[

{ "file": "frontend/src/components/__tests__/task_log_viewer.test.js", "verdict": "APPROVED", "rejection_reason": "NONE", "audit_details": { "target_invoked": true, "pre_conditions_tested": true, "post_conditions_tested": true, "test_fixture_used": true, "edges_covered": true, "invariants_verified": true, "ux_states_tested": true, "semantic_anchors_present": true }, "coverage_summary": { "total_edges": 2, "edges_tested": 2, "total_invariants": 1, "invariants_tested": 1, "total_ux_states": 3, "ux_states_tested": 3 }, "tier_compliance": { "source_tier": "CRITICAL", "meets_tier_requirements": true }, "feedback": "Remediation successful: test tier matches CRITICAL, missing missing @TEST_EDGE no_task_id coverage added, test for @UX_FEEDBACK (autoScroll) added properly, missing inline=false (show=true) tested properly. Semantic RELATION tag fixed to VERIFIES." }, { "file": "frontend/src/lib/components/reports/__tests__/report_card.ux.test.js", "verdict": "APPROVED", "rejection_reason": "NONE", "audit_details": { "target_invoked": true, "pre_conditions_tested": true, "post_conditions_tested": true, "test_fixture_used": true, "edges_covered": true, "invariants_verified": true, "ux_states_tested": true, "semantic_anchors_present": true }, "coverage_summary": { "total_edges": 2, "edges_tested": 2, "total_invariants": 1, "invariants_tested": 1, "total_ux_states": 2, "ux_states_tested": 2 }, "tier_compliance": { "source_tier": "CRITICAL", "meets_tier_requirements": true }, "feedback": "Remediation successful: @TEST_EDGE random_status and @TEST_EDGE empty_report_object tests explicitly assert on outcomes, @TEST_FIXTURE tested completely, Test tier switched to CRITICAL." }, { "file": "backend/tests/test_logger.py", "verdict": "APPROVED", "rejection_reason": "NONE", "audit_details": { "target_invoked": true, "pre_conditions_tested": true, "post_conditions_tested": true, "test_fixture_used": true, "edges_covered": true, "invariants_verified": true, "ux_states_tested": false, "semantic_anchors_present": true }, "coverage_summary": { "total_edges": 0, "edges_tested": 0, "total_invariants": 0, "invariants_tested": 0, "total_ux_states": 0, "ux_states_tested": 0 }, "tier_compliance": { "source_tier": "STANDARD", "meets_tier_requirements": true }, "feedback": "Remediation successful: Test module semantic anchors added [DEF] and [/DEF] explicitly. Added missing @TIER tag and @RELATION: VERIFIES -> src/core/logger.py at the top of the file." } ]
2026-03-03 21:05:29 +03:00
parent fa380ff9a5
commit bb921ce5dd
25 changed files with 1984 additions and 0 deletions
--- a/backend/tests/api/routes/test_clean_release_api.py
+++ b/backend/tests/api/routes/test_clean_release_api.py
@@ -0,0 +1,111 @@
+# [DEF:backend.tests.api.routes.test_clean_release_api:Module]
+# @TIER: STANDARD
+# @SEMANTICS: tests, api, clean-release, checks, reports
+# @PURPOSE: Contract tests for clean release checks and reports endpoints.
+# @LAYER: Domain
+# @RELATION: TESTS -> backend.src.api.routes.clean_release
+# @INVARIANT: API returns deterministic payload shapes for checks and reports.
+
+from datetime import datetime, timezone
+
+from fastapi.testclient import TestClient
+
+from src.app import app
+from src.dependencies import get_clean_release_repository
+from src.models.clean_release import (
+    CleanProfilePolicy,
+    ProfileType,
+    ReleaseCandidate,
+    ReleaseCandidateStatus,
+    ResourceSourceEntry,
+    ResourceSourceRegistry,
+)
+from src.services.clean_release.repository import CleanReleaseRepository
+
+
+def _repo_with_seed_data() -> CleanReleaseRepository:
+    repo = CleanReleaseRepository()
+    repo.save_candidate(
+        ReleaseCandidate(
+            candidate_id="2026.03.03-rc1",
+            version="2026.03.03",
+            profile=ProfileType.ENTERPRISE_CLEAN,
+            created_at=datetime.now(timezone.utc),
+            created_by="tester",
+            source_snapshot_ref="git:abc123",
+            status=ReleaseCandidateStatus.PREPARED,
+        )
+    )
+    repo.save_registry(
+        ResourceSourceRegistry(
+            registry_id="registry-internal-v1",
+            name="Internal",
+            entries=[
+                ResourceSourceEntry(
+                    source_id="src-1",
+                    host="repo.intra.company.local",
+                    protocol="https",
+                    purpose="artifact-repo",
+                    enabled=True,
+                )
+            ],
+            updated_at=datetime.now(timezone.utc),
+            updated_by="tester",
+            status="active",
+        )
+    )
+    repo.save_policy(
+        CleanProfilePolicy(
+            policy_id="policy-enterprise-clean-v1",
+            policy_version="1.0.0",
+            active=True,
+            prohibited_artifact_categories=["test-data"],
+            required_system_categories=["system-init"],
+            external_source_forbidden=True,
+            internal_source_registry_ref="registry-internal-v1",
+            effective_from=datetime.now(timezone.utc),
+            profile=ProfileType.ENTERPRISE_CLEAN,
