fix(monitor): finalize persistence review contracts
This commit is contained in:
@@ -2,7 +2,7 @@ import assert from "node:assert/strict";
|
||||
import { spawnSync } from "node:child_process";
|
||||
import { test } from "bun:test";
|
||||
|
||||
import { createInMemoryMonitorCentralStore, createMonitorCentralService, mapPostgresFindingRow, MONITOR_CENTRAL_MIGRATIONS, MonitorCentralConfigurationError } from "./monitor-central-persistence";
|
||||
import { createInMemoryMonitorCentralStore, createMonitorCentralService, mapPostgresFindingRow, MONITOR_CENTRAL_MIGRATIONS, MonitorCentralConfigurationError, structuredMonitorCentralError } from "./monitor-central-persistence";
|
||||
|
||||
function service() { return createMonitorCentralService({ store: createInMemoryMonitorCentralStore(), pageSize: 50 }); }
|
||||
function locator(runId: string) { return { ownerNode: "NC01", ownerLane: "v03", ownerPvc: "sentinel-pvc", stateDir: `/state/${runId}`, relativePath: "analysis/report.json", sha256: "sha256:abc", sizeBytes: 12, kind: "report", reachable: true }; }
|
||||
@@ -23,8 +23,9 @@ test("HTTP terminal ingest is unbound-safe, ignores caller hash, and maps confli
|
||||
const first = await fetch(new Request("http://local/api/ingest", { method: "POST", body: JSON.stringify(input("run-1")) }));
|
||||
const repeated = await fetch(new Request("http://local/api/ingest", { method: "POST", body: JSON.stringify({ ...input("run-1"), payloadHash: "sha256:forged" }) }));
|
||||
const conflict = await fetch(new Request("http://local/api/ingest", { method: "POST", body: JSON.stringify({ ...input("run-1"), status: "blocked", payloadHash: "sha256:forged" }) }));
|
||||
assert.equal(first.status, 202);
|
||||
assert.equal(first.status, 201);
|
||||
assert.equal((await first.json() as any).disposition, "inserted");
|
||||
assert.equal(repeated.status, 200);
|
||||
assert.equal((await repeated.json() as any).disposition, "idempotent");
|
||||
assert.equal(conflict.status, 409);
|
||||
assert.equal((await conflict.json() as any).error.code, "payload_hash_conflict");
|
||||
@@ -37,7 +38,10 @@ test("full terminal envelope controls hash and concurrent same identity converge
|
||||
const results = await Promise.all([target.ingest(base), target.ingest(base)]);
|
||||
assert.deepEqual(new Set(results.map((item) => item.disposition)), new Set(["inserted", "idempotent"]));
|
||||
await assert.rejects(() => target.ingest({ ...base, findings: [{ id: "changed" }] }), { code: "payload_hash_conflict" });
|
||||
await assert.rejects(() => target.ingest({ ...base, artifactLocators: [{ ...locator("run-envelope"), reachable: false }] }), { code: "payload_hash_conflict" });
|
||||
const availability = await target.ingest({ ...base, artifactLocators: [{ ...locator("run-envelope"), reachable: false }] });
|
||||
assert.equal(availability.disposition, "idempotent");
|
||||
const detail = await (await target.fetch(new Request("http://local/api/runs/run-envelope?sentinelId=sentinel-a&node=NC01&lane=v03"))).json() as any;
|
||||
assert.equal(detail.run.artifactLocators[0].reachable, false);
|
||||
});
|
||||
|
||||
test("global and scoped latest use updatedAt then runId descending", async () => {
|
||||
@@ -95,3 +99,8 @@ test("configuration is explicit and missing environment projection fails structu
|
||||
assert.equal(result.status, 2);
|
||||
assert.equal(JSON.parse(result.stdout).error.code, "monitor_central_runtime_config_missing");
|
||||
});
|
||||
|
||||
test("structured error projection redacts database credentials", () => {
|
||||
const error = new Error("connect postgres://user:secret@example.test/monitor failed");
|
||||
assert.deepEqual(structuredMonitorCentralError(error), { code: "invalid_request", message: "connect postgres://<redacted> failed" });
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user