNode is string? (was NodeId.Value), CorrelationId is Guid? (stored null when null). Outcome is NOT yet persisted (column lands in Task 2.2). - New AuditOutcomeMapper.FromAction maps the OtOpcUa action vocabulary to the required canonical Outcome: OpcUaAccessDenied / CrossClusterNamespaceAttempt -> Denied; config verbs (DraftCreated/Edited, Published, RolledBack, NodeApplied, ClusterCreated, NodeAdded, CredentialAdded/Disabled, ExternalIdReleased) -> Success. OtOpcUa emits no Failure events. The Akka message shape changed, but the structured audit path is dormant (zero production emit/Tell sites; all live audit flows through the bespoke SP path), so there is no rolling-deploy wire-compat concern. Tested-not-exercised by design. ControlPlane.Tests: 44/44 green (AuditWriterActor suite rewritten to construct the canonical record + assert the Outcome derivation table + the WriteAsync best-effort/mailbox-routing contract + null SourceNode/CorrelationId handling).	2026-06-02 09:53:12 -04:00
Joseph Doherty	30a2104fa5	feat(scaffold): introduce 8 v2 component projects Adds the empty project skeletons that subsequent v2 tasks fill in: src/Core/ZB.MOM.WW.OtOpcUa.Commons (types, interfaces, message contracts) src/Core/ZB.MOM.WW.OtOpcUa.Cluster (Akka.Hosting + cluster wiring) src/Server/ZB.MOM.WW.OtOpcUa.Security (cookie+JWT auth, LDAP) src/Server/ZB.MOM.WW.OtOpcUa.ControlPlane (admin-role cluster singletons) src/Server/ZB.MOM.WW.OtOpcUa.Runtime (per-node driver actors) src/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer (OPC UA SDK application host) src/Server/ZB.MOM.WW.OtOpcUa.AdminUI (Razor class library) src/Server/ZB.MOM.WW.OtOpcUa.Host (single fused web binary) Each project sets TreatWarningsAsErrors=true in its own csproj (per the Directory.Build.props deviation note in the previous commit). NuGetAuditSuppress entries cover transitive vulnerability advisories the new strictness surfaces: - GHSA-g94r-2vxg-569j (OpenTelemetry.Api 1.9.0 via Akka.Cluster.Hosting/Tools) - GHSA-h958-fxgg-g7w3 (Opc.Ua.Core 1.5.374.126 via OpcUaServer) - GHSA-37gx-xxp4-5rgx + GHSA-w3x6-4m5h-cxqf (legacy advisories already accepted) OpcUaServer pins OPCFoundation.NetStandard.Opc.Ua.Configuration to 1.5.374.126 via VersionOverride to match Opc.Ua.Server's transitive Opc.Ua.Core (same constraint as the legacy Server project). Runtime does NOT project-reference any concrete Driver.* assemblies; drivers load reflectively at runtime (Phase 6). Runtime gets the IDriver contract through Core.Abstractions instead. Host's Microsoft.Extensions.Hosting.WindowsServices is conditional on the Windows OS so the project builds on macOS dev machines. Build verification: dotnet build -> 438 warnings (all pre-existing xUnit1051 in legacy Server.Tests/Admin.Tests), 0 errors. Closes Task 9 (build green smoke check, no separate commit).	2026-05-26 03:44:56 -04:00

Author

SHA1

Message

Date

Joseph Doherty

933dd1a874

feat(audit): OtOpcUa adopt canonical ZB.MOM.WW.Audit.AuditEvent + AuditWriterActor:IAuditWriter + Outcome derivation (Task 2.1)

Deep-adopt the shared audit record. Deletes the bespoke 8-field positional
Commons AuditEvent and repoints the writer path at ZB.MOM.WW.Audit.AuditEvent
(0.1.0, feed-mapped via dohertj2-gitea). Adds the package reference to both
Commons and ControlPlane.

