wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity
Files
210577de28fc0806cd51c4401ea6dae73e0a37cc
awoooi/scripts/security/security-mirror-progress-guard.py

29511 lines
1.3 MiB
Executable File
Raw Blame History

#!/usr/bin/env python3
"""Validate the mirror-only security progress guardrails.
This script is intentionally read-only. It checks committed snapshots only and
does not call GitHub, Gitea, Kali, AwoooP, or any runtime API.
"""
from __future__ import annotations
import argparse
import json
import runpy
from pathlib import Path
from typing import Any
def load_json(path: Path) -> dict[str, Any]:
return json.loads(path.read_text(encoding="utf-8"))
def assert_equal(label: str, actual: Any, expected: Any) -> None:
if actual != expected:
raise SystemExit(f"BLOCKED {label}: expected {expected!r}, got {actual!r}")
def assert_false(label: str, actual: Any) -> None:
assert_equal(label, actual, False)
def assert_true(label: str, actual: Any) -> None:
assert_equal(label, actual, True)
def assert_contains(label: str, values: list[Any], expected: Any) -> None:
if expected not in values:
raise SystemExit(f"BLOCKED {label}: missing {expected!r}")
def assert_text_contains(label: str, text: str, expected: str) -> None:
if expected not in text:
raise SystemExit(f"BLOCKED {label}: missing {expected!r}")
def assert_text_not_contains(label: str, text: str, forbidden: str) -> None:
if forbidden in text:
raise SystemExit(f"BLOCKED {label}: forbidden {forbidden!r}")
def assert_text_before(label: str, text: str, first: str, second: str) -> None:
first_index = text.find(first)
second_index = text.find(second)
if first_index == -1:
raise SystemExit(f"BLOCKED {label}: missing first marker {first!r}")
if second_index == -1:
raise SystemExit(f"BLOCKED {label}: missing second marker {second!r}")
if first_index >= second_index:
raise SystemExit(f"BLOCKED {label}: expected {first!r} before {second!r}")
def collect_string_values(value: Any) -> list[str]:
if isinstance(value, str):
return [value]
if isinstance(value, list):
collected: list[str] = []
for item in value:
collected.extend(collect_string_values(item))
return collected
if isinstance(value, dict):
collected = []
for item in value.values():
collected.extend(collect_string_values(item))
return collected
return []
def validate(root: Path) -> None:
security_dir = root / "docs" / "security"
config_control_guard = runpy.run_path(str(root / "scripts" / "security" / "iwooos-config-control-guard.py"))
config_control_guard["validate"](root)
owner_gate_guard = runpy.run_path(str(root / "scripts" / "security" / "iwooos-owner-gate-guard.py"))
owner_gate_guard["validate"](root)
package_policy_guard = runpy.run_path(
str(root / "scripts" / "security" / "package-supply-chain-owner-policy-guard.py")
)
package_policy_guard["validate"](root)
public_frontend_env_guard = runpy.run_path(
str(root / "scripts" / "security" / "public-frontend-env-guard.py")
)
public_frontend_env_guard["validate"](root)
iwooos_frontend_display_redaction_guard = runpy.run_path(
str(root / "scripts" / "security" / "iwooos-frontend-display-redaction-guard.py")
)
iwooos_frontend_display_redaction_guard["validate"](root)
wazuh_readonly_route_boundary_guard = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-readonly-route-boundary-guard.py")
)
wazuh_readonly_route_boundary_guard["validate"](root)
wazuh_readonly_release_gate = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-readonly-release-gate.py")
)
wazuh_readonly_release_gate["validate"](root)
wazuh_readonly_release_lane_preflight = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-readonly-release-lane-preflight.py")
)
wazuh_readonly_release_lane_preflight["validate"](root)
wazuh_readonly_release_owner_request = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-readonly-release-owner-request.py")
)
wazuh_readonly_release_owner_request["validate"](root)
wazuh_readonly_release_owner_response_acceptance = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-readonly-release-owner-response-acceptance.py")
)
wazuh_readonly_release_owner_response_acceptance["validate"](root)
wazuh_readonly_live_metadata_env_gate = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-readonly-live-metadata-env-gate.py")
)
wazuh_readonly_live_metadata_env_gate["validate"](root)
wazuh_agent_visibility_runtime_gate = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-agent-visibility-runtime-gate.py")
)
wazuh_agent_visibility_runtime_gate["validate"](root)
wazuh_agent_visibility_owner_evidence_preflight = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-agent-visibility-owner-evidence-preflight.py")
)
wazuh_agent_visibility_owner_evidence_preflight["validate"](root)
wazuh_managed_host_coverage_gate = runpy.run_path(
str(root / "scripts" / "security" / "wazuh-managed-host-coverage-gate.py")
)
wazuh_managed_host_coverage_gate["validate"](root)
telegram_alert_readability_guard = runpy.run_path(
str(root / "scripts" / "security" / "telegram-alert-readability-guard.py")
)
telegram_alert_readability_guard["validate"](root)
public_frontend_sensitive_surface = load_json(
security_dir / "public-frontend-sensitive-surface-guard.snapshot.json"
)
assert_equal(
"public_frontend_sensitive_surface.schema_version",
public_frontend_sensitive_surface["schema_version"],
"public_frontend_sensitive_surface_guard_v1",
)
assert_equal(
"public_frontend_sensitive_surface.summary.public_surface_file_count",
public_frontend_sensitive_surface["summary"]["public_surface_file_count"],
226,
)
assert_equal(
"public_frontend_sensitive_surface.summary.forbidden_pattern_count",
public_frontend_sensitive_surface["summary"]["forbidden_pattern_count"],
12,
)
assert_equal(
"public_frontend_sensitive_surface.summary.allowlisted_match_count",
