SmrtHub Supervisor¶

Assembly: SmrtHubSupervisor

Namespace: SmrtHubSupervisor¶

PrivilegeHelpers¶

Utility helpers for privilege/elevation checks used to gate logging sinks.

Methods¶

IsProcessElevated()¶

Determines whether the current process is elevated (administrative privileges).

Returns: true when the process token includes the Administrators group; otherwise, false.

Program¶

Application entry point: routes single-shot CLI commands or boots the long-running supervisor host.

Methods¶

CreateHostBuilder(string[] args)¶

Creates the host builder with SmrtHub configuration, logging, and hosted services.

Parameters

args — Command-line arguments passed to the host.

Returns: An initialized Microsoft.Extensions.Hosting.IHostBuilder.

Main(string[] args)¶

Main entry point that routes CLI requests or launches the supervisor host.

Parameters

args — Command-line arguments provided by the shell.

Returns: Zero when execution succeeds; otherwise, non-zero.

SupervisorHostedService¶

Main hosted service that starts and monitors all components.

Remarks

Creates the hosted service that manages lifecycle of supervised components.

Methods¶

ExecuteAsync(Threading.CancellationToken stoppingToken)¶

Executes supervisor startup and monitoring loops.

Parameters

stoppingToken — Token signaling shutdown.

Returns: A task that completes when the service stops.

StopAsync(Threading.CancellationToken cancellationToken)¶

Handles graceful shutdown by stopping all supervised components.

Parameters

cancellationToken — Token signaling shutdown.

Returns: A task that completes when shutdown work is done.

SupervisorHostedService(Microsoft.Extensions.Logging.ILogger logger, SmrtHubSupervisor.Core.ProcessSupervisor supervisor, SmrtHubSupervisor.StorageGuard.IStorageGuardSnapshotSource storageGuardSource, SmrtHubSupervisor.StorageGuard.StorageGuardTelemetryCache storageGuardTelemetryCache)¶

Main hosted service that starts and monitors all components.

Parameters

logger — Logger scoped to the hosted service.
supervisor — Core supervisor component.
storageGuardSource — Snapshot source for signed Storage Guard telemetry.
storageGuardTelemetryCache — Shared cache updated when snapshots are fetched.

Remarks

Creates the hosted service that manages lifecycle of supervised components.

Namespace: SmrtHubSupervisor.CLI¶

CommandHandler¶

CLI command handler for non-run operations (status, restart, stop-all, dry-run, print-runbook, dump-diagnostics).

Methods¶

BuildRootCommand()¶

Builds the root command with all supported CLI verbs.

Returns: The configured System.CommandLine.RootCommand for SmrtHub Supervisor.

ExpandPathTokens(string raw)¶

Expands supervisor-specific path tokens (e.g., ${AppsRoot}).

Parameters

raw — Raw manifest path with optional tokens.

Returns: The path with known tokens replaced.

HandleDryRun()¶

Handles the --dry-run command to validate manifest/configuration without launching processes.

Returns: A task returning zero when validation passes and non-zero when it fails.

HandleDumpDiagnostics()¶

Handles the --dump-diagnostics command (stub until diagnostics bundle ships).

Returns: A task that always returns non-zero until diagnostics export is implemented.

HandlePrintRunbook()¶

Handles the --print-runbook command and emits the troubleshooting guide.

Returns: A completed task.

HandleRestart(string componentId)¶

Handles the --restart command (stub until IPC channel ships).

Parameters

componentId — Component identifier supplied on the command line.

Returns: A task that always returns non-zero until the IPC workflow is implemented.

HandleStatus()¶

Handles the --status command and prints manifest/configuration information.

Returns: A task returning zero for success and non-zero for failure.

HandleStopAll()¶

Handles the --stop-all command (stub until IPC channel ships).

Returns: A task that always returns non-zero until the IPC workflow is implemented.

IsNonRunCommand(string[] args)¶

Determines whether the provided arguments represent a non-run command.

Parameters

args — Raw command-line arguments.

Returns: true if the first argument is a CLI verb; otherwise, false.

LoadConfig()¶

Loads supervisor configuration with environment overlays and environment variables.

Returns: The bound SmrtHubSupervisor.Config.SupervisorConfig instance.

LoadManifest()¶

Loads and validates the supervisor component manifest from disk.

Returns: The parsed SmrtHubSupervisor.Config.ComponentManifest instance.

Exceptions

System.IO.FileNotFoundException — Thrown when the manifest file cannot be located.
System.InvalidOperationException — Thrown when manifest contents are invalid.

ResolveExecutablePath(string path)¶

Resolves an executable path by expanding tokens, handling relative paths, and probing build folders.

Parameters

path — The raw path entry from the manifest.

Returns: A best-effort absolute path, even if the executable is missing.

TryFindRepoRoot(string startDir)¶

Attempts to locate the repository root by walking up the directory tree.

Parameters

startDir — Directory to begin scanning from.

Returns: The repository root if found; otherwise, null.

TryRemoveRuntimeIdentifierSegment(string path)¶

Removes a trailing runtime identifier segment (e.g., win-x64) from a path.

Parameters

path — Candidate absolute path.

Returns: The path without the RID segment when detected; otherwise, the original path.

TrySearchUnderBin(string candidatePath)¶

Searches beneath the nearest bin folder for the specified executable.