- AuditWriterActor now implements IAuditWriter: WriteAsync(evt, ct) is a
  best-effort, never-throwing entry point that Self.Tell()s the event onto the
  same batching/dedup/flush pipeline and returns Task.CompletedTask. Existing
  Receive<AuditEvent> + 500/5s batching + two-layer dedup unchanged.
- Flush mapping updated for the canonical field types: OccurredAtUtc is now
  DateTimeOffset (.UtcDateTime into the datetime2 column), SourceNode is string?
  (was NodeId.Value), CorrelationId is Guid? (stored null when null). Outcome is
  NOT yet persisted (column lands in Task 2.2).
- New AuditOutcomeMapper.FromAction maps the OtOpcUa action vocabulary to the
  required canonical Outcome: OpcUaAccessDenied / CrossClusterNamespaceAttempt ->
  Denied; config verbs (DraftCreated/Edited, Published, RolledBack, NodeApplied,
  ClusterCreated, NodeAdded, CredentialAdded/Disabled, ExternalIdReleased) ->
  Success. OtOpcUa emits no Failure events.

The Akka message shape changed, but the structured audit path is dormant (zero
production emit/Tell sites; all live audit flows through the bespoke SP path),
so there is no rolling-deploy wire-compat concern. Tested-not-exercised by
design.

ControlPlane.Tests: 44/44 green (AuditWriterActor suite rewritten to construct
the canonical record + assert the Outcome derivation table + the WriteAsync
best-effort/mailbox-routing contract + null SourceNode/CorrelationId handling).

2026-06-02 09:53:12 -04:00

Joseph Doherty

30a2104fa5

feat(scaffold): introduce 8 v2 component projects

Adds the empty project skeletons that subsequent v2 tasks fill in:

  src/Core/ZB.MOM.WW.OtOpcUa.Commons      (types, interfaces, message contracts)
  src/Core/ZB.MOM.WW.OtOpcUa.Cluster      (Akka.Hosting + cluster wiring)
  src/Server/ZB.MOM.WW.OtOpcUa.Security   (cookie+JWT auth, LDAP)
  src/Server/ZB.MOM.WW.OtOpcUa.ControlPlane (admin-role cluster singletons)
  src/Server/ZB.MOM.WW.OtOpcUa.Runtime    (per-node driver actors)
  src/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer (OPC UA SDK application host)
  src/Server/ZB.MOM.WW.OtOpcUa.AdminUI    (Razor class library)
  src/Server/ZB.MOM.WW.OtOpcUa.Host       (single fused web binary)

Each project sets TreatWarningsAsErrors=true in its own csproj (per the
Directory.Build.props deviation note in the previous commit). NuGetAuditSuppress
entries cover transitive vulnerability advisories the new strictness surfaces:

  - GHSA-g94r-2vxg-569j (OpenTelemetry.Api 1.9.0 via Akka.Cluster.Hosting/Tools)
  - GHSA-h958-fxgg-g7w3 (Opc.Ua.Core 1.5.374.126 via OpcUaServer)
  - GHSA-37gx-xxp4-5rgx + GHSA-w3x6-4m5h-cxqf (legacy advisories already accepted)

OpcUaServer pins OPCFoundation.NetStandard.Opc.Ua.Configuration to 1.5.374.126
via VersionOverride to match Opc.Ua.Server's transitive Opc.Ua.Core (same
constraint as the legacy Server project).

Runtime does NOT project-reference any concrete Driver.* assemblies; drivers
load reflectively at runtime (Phase 6). Runtime gets the IDriver contract
through Core.Abstractions instead.

Host's Microsoft.Extensions.Hosting.WindowsServices is conditional on the
Windows OS so the project builds on macOS dev machines.

Build verification: dotnet build -> 438 warnings (all pre-existing xUnit1051
in legacy Server.Tests/Admin.Tests), 0 errors. Closes Task 9 (build green
smoke check, no separate commit).

2026-05-26 03:44:56 -04:00

2 Commits