public_frontend_sensitive_surface["summary"]["allowlisted_match_count"],
2,
)
assert_equal(
"public_frontend_sensitive_surface.summary.violation_count",
public_frontend_sensitive_surface["summary"]["violation_count"],
0,
)
assert_equal(
"public_frontend_sensitive_surface.summary.runtime_gate_count",
public_frontend_sensitive_surface["summary"]["runtime_gate_count"],
0,
)
manifest = load_json(security_dir / "security-supply-chain-contract-manifest.snapshot.json")
readiness = load_json(security_dir / "security-mirror-readiness.snapshot.json")
rollup = load_json(security_dir / "security-mirror-status-rollup.snapshot.json")
intake = load_json(security_dir / "security-mirror-intake-plan.snapshot.json")
event_sample = load_json(security_dir / "security-mirror-event-sample.snapshot.json")
route = load_json(security_dir / "security-mirror-route.snapshot.json")
acceptance = load_json(security_dir / "security-mirror-acceptance.snapshot.json")
dry_run = load_json(security_dir / "security-mirror-dry-run.snapshot.json")
owner_rollup = load_json(security_dir / "source-control-owner-response-validation-rollup.snapshot.json")
primary_gate = load_json(security_dir / "source-control-primary-readiness-gate.snapshot.json")
rollout_policy = load_json(security_dir / "security-rollout-policy.snapshot.json")
iwooos_projection = load_json(security_dir / "iwooos-posture-projection.snapshot.json")
high_value_config_coverage = load_json(security_dir / "high-value-config-control-coverage.snapshot.json")
agent_bounty_owner_request_draft = load_json(
security_dir / "agent-bounty-owner-request-draft.snapshot.json"
)
high_value_config_owner_packet_intake = load_json(
security_dir / "high-value-config-owner-packet-intake-preflight.snapshot.json"
)
high_value_config_owner_request_draft = load_json(
security_dir / "high-value-config-owner-request-draft.snapshot.json"
)
host_service_config_inventory = load_json(security_dir / "host-service-config-inventory.snapshot.json")
host_service_owner_request_draft = load_json(
security_dir / "host-service-owner-request-draft.snapshot.json"
)
host_service_owner_response_acceptance = load_json(
security_dir / "host-service-owner-response-acceptance.snapshot.json"
)
host_service_change_evidence_acceptance = load_json(
security_dir / "host-service-change-evidence-acceptance.snapshot.json"
)
host_service_post_incident_readback_plan = load_json(
security_dir / "host-service-post-incident-readback-plan.snapshot.json"
)
ssh_network_access_inventory = load_json(security_dir / "ssh-network-access-inventory.snapshot.json")
ssh_network_owner_request_draft = load_json(
security_dir / "ssh-network-owner-request-draft.snapshot.json"
)
ssh_network_owner_response_acceptance = load_json(
security_dir / "ssh-network-owner-response-acceptance.snapshot.json"
)
port_firewall_change_evidence_acceptance = load_json(
security_dir / "port-firewall-change-evidence-acceptance.snapshot.json"
)
ssh_network_post_incident_readback_plan = load_json(
security_dir / "ssh-network-post-incident-readback-plan.snapshot.json"
)
backup_restore_escrow_inventory = load_json(security_dir / "backup-restore-escrow-inventory.snapshot.json")
backup_restore_owner_request_draft = load_json(
security_dir / "backup-restore-owner-request-draft.snapshot.json"
)
backup_restore_owner_response_acceptance = load_json(
security_dir / "backup-restore-owner-response-acceptance.snapshot.json"
)
backup_restore_post_incident_readback_plan = load_json(
security_dir / "backup-restore-post-incident-readback-plan.snapshot.json"
)
monitoring_alerting_observability_inventory = load_json(
security_dir / "monitoring-alerting-observability-inventory.snapshot.json"
)
monitoring_owner_request_draft = load_json(
security_dir / "monitoring-owner-request-draft.snapshot.json"
)
monitoring_owner_response_acceptance = load_json(
security_dir / "monitoring-owner-response-acceptance.snapshot.json"
)
monitoring_post_incident_readback_plan = load_json(
security_dir / "monitoring-post-incident-readback-plan.snapshot.json"
)
external_host_intrusion_prevention_control = load_json(
security_dir / "external-host-intrusion-prevention-control.snapshot.json"
)
soc_siem_kali_wazuh_integration_control = load_json(
security_dir / "soc-siem-kali-wazuh-integration-control.snapshot.json"
)
ai_provider_owner_response_acceptance = load_json(
security_dir / "ai-provider-owner-response-acceptance.snapshot.json"
)
domain_tls_inventory = load_json(security_dir / "domain-tls-certbot-inventory.snapshot.json")
domain_tls_owner_confirmation_request = load_json(
security_dir / "domain-tls-certbot-owner-confirmation-request.snapshot.json"
)
domain_tls_owner_response_acceptance = load_json(
security_dir / "domain-tls-certbot-owner-response-acceptance.snapshot.json"
)
k8s_argocd_manifest_inventory = load_json(
security_dir / "k8s-argocd-manifest-inventory.snapshot.json"
)
k8s_argocd_owner_request_draft = load_json(
security_dir / "k8s-argocd-owner-request-draft.snapshot.json"
)
k8s_argocd_owner_response_acceptance = load_json(
security_dir / "k8s-argocd-owner-response-acceptance.snapshot.json"
)
k8s_argocd_change_evidence_acceptance = load_json(
security_dir / "k8s-argocd-change-evidence-acceptance.snapshot.json"
)
k8s_argocd_post_incident_readback_plan = load_json(
security_dir / "k8s-argocd-post-incident-readback-plan.snapshot.json"
)
cd_runner_secret_injection_change_evidence_acceptance = load_json(
security_dir / "cd-runner-secret-injection-change-evidence-acceptance.snapshot.json"
)
cd_runner_secret_injection_post_incident_readback_plan = load_json(
security_dir / "cd-runner-secret-injection-post-incident-readback-plan.snapshot.json"
)
telegram_notification_egress_inventory = load_json(
security_dir / "telegram-notification-egress-inventory.snapshot.json"