Parameters

candidatePath — The initial absolute path used to derive search parameters.

Returns: The most recently built match if found; otherwise, null.

ComplianceCli¶

Implements the compliance report CLI workflow.

Methods¶

HandleComplianceReportAsync(SmrtHubSupervisor.Config.SupervisorConfig param0, IO.DirectoryInfo param1, int? param2, Smrt.SupportBundle.Compliance.IComplianceReportGenerator param3, Threading.CancellationToken param4)¶

Generates a compliance evidence bundle using Smrt.SupportBundle.Compliance.ComplianceReportGenerator.

RetentionCli¶

Implements retention-specific CLI verbs (status, apply, legal hold management, evidence export).

RetentionVerificationCli¶

Implements retention verification signature validation for the Supervisor CLI surface.

StorageGuardCli¶

Implements Storage Guard signature verification helpers for the CLI surface.

StorageGuardTrustLoader¶

Resolves Storage Guard trust roots into usable shared secrets for signature verification.

Methods¶

Load(SmrtHubSupervisor.Config.StorageGuardTrustConfig param0, IO.FileInfo[] param1)¶

Loads trust roots from config or overrides, ignoring missing/invalid files.

NormalizeTrustRootPath(string param0)¶

Normalizes a trust root path, allowing directories that contain storage-guard-secret.json.

Namespace: SmrtHubSupervisor.Config¶

CertificateLocatorConfig¶

Certificate locator for mutual TLS authentication.

Methods¶

GetStoreLocation()¶

Parses the configured store location and falls back to CurrentUser.

GetStoreName()¶

Parses the configured store name and falls back to My.

Validate()¶

Validates that the locator has a thumbprint.

Propertys¶

StoreLocation¶

Certificate store location (LocalMachine or CurrentUser).

StoreName¶

Windows certificate store name (e.g., My).

Thumbprint¶

Certificate thumbprint.

ComplianceReportConfig¶

Compliance report export defaults for Supervisor CLI.

Propertys¶

FileNamePrefix¶

File prefix applied to generated bundles.

OutputRoot¶

Default directory where compliance bundles are written.

RelativeWindowHours¶

Default log window (hours) applied when generating bundles.

ComponentDefinition¶

Single component definition.

Propertys¶

Args¶

Arguments passed to the component process in order.

BackoffSeconds¶

Backoff delays (seconds) applied between restart attempts.

Dependencies¶

Optional dependency identifiers that must be running before launch.

DisplayName¶

Human-readable name used in UX and logs.

Env¶

Environment variables injected when starting the component.

Id¶

Unique identifier for the component; acts as key for dependencies.

MaxRestarts¶

Maximum restart attempts before giving up (0 disables restarts).

Path¶

Executable or entry point path, allowing supervisor token substitution.

ReadinessProbe¶

Optional readiness probe configuration used to determine healthy state.

RestartPolicy¶

Restart strategy applied when the component exits.

Type¶

Indicates how the component should be launched (native exe, dotnet, python).

ComponentManifest¶

Component manifest model and loader. Validates against ComponentManifest.schema.json.

Methods¶

LoadAndValidate(string path)¶

Load and validate manifest from file.

Parameters

path — Absolute path to the manifest file.

Returns: The deserialized and validated SmrtHubSupervisor.Config.ComponentManifest.

Exceptions

System.IO.FileNotFoundException — Thrown when the manifest file cannot be located.
System.InvalidOperationException — Thrown when deserialization or validation fails.

Propertys¶

Components¶

Collection of component definitions the supervisor should manage.

Version¶

Semantic manifest version leveraged for compatibility checks.

ComponentType¶

Component execution type.

Fields¶

Dotnet¶

Launch a managed .NET application.

Exe¶

Launch a native executable.

Python¶

Launch a Python entry point.

HealthEndpointConfig¶

Health endpoint configuration.

Propertys¶

AllowedGroups¶

Allowed Windows groups for health endpoint access (only if RequireAuth is true).

Enabled¶

Enable health endpoint.

RequireAuth¶

Require authentication (Windows Integrated or Bearer token).

Url¶

Health endpoint URL (e.g., http://localhost:5050).

ProbeType¶

Probe type.

Fields¶

Http¶

HTTP GET probe.

None¶

No readiness check; component considered ready after launch.

Tcp¶

TCP socket probe.

ReadinessProbe¶

Readiness probe configuration.

Propertys¶

Host¶

Hostname used for TCP readiness probes.

IntervalMs¶

Interval (milliseconds) between probe attempts.

MaxAttempts¶

Maximum number of consecutive failed attempts before declaring unhealthy.

Port¶

TCP port used for readiness probing.

TimeoutMs¶

Timeout (milliseconds) before the probe is considered failed.

Type¶

Type of probe executed to determine readiness.

Url¶

Absolute URL probed for HTTP readiness checks.

RestartPolicy¶

Restart policy.

Fields¶

Always¶

Always restart regardless of exit code.

Never¶

Never restart the component automatically.

OnFailure¶

Restart only when the process exits with a failure code.

RetentionCliConfig¶

CLI configuration for retention management verbs.

Propertys¶

ExportRoot¶

Root directory where CLI exports should be written.

RequireAdmin¶

When true, retention CLI commands require elevated administrator privileges.

RetentionFeatureConfig¶

Retention feature configuration for Supervisor CLI and interim automation.

