generated from coulomb/repo-seed
Implement PMEM-WP-0015 credentialed live pilot with ops-warden routing.
Add credential routing advisories via warden route/access, live pilot evidence helpers, managed deployment pilot probes, evaluation trend regression gates, and expanded troubleshooting. Update operator runbook and maturity scorecard.
This commit is contained in:
80
tests/test_pilot.py
Normal file
80
tests/test_pilot.py
Normal file
@@ -0,0 +1,80 @@
|
||||
import json
|
||||
from pathlib import Path
|
||||
|
||||
from phase_memory.pilot import (
|
||||
LIVE_PILOT_REPORT_SCHEMA,
|
||||
MANAGED_DEPLOYMENT_PILOT_SCHEMA,
|
||||
live_pilot_report,
|
||||
managed_deployment_pilot_report,
|
||||
write_live_pilot_evidence,
|
||||
)
|
||||
from phase_memory.service_app import ServiceAppConfig
|
||||
|
||||
FIXTURES = Path(__file__).parent / "fixtures"
|
||||
|
||||
|
||||
def test_managed_deployment_pilot_report_passes_local_probes(tmp_path) -> None:
|
||||
report = managed_deployment_pilot_report(
|
||||
ServiceAppConfig(host="127.0.0.1", port=8125, local_store_path=str(tmp_path)),
|
||||
platform="local",
|
||||
)
|
||||
|
||||
assert report["schema_version"] == MANAGED_DEPLOYMENT_PILOT_SCHEMA
|
||||
assert report["valid"] is True
|
||||
assert report["probes"]["health"]["ok"] is True
|
||||
assert report["probes"]["ready"]["ok"] is True
|
||||
assert report["local_store_mount"]["validated"] is True
|
||||
assert report["rollback"]["validated"] is True
|
||||
|
||||
|
||||
def test_live_pilot_report_redacts_secrets_and_marks_partial_live_evidence() -> None:
|
||||
environ = {
|
||||
"PHASE_MEMORY_MARKITECT_URL": "https://markitect.example.invalid",
|
||||
"PHASE_MEMORY_MARKITECT_TOKEN": "markitect-secret-token",
|
||||
"PHASE_MEMORY_KONTEXTUAL_URL": "https://kontextual.example.invalid",
|
||||
"PHASE_MEMORY_KONTEXTUAL_TOKEN": "kontextual-secret-token",
|
||||
}
|
||||
|
||||
report = live_pilot_report(
|
||||
environ,
|
||||
run_id="pytest",
|
||||
scenarios_path=FIXTURES / "evaluation-scenarios.json",
|
||||
operator_approved_fixture=True,
|
||||
)
|
||||
serialized = json.dumps(report, sort_keys=True)
|
||||
|
||||
assert report["schema_version"] == LIVE_PILOT_REPORT_SCHEMA
|
||||
assert report["tooling_verified"] is True
|
||||
assert report["live_evidence"]["credentialed_smoke"] is True
|
||||
assert report["live_evidence"]["managed_deployment_probes"] is True
|
||||
assert report["live_evidence"]["telemetry_retention"] is True
|
||||
assert report["sections"]["evaluation_regression_gate"]["valid"] is True
|
||||
assert "markitect-secret-token" not in serialized
|
||||
assert "https://kontextual.example.invalid" not in serialized
|
||||
|
||||
|
||||
def test_write_live_pilot_evidence_persists_redacted_artifacts(tmp_path) -> None:
|
||||
report = write_live_pilot_evidence(
|
||||
tmp_path,
|
||||
{},
|
||||
run_id="pytest",
|
||||
scenarios_path=FIXTURES / "evaluation-scenarios.json",
|
||||
operator_approved_fixture=True,
|
||||
)
|
||||
|
||||
expected_files = (
|
||||
"live-pilot-report.json",
|
||||
"credentialed-operator-report.json",
|
||||
"managed-deployment-pilot.json",
|
||||
"telemetry-retention-evidence.json",
|
||||
"evaluation-trend-history.json",
|
||||
"evaluation-regression-gate.json",
|
||||
"credential-routing-advisory.json",
|
||||
)
|
||||
for filename in expected_files:
|
||||
assert (tmp_path / filename).exists()
|
||||
|
||||
serialized = "".join((tmp_path / name).read_text(encoding="utf-8") for name in expected_files)
|
||||
assert report["live_evidence"]["credentialed_smoke"] is False
|
||||
assert "credential_env_missing" in serialized
|
||||
assert "warden access" in serialized or "warden_cli_unavailable" in serialized
|
||||
Reference in New Issue
Block a user