)
telegram_notification_egress_no_new_bypass_guard = load_json(
security_dir / "telegram-notification-egress-no-new-bypass-guard.snapshot.json"
)
telegram_notification_egress_owner_request_draft = load_json(
security_dir / "telegram-notification-egress-owner-request-draft.snapshot.json"
)
telegram_notification_egress_migration_plan_draft = load_json(
security_dir / "telegram-notification-egress-migration-plan-draft.snapshot.json"
)
telegram_notification_egress_owner_response_acceptance = load_json(
security_dir / "telegram-notification-egress-owner-response-acceptance.snapshot.json"
)
public_runtime_config_change_evidence_acceptance = load_json(
security_dir / "public-runtime-config-change-evidence-acceptance.snapshot.json"
)
public_gateway_preflight_inventory = load_json(
security_dir / "public-gateway-preflight-inventory.snapshot.json"
)
public_gateway_live_conf_export_request = load_json(
security_dir / "public-gateway-live-conf-export-request.snapshot.json"
)
public_gateway_redacted_export_intake_preflight = load_json(
security_dir / "public-gateway-redacted-export-intake-preflight.snapshot.json"
)
public_gateway_rendered_diff_gate_draft = load_json(
security_dir / "public-gateway-rendered-diff-gate-draft.snapshot.json"
)
public_gateway_owner_response_acceptance = load_json(
security_dir / "public-gateway-owner-response-acceptance.snapshot.json"
)
public_gateway_rendered_diff_acceptance = load_json(
security_dir / "public-gateway-rendered-diff-acceptance.snapshot.json"
)
public_gateway_post_incident_readback_plan = load_json(
security_dir / "public-gateway-post-incident-readback-plan.snapshot.json"
)
s49_request_draft = load_json(security_dir / "gitea-inventory-owner-attestation-request-draft.snapshot.json")
kali_status = load_json(security_dir / "kali-integration-status.snapshot.json")
iwooos_projection_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "iwooos" / "page.tsx"
).read_text(encoding="utf-8")
security_compliance_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "security-compliance" / "page.tsx"
).read_text(encoding="utf-8")
awooop_home_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "awooop" / "page.tsx"
).read_text(encoding="utf-8")
awooop_work_items_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "awooop" / "work-items" / "page.tsx"
).read_text(encoding="utf-8")
awooop_tenants_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "awooop" / "tenants" / "page.tsx"
).read_text(encoding="utf-8")
platform_operator_service = (
root / "apps" / "api" / "src" / "services" / "platform_operator_service.py"
).read_text(encoding="utf-8")
tenants_api_contract = (
root / "apps" / "api" / "src" / "api" / "v1" / "platform" / "tenants.py"
).read_text(encoding="utf-8")
awooop_runs_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "awooop" / "runs" / "page.tsx"
).read_text(encoding="utf-8")
awooop_run_detail_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "awooop" / "runs" / "[run_id]" / "page.tsx"
).read_text(encoding="utf-8")
awooop_approvals_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "awooop" / "approvals" / "page.tsx"
).read_text(encoding="utf-8")
awooop_approval_detail_page = (
root
/ "apps"
/ "web"
/ "src"
/ "app"
/ "[locale]"
/ "awooop"
/ "approvals"
/ "[run_id]"
/ "page.tsx"
).read_text(encoding="utf-8")
awooop_contracts_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "awooop" / "contracts" / "page.tsx"
).read_text(encoding="utf-8")
security_panel = (root / "apps" / "web" / "src" / "components" / "panels" / "SecurityPanel.tsx").read_text(
encoding="utf-8"
)
compliance_panel = (
root / "apps" / "web" / "src" / "components" / "panels" / "CompliancePanel.tsx"
).read_text(encoding="utf-8")
standalone_security_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "security" / "page.tsx"
).read_text(encoding="utf-8")
standalone_compliance_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "compliance" / "page.tsx"
).read_text(encoding="utf-8")
alerts_page = (root / "apps" / "web" / "src" / "app" / "[locale]" / "alerts" / "page.tsx").read_text(
encoding="utf-8"
)
authorizations_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "authorizations" / "page.tsx"
).read_text(encoding="utf-8")
governance_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "governance" / "page.tsx"
).read_text(encoding="utf-8")
alert_operation_logs_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "alert-operation-logs" / "page.tsx"
).read_text(encoding="utf-8")
code_review_page = (
root / "apps" / "web" / "src" / "app" / "[locale]" / "code-review" / "page.tsx"
).read_text(encoding="utf-8")
governance_automation_inventory_tab = (
root
/ "apps"
/ "web"
/ "src"
/ "app"
/ "[locale]"
/ "governance"
/ "tabs"
/ "automation-inventory-tab.tsx"
).read_text(encoding="utf-8")
errors_panel = (root / "apps" / "web" / "src" / "components" / "panels" / "ErrorsPanel.tsx").read_text(
encoding="utf-8"
)
iwooos_bridge = (
root / "apps" / "web" / "src" / "components" / "security" / "iwooos-read-only-bridge.tsx"
).read_text(encoding="utf-8")
public_security_redaction = (
root / "apps" / "web" / "src" / "lib" / "public-security-redaction.ts"
).read_text(encoding="utf-8")
sidebar = (root / "apps" / "web" / "src" / "components" / "layout" / "sidebar.tsx").read_text(
encoding="utf-8"
)
layout_header = (root / "apps" / "web" / "src" / "components" / "layout" / "header.tsx").read_text(
encoding="utf-8"
)
command_palette = (
root / "apps" / "web" / "src" / "components" / "command-palette" / "CommandPalette.tsx"
).read_text(encoding="utf-8")
web_messages_zh = load_json(root / "apps" / "web" / "messages" / "zh-TW.json")
web_messages_en = load_json(root / "apps" / "web" / "messages" / "en.json")
public_message_text = "\n".join(