Propertys¶

Cli¶

CLI-specific requirements (admin gating, export paths).

LegalHoldPath¶

Path to the legal holds JSON file.

PolicyPath¶

Path to the retention policy JSON file.

SecurityConfig¶

Security validation configuration.

Propertys¶

TrustedPublisher¶

Trusted publisher certificate subject (e.g., CN=SmrtRun Labs).

ValidateHashCatalog¶

Validate hash catalog before launching components (production mode).

ValidateSignatures¶

Validate Authenticode signatures before launching components (production mode).

StorageGuardAutomationConfig¶

Automation controls for Storage Guard detector responses.

Methods¶

GetCooldownInterval()¶

Calculates the cooldown interval enforced between exports.

Propertys¶

CooldownMinutes¶

Minutes to wait between automated exports for the same trigger category.

Enabled¶

Turns the automation hooks on/off (Storage Guard telemetry must also be enabled).

ExportDestinationOverride¶

Optional override for evidence export destination.

ExportOnAclDrift¶

Automatically export retention evidence when ACL drift is detected.

ExportOnQuotaCritical¶

Automatically export retention evidence when quota risk moves into Critical.

ExportOnQuotaWarning¶

Automatically export retention evidence when quota risk moves into Warning.

MinimumAclDriftCount¶

Minimum number of ACL drift entries that must be present before automation fires.

OperatorIdentity¶

Operator identity recorded in manifests when automation exports evidence.

StorageGuardClientConfig¶

Configuration for the Storage Guard service client integration.

Methods¶

Validate(bool param0)¶

Validates the configuration when the integration is enabled.

Propertys¶

AllowDevelopmentCertificatelessAuth¶

Allow development environments to skip mutual TLS (shared-secret only).

AllowInvalidServerCertificate¶

Allow bypassing server certificate validation (dev only).

BaseUrl¶

Base URL for the Storage Guard service (must be HTTPS).

ClientCertificate¶

Client certificate presented for mutual TLS.

Enabled¶

Enables integration with the Storage Guard service host.

SharedSecretHeader¶

Header name used for shared-secret authentication.

SignatureEndpoint¶

Relative endpoint returning the matching signature document.

SnapshotEndpoint¶

Relative endpoint returning the latest snapshot JSON.

TimeoutSeconds¶

HTTP timeout in seconds when calling the service.

StorageGuardTelemetryConfig¶

Telemetry polling controls for Storage Guard insights.

Methods¶

GetRefreshInterval()¶

Returns a sanitized refresh interval honoring the floor.

Propertys¶

EmitStructuredLogs¶

Emit structured log events for ACL/quota results whenever telemetry refreshes.

Enabled¶

Turns the background polling service on/off (requires StorageGuardClient.Enabled).

RefreshIntervalSeconds¶

Polling cadence in seconds for refreshing telemetry (min 30 seconds enforced).

StorageGuardTrustConfig¶

Trust-root configuration for Storage Guard signature validation workflows.

Propertys¶

TrustRootPaths¶

Paths to storage-guard-secret.json files whose keys should be trusted during verification.

SupervisionConfig¶

Supervision policy configuration.

Propertys¶

GlobalRestartLimit¶

Maximum global restarts across all components within GlobalRestartWindowSeconds. If exceeded, storm guard pauses all restarts.

GlobalRestartWindowSeconds¶

Time window (seconds) for GlobalRestartLimit.

ShutdownTimeoutSeconds¶

Maximum time to wait for graceful shutdown of all components (seconds). After this, Job Object will force-kill remaining processes.

StableUptimeSeconds¶

Minimum uptime (seconds) before a successful run is considered stable and backoff is reset.

StormGuardCooldownSeconds¶

Storm guard cooldown period (seconds) after storm is detected.

SupervisorConfig¶

Root configuration for SmrtHub Supervisor. Loaded from appsettings.json with environment-specific overlays.

Propertys¶

ComplianceReport¶

Compliance report export defaults.

HealthEndpoint¶

Health endpoint configuration.

Retention¶

Retention policy and legal hold configuration for interim CLI workflows.

Security¶

Security validation settings.

StorageGuardAutomation¶

Automation hooks that respond to Storage Guard detector events.

StorageGuardClient¶

Settings for consuming signed Storage Guard snapshots from the dedicated service host.

StorageGuardTelemetry¶

Controls background telemetry polling + logging for Storage Guard insights.

StorageGuardTrust¶

Trust-root configuration for validating Storage Guard signatures via CLI.

Supervision¶

Supervision policies.

SystemSpecs¶

Controls capture of a machine-level system specs + capabilities snapshot at startup.

SystemSpecsConfig¶

Startup capture settings for the system specs snapshot.

Propertys¶

EnableWmi¶

Enable WMI probes (best-effort) for CPU/memory details.

Enabled¶

Enable writing the system specs snapshot during Supervisor startup.

TimeoutSeconds¶

Maximum total time budget (seconds) for capture + write.

WinRtTypeProbes¶

WinRT type names to probe via late-bound reflection (true when the type resolves in the current process).

WmiTimeoutMs¶

Timeout per WMI query in milliseconds.

Namespace: SmrtHubSupervisor.Control¶

ControlServer¶

Local-only control endpoint for Supervisor using a Windows named pipe. Accepts authenticated commands from the current user (no network exposure). Supports SHUTDOWN/STATUS, targeted RESTART, and pause/resume of automatic restarts.

