from __future__ import annotations from fastapi import FastAPI from fastapi.testclient import TestClient from src.api.v1.agents import router def test_delivery_closure_workbench_endpoint_returns_product_summary(): app = FastAPI() app.include_router(router, prefix="/api/v1") client = TestClient(app) response = client.get("/api/v1/agents/delivery-closure-workbench") assert response.status_code == 200 data = response.json() assert data["schema_version"] == "delivery_closure_workbench_v1" assert data["summary"]["source_count"] == 6 assert data["summary"]["loaded_source_count"] == 6 assert data["summary"]["runtime_execution_authorized"] is False assert data["summary"]["remote_write_authorized"] is True assert data["summary"]["repo_creation_authorized"] is True assert data["summary"]["visibility_change_authorized"] is True assert data["summary"]["refs_sync_authorized"] is True assert data["summary"]["workflow_trigger_authorized"] is True assert data["summary"]["production_deploy_status"] == ( "blocked_production_image_not_current" ) assert data["summary"]["production_deploy_source_control_main_ready"] is True assert data["summary"]["production_deploy_image_tag_matches_main"] is False assert data["summary"]["production_deploy_governance_fields_present"] is False assert ( data["summary"]["production_deploy_authorized_dispatch_channel_ready"] is False ) assert data["summary"]["production_deploy_manual_run_button_visible"] is False assert data["summary"]["production_deploy_gitea_sign_in_required"] is True assert ( data["summary"]["production_deploy_dispatch_without_token_http_status"] == 401 ) assert ( data["summary"]["production_deploy_dispatch_without_token_message"] == "token is required" ) assert data["summary"]["production_deploy_hard_blocker_count"] == 2 assert data["summary"]["production_deploy_latest_visible_cd_run_id"] == "3853" assert data["summary"]["production_deploy_latest_visible_cd_run_status"] == ( "Waiting" ) assert ( data["summary"]["production_deploy_latest_visible_cd_run_jobs_total_count"] == 0 ) assert ( data["summary"][ "production_deploy_gitea_actions_list_without_token_http_status" ] == 401 ) assert ( data["summary"]["production_deploy_gitea_actions_list_without_token_message"] == "token is required" ) assert ( data["summary"]["production_deploy_latest_visible_waiting_runner_run_id"] == "" ) assert ( data["summary"]["production_deploy_latest_visible_waiting_runner_workflow"] == "" ) assert ( data["summary"]["production_deploy_latest_visible_waiting_runner_kind"] == "" ) assert ( data["summary"]["production_deploy_latest_visible_waiting_runner_status"] == "" ) assert ( data["summary"]["production_deploy_latest_visible_waiting_runner_label"] == "" ) assert ( data["summary"][ "production_deploy_public_actions_queue_readback_schema_version" ] == "awoooi_public_gitea_actions_queue_readback_v1" ) assert ( data["summary"]["production_deploy_public_actions_queue_readback_verifier"] == "ops/runner/read-public-gitea-actions-queue.py --json" ) assert ( data["summary"][ "production_deploy_non110_runner_cd_closure_verifier_schema_version" ] == "awoooi_non110_cd_closure_verifier_v1" ) assert ( data["summary"]["production_deploy_non110_runner_cd_closure_status"] == "blocked_production_image_not_current" ) assert ( data["summary"]["production_deploy_non110_runner_cd_closure_required"] is True ) assert ( "ops/runner/verify-awoooi-non110-cd-closure.py" in data["summary"]["production_deploy_non110_runner_cd_closure_verifier"] ) assert ( data["summary"][ "production_deploy_non110_runner_cd_closure_ordered_step_count" ] == 6 ) assert ( data["summary"][ "production_deploy_non110_runner_cd_closure_ordered_completed_prefix_count" ] == 4 ) assert ( data["summary"][ "production_deploy_non110_runner_cd_closure_evidence_completed_step_count" ] == 4 ) assert ( data["summary"][ "production_deploy_non110_runner_cd_closure_ordered_completion_percent" ] == 67 ) assert ( data["summary"][ "production_deploy_non110_runner_cd_closure_evidence_completion_percent" ] == 67 ) assert ( data["summary"][ "production_deploy_non110_runner_cd_closure_next_blocked_step_index" ] == 5 ) assert ( data["summary"][ "production_deploy_non110_runner_cd_closure_next_blocked_step_id" ] == "production_image_tag_current" ) assert data["summary"][ "production_deploy_non110_runner_cd_closure_next_blocked_step_action" ] == "complete_authorized_cd_then_verify_image_tag_matches_main" assert data["summary"]["production_deploy_non110_runner_ready"] is True assert ( data["summary"][ "production_deploy_non110_runner_prepare_only_source_ready" ] is True ) assert ( data["summary"][ "production_deploy_non110_runner_safe_registration_helper_ready" ] is True ) assert ( data["summary"]["production_deploy_non110_runner_workflow_labels_aligned"] is True ) assert ( data["summary"]["production_deploy_non110_runner_host_label"] == "awoooi-non110-host" ) assert ( data["summary"]["production_deploy_non110_runner_ubuntu_label"] == "awoooi-non110-ubuntu" ) assert ( data["summary"]["production_deploy_non110_runner_online_label_match"] is True ) assert ( data["summary"]["production_deploy_non110_runner_autostart_path_armed"] is True ) assert ( data["summary"][ "production_deploy_non110_runner_ready_autostart_path_count" ] == 1 ) assert ( data["summary"][ "production_deploy_non110_runner_registration_condition_required" ] is True ) assert data["summary"]["production_deploy_non110_runner_ready_config_count"] == 1 assert data["summary"]["production_deploy_non110_runner_ready_service_count"] == 1 assert ( data["summary"]["production_deploy_non110_runner_ready_registration_count"] == 1 ) assert data["summary"]["production_deploy_non110_runner_safe_next_step"] == ( "complete_authorized_cd_then_verify_image_tag_matches_main" ) assert ( data["summary"]["production_deploy_non110_runner_remaining_blocker_count"] == 0 ) assert ( data["summary"][ "backup_credential_escrow_intake_scorecard_schema_version" ] == "awoooi_post_reboot_credential_escrow_intake_scorecard_v1" ) assert ( "scripts/reboot-recovery/post-reboot-credential-escrow-intake-scorecard.py" in data["summary"]["backup_credential_escrow_intake_scorecard_verifier"] ) assert data["summary"]["backup_credential_escrow_intake_status"] == ( "blocked_waiting_non_secret_credential_escrow_evidence" ) assert data["summary"]["backup_credential_escrow_active_gate_present"] is True assert data["summary"]["backup_credential_escrow_preflight_status"] == ( "blocked_waiting_owner_response_content" ) assert data["summary"]["backup_credential_escrow_required_item_count"] == 5 assert data["summary"]["backup_credential_escrow_effective_missing_count"] == 5 assert ( data["summary"]["backup_credential_escrow_owner_response_received_count"] == 0 ) assert ( data["summary"]["backup_credential_escrow_owner_response_accepted_count"] == 0 ) assert data["summary"]["backup_credential_escrow_runtime_gate_count"] == 0 assert ( data["summary"]["backup_credential_escrow_secret_value_collection_allowed"] is False ) assert data["summary"]["backup_credential_marker_write_authorized_count"] == 0 assert data["summary"]["backup_credential_escrow_forbidden_true_field_count"] == 0 assert data["summary"]["github_write_channel_ready"] is False assert data["summary"]["github_account_status"] == "suspended" assert data["summary"]["github_account_suspended"] is True assert data["summary"]["github_api_forbidden_count"] == 6 assert data["summary"]["github_controlled_apply_ready_count"] == 0 assert data["summary"]["github_blocked_preflight_target_count"] == 5 assert data["summary"]["github_operator_unblock_required"] is True assert data["summary"]["github_operator_unblock_status"] == ( "github_account_suspended_external_action_required" ) assert data["summary"]["github_internal_governance_writeback_ready"] is True assert data["summary"]["github_mcp_evidence_packet_count"] == 1 assert data["summary"]["github_rag_evidence_ref_count"] == 5 assert data["summary"]["github_km_writeback_ready_count"] == 1 assert data["summary"]["github_playbook_writeback_ready_count"] == 1 assert data["summary"]["github_timeline_log_ready_count"] == 1 assert data["summary"]["github_logbook_entry_count"] == 1 assert data["summary"]["secret_values_collected"] is False assert data["summary"]["average_completion_percent"] >= 0 assert data["summary"]["high_risk_blocker_count"] > 0 lanes = {lane["id"]: lane for lane in data["lanes"]} sources = {source["id"]: source for source in data["source_statuses"]} assert sorted(lanes) == [ "backup", "gitea", "github", "production_deploy", "release", "runtime", ] assert lanes["release"]["metric"]["kind"] == "blocked_gate" assert lanes["release"]["status"] == "controlled_status_cleanup_package_ready" assert lanes["release"]["blocker_count"] == 0 assert lanes["release"]["metric"]["blocked"] == 0 assert lanes["release"]["metric"]["total"] == 5 assert lanes["production_deploy"]["metric"]["kind"] == "deploy_readback" assert lanes["production_deploy"]["status"] == ( "blocked_production_image_not_current" ) assert