generated from coulomb/repo-seed
feat: add deployment zone overlays
This commit is contained in:
47
tests/test_deployment_zone_inventory.py
Normal file
47
tests/test_deployment_zone_inventory.py
Normal file
@@ -0,0 +1,47 @@
|
||||
from __future__ import annotations
|
||||
|
||||
from pathlib import Path
|
||||
|
||||
import yaml
|
||||
|
||||
|
||||
def test_deployment_zone_inventory_covers_current_scenarios() -> None:
|
||||
inventory = yaml.safe_load(
|
||||
Path("fabric/discovery/snapshots/2026-05-24-deployment-zone-inventory.yaml").read_text(encoding="utf-8")
|
||||
)
|
||||
|
||||
surfaces = inventory["surfaces"]
|
||||
scenarios = {surface["deployment_scenario"] for surface in surfaces}
|
||||
environments = {surface["deployment_environment"] for surface in surfaces}
|
||||
|
||||
assert {"bernd-laptop", "coulombcore", "railiance01"} <= scenarios
|
||||
assert {"dev", "test", "prod"} <= environments
|
||||
|
||||
dev_routes = [
|
||||
surface["route_evidence"]
|
||||
for surface in surfaces
|
||||
if surface["deployment_environment"] == "dev"
|
||||
]
|
||||
assert {route["port"] for route in dev_routes} >= {3000, 8000, 8001, 8765, 8876}
|
||||
|
||||
test_routes = [
|
||||
surface
|
||||
for surface in surfaces
|
||||
if surface["deployment_scenario"] == "coulombcore"
|
||||
]
|
||||
assert all(surface["routing_authority"] == "ops-bridge" for surface in test_routes)
|
||||
assert all(surface["policy_authority"] == "ops-bridge-ssh" for surface in test_routes)
|
||||
|
||||
prod_hosts = {
|
||||
surface["route_evidence"]["hostname"]
|
||||
for surface in surfaces
|
||||
if surface["deployment_scenario"] == "railiance01"
|
||||
}
|
||||
assert {"gitea.coulomb.social", "vergabe-teilnahme.whywhynot.de", "auth.coulomb.social"} <= prod_hosts
|
||||
|
||||
ambiguity_ids = {item["id"] for item in inventory["ambiguities"]}
|
||||
assert "railiance01-coulombcore-ip-conflict" in ambiguity_ids
|
||||
assert {item["surface_id"] for item in inventory["missing_policy_authority"]} >= {
|
||||
"prod.railiance01.gitea",
|
||||
"prod.railiance01.vergabe-teilnahme",
|
||||
}
|
||||
@@ -52,6 +52,11 @@ def test_graph_explorer_manifest_and_payload_validate() -> None:
|
||||
}
|
||||
filter_labels = {field["id"]: field["label"] for field in manifest["filter"]["fields"]}
|
||||
assert filter_labels["layer"] == "Node Type"
|
||||
assert filter_labels["deploymentEnvironment"] == "Deployment Environment"
|
||||
assert filter_labels["accessZone"] == "Access Zone"
|
||||
assert {"by-deployment-environment", "by-deployment-scenario", "by-routing-authority", "by-access-zone"} <= {
|
||||
mode["id"] for mode in manifest["modes"]
|
||||
}
|
||||
nodes = [element for element in payload["elements"] if "source" not in element["data"]]
|
||||
edges = [element for element in payload["elements"] if "source" in element["data"]]
|
||||
registered_only = next(
|
||||
@@ -164,7 +169,19 @@ def test_graph_explorer_presents_legacy_server_nodes_as_runtime_entities() -> No
|
||||
"repo": "fixture-repo",
|
||||
"domain": "testing",
|
||||
"lifecycle": "active",
|
||||
"attributes": {"host": "gitea.example.test", "server_type": "ingress-host"},
|
||||
"attributes": {
|
||||
"host": "gitea.example.test",
|
||||
"server_type": "ingress-host",
|
||||
"deployment_overlay": {
|
||||
"deployment_environment": "test",
|
||||
"deployment_scenario": "coulombcore",
|
||||
"routing_authority": "kubernetes",
|
||||
"access_zone": "early-access",
|
||||
"policy_authority": "netkingdom-iam",
|
||||
"exposure_class": "early-access",
|
||||
"route_evidence": {"hostname": "gitea.example.test", "port": 443, "protocol": "tcp"},
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
"id": "fixture.server.gitea.default.svc.cluster.local",
|
||||
@@ -217,6 +234,12 @@ def test_graph_explorer_presents_legacy_server_nodes_as_runtime_entities() -> No
|
||||
|
||||
assert nodes_by_id["fixture.server.gitea.example.test"]["kind"] == "ApplicationEndpoint"
|
||||
