Package org.egothor.methodatlas.evidence

Class EvidencePackCommand

java.lang.Object
org.egothor.methodatlas.evidence.EvidencePackCommand
public final class EvidencePackCommand extends Object
Materialises a tamper-evident evidence pack on disk by running one scan and bundling every artefact an auditor needs to verify it later.

The command is selected from MethodAtlasApp when the user passes -evidence-pack <framework>. It owns its output directory: it creates the directory if absent, refuses to overwrite an existing one unless -evidence-pack-overwrite was supplied, writes all artefacts, computes a SHA-256 manifest, and optionally signs that manifest via ZeroEcho.

MethodAtlasApp is the only caller; the type is public so the root package can construct it and read its outputDir() and framework() for the post-run summary.

Since:
4.0.0

  • Constructor Summary

    Constructors
    Constructor
    Description
    EvidencePackCommand(CliConfig cliConfig, EvidencePackOptions packOptions, org.egothor.methodatlas.api.TestDiscoveryConfig discoveryConfig, org.egothor.methodatlas.ai.AiSuggestionEngine aiEngine, org.egothor.methodatlas.emit.ClassificationOverride override, AiResultCache aiCache, ScanOrchestrator orchestrator)
    Creates a new evidence-pack command.

  • Method Summary

    Modifier and Type
    Method
    Description
    int
    execute()
    Executes the command: runs the scan, writes every pack artefact, and — when a keyring is configured — signs the manifest.
    String
    framework()
    Returns the resolved framework name (canonical token).
    Path
    outputDir()
    Returns the absolute path of the produced pack directory.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • EvidencePackCommand

      public EvidencePackCommand(CliConfig cliConfig, EvidencePackOptions packOptions, org.egothor.methodatlas.api.TestDiscoveryConfig discoveryConfig, org.egothor.methodatlas.ai.AiSuggestionEngine aiEngine, org.egothor.methodatlas.emit.ClassificationOverride override, AiResultCache aiCache, ScanOrchestrator orchestrator)
      Creates a new evidence-pack command.
      Parameters:
      cliConfig - parsed CLI configuration
      packOptions - evidence-pack–specific options
      discoveryConfig - discovery configuration forwarded to providers
      aiEngine - AI engine, or null when AI is disabled
      override - classification override
      aiCache - AI result cache
      orchestrator - pre-built scan orchestrator

  • Method Details

    • execute

      public int execute() throws IOException
      Executes the command: runs the scan, writes every pack artefact, and — when a keyring is configured — signs the manifest.

      Ordering matters for the integrity chain. Artefacts are written first, then pack-meta.json (optimistically recording whether signing was requested), then manifest.sha256 (the SHA-256 of every artefact, including pack-meta.json), and finally the manifest is signed. If signing fails, pack-meta.json is rewritten as unsigned, any partial manifest.sha256.signed is deleted, and manifest.sha256 is re-hashed so its pack-meta.json digest still matches the file on disk. A signing failure is non-fatal — the pack is produced unsigned.

      Returns:
      0 on success, 1 when one or more source files produced a parse or processing error
      Throws:
      IOException - if any pack artefact cannot be written

    • outputDir

      public Path outputDir()
      Returns the absolute path of the produced pack directory. Useful for the caller's success message.
      Returns:
      resolved absolute output directory

    • framework

      public String framework()
      Returns the resolved framework name (canonical token).
      Returns:
      canonical framework token