lanes["production_deploy"]["blocker_count"] == 2 assert lanes["production_deploy"]["metric"][ "observed_source_control_main_short_sha" ] == "1ca806fd5d28" assert lanes["production_deploy"]["metric"][ "production_image_tag_short_sha" ] == "af45811e87" assert ( lanes["production_deploy"]["metric"]["production_image_tag_matches_main"] is False ) assert lanes["production_deploy"]["metric"]["current_main_cd_run_visible"] is False assert ( lanes["production_deploy"]["metric"]["authorized_dispatch_channel_ready"] is False ) assert lanes["production_deploy"]["metric"]["manual_run_button_visible"] is False assert lanes["production_deploy"]["metric"]["gitea_sign_in_required"] is True assert ( lanes["production_deploy"]["metric"][ "dispatch_without_token_http_status" ] == 401 ) assert ( lanes["production_deploy"]["metric"]["dispatch_without_token_message"] == "token is required" ) assert lanes["production_deploy"]["metric"]["latest_visible_cd_run_id"] == "3853" assert ( lanes["production_deploy"]["metric"]["latest_visible_cd_run_status"] == "Waiting" ) assert ( lanes["production_deploy"]["metric"][ "latest_visible_cd_run_jobs_total_count" ] == 0 ) assert ( lanes["production_deploy"]["metric"][ "gitea_actions_list_without_token_http_status" ] == 401 ) assert ( lanes["production_deploy"]["metric"][ "gitea_actions_list_without_token_message" ] == "token is required" ) assert ( lanes["production_deploy"]["metric"]["latest_visible_waiting_runner_run_id"] == "" ) assert ( lanes["production_deploy"]["metric"][ "latest_visible_waiting_runner_workflow" ] == "" ) assert ( lanes["production_deploy"]["metric"]["latest_visible_waiting_runner_kind"] == "" ) assert ( lanes["production_deploy"]["metric"][ "latest_visible_waiting_runner_status" ] == "" ) assert ( lanes["production_deploy"]["metric"]["latest_visible_waiting_runner_label"] == "" ) assert ( lanes["production_deploy"]["metric"][ "public_actions_queue_readback_schema_version" ] == "awoooi_public_gitea_actions_queue_readback_v1" ) assert ( lanes["production_deploy"]["metric"]["public_actions_queue_readback_verifier"] == "ops/runner/read-public-gitea-actions-queue.py --json" ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_verifier_schema_version" ] == "awoooi_non110_cd_closure_verifier_v1" ) assert ( lanes["production_deploy"]["metric"]["non110_runner_cd_closure_status"] == "blocked_production_image_not_current" ) assert ( lanes["production_deploy"]["metric"]["non110_runner_cd_closure_required"] is True ) assert ( "ops/runner/verify-awoooi-non110-cd-closure.py" in lanes["production_deploy"]["metric"]["non110_runner_cd_closure_verifier"] ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_ordered_step_count" ] == 6 ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_ordered_completed_prefix_count" ] == 4 ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_evidence_completed_step_count" ] == 4 ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_ordered_completion_percent" ] == 67 ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_evidence_completion_percent" ] == 67 ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_next_blocked_step_index" ] == 5 ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_next_blocked_step_id" ] == "production_image_tag_current" ) assert lanes["production_deploy"]["metric"][ "non110_runner_cd_closure_next_blocked_step_action" ] == "complete_authorized_cd_then_verify_image_tag_matches_main" assert lanes["production_deploy"]["metric"]["non110_runner_ready"] is True assert ( lanes["production_deploy"]["metric"][ "non110_runner_prepare_only_source_ready" ] is True ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_safe_registration_helper_ready" ] is True ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_workflow_labels_aligned" ] is True ) assert ( lanes["production_deploy"]["metric"]["non110_runner_host_label"] == "awoooi-non110-host" ) assert ( lanes["production_deploy"]["metric"]["non110_runner_ubuntu_label"] == "awoooi-non110-ubuntu" ) assert ( lanes["production_deploy"]["metric"]["non110_runner_online_label_match"] is True ) assert ( lanes["production_deploy"]["metric"]["non110_runner_autostart_path_armed"] is True ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_ready_autostart_path_count" ] == 1 ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_registration_condition_required" ] is True ) assert lanes["production_deploy"]["metric"]["non110_runner_ready_config_count"] == 1 assert lanes["production_deploy"]["metric"]["non110_runner_ready_service_count"] == 