[
json.dumps(web_messages_zh, ensure_ascii=False),
json.dumps(web_messages_en, ensure_ascii=False),
]
)
for forbidden in [
"owenhytsai",
"nexu-io",
"blocked_waiting_",
"blockers=",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
"execution_router_linked=false",
"repo_creation=false",
"repo_creation_authorized=false",
"github_primary_switch_authorized=false",
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1",
"awooop_tenant_asset_inventory_v1",
"source-control primary readiness",
"AwoooP tenant table",
"阻塞項 {count}",
"批准!",
"工作視窗",
"My request for Codex",
]:
assert_text_not_contains("web_messages.public_frontstage_sensitive_text", public_message_text, forbidden)
assert_equal(
"web_messages_zh.awooop_shell_scope_project_label_public",
web_messages_zh["awooop"]["shell"]["scope"]["projectLabel"],
"治理範圍",
)
assert_equal(
"web_messages_zh.awooop_shell_scope_project_value_public",
web_messages_zh["awooop"]["shell"]["scope"]["projectValue"],
"核心營運平台",
)
assert_equal(
"web_messages_en.awooop_shell_scope_project_label_public",
web_messages_en["awooop"]["shell"]["scope"]["projectLabel"],
"治理範圍",
)
assert_equal(
"web_messages_en.awooop_shell_scope_project_value_public",
web_messages_en["awooop"]["shell"]["scope"]["projectValue"],
"核心營運平台",
)
public_frontend_source_text = "\n".join(
[
iwooos_projection_page,
security_compliance_page,
awooop_home_page,
awooop_work_items_page,
awooop_tenants_page,
awooop_runs_page,
awooop_run_detail_page,
awooop_approvals_page,
awooop_approval_detail_page,
awooop_contracts_page,
code_review_page,
governance_automation_inventory_tab,
iwooos_bridge,
public_security_redaction,
layout_header,
]
)
for forbidden in [
"owenhytsai",
"nexu-io",
"blocked_waiting_",
"批准!",
"工作視窗",
"My request for Codex",
]:
assert_text_not_contains("frontend.public_sensitive_source_text", public_frontend_source_text, forbidden)
for forbidden in [
'inventory?.schema_version ?? t("loading")',
"upstream={route.upstream_count}",
"admin={route.admin_route_count}",
"ws={route.websocket_route_count}",
]:
assert_text_not_contains("frontend.tenants_visible_internal_implementation_text", awooop_tenants_page, forbidden)
assert_text_not_contains("frontend.layout_header.personal_initials", layout_header, ">OG<")
assert_text_contains("frontend.layout_header.operator_marker_icon", layout_header, "ShieldCheck")
for label, text in [
("awooop_home_page", awooop_home_page),
("awooop_runs_page", awooop_runs_page),
("awooop_run_detail_page", awooop_run_detail_page),
("awooop_approvals_page", awooop_approvals_page),
("awooop_approval_detail_page", awooop_approval_detail_page),
("awooop_contracts_page", awooop_contracts_page),
("code_review_page", code_review_page),
("security_compliance_page", security_compliance_page),
("iwooos_bridge", iwooos_bridge),
]:
assert_text_contains(f"{label}.public_boundary_redaction", text, "publicBoundaryText")
for label, text in [
("awooop_home_page", awooop_home_page),
("awooop_runs_page", awooop_runs_page),
("awooop_run_detail_page", awooop_run_detail_page),
("awooop_approvals_page", awooop_approvals_page),
("awooop_approval_detail_page", awooop_approval_detail_page),
("awooop_contracts_page", awooop_contracts_page),
]:
assert_text_contains(f"{label}.public_contract_redaction", text, "publicContractText")
assert_text_contains(
"governance_automation_inventory_tab.runner_identifier_redaction",
governance_automation_inventory_tab,
"redactPublicIdentifier",
)
for helper in ["publicProjectText", "publicAgentText", "publicInternalCodeSummary"]:
assert_text_contains(f"public_security_redaction.{helper}", public_security_redaction, helper)
for label, text in [
("awooop_runs_page", awooop_runs_page),
("awooop_run_detail_page", awooop_run_detail_page),
("awooop_approvals_page", awooop_approvals_page),
("awooop_approval_detail_page", awooop_approval_detail_page),
("awooop_contracts_page", awooop_contracts_page),
]:
assert_text_contains(f"{label}.public_project_display_redaction", text, "publicProjectText")
for label, text in [
("awooop_runs_page", awooop_runs_page),
("awooop_run_detail_page", awooop_run_detail_page),
("awooop_approvals_page", awooop_approvals_page),
("awooop_approval_detail_page", awooop_approval_detail_page),
]:
assert_text_contains(f"{label}.public_agent_display_redaction", text, "publicAgentText")
for label, text in [
("awooop_work_items_page", awooop_work_items_page),
("awooop_run_detail_page", awooop_run_detail_page),
("awooop_approval_detail_page", awooop_approval_detail_page),
]:
assert_text_contains(f"{label}.public_internal_code_summary", text, "publicInternalCodeSummary")
for label, text, forbidden in [
("awooop_runs_page.raw_project_display", awooop_runs_page, "{run.project_id || \"--\"}"),
("awooop_runs_page.raw_agent_display", awooop_runs_page, "{run.agent_id || \"--\"}"),
("awooop_runs_page.raw_event_project_display", awooop_runs_page, "{event.project_id}"),
("awooop_approvals_page.raw_project_display", awooop_approvals_page, "{approval.project_id || \"--\"}"),
("awooop_approvals_page.raw_agent_display", awooop_approvals_page, "{approval.agent_id || \"--\"}"),
("awooop_contracts_page.raw_project_display", awooop_contracts_page, "{contract.project_id || \"--\"}"),
("awooop_contracts_page.raw_tenant_option", awooop_contracts_page, "{t.display_name || t.project_id}"),
("awooop_run_detail_page.raw_project_detail", awooop_run_detail_page, "value={run?.project_id}"),
("awooop_run_detail_page.raw_agent_detail", awooop_run_detail_page, "value={run?.agent_id}"),
("awooop_run_detail_page.raw_trace_detail", awooop_run_detail_page, "value={run?.trace_id}"),
("awooop_run_detail_page.raw_trigger_detail", awooop_run_detail_page, "value={run?.trigger_type}"),
("awooop_run_detail_page.raw_trigger_ref_detail", awooop_run_detail_page, "value={run?.trigger_ref}"),