Remarks

Creates a named-pipe control server bound to the current user.

Methods¶

ControlServer(Microsoft.Extensions.Logging.ILogger logger, Microsoft.Extensions.Hosting.IHostApplicationLifetime lifetime, SmrtHubSupervisor.Core.ProcessSupervisor supervisor)¶

Local-only control endpoint for Supervisor using a Windows named pipe. Accepts authenticated commands from the current user (no network exposure). Supports SHUTDOWN/STATUS, targeted RESTART, and pause/resume of automatic restarts.

Parameters

logger — Structured logger for diagnostics.
lifetime — Host lifetime used to trigger shutdown operations.
supervisor — Process supervisor that executes requested actions.

Remarks

Creates a named-pipe control server bound to the current user.

CreateServer()¶

Creates a single-client named pipe restricted to the current user and administrators.

Returns: A configured System.IO.Pipes.NamedPipeServerStream ready to accept connections.

ExecuteAsync(Threading.CancellationToken stoppingToken)¶

Starts the listener loop in the background while the host is running.

Parameters

stoppingToken — Token signaled when the host is shutting down.

Returns: A completed task once the listener loop is scheduled.

ListenLoop()¶

Accepts incoming connections and handles commands until cancellation is requested.

Returns: A task that completes when the server is canceled or faults.

Namespace: SmrtHubSupervisor.Core¶

ComponentProcess¶

Represents a supervised component: tracks lifecycle state, process handles, restart history, and readiness status while honoring per-component policies from the manifest.

Remarks

Initializes a new SmrtHubSupervisor.Core.ComponentProcess with manifest data and shared infrastructure.

Methods¶

ClearQuarantine()¶

Clears the quarantine flag so the component can be restarted manually.

ComponentProcess(SmrtHubSupervisor.Config.ComponentDefinition definition, SmrtHubSupervisor.Core.JobObjectManager jobObjectManager, SmrtHubSupervisor.Core.ReadinessProbeExecutor probeExecutor, SmrtHubSupervisor.Config.SupervisorConfig config, Microsoft.Extensions.Logging.ILogger logger)¶

Represents a supervised component: tracks lifecycle state, process handles, restart history, and readiness status while honoring per-component policies from the manifest.

Parameters

definition — Component manifest definition.
jobObjectManager — Job object manager used for process containment.
probeExecutor — Executor for readiness probes.
config — Supervisor configuration snapshot.
logger — Structured logger scoped to the component.

Remarks

Initializes a new SmrtHubSupervisor.Core.ComponentProcess with manifest data and shared infrastructure.

GetBackoffDelay()¶

Computes the backoff delay for the current restart attempt including jitter.

Returns: The randomized backoff duration.

IncrementRestart()¶

Increments the restart count and quarantines the component when limits are exceeded.

OnProcessExited(object sender, EventArgs e)¶

Handles the process exit event and updates lifecycle metadata.

Parameters

sender — Process raising the event.
e — Event payload.

ShouldRestart()¶

Determines whether the component should be restarted according to its policy and exit code.

Returns: true when the supervisor should schedule a restart; otherwise, false.

StartAsync(Threading.CancellationToken cancellationToken)¶

Starts the component process and runs any configured readiness probe.

Parameters

cancellationToken — Token used to abort startup or readiness waits.

Returns: true when the process launches successfully; otherwise, false.

StopAsync(Threading.CancellationToken cancellationToken)¶

Stops the component process gracefully and falls back to termination when required.

Parameters

cancellationToken — Token used to cap wait durations.

Returns: A task that completes when shutdown handling finishes.

Propertys¶

DisplayName¶

Friendly name used for logging and telemetry.

Id¶

Stable identifier sourced from the manifest.

IsQuarantined¶

Indicates whether the component is quarantined due to excessive failures.

LastExitCode¶

Exit code from the last terminated process, if available.

LastStartTime¶

UTC timestamp when the process most recently started.

LastStopTime¶

UTC timestamp when the process most recently stopped.

Process¶

Live process handle when the component is running.

RestartCount¶

Number of restart attempts performed in the current window.

State¶

Lifecycle state tracked for supervision decisions.

Uptime¶

Computed uptime while the component remains in the running state.

ComponentState¶

Component state.

Fields¶

Failed¶

Startup failed or the process crashed and awaits supervision.

Quarantined¶

Supervisor disabled automatic restarts due to repeated failures.

Ready¶

Component passed readiness checks and is healthy.

Running¶

Component process is running but readiness is unknown.

Starting¶

Component is launching but not yet ready.

Stopped¶

Component is not running and has no active process.

JobObjectManager¶

Manages Windows Job Objects for process containment and cleanup. All supervised processes are assigned to a single Job Object. When the Supervisor exits, the Job Object automatically terminates all child processes.

Methods¶

AssignProcess(Diagnostics.Process process)¶

Assigns a process to the job object for containment.

Parameters

process — Process instance to contain.

Returns: true if the handle was attached; otherwise, false.

Dispose()¶

Releases job object handles and terminates any remaining child processes.

JobObjectManager(Microsoft.Extensions.Logging.ILogger logger)¶

Initializes the job object infrastructure and configures kill-on-close semantics.

Parameters

logger — Structured logger for containment diagnostics.