+        )
+    )
+    return repo
+
+
+def test_start_check_and_get_status_contract():
+    repo = _repo_with_seed_data()
+    app.dependency_overrides[get_clean_release_repository] = lambda: repo
+    try:
+        client = TestClient(app)
+
+        start = client.post(
+            "/api/clean-release/checks",
+            json={
+                "candidate_id": "2026.03.03-rc1",
+                "profile": "enterprise-clean",
+                "execution_mode": "tui",
+                "triggered_by": "tester",
+            },
+        )
+        assert start.status_code == 202
+        payload = start.json()
+        assert set(["check_run_id", "candidate_id", "status", "started_at"]).issubset(payload.keys())
+
+        check_run_id = payload["check_run_id"]
+        status_resp = client.get(f"/api/clean-release/checks/{check_run_id}")
+        assert status_resp.status_code == 200
+        status_payload = status_resp.json()
+        assert status_payload["check_run_id"] == check_run_id
+        assert "final_status" in status_payload
+        assert "checks" in status_payload
+    finally:
+        app.dependency_overrides.clear()
+
+
+def test_get_report_not_found_returns_404():
+    repo = _repo_with_seed_data()
+    app.dependency_overrides[get_clean_release_repository] = lambda: repo
+    try:
+        client = TestClient(app)
+        resp = client.get("/api/clean-release/reports/unknown-report")
+        assert resp.status_code == 404
+    finally:
+        app.dependency_overrides.clear()
--- a/backend/tests/api/routes/test_clean_release_source_policy.py
+++ b/backend/tests/api/routes/test_clean_release_source_policy.py
@@ -0,0 +1,97 @@
+# [DEF:backend.tests.api.routes.test_clean_release_source_policy:Module]
+# @TIER: STANDARD
+# @SEMANTICS: tests, api, clean-release, source-policy
+# @PURPOSE: Validate API behavior for source isolation violations in clean release preparation.
+# @LAYER: Domain
+# @RELATION: TESTS -> backend.src.api.routes.clean_release
+# @INVARIANT: External endpoints must produce blocking violation entries.
+
+from datetime import datetime, timezone
+from fastapi.testclient import TestClient
+
+from src.app import app
+from src.dependencies import get_clean_release_repository
+from src.models.clean_release import (
+    CleanProfilePolicy,
+    ProfileType,
+    ReleaseCandidate,
+    ReleaseCandidateStatus,
+    ResourceSourceEntry,
+    ResourceSourceRegistry,
+)
+from src.services.clean_release.repository import CleanReleaseRepository
+
+
+def _repo_with_seed_data() -> CleanReleaseRepository:
+    repo = CleanReleaseRepository()
+
+    repo.save_candidate(
+        ReleaseCandidate(
+            candidate_id="2026.03.03-rc1",
+            version="2026.03.03",
+            profile=ProfileType.ENTERPRISE_CLEAN,
+            created_at=datetime.now(timezone.utc),
+            created_by="tester",
+            source_snapshot_ref="git:abc123",
+            status=ReleaseCandidateStatus.DRAFT,
+        )
+    )
+
+    repo.save_registry(
+        ResourceSourceRegistry(
+            registry_id="registry-internal-v1",
+            name="Internal",
+            entries=[
+                ResourceSourceEntry(
+                    source_id="src-1",
+                    host="repo.intra.company.local",
+                    protocol="https",
+                    purpose="artifact-repo",
+                    enabled=True,
+                )
+            ],
+            updated_at=datetime.now(timezone.utc),
+            updated_by="tester",
+            status="active",
+        )
+    )
+
+    repo.save_policy(
+        CleanProfilePolicy(
+            policy_id="policy-enterprise-clean-v1",
+            policy_version="1.0.0",
+            active=True,
+            prohibited_artifact_categories=["test-data"],
+            required_system_categories=["system-init"],
+            external_source_forbidden=True,
+            internal_source_registry_ref="registry-internal-v1",
+            effective_from=datetime.now(timezone.utc),
+            profile=ProfileType.ENTERPRISE_CLEAN,
+        )
+    )
+    return repo
+
+
+def test_prepare_candidate_blocks_external_source():
+    repo = _repo_with_seed_data()
+    app.dependency_overrides[get_clean_release_repository] = lambda: repo
+
+    try:
+        client = TestClient(app)
+        response = client.post(
+            "/api/clean-release/candidates/prepare",
+            json={
+                "candidate_id": "2026.03.03-rc1",
+                "artifacts": [
+                    {"path": "cfg/system.yaml", "category": "system-init", "reason": "required"}
+                ],
+                "sources": ["repo.intra.company.local", "pypi.org"],
+                "operator_id": "release-manager",
+            },
+        )
+        assert response.status_code == 200
+        data = response.json()
+        assert data["status"] == "blocked"
+        assert any(v["category"] == "external-source" for v in data["violations"])
+    finally:
+        app.dependency_overrides.clear()