assert nodes_by_id["fixture.server.gitea.example.test"]["layer"] == "application"
|
||||
assert nodes_by_id["fixture.server.gitea.example.test"]["deploymentEnvironment"] == "test"
|
||||
assert nodes_by_id["fixture.server.gitea.example.test"]["deploymentScenario"] == "coulombcore"
|
||||
assert nodes_by_id["fixture.server.gitea.example.test"]["accessZone"] == "early-access"
|
||||
assert nodes_by_id["fixture.server.gitea.example.test"]["policyAuthority"] == "netkingdom-iam"
|
||||
assert nodes_by_id["fixture.server.gitea.example.test"]["routeHostname"] == "gitea.example.test"
|
||||
assert nodes_by_id["fixture.server.gitea.example.test"]["routePort"] == 443
|
||||
assert nodes_by_id["fixture.server.gitea.default.svc.cluster.local"]["kind"] == "RuntimeService"
|
||||
assert nodes_by_id["fixture.server.gitea.default.svc.cluster.local"]["layer"] == "runtime_service"
|
||||
edge_types = {
|
||||
@@ -387,6 +410,12 @@ def test_registry_serves_graph_explorer_exports(tmp_path: Path) -> None:
|
||||
assert "updateLabelVisibility" in page
|
||||
assert "ruleActionFor" in page
|
||||
assert "ruleRemovalSignature" in page
|
||||
assert "zoneModeFields" in page
|
||||
assert "renderMapOverview" in page
|
||||
assert "route without policy authority" in page
|
||||
assert "deploymentEnvironment" in page
|
||||
assert "routingAuthority" in page
|
||||
assert "accessZone" in page
|
||||
assert "Remove and redraw" in page
|
||||
assert "Rules are applied top to bottom" in page
|
||||
assert "showHelp" in page
|
||||
|
||||
@@ -309,6 +309,8 @@ def test_registry_accepts_financial_graph_and_materializes_vnext_fields(tmp_path
|
||||
assert graph["apiVersion"] == "railiance.fabric/v1alpha2"
|
||||
assert graph["schema_version"] == "financial-fabric-v1"
|
||||
assert graph["nodes"][0]["evidence"]["review_state"] == "accepted"
|
||||
assert graph["nodes"][0]["deployment_overlay"]["deployment_environment"] == "dev"
|
||||
assert graph["nodes"][0]["deployment_overlay"]["deployment_scenario"] == "bernd-laptop"
|
||||
assert edge["relationship_category"] == "utility"
|
||||
assert edge["boundary"]["crosses_fabric_boundary"] is False
|
||||
assert edge["boundary"]["crosses_subfabric_boundary"] is True
|
||||
@@ -558,6 +560,15 @@ def _financial_graph() -> dict:
|
||||
"subfabric_id": None,
|
||||
"environment": "local",
|
||||
},
|
||||
"deployment_overlay": {
|
||||
"deployment_environment": "dev",
|
||||
"deployment_scenario": "bernd-laptop",
|
||||
"routing_authority": "loopback",
|
||||
"access_zone": "private-dev",
|
||||
"policy_authority": "local-loopback-binding",
|
||||
"exposure_class": "local-only",
|
||||
"route_evidence": {"host": "127.0.0.1", "port": 8000, "protocol": "tcp"},
|
||||
},
|
||||
"ownership": {
|
||||
"owner_actor_id": "actor.railiance.primary-lord",
|
||||
"owner_role": "lord",
|
||||
|
||||
@@ -44,6 +44,14 @@ def test_scan_repo_emits_schema_valid_deterministic_snapshot(tmp_path: Path) ->
|
||||
assert nodes_by_label[("Lockfile", "package-lock.json")]["attributes"]["path"] == "package-lock.json"
|
||||
assert nodes_by_label[("ServiceConfig", "application.yaml")]["attributes"]["format"] == "yaml"
|
||||
assert nodes_by_label[("Server", "127.0.0.1")]["attributes"]["runtime_target_type"] == "compose-host"
|
||||
dev_overlay = nodes_by_label[("Server", "127.0.0.1")]["attributes"]["deployment_overlay"]
|
||||
assert dev_overlay["deployment_environment"] == "dev"
|
||||
assert dev_overlay["deployment_scenario"] == "bernd-laptop"
|
||||
assert dev_overlay["access_zone"] == "private-dev"
|
||||
assert dev_overlay["policy_authority"] == "local-loopback-binding"
|
||||
assert dev_overlay["exposure_class"] == "local-only"
|
||||
assert dev_overlay["routing_authority"] == "docker-compose"
|
||||
assert dev_overlay["route_evidence"]["port"] == 8080
|
||||
assert (
|
||||
nodes_by_label[("RuntimeService", "fixture-api.testing.svc.cluster.local")]["attributes"]["runtime_target_type"]
|
||||
== "kubernetes-service-dns"
|
||||
|
||||
Reference in New Issue
Block a user