ProcessSupervisor¶

Central coordinator for all supervised components: handles dependency-aware startup, automatic restarts with backoff and storm guard, quarantine, and operator controls.

Methods¶

CheckGlobalRestartLimit()¶

Checks the global restart limit (storm guard) and activates the guard when thresholds are exceeded.

Returns: true when another restart may proceed; otherwise, false.

ComputeStartOrder()¶

Computes component start order based on dependencies (topological sort).

Returns: Ordered list of component identifiers for dependency-safe startup.

GetStatusSnapshot()¶

Creates an immutable snapshot of supervisor and component state for status requests.

Returns: An anonymous object shaped for JSON serialization.

MonitorAsync(Threading.CancellationToken cancellationToken)¶

Monitors component health, schedules restarts, and enforces storm guard rules.

Parameters

cancellationToken — Token that stops monitoring when signaled.

Returns: A task that runs until cancellation is requested.

PauseRestarts()¶

Temporarily pauses automatic restart scheduling at operator request.

ProcessSupervisor(Microsoft.Extensions.Logging.ILogger logger, SmrtHubSupervisor.Config.ComponentManifest manifest, SmrtHubSupervisor.Config.SupervisorConfig config, SmrtHubSupervisor.Core.JobObjectManager jobObjectManager, Microsoft.Extensions.Logging.ILoggerFactory loggerFactory)¶

Creates a new process supervisor with manifest metadata and infrastructure services.

Parameters

logger — Logger used for supervisor diagnostics.
manifest — Validated manifest describing supervised components.
config — Supervisor configuration snapshot.
jobObjectManager — Job object manager for process containment.
loggerFactory — Factory used to create per-component loggers.

RestartComponentAsync(string componentId, Threading.CancellationToken cancellationToken)¶

Restarts a specific component as part of a manual operator action.

Parameters

componentId — Identifier of the component to restart.
cancellationToken — Token used to abort the restart.

Returns: true when the component restarts successfully; otherwise, false.

ResumeRestarts()¶

Resumes automatic restarts after an operator pause.

StartAllAsync(Threading.CancellationToken cancellationToken)¶

Starts every component respecting dependency order defined in the manifest.

Parameters

cancellationToken — Token that aborts startup.

Returns: A task that completes when all components are started or cancellation occurs.

StartComponentWithDependenciesAsync(SmrtHubSupervisor.Core.ComponentProcess component, Threading.CancellationToken cancellationToken)¶

Starts a single component after confirming each dependency reports ready.

Parameters

component — Component to start.
cancellationToken — Token used to abort dependency waits.

Returns: A task that completes once the component start attempt finishes.

StopAllAsync(Threading.CancellationToken cancellationToken)¶

Stops all supervised components and prevents further restarts.

Parameters

cancellationToken — Token used to bound shutdown waits.

Returns: A task that completes when every component has been asked to stop.

Propertys¶

Components¶

Live map of component identifiers to their supervised process instances.

ReadinessProbeExecutor¶

Executes readiness probes (HTTP, TCP, or none) for a component.

Remarks

Creates a new readiness probe executor with HTTP client infrastructure.

Methods¶

ProbeAsync(SmrtHubSupervisor.Config.ComponentDefinition component, Threading.CancellationToken cancellationToken)¶

Execute readiness probe and return true if component is ready.

Parameters

component — Component definition containing probe configuration.
cancellationToken — Token used to abort probe attempts.

Returns: true when readiness is confirmed; otherwise, false.

ProbeHttpAsync(string componentId, SmrtHubSupervisor.Config.ReadinessProbe probe, Threading.CancellationToken cancellationToken)¶

Executes an HTTP readiness probe for the specified component.

Parameters

componentId — Identifier used for logging.
probe — Probe configuration.
cancellationToken — Token used to cancel the request.

Returns: true when a successful HTTP status code is returned; otherwise, false.

ProbeTcpAsync(string componentId, SmrtHubSupervisor.Config.ReadinessProbe probe, Threading.CancellationToken cancellationToken)¶

Executes a TCP readiness probe for the specified component.

Parameters

componentId — Identifier used for logging.
probe — Probe configuration.
cancellationToken — Token used to cancel the connection attempt.

Returns: true when the TCP connection is established; otherwise, false.

ReadinessProbeExecutor(Microsoft.Extensions.Logging.ILogger logger)¶

Executes readiness probes (HTTP, TCP, or none) for a component.

Parameters

logger — Logger used for probe diagnostics.

Remarks

Creates a new readiness probe executor with HTTP client infrastructure.

Namespace: SmrtHubSupervisor.Diagnostics¶

DiagnosticsCollector¶

Collects diagnostics data and generates a bundle (zip file) for troubleshooting. Stub for Phase 2.

Remarks

Initializes the diagnostics collector stub.

Methods¶

DiagnosticsCollector(Microsoft.Extensions.Logging.ILogger logger)¶

Collects diagnostics data and generates a bundle (zip file) for troubleshooting. Stub for Phase 2.

Parameters

logger — Logger used for stub telemetry.

Remarks

Initializes the diagnostics collector stub.

GenerateBundle()¶

Generates a placeholder diagnostics bundle until Phase 2 ships.

Returns: The synthetic bundle name.

SystemEventMonitor¶

Emits structured logs for Windows power and session changes so operators can correlate system state with Supervisor activity.

