This repository has been archived on 2026-07-08. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
core-hub/tests/test_operator_cli.py

131 lines
4.2 KiB
Python

import json
from core_hub.operator_cli import build_readiness_summary, collect_bootstrap_status
OPERATOR_HEADERS = {"Authorization": "Bearer operator-token"}
def _seed_ops_hub(client):
hub = client.post(
"/api/v2/hubs",
headers=OPERATOR_HEADERS,
json={
"slug": "ops-hub",
"name": "Ops Hub",
"domain": "ops.coulomb.social",
"hubKind": "domain",
"hubFamily": "vsm",
"vsmFunction": "OPS",
"vsmSystem": "1",
},
).json()
manifest = client.post(
"/api/v2/hub-capability-manifests",
headers=OPERATOR_HEADERS,
json={"hubId": hub["id"], "manifestVersion": "1.0"},
).json()
manifest = client.post(
f"/api/v2/hub-capability-manifests/{manifest['id']}/activate",
headers=OPERATOR_HEADERS,
).json()
consumer = client.post(
"/api/v2/api-consumers",
headers=OPERATOR_HEADERS,
json={"slug": "ops-hub", "name": "ops-hub", "hubCapabilityManifestId": manifest["id"]},
).json()
key = client.post(
f"/api/v2/api-consumers/{consumer['id']}/api-keys",
headers=OPERATOR_HEADERS,
json={"scopes": "framework:read hub:ops-hub:read hub:ops-hub:write"},
).json()["fullKey"]
runtime_headers = {"Authorization": f"Bearer {key}"}
widget = client.post(
"/api/v2/widgets",
headers=runtime_headers,
json={
"hubId": hub["id"],
"name": "Gitea Registry Readiness",
"widgetType": "ops-readiness-gate",
"capabilityRef": "ops:readiness:gitea-registry",
"viewContext": "ops-hub/readiness/gitea-registry",
"policyScope": "ops-registry",
},
).json()
client.post(
"/api/v2/interaction-events",
headers=runtime_headers,
json={
"widgetId": widget["id"],
"eventType": "ops-endpoint-verified",
"viewContext": "railiance-apps/workplans/RAIL-AP-WP-0001",
"metadata": {"expectedStatus": 401},
},
)
return key
def test_bootstrap_status_summarizes_ops_hub_without_secret_leak(client):
full_key = _seed_ops_hub(client)
report = collect_bootstrap_status(client, "operator-token")
assert report["ok"] is True
assert report["hubs"]["opsHubCandidates"][0]["slug"] == "ops-hub"
assert report["manifests"]["active"] == 1
assert report["apiConsumers"]["opsHubCandidates"][0]["keyPrefix"].startswith("ch_")
assert report["widgets"]["opsReadinessGates"] == 1
assert report["interactionEvents"]["opsEndpointVerified"] == 1
rendered = json.dumps(report, sort_keys=True)
assert full_key not in rendered
assert "operator-token" not in rendered
def test_readiness_summary_reports_cutover_ready_from_non_secret_evidence(tmp_path):
smoke = tmp_path / "smoke.json"
smoke.write_text(
json.dumps(
{
"ok": True,
"runId": "smoke-1",
"checks": [{"ok": True}],
"bootstrap": {"event": {"id": "event-1"}},
}
),
encoding="utf-8",
)
migration = tmp_path / "migration.json"
migration.write_text(
json.dumps(
{
"ok": True,
"dryRun": False,
"source": "inter-hub-haskell",
"bundleSha256": "abc",
"counts": {},
}
),
encoding="utf-8",
)
activity = tmp_path / "activity.json"
activity.write_text(json.dumps([{"status": "posted", "verified": True}]), encoding="utf-8")
report = build_readiness_summary(
deployed_smoke_report=smoke,
migration_report=migration,
activity_core_report=activity,
)
assert report["readyForCutover"] is True
assert "legacy_inter_hub_reference" in report["openGates"]
def test_readiness_summary_keeps_dry_run_import_open(tmp_path):
migration = tmp_path / "migration.json"
migration.write_text(json.dumps({"ok": True, "dryRun": True}), encoding="utf-8")
report = build_readiness_summary(migration_report=migration)
assert report["readyForCutover"] is False
assert "staging_import" in report["openGates"]