("awooop_approval_detail_page.raw_project_detail", awooop_approval_detail_page, "value={run.project_id}"),
("awooop_approval_detail_page.raw_agent_detail", awooop_approval_detail_page, "value={run.agent_id}"),
("awooop_approval_detail_page.raw_trace_detail", awooop_approval_detail_page, "value={run.trace_id}"),
("awooop_approval_detail_page.raw_trigger_detail", awooop_approval_detail_page, "value={run.trigger_type}"),
("awooop_approval_detail_page.raw_trigger_ref_detail", awooop_approval_detail_page, "value={run.trigger_ref}"),
("awooop_work_items_page.raw_blockers_join", awooop_work_items_page, "blockers.join(\", \")"),
("awooop_work_items_page.raw_required_fields_join", awooop_work_items_page, "requiredOwnerFields.join(\", \")"),
(
"awooop_work_items_page.raw_completion_required_fields_join",
awooop_work_items_page,
"item.required_owner_fields.join(\", \")",
),
]:
assert_text_not_contains(label, text, forbidden)
assert_text_not_contains("public_security_redaction.owner_namespace_literal", public_security_redaction, "owenhytsai")
assert_text_not_contains("public_security_redaction.external_namespace_literal", public_security_redaction, "nexu-io")
assert_text_not_contains(
"public_security_redaction.internal_blocked_waiting_literal",
public_security_redaction,
"blocked_waiting_",
)
assert_text_not_contains("public_security_redaction.internal_blockers_literal", public_security_redaction, "blockers=")
manifest_count = manifest["contract_count"]
readiness_summary = readiness["summary"]
rollup_summary = rollup["summary"]
assert_equal("manifest.contract_count", manifest_count, 36)
assert_equal("readiness.total_contracts", readiness_summary["total_contracts"], manifest_count)
assert_equal("rollup.total_contracts", rollup_summary["total_contracts"], manifest_count)
assert_equal("rollup.ready_for_mirror_count", rollup_summary["ready_for_mirror_count"], 33)
assert_equal("rollup.partial_ready_count", rollup_summary["partial_ready_count"], 2)
assert_equal("rollup.contract_only_count", rollup_summary["contract_only_count"], 1)
assert_equal("rollup.blocked_count", rollup_summary["blocked_count"], 0)
assert_contains(
"manifest.contracts",
[item["contract"] for item in manifest["contracts"]],
"iwooos_posture_projection_v1",
)
assert_contains(
"readiness.contract_readiness",
[item["contract"] for item in readiness["contract_readiness"]],
"iwooos_posture_projection_v1",
)
assert_contains(
"rollup.source_indexes",
rollup["source_indexes"],
"docs/security/iwooos-posture-projection.snapshot.json",
)
assert_equal("event_sample.payload_summary.total_contracts", event_sample["payload_summary"]["total_contracts"], manifest_count)
assert_equal(
"event_sample.payload_summary.ready_for_mirror_count",
event_sample["payload_summary"]["ready_for_mirror_count"],
readiness_summary["ready_for_mirror_count"],
)
assert_contains(
"event_sample.evidence_refs",
event_sample["evidence_refs"],
"docs/security/IWOOOS-POSTURE-PROJECTION.md",
)
assert_equal("route.summary.total_contracts", route["summary"]["total_contracts"], manifest_count)
route_contracts = sorted({contract for group in route["route_groups"] for contract in group["contracts"]})
assert_equal("route.contract_coverage", route_contracts, sorted(item["contract"] for item in manifest["contracts"]))
assert_contains(
"intake.source_indexes",
intake["source_indexes"],
"docs/security/iwooos-posture-projection.snapshot.json",
)
intake_contracts = [contract for wave in intake["intake_waves"] for contract in wave["contracts"]]
assert_contains("intake.contracts", intake_contracts, "iwooos_posture_projection_v1")
assert_text_contains("sidebar.iwooos_security_unified_entry", sidebar, "id: 'iwooos-security'")
assert_text_contains("sidebar.iwooos_security_label", sidebar, "labelKey: 'iwooos'")
assert_text_not_contains("sidebar.iwooos_security_duplicate_label", sidebar, "labelKey: 'iwooosSecurityCompliance'")
assert_text_contains("sidebar.security_compliance_alias", sidebar, "aliases: ['/security-compliance']")
assert_text_not_contains("sidebar.duplicate_security_compliance_entry", sidebar, "id: 'security-compliance'")
assert_text_contains("command_palette.iwooos_entry", command_palette, "id: 'iwooos'")
assert_text_contains("command_palette.iwooos_route", command_palette, "nav('/iwooos')")
assert_text_contains("command_palette.security_keyword", command_palette, "'安全合規'")
assert_text_not_contains("command_palette.legacy_security_entry", command_palette, "id: 'security'")
assert_text_not_contains("command_palette.legacy_security_compliance_route", command_palette, "nav('/security-compliance')")
assert_equal(
"web_messages.zh-TW.nav.iwooos",
web_messages_zh["nav"]["iwooos"],
"IwoooS",
)
assert_equal(
"web_messages.en.nav.iwooos",
web_messages_en["nav"]["iwooos"],
"IwoooS",
)
assert_equal("web_messages.en.nav.traditional_chinese_mirror", web_messages_en["nav"], web_messages_zh["nav"])
assert_equal("web_messages.en.iwooos.traditional_chinese_mirror", web_messages_en["iwooos"], web_messages_zh["iwooos"])
assert_equal(
"web_messages.en.full_site_traditional_chinese_mirror",
web_messages_en,
web_messages_zh,
)
product_voice_sections = [
web_messages_zh["dashboard"]["homeCommandMap"],
web_messages_zh["dashboard"]["automationDelivery"],
web_messages_zh["dashboard"]["automationDiagrams"],
web_messages_zh["securityCompliance"],
web_messages_zh["iwooos"],
]
iwooos_visible_text = "\n".join(collect_string_values(web_messages_zh["iwooos"]))
product_visible_text = "\n".join(
text for section in product_voice_sections for text in collect_string_values(section)
)
for forbidden in [
"S2.",
"回應「",
"專業建議",
"本輪",
"這裡",
"到底",
"空泛",
"不再只",
"卡在哪",
"初期框架",
"Claude",
"Codex",
"交辦",
"對話",
"不用讀",
"不用翻對話",
