diff --git a/.gitea/workflows/cd.yaml b/.gitea/workflows/cd.yaml index c0022a89..9affcbf3 100644 --- a/.gitea/workflows/cd.yaml +++ b/.gitea/workflows/cd.yaml @@ -214,6 +214,8 @@ jobs: ;; apps/api/src/api/v1/agents.py) ;; + apps/api/src/api/v1/iwooos.py) + ;; apps/api/src/api/v1/webhooks.py) ;; apps/api/src/services/agent_replay_normalizer.py) @@ -226,6 +228,8 @@ jobs: ;; apps/api/src/services/credential_escrow_evidence_intake_readiness.py) ;; + apps/api/src/services/iwooos_security_operating_system.py) + ;; apps/api/Dockerfile) ;; apps/api/src/services/awoooi_gitea_onboarding_warning_step_dashboard.py) @@ -284,6 +288,8 @@ jobs: ;; apps/api/tests/test_credential_escrow_evidence_intake_readiness_api.py) ;; + apps/api/tests/test_iwooos_security_operating_system.py) + ;; apps/api/tests/e2e_network_test.py) ;; apps/api/tests/test_p0_cicd_baseline_source_readiness_api.py) @@ -390,6 +396,7 @@ jobs: python3.11 -m py_compile \ src/api/v1/platform/events.py \ src/api/v1/agents.py \ + src/api/v1/iwooos.py \ src/api/v1/webhooks.py \ src/jobs/ai_slo_watchdog_job.py \ src/models/knowledge.py \ @@ -402,6 +409,7 @@ jobs: src/services/delivery_closure_workbench.py \ src/services/heartbeat_report_service.py \ src/services/credential_escrow_evidence_intake_readiness.py \ + src/services/iwooos_security_operating_system.py \ src/services/awoooi_gitea_onboarding_warning_step_dashboard.py \ src/services/awoooi_gitea_onboarding_warning_step_owner_package.py \ src/services/awoooi_gitea_onboarding_warning_step_owner_response_preflight.py \ @@ -424,6 +432,7 @@ jobs: tests/test_awooop_operator_timeline_labels.py::test_outbound_timeline_title_labels_runbook_review \ tests/test_delivery_closure_workbench_api.py \ tests/test_credential_escrow_evidence_intake_readiness_api.py \ + tests/test_iwooos_security_operating_system.py \ tests/e2e_network_test.py::TestHMACVerification::test_valid_hmac_signature \ tests/test_p0_cicd_baseline_source_readiness_api.py \ tests/test_product_awoooi_manifest_standard_api.py \ diff --git a/ops/runner/test_cd_controlled_runtime_profile.py b/ops/runner/test_cd_controlled_runtime_profile.py index f04801e6..c7b8dbef 100644 --- a/ops/runner/test_cd_controlled_runtime_profile.py +++ b/ops/runner/test_cd_controlled_runtime_profile.py @@ -52,6 +52,20 @@ def test_p0_onboarding_readiness_sources_stay_on_controlled_runtime_profile() -> assert f"src/services/{source}" in text +def test_iwooos_security_operation_api_stays_on_controlled_runtime_profile() -> None: + text = _workflow_text() + expected_sources = [ + "apps/api/src/api/v1/iwooos.py)", + "apps/api/src/services/iwooos_security_operating_system.py)", + "apps/api/tests/test_iwooos_security_operating_system.py)", + "src/api/v1/iwooos.py", + "src/services/iwooos_security_operating_system.py", + "tests/test_iwooos_security_operating_system.py", + ] + for source in expected_sources: + assert source in text + + def test_controlled_runtime_skips_b5_before_docker_socket_use() -> None: text = _workflow_text() b5_start = text.index("- name: Integration Tests (B5")