Methods¶

SystemEventMonitor(Microsoft.Extensions.Logging.ILogger param0)¶

Emits structured logs for Windows power and session changes so operators can correlate system state with Supervisor activity.

SystemSpecsCaptureHostedService¶

Captures a machine-level system specs + capabilities snapshot once per Supervisor startup.

Methods¶

SystemSpecsCaptureHostedService(Microsoft.Extensions.Logging.ILogger param0, SmrtHubSupervisor.Config.SupervisorConfig param1)¶

Captures a machine-level system specs + capabilities snapshot once per Supervisor startup.

Namespace: SmrtHubSupervisor.Health¶

ComponentMetrics¶

Component-level metrics snapshot included in health responses.

Propertys¶

DisplayName¶

Display name rendered in health output.

Id¶

Component identifier from the manifest.

LastExitCode¶

Most recent exit code if the process has stopped.

Quarantined¶

Indicates whether supervision quarantined the component.

Restarts¶

Total timed restarts observed for the component.

State¶

Current lifecycle state as text.

Uptime¶

Formatted uptime string when available.

HealthEndpoint¶

Health endpoint hosted service (HTTP listener). Exposes /healthz endpoint with current supervisor and component states.

Remarks

Creates a new health endpoint hosted service.

Methods¶

ExecuteAsync(Threading.CancellationToken stoppingToken)¶

Boots the HTTP listener and serves /healthz responses while enabled.

Parameters

stoppingToken — Token signaled when the host is shutting down.

Returns: A task that completes when the service stops.

HandleRequest(Net.HttpListenerContext context)¶

Handles a single HTTP request against the health endpoint.

Parameters

context — HTTP listener context to respond to.

HealthEndpoint(Microsoft.Extensions.Logging.ILogger logger, SmrtHubSupervisor.Config.SupervisorConfig config, SmrtHubSupervisor.Health.HealthMonitor healthMonitor)¶

Health endpoint hosted service (HTTP listener). Exposes /healthz endpoint with current supervisor and component states.

Parameters

logger — Logger for endpoint diagnostics.
config — Supervisor configuration controlling endpoint exposure.
healthMonitor — Health monitor that provides metrics.

Remarks

Creates a new health endpoint hosted service.

StopAsync(Threading.CancellationToken cancellationToken)¶

Stops the HTTP listener and releases associated resources.

Parameters

cancellationToken — Token signaled during shutdown.

Returns: A task that completes after base shutdown logic runs.

HealthMonitor¶

Health monitor service (placeholder for future advanced health checks).

Remarks

Creates a health monitor wrapper over the metrics collector.

Methods¶

GetCurrentHealth()¶

Retrieves the latest supervisor metrics snapshot.

Returns: Structured health information for the supervisor and components.

HealthMonitor(Microsoft.Extensions.Logging.ILogger logger, SmrtHubSupervisor.Health.MetricsCollector metricsCollector)¶

Health monitor service (placeholder for future advanced health checks).

Parameters

logger — Logger for health monitor diagnostics.
metricsCollector — Metrics collector that provides supervisor data.

Remarks

Creates a health monitor wrapper over the metrics collector.

MetricsCollector¶

Collects metrics from all supervised components.

Remarks

Initializes a metrics collector bound to the running supervisor.

Methods¶

CollectMetrics()¶

Collects supervisor-level metrics and component summaries for health reporting.

Returns: A SmrtHubSupervisor.Health.SupervisorMetrics snapshot.

FormatTimeSpan(TimeSpan ts)¶

Formats a System.TimeSpan into an Hh Mm Ss representation.

Parameters

ts — Time span to format.

Returns: Formatted duration string.

MetricsCollector(Microsoft.Extensions.Logging.ILogger logger, SmrtHubSupervisor.Core.ProcessSupervisor supervisor, SmrtHubSupervisor.StorageGuard.StorageGuardTelemetryCache storageGuardTelemetryCache)¶

Collects metrics from all supervised components.

Parameters

logger — Logger used for metrics diagnostics.
supervisor — Supervisor instance supplying component state.
storageGuardTelemetryCache — Cache providing the latest Storage Guard snapshot.

Remarks

Initializes a metrics collector bound to the running supervisor.

StorageGuardAclSummary¶

Simplified ACL summary for health consumers.

Propertys¶

Identifier¶

Stable slug describing which target directory was inspected.

InheritsFromParent¶

True when ACL inheritance remains enabled.

Message¶

Narrative message describing the finding.

MissingPrincipals¶

Principals that were expected but missing.

Path¶

Absolute path captured in the telemetry.

Status¶

Outcome of the ACL inspection.

Target¶

Friendly display name for the inspected directory.

StorageGuardIssueSummary¶

Simplified issue summary for the health endpoint payload.

Propertys¶

Code¶

Stable issue code emitted from the guard.

Message¶

Human-readable description of the issue.

Severity¶

Severity classification assigned by the guard.

StorageGuardMetricsSummary¶

Storage Guard telemetry summary exposed through the health endpoint.

Propertys¶

AclDriftCount¶

Total ACL drift items (non-healthy insights).

AclInsights¶

ACL inspection outcomes for evidence directories.

AvailableBytes¶

Remaining free space in bytes.

CapturedAtUtc¶

Original capture timestamp emitted by the guard.