"使用者最",
"使用者可以",
"使用者能",
"使用者已",
"使用者現在",
"使用者不用",
"使用者感覺",
"使用者第一眼",
"使用者先",
"讓使用者",
"給使用者",
"最關心",
"抱怨",
"一堆文字",
"不要只是",
"長頁面",
"不是再加文字",
"目前到底",
"真正卡點",
"目前卡點",
"主要卡點",
]:
assert_text_not_contains("web_messages.zh-TW.product_voice", product_visible_text, forbidden)
iwooos_first_screen_text = "\n".join(
collect_string_values(
{
"subtitle": web_messages_zh["iwooos"]["subtitle"],
"boundary": web_messages_zh["iwooos"]["boundary"],
**{
key: web_messages_zh["iwooos"][key]
for key in [
"progressIntegrityRibbon",
"executiveSnapshot",
"focusDeck",
"immediateVisualMesh",
"topologyAtlas",
"decisionRunway",
"gateRadar",
"visualCommandDashboard",
"professionalSecurityExperience",
"concreteWorkSnapshot",
"concreteSecurityWorkMap",
"informationArchitecture",
"metrics",
]
},
}
)
)
for forbidden in [
"Gate",
"evidence",
"workflow",
"Runtime",
"Primary",
"owner evidence",
"owner ",
"reviewer acceptance",
"reviewer",
"source-control mutation",
"runtime gate",
"runtime ",
"Runtime Gate",
"Runtime 動作",
"Runtime 阻擋",
"Gate 0",
"schema",
"contract-only",
"partial",
"Session",
"drill-down",
"refs",
"repo",
"source-control",
"readiness",
"queue/candidate/assigned",
]:
assert_text_not_contains(
"web_messages.zh-TW.iwooos.first_screen_traditional_chinese",
iwooos_first_screen_text,
forbidden,
)
for text in [
'id="iwooos-decision-gate-visuals"',
'id="iwooos-scope-evidence-visuals"',
"decisionGateVisuals",
"scopeEvidenceVisuals",
"iwooos-decision-gate-visuals",
"iwooos-scope-evidence-visuals",
]:
assert_text_contains("iwooos_projection_page.progressive_disclosure_groups", iwooos_projection_page, text)
for key in ["decisionGateVisuals", "scopeEvidenceVisuals"]:
assert_contains(
"web_messages.zh-TW.iwooos.informationArchitecture.progressive_disclosure",
list(web_messages_zh["iwooos"]["informationArchitecture"].keys()),
key,
)
for text in [
"IwoooSVisualCommandDashboard",
'data-testid="iwooos-visual-command-dashboard"',
"visualDashboardMetrics",
"visualDashboardNodes",
"visualDashboardGates",
"conic-gradient",
"visualCommandDashboard",
]:
assert_text_contains("iwooos_projection_page.visual_command_dashboard", iwooos_projection_page, text)
for key in [
"eyebrow",
"title",
"subtitle",
"metrics",
"nodes",
"gateMatrix",
"gates",
"drilldown",
]:
assert_contains(
"web_messages.zh-TW.iwooos.visualCommandDashboard",
list(web_messages_zh["iwooos"]["visualCommandDashboard"].keys()),
key,
)
for key in ["overall", "framework", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.visualCommandDashboard.metrics",
list(web_messages_zh["iwooos"]["visualCommandDashboard"]["metrics"].keys()),
key,
)
for key in ["awoooiCore", "websites", "vibeWork", "kali112", "devHosts", "githubPrimary", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.visualCommandDashboard.nodes",
list(web_messages_zh["iwooos"]["visualCommandDashboard"]["nodes"].keys()),
key,
)
for key in ["kaliMaintenance", "ownerResponse", "githubPrimary", "runtimeExecution"]:
assert_contains(
"web_messages.zh-TW.iwooos.visualCommandDashboard.gates",
list(web_messages_zh["iwooos"]["visualCommandDashboard"]["gates"].keys()),
key,
)
for text in [
"IwoooSProfessionalSecurityExperience",
'data-testid="iwooos-professional-security-experience"',
"IwoooSAttackPathVisual",
"IwoooSAssetHeatVisual",
"IwoooSResponseFlowVisual",
"visualExperienceTabs",
"attackPathNodes",
"assetHeatCells",
"responseFlowSteps",
"role=\"tab\"",
"aria-selected",
]:
assert_text_contains("iwooos_projection_page.professional_security_experience", iwooos_projection_page, text)
for key in [
"eyebrow",
"title",
"subtitle",
"tabsLabel",
"tabs",
"attackPath",
"assetHeat",
"responseFlow",
]:
assert_contains(
"web_messages.zh-TW.iwooos.professionalSecurityExperience",
list(web_messages_zh["iwooos"]["professionalSecurityExperience"].keys()),
key,
)
for key in ["attackPath", "assetHeat", "responseFlow"]:
assert_contains(
"web_messages.zh-TW.iwooos.professionalSecurityExperience.tabs",
list(web_messages_zh["iwooos"]["professionalSecurityExperience"]["tabs"].keys()),
key,
)
for key in ["publicWeb", "apiRuntime", "projectSource", "devHosts", "kali112", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.professionalSecurityExperience.attackPath.nodes",
list(web_messages_zh["iwooos"]["professionalSecurityExperience"]["attackPath"]["nodes"].keys()),
key,
)
for key in [
"awoooi",
"awooop",
"iwooos",
"websites",
"vibeWork",
"kali112",
"devHosts",
"githubPrimary",
"runtimeActions",
]:
assert_contains(
"web_messages.zh-TW.iwooos.professionalSecurityExperience.assetHeat.cells",
list(web_messages_zh["iwooos"]["professionalSecurityExperience"]["assetHeat"]["cells"].keys()),
key,
)
for key in ["observe", "triage", "evidence", "approval", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.professionalSecurityExperience.responseFlow.steps",
list(web_messages_zh["iwooos"]["professionalSecurityExperience"]["responseFlow"]["steps"].keys()),
key,
)
for text in [
"IwoooSConcreteWorkSnapshot",
'data-testid="iwooos-concrete-work-snapshot"',
"iwooosConcreteSecurityWorkStreams.map",
"concreteWorkSnapshot",
"IwoooSConcreteWorkSnapshot />",
]:
assert_text_contains("iwooos_projection_page.concrete_work_snapshot", iwooos_projection_page, text)
for key in ["eyebrow", "title", "subtitle", "summary"]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteWorkSnapshot",
list(web_messages_zh["iwooos"]["concreteWorkSnapshot"].keys()),
key,
)
for key in ["visible", "delivered", "nextGate", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteWorkSnapshot.summary",
list(web_messages_zh["iwooos"]["concreteWorkSnapshot"]["summary"].keys()),
key,
)
for key in [
"eyebrow",
"title",
"subtitle",
"maintenanceGateLabel",
"maintenanceGate",
"nextEvidenceLabel",
"nextEvidence",
"runwayLabel",
"boundaryTitle",
