Files
awoooi/ops/runner/test_guard_gitea_runner_pressure.py

103 lines
2.1 KiB
Python
Executable File

#!/usr/bin/env python3
from __future__ import annotations
import subprocess
import sys
from pathlib import Path
ROOT = Path(__file__).resolve().parents[2]
GUARD = ROOT / "ops/runner/guard-gitea-runner-pressure.py"
def write_workflow(root: Path, text: str) -> None:
workflow_dir = root / ".gitea/workflows"
workflow_dir.mkdir(parents=True, exist_ok=True)
(workflow_dir / "cd.yaml").write_text(text, encoding="utf-8")
def run_guard(root: Path) -> subprocess.CompletedProcess[str]:
return subprocess.run(
[sys.executable, str(GUARD), "--root", str(root)],
check=False,
text=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
)
def test_manual_awoooi_host_is_allowed(tmp_path: Path) -> None:
write_workflow(
tmp_path,
"""
name: manual
on:
workflow_dispatch:
jobs:
deploy:
runs-on: awoooi-host
steps:
- run: true
""",
)
result = run_guard(tmp_path)
assert result.returncode == 0, result.stdout + result.stderr
def test_push_to_110_incident_label_is_blocked(tmp_path: Path) -> None:
write_workflow(
tmp_path,
"""
name: push
on:
push:
branches: [main]
jobs:
deploy:
runs-on: awoooi-host
steps:
- run: true
""",
)
result = run_guard(tmp_path)
assert result.returncode == 1
assert "auto_branch_event_targets_110_incident_runner" in result.stdout
def test_generic_label_is_blocked_even_for_manual(tmp_path: Path) -> None:
write_workflow(
tmp_path,
"""
name: generic
on:
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- run: true
""",
)
result = run_guard(tmp_path)
assert result.returncode == 1
assert "generic_runner_label_reintroduced" in result.stdout
def test_push_to_non110_dedicated_label_is_allowed(tmp_path: Path) -> None:
write_workflow(
tmp_path,
"""
name: push-non110
on:
push:
branches: [main]
jobs:
deploy:
runs-on: awoooi-non110-host
steps:
- run: true
""",
)
result = run_guard(tmp_path)
assert result.returncode == 0, result.stdout + result.stderr