CriticalThresholdBytes¶

Critical threshold used when calculating the risk.

DataAvailable¶

Indicates telemetry data exists for the current supervisor session.

FetchedAtUtc¶

Supervisor-side timestamp for when the data was fetched.

FreePercent¶

Percentage of free space remaining.

Issues¶

Guard issues surfaced during the latest run.

QuotaMessage¶

Human-readable narrative about the quota forecast.

QuotaRisk¶

Risk level derived from the quota forecast.

RetentionConfigHash¶

SHA-256 hash of the active retention configuration when available.

SignatureVerified¶

Indicates whether signature verification succeeded.

SignedAtUtc¶

Timestamp when the guard signed the snapshot document.

SmrtSpaceName¶

Friendly SmrtSpace name resolved by Storage Guard.

SmrtSpaceRoot¶

Absolute SmrtSpace root observed during the snapshot.

TotalBytes¶

Total volume capacity in bytes.

WarningThresholdBytes¶

Warning threshold used when calculating the risk.

SupervisorMetrics¶

Aggregated supervisor metrics exposed via the health endpoint.

Propertys¶

Components¶

Metrics for each managed component.

SessionId¶

Unique identifier for the current supervision session.

Status¶

High-level supervisor status (Running, Degraded, etc.).

StorageGuard¶

Latest Storage Guard telemetry summary when available.

Timestamp¶

UTC timestamp indicating when the snapshot was taken.

Uptime¶

Human-readable uptime for the supervisor process.

Namespace: SmrtHubSupervisor.Logging¶

SmrtHubLoggingProvider¶

Minimal ILoggerProvider that forwards logs to SmrtHub.Logging static Logger. Ensures all framework ILogger usages write into the canonical Smrt logs.

Methods¶

CreateLogger(string categoryName)¶

Creates a logger that forwards Microsoft.Extensions.Logging events to SmrtHub.Logging.

Parameters

categoryName — Logging category.

Returns: An Microsoft.Extensions.Logging.ILogger instance.

Dispose()¶

No summary provided.

Namespace: SmrtHubSupervisor.Logging.SmrtHubLoggingProvider¶

SmrtHubForwardingLogger¶

No summary available.

Methods¶

IsEnabled(Microsoft.Extensions.Logging.LogLevel param0)¶

No summary provided.

Log(Microsoft.Extensions.Logging.LogLevel param0, Microsoft.Extensions.Logging.EventId param1, `0 param2, Exception param3, Func<`0, Exception, string> param4)¶

No summary provided.

Microsoft#Extensions#Logging#ILogger#BeginScope(``0 param0)¶

No summary provided.

Namespace: SmrtHubSupervisor.Logging.SmrtHubLoggingProvider.SmrtHubForwardingLogger¶

NullScope¶

No summary available.

Methods¶

Dispose()¶

No summary provided.

Namespace: SmrtHubSupervisor.Retention¶

IRetentionEvidenceExporter¶

Contract for emitting retention evidence exports that both the CLI and automation can reuse.

Methods¶

Export(SmrtHubSupervisor.Config.RetentionFeatureConfig config, string operatorIdentity, string destinationOverride, Action progressWriter, Threading.CancellationToken cancellationToken)¶

Copies the retention artifacts into a timestamped evidence directory.

Parameters

config — Retention settings (paths + CLI defaults).
operatorIdentity — Identity recorded in the manifest.
destinationOverride — Optional destination; defaults to configured export root.
progressWriter — Optional callback for status lines.
cancellationToken — Cancellation token for long-running copies.

Returns: Export result describing the destination and copied files.

RetentionEvidenceExportResult¶

Result describing the export directory and artifacts captured.

Methods¶

RetentionEvidenceExportResult(string param0, Collections.Generic.IReadOnlyList param1)¶

Result describing the export directory and artifacts captured.

RetentionEvidenceExporter¶

Default implementation that copies retention policy/hold artifacts and emits a manifest.

RetentionVerificationValidationResult¶

Result emitted by retention verification signature validation.

RetentionVerificationValidator¶

Validates retention verification artifacts against trusted Storage Guard secrets.

Methods¶

ValidateAsync(string evidencePath, string signaturePath, Collections.Generic.IReadOnlyList trustSecrets, Threading.CancellationToken cancellationToken)¶

Validates the retention verification payload and signature using the supplied trust roots.

Parameters

evidencePath — Path to retention-verification.json (defaults to canonical path when null/empty).
signaturePath — Path to retention-verification.sig (defaults to canonical path when null/empty).
trustSecrets — Shared secrets trusted for HMAC verification.
cancellationToken — Cancellation token for file IO.

Namespace: SmrtHubSupervisor.Security¶

AuthorizationService¶

Authorization service for CLI and health endpoint access. Stub for Phase 2.

Remarks

Initializes the authorization stub for Phase 1.

Methods¶

AuthorizationService(Microsoft.Extensions.Logging.ILogger logger)¶

Authorization service for CLI and health endpoint access. Stub for Phase 2.

Parameters

logger — Logger used for authorization diagnostics.

Remarks

Initializes the authorization stub for Phase 1.

IsAuthorized(string[] allowedGroups)¶

Determines whether the current principal is authorized to perform the requested operation.

Parameters

allowedGroups — Group whitelist configured for the operation.

Returns: true for Phase 1 stub behavior.