"boundaryIntro",
"runway",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.kaliMaintenanceReadiness",
list(web_messages_zh["iwooos"]["kaliMaintenanceReadiness"].keys()),
key,
)
for key in [
"readOnlySnapshot",
"scannerHealth",
"upgradablePackages",
"failedSystemdUnits",
"serviceHardening",
"runtimeGate",
]:
assert_contains(
"web_messages.zh-TW.iwooos.kaliMaintenanceReadiness.items",
list(web_messages_zh["iwooos"]["kaliMaintenanceReadiness"]["items"].keys()),
key,
)
for text in [
"KaliMaintenanceReadinessBoard",
'data-testid="iwooos-kali-maintenance-readiness-board"',
"kaliMaintenanceRunwaySteps",
"2026-06-04 08:55",
"security_observer_read_only_observed_at=2026-06-04T08:55:43+08:00",
"security_observer_scanner_health=healthy",
"security_observer_health_endpoint=redacted_internal_health_check",
"security_observer_scanner_service_active=active",
"security_observer_scanner_service_enabled=enabled",
"security_observer_upgradable_package_count=1994",
"security_observer_failed_systemd_unit_count=1",
"security_observer_failed_systemd_unit=networking.service",
"security_observer_systemd_hardening_enabled=0/4",
"security_observer_full_upgrade_authorized=false",
"security_observer_reboot_authorized=false",
"security_observer_package_update_executed=false",
"security_observer_host_reboot_executed=false",
"security_observer_active_scan_executed=false",
"security_observer_runtime_execution_authorized=false",
]:
assert_text_contains("iwooos_projection_page.kali_maintenance_readiness", iwooos_projection_page, text)
progress = rollup["progress_estimate"]
assert_equal("progress.overall_percent", progress["overall_percent"], 64)
assert_equal("progress.framework_percent_min", progress["framework_percent_min"], 92)
assert_equal("progress.framework_percent_max", progress["framework_percent_max"], 92)
assert_equal("progress.runtime_landing_percent_min", progress["runtime_landing_percent_min"], 40)
assert_equal("progress.runtime_landing_percent_max", progress["runtime_landing_percent_max"], 45)
assert_true("progress.not_authorization", progress["not_authorization"])
progress_display_policy = rollup["progress_display_policy"]
assert_equal("progress_display_policy.headline_percent", progress_display_policy["headline_percent"], 64)
assert_equal(
"progress_display_policy.headline_status",
progress_display_policy["headline_status"],
"reviewed_after_kali_112_read_only_production_evidence",
)
assert_true("progress_display_policy.recent_micro_progress_visible", progress_display_policy["recent_micro_progress_visible"])
assert_false(
"progress_display_policy.runtime_execution_authorized",
progress_display_policy["runtime_execution_authorized"],
)
assert_true("progress_display_policy.not_authorization", progress_display_policy["not_authorization"])
progress_delta_ledger = rollup["progress_delta_ledger"]
expected_delta_ids = [
"s4_10_owner_response_request_packet",
"s4_10_owner_response_template_status_ledger",
"s4_10_owner_response_audit_event_templates",
"s4_10_owner_response_redaction_examples",
"s4_10_owner_response_collection_checks",
"s4_10_owner_response_intake_preflight_checks",
"s4_11_ref_truth_owner_response_request_packet",
"s4_11_ref_truth_owner_response_template_status_ledger",
"s4_11_ref_truth_owner_response_audit_event_templates",
"s4_11_ref_truth_owner_response_redaction_examples",
"s4_11_ref_truth_owner_response_collection_checks",
"s4_11_ref_truth_owner_response_intake_preflight_checks",
"s4_12_workflow_secret_name_owner_response_request_packet",
"s4_12_workflow_secret_name_owner_response_template_status_ledger",
"s4_12_workflow_secret_name_owner_response_audit_event_templates",
"s4_12_workflow_secret_name_owner_response_redaction_examples",
"s4_12_workflow_secret_name_owner_response_collection_checks",
"s4_12_workflow_secret_name_owner_response_intake_preflight_checks",
"s4_13_owner_response_validation_evidence_routing_rules",
"s4_13_owner_response_validation_display_sections",
"s4_13_owner_response_validation_state_transition_rules",
"s4_13_owner_response_validation_reviewer_checklist",
"s4_13_owner_response_validation_reviewer_outcome_lanes",
"s4_13_owner_response_validation_reviewer_audit_event_templates",
"s4_13_owner_response_validation_reviewer_audit_display_sections",
"s4_13_owner_response_validation_reviewer_audit_collection_checks",
"s4_13_owner_response_validation_reviewer_audit_redaction_examples",
"s4_13_owner_response_validation_reviewer_audit_retention_rules",
"s4_13_owner_response_validation_reviewer_audit_retention_checks",
"s4_13_owner_response_validation_reviewer_audit_handoff_packets",
"s4_13_owner_response_validation_reviewer_audit_handoff_checks",
"s4_13_owner_response_validation_parallel_session_sync_checks",
"s4_13_owner_response_validation_parallel_session_conflict_lanes",
"s4_13_owner_response_validation_parallel_session_recovery_checks",
"s4_13_owner_response_validation_parallel_session_recovery_outcome_lanes",
"s1_3_low_friction_non_blocking_escalation_lanes",
"s2_8_iwooos_frontend_posture_entry",
"s2_9_iwooos_posture_projection_contract",
"s2_10_iwooos_existing_frontend_surface_integration",
"s2_11_iwooos_surface_coverage_boundary_matrix",
"s2_12_iwooos_operator_journey_projection",
"s2_13_iwooos_owner_evidence_readiness_board",
"s2_14_iwooos_host_coverage_view",
"s2_15_iwooos_host_action_gate_matrix",
"s2_16_iwooos_host_evidence_readiness_board",
"s2_17_iwooos_host_evidence_collection_order",
"s2_18_iwooos_host_evidence_intake_preflight",
"s2_19_iwooos_host_evidence_review_outcome_lanes",
"s2_20_iwooos_host_evidence_review_handoff_packets",
"s2_21_iwooos_host_evidence_reviewer_checklist",
"s2_22_iwooos_host_evidence_reviewer_outcome_lanes",
"s2_23_iwooos_host_owner_decision_candidate_packets",
"s2_24_iwooos_host_owner_decision_review_checklist",
