generated from coulomb/repo-seed
68 lines
1.8 KiB
Python
68 lines
1.8 KiB
Python
"""Tests for warden.models."""
|
|
from pathlib import Path
|
|
|
|
import pytest
|
|
|
|
from warden.models import (
|
|
ACTOR_PREFIX,
|
|
DEFAULT_TTL_HOURS,
|
|
ActorType,
|
|
CertSpec,
|
|
validate_actor_name,
|
|
)
|
|
|
|
|
|
def test_default_ttl_per_type():
|
|
assert DEFAULT_TTL_HOURS[ActorType.ADM] == 48
|
|
assert DEFAULT_TTL_HOURS[ActorType.AGT] == 24
|
|
assert DEFAULT_TTL_HOURS[ActorType.ATM] == 8
|
|
|
|
|
|
def test_actor_prefix_map():
|
|
assert ACTOR_PREFIX[ActorType.ADM] == "adm-"
|
|
assert ACTOR_PREFIX[ActorType.AGT] == "agt-"
|
|
assert ACTOR_PREFIX[ActorType.ATM] == "atm-"
|
|
|
|
|
|
@pytest.mark.parametrize("name,actor_type", [
|
|
("adm-bernd", ActorType.ADM),
|
|
("agt-incident-resolver-v2", ActorType.AGT),
|
|
("atm-backup-daily", ActorType.ATM),
|
|
])
|
|
def test_validate_actor_name_valid(name, actor_type):
|
|
validate_actor_name(name, actor_type) # should not raise
|
|
|
|
|
|
@pytest.mark.parametrize("name,actor_type", [
|
|
("bernd", ActorType.ADM),
|
|
("automation-backup", ActorType.ATM),
|
|
("agt-bridge", ActorType.ADM), # wrong type for prefix
|
|
("atm-backup", ActorType.AGT),
|
|
])
|
|
def test_validate_actor_name_invalid(name, actor_type):
|
|
with pytest.raises(ValueError, match="must start with"):
|
|
validate_actor_name(name, actor_type)
|
|
|
|
|
|
def test_certspec_default_identity():
|
|
spec = CertSpec(
|
|
actor_name="agt-test",
|
|
actor_type=ActorType.AGT,
|
|
pubkey_path=Path("/tmp/key.pub"),
|
|
ttl_hours=24,
|
|
principals=["agt-task-bridge"],
|
|
)
|
|
assert spec.identity == "agt-test"
|
|
|
|
|
|
def test_certspec_explicit_identity():
|
|
spec = CertSpec(
|
|
actor_name="agt-test",
|
|
actor_type=ActorType.AGT,
|
|
pubkey_path=Path("/tmp/key.pub"),
|
|
ttl_hours=24,
|
|
principals=["agt-task-bridge"],
|
|
identity="custom-identity",
|
|
)
|
|
assert spec.identity == "custom-identity"
|