HashCatalogValidator¶

Validates component executable hashes against HashCatalog.json (production mode). Stub for Phase 2.

Remarks

Initializes the hash catalog validator stub.

Methods¶

HashCatalogValidator(Microsoft.Extensions.Logging.ILogger logger)¶

Validates component executable hashes against HashCatalog.json (production mode). Stub for Phase 2.

Parameters

logger — Logger used for validator diagnostics.

Remarks

Initializes the hash catalog validator stub.

ValidateHash(string executablePath)¶

Validates an executable against the hash catalog.

Parameters

executablePath — Absolute path to the executable under validation.

Returns: true for Phase 1 stub behavior.

SignatureValidator¶

Validates Authenticode signatures on component executables (production mode). Stub for Phase 2.

Remarks

Initializes the signature validator stub.

Methods¶

SignatureValidator(Microsoft.Extensions.Logging.ILogger logger)¶

Validates Authenticode signatures on component executables (production mode). Stub for Phase 2.

Parameters

logger — Logger used for signature validation diagnostics.

Remarks

Initializes the signature validator stub.

ValidateSignature(string executablePath, string trustedPublisher)¶

Validates an executable's Authenticode signature against the trusted publisher.

Parameters

executablePath — Path to the executable under validation.
trustedPublisher — Expected publisher subject.

Returns: true for Phase 1 stub behavior.

Namespace: SmrtHubSupervisor.StorageGuard¶

DisabledStorageGuardSnapshotSource¶

Disabled implementation used when the integration is turned off.

IStorageGuardSnapshotSource¶

Abstraction for retrieving signed Storage Guard snapshots.

Methods¶

FetchAsync(Threading.CancellationToken cancellationToken)¶

Attempts to fetch the latest signed snapshot.

Parameters

cancellationToken — Token used to cancel the fetch.

Returns: The signed snapshot when available, otherwise null.

StorageGuardAutomationCoordinator¶

Coordinates automation workflows that react to Storage Guard detector data (quota or ACL drift).

Methods¶

ProcessAsync(SmrtHubSupervisor.StorageGuard.StorageGuardTelemetryEntry param0, Threading.CancellationToken param1)¶

Evaluates a telemetry entry and triggers retention exports when detector thresholds are met.

StorageGuardAutomationCoordinator(Microsoft.Extensions.Logging.ILogger param0, SmrtHubSupervisor.Config.SupervisorConfig param1, SmrtHubSupervisor.Retention.IRetentionEvidenceExporter param2)¶

Coordinates automation workflows that react to Storage Guard detector data (quota or ACL drift).

StorageGuardHttpSnapshotSource¶

HTTP-backed implementation that calls the Storage Guard service host.

Methods¶

StorageGuardHttpSnapshotSource(Smrt.Infrastructure.StorageGuard.StorageGuardSignedSnapshotClient param0, Microsoft.Extensions.Logging.ILogger param1)¶

HTTP-backed implementation that calls the Storage Guard service host.

StorageGuardTelemetryCache¶

Thread-safe cache that shares the most recent Storage Guard telemetry snapshot across the supervisor host.

Methods¶

GetLatest()¶

Retrieves the latest telemetry entry when one has been cached.

Returns: The cached telemetry entry or null when no data has been published yet.

Update(SmrtHubSupervisor.StorageGuard.StorageGuardTelemetryEntry entry)¶

Stores a newly fetched telemetry entry.

Parameters

entry — Telemetry entry created from a verified signed snapshot.

StorageGuardTelemetryEntry¶

Container for the last successfully fetched Storage Guard snapshot + metadata about the polling cycle.

Remarks

Creates a telemetry entry that pairs the signed snapshot with its fetch timestamp.

Methods¶

StorageGuardTelemetryEntry(Smrt.Infrastructure.StorageGuard.StorageGuardSignedSnapshot signedSnapshot, DateTimeOffset fetchedAtUtc)¶

Container for the last successfully fetched Storage Guard snapshot + metadata about the polling cycle.

Parameters

signedSnapshot — Snapshot payload that already passed signature verification.
fetchedAtUtc — UTC timestamp describing when the supervisor retrieved the snapshot.

Remarks

Creates a telemetry entry that pairs the signed snapshot with its fetch timestamp.

Propertys¶

FetchedAtUtc¶

UTC timestamp indicating when the supervisor fetched this snapshot.

SignedSnapshot¶

Signed snapshot payload as returned by the Storage Guard service host.

StorageGuardTelemetryService¶

Background worker that periodically fetches Storage Guard telemetry for downstream metrics + logging.

Methods¶

RunOnceAsync(Threading.CancellationToken cancellationToken)¶

Exposes a single polling iteration for unit tests so they can validate cache + logging behavior deterministically.

Parameters

cancellationToken — Token that cancels the fetch.

Returns: A task that completes after one poll attempt.

StorageGuardTelemetryService(Microsoft.Extensions.Logging.ILogger param0, SmrtHubSupervisor.StorageGuard.IStorageGuardSnapshotSource param1, SmrtHubSupervisor.StorageGuard.StorageGuardTelemetryCache param2, SmrtHubSupervisor.Config.SupervisorConfig param3, SmrtHubSupervisor.StorageGuard.StorageGuardAutomationCoordinator param4)¶

Background worker that periodically fetches Storage Guard telemetry for downstream metrics + logging.