1 assert ( lanes["production_deploy"]["metric"][ "non110_runner_ready_registration_count" ] == 1 ) assert lanes["production_deploy"]["metric"]["non110_runner_safe_next_step"] == ( "complete_authorized_cd_then_verify_image_tag_matches_main" ) assert ( lanes["production_deploy"]["metric"][ "non110_runner_remaining_blocker_count" ] == 0 ) assert lanes["github"]["metric"]["kind"] == "private_backup_verified" assert lanes["gitea"]["metric"]["kind"] == "workflow_count" assert lanes["runtime"]["metric"]["kind"] == "surface_count" assert lanes["backup"]["metric"]["kind"] == "readiness_row_count" assert ( lanes["backup"]["metric"][ "credential_escrow_intake_scorecard_schema_version" ] == "awoooi_post_reboot_credential_escrow_intake_scorecard_v1" ) assert lanes["backup"]["metric"]["credential_escrow_intake_status"] == ( "blocked_waiting_non_secret_credential_escrow_evidence" ) assert lanes["backup"]["metric"]["credential_escrow_active_gate_present"] is True assert ( lanes["backup"]["metric"]["credential_escrow_effective_missing_count"] == 5 ) assert ( lanes["backup"]["metric"]["credential_escrow_owner_response_received_count"] == 0 ) assert ( lanes["backup"]["metric"]["credential_escrow_owner_response_accepted_count"] == 0 ) assert lanes["backup"]["metric"]["credential_escrow_runtime_gate_count"] == 0 assert ( lanes["backup"]["metric"][ "credential_escrow_secret_value_collection_allowed" ] is False ) assert lanes["backup"]["metric"]["credential_marker_write_authorized_count"] == 0 assert lanes["backup"]["metric"]["credential_escrow_forbidden_true_field_count"] == 0 assert sources["github_private_backup"]["loaded"] is True assert sources["production_deploy_readback"]["loaded"] is True assert ( sources["production_deploy_readback"]["schema_version"] == "awoooi_production_deploy_readback_blocker_v1" ) assert sources["production_deploy_readback"]["missing_reason"] == "" assert ( sources["github_private_backup"]["schema_version"] == "github_target_private_backup_evidence_gate_v1" ) assert sources["github_private_backup"]["missing_reason"] == "" assert lanes["github"]["blocker_count"] == 5 assert ( lanes["github"]["status"] == "blocked_github_account_suspended_and_write_channel_required" ) assert lanes["github"]["metric"]["verified"] == 4 assert lanes["github"]["metric"]["total"] == 9 assert lanes["github"]["metric"]["controlled_apply_ready"] == 0 assert lanes["github"]["metric"]["blocked_preflight"] == 5 assert lanes["github"]["metric"]["write_channel_ready"] is False assert lanes["github"]["metric"]["github_account_status"] == "suspended" assert lanes["github"]["metric"]["github_account_suspended"] is True assert lanes["github"]["metric"]["internal_governance_ready"] is True assert lanes["github"]["metric"]["km_writeback_ready"] == 1 assert lanes["github"]["metric"]["playbook_writeback_ready"] == 1 assert lanes["github"]["operator_unblock"]["required"] is True assert lanes["github"]["operator_unblock"]["status"] == ( "github_account_suspended_external_action_required" ) assert ( "complete_github_account_suspension_appeal_or_provide_authorized_writable_namespace" in lanes["github"]["operator_unblock"]["required_actions"] ) assert lanes["github"]["internal_governance_writeback"]["ready"] is True assert ( lanes["github"]["internal_governance_writeback"][ "mcp_evidence_packet_count" ] == 1 ) assert ( lanes["github"]["internal_governance_writeback"]["github_write_performed"] is False ) assert lanes["github"]["next_action"] == ( "complete_github_account_suspension_appeal_or_provide_authorized_writable_namespace" ) assert all(0 <= lane["completion_percent"] <= 100 for lane in lanes.values()) assert all(lane["tone"] in {"ok", "warn", "danger"} for lane in lanes.values()) boundaries = data["operation_boundaries"] assert boundaries["read_only_api_allowed"] is True assert boundaries["runtime_write_allowed"] is False assert boundaries["remote_write_allowed"] is True assert boundaries["repo_creation_allowed"] is True assert boundaries["visibility_change_allowed"] is True assert boundaries["refs_sync_allowed"] is True assert boundaries["workflow_trigger_allowed"] is True assert boundaries["production_deploy_trigger_allowed"] is False assert boundaries["github_write_channel_ready"] is False assert boundaries["github_controlled_apply_allowed"] is False assert boundaries["secret_value_collection_allowed"] is False assert boundaries["backup_restore_execution_allowed"] is False assert boundaries["active_scan_allowed"] is False assert "192.168.0." not in response.text