"s2_25_iwooos_host_owner_decision_review_outcome_lanes",
"s2_26_iwooos_host_owner_decision_record_draft_packets",
"s2_27_iwooos_host_owner_decision_record_draft_review_checklist",
"s2_28_iwooos_host_owner_decision_record_draft_review_outcome_lanes",
"s2_29_iwooos_host_owner_decision_record_writeup_packets",
"s2_30_iwooos_host_owner_decision_record_writeup_review_checklist",
"s2_31_iwooos_host_owner_decision_record_writeup_review_outcome_lanes",
"s2_32_iwooos_host_owner_decision_record_formal_candidate_packets",
"s2_33_iwooos_host_owner_decision_record_formal_candidate_review_checklist",
"s2_34_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes",
"s2_35_iwooos_host_owner_decision_record_formal_record_queue_packets",
"s2_36_iwooos_host_owner_decision_record_formal_record_queue_review_checklist",
"s2_37_iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lanes",
"s2_38_iwooos_host_owner_decision_record_human_handoff_readiness_packets",
"s2_39_iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist",
"s2_40_iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lanes",
"s2_41_iwooos_host_owner_decision_record_human_record_owner_review_candidate_packets",
"s2_42_iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist",
"s2_43_iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes",
"s2_44_iwooos_host_owner_decision_record_human_record_owner_review_preparation_packets",
"s2_45_iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist",
"s2_46_iwooos_progress_acceleration_lanes",
"s2_47_iwooos_owner_response_next_action_focus",
"s2_48_iwooos_s4_9_owner_response_preflight",
"s2_49_iwooos_s4_9_owner_response_request_templates",
"s2_50_iwooos_progress_hold_movement_gates",
"s2_51_iwooos_awooop_read_only_landing_readiness",
"s2_52_iwooos_awooop_cross_session_handoff_packets",
"s2_53_awooop_home_iwooos_security_mirror_candidate",
"s2_54_awooop_work_items_iwooos_security_mirror_candidate",
"s2_55_awooop_approvals_iwooos_owner_response_gate_candidate",
"s2_56_awooop_contracts_iwooos_security_contract_candidate",
"s2_57_awooop_tenants_iwooos_tenant_scope_candidate",
"s2_58_awooop_runs_iwooos_run_state_candidate",
"s2_59_existing_security_pages_iwooos_reverse_bridge",
"s2_60_security_control_pages_iwooos_reverse_bridge",
"s2_61_audit_engineering_pages_iwooos_reverse_bridge",
"s2_62_iwooos_frontend_surface_connection_board",
"s2_63_iwooos_github_primary_readiness_board",
"s2_64_awooop_work_items_github_primary_readiness_candidate",
"s2_65_awooop_contracts_github_primary_readiness_candidate",
"s2_66_awooop_approvals_github_primary_readiness_boundary",
"s2_67_awooop_home_github_primary_readiness_summary",
"s2_68_awooop_tenants_github_primary_readiness_scope",
"s2_69_awooop_runs_github_primary_readiness_boundary",
"s2_70_traditional_chinese_security_surface_wording_guard",
"s2_71_awooop_run_detail_traditional_chinese_wording_guard",
"s2_72_awooop_home_owner_response_validation_rollup",
"s2_73_awooop_work_items_owner_response_validation_candidate",
"s2_74_awooop_contracts_owner_response_validation_candidate",
"s2_75_awooop_approvals_owner_response_validation_boundary",
"s2_76_awooop_tenants_owner_response_validation_scope",
"s2_77_awooop_runs_owner_response_validation_boundary",
"s2_78_awooop_run_detail_owner_response_validation_boundary",
"s2_79_awooop_approval_detail_owner_response_validation_boundary",
"s2_80_iwooos_awooop_route_coverage_board",
"s2_81_iwooos_gradual_convergence_roadmap",
"s2_82_iwooos_owner_response_collection_board",
"s2_83_iwooos_owner_response_intake_safety_board",
"s2_84_iwooos_owner_response_review_outcome_board",
"s2_85_iwooos_owner_response_human_decision_queue_board",
"s2_86_iwooos_owner_response_decision_record_draft_guard_board",
"s2_87_iwooos_owner_response_formal_record_candidate_preflight_board",
"s2_88_iwooos_owner_response_formal_record_candidate_outcome_board",
"s2_89_iwooos_owner_response_formal_record_owner_handoff_board",
"s2_90_iwooos_owner_response_formal_record_owner_handoff_review_board",
"s2_91_iwooos_owner_response_formal_record_owner_handoff_review_outcome_board",
"s2_92_iwooos_owner_response_formal_record_owner_review_preparation_board",
"s2_93_iwooos_owner_response_formal_record_owner_review_checklist_board",
"s2_94_iwooos_owner_response_formal_record_owner_review_outcome_board",
"s2_95_iwooos_owner_response_formal_record_owner_assignment_preparation_board",
"s2_96_iwooos_owner_response_formal_record_owner_assignment_checklist_board",
"s2_97_iwooos_owner_response_formal_record_owner_assignment_outcome_board",
"s2_98_iwooos_owner_response_formal_record_owner_assignment_decision_preparation_board",
"s2_99_iwooos_owner_response_formal_record_owner_assignment_decision_checklist_board",
"s2_100_iwooos_headline_movement_acceptance_gate_board",
"s2_101_iwooos_s49_owner_response_work_order_board",
"s2_102_iwooos_s49_owner_response_envelope_board",
"s2_103_iwooos_s49_owner_response_envelope_preflight_board",
"s2_104_iwooos_s49_owner_response_envelope_preflight_outcome_board",
"s2_105_iwooos_s49_owner_response_request_draft_board",
"s2_106_iwooos_s49_owner_response_dispatch_flow_board",
"s2_107_security_compliance_iwooos_frontstage_bridge",
"s2_108_iwooos_frontstage_security_entry_roles",
"s2_109_security_compliance_frontstage_route_role_map",
"s2_110_security_compliance_low_friction_rollout_ladder",
"s2_111_iwooos_low_friction_rollout_ladder",
"s2_112_iwooos_low_friction_next_action_boundary",
"s2_113_iwooos_progress_movement_signal_strip",
"s2_114_iwooos_first_progress_unlock_path",
"s2_115_iwooos_first_unlock_evidence_packet",
"s2_116_iwooos_first_unlock_evidence_packet_preflight_outcomes",
"s2_117_iwooos_first_unlock_evidence_packet_supplement_path",
"s2_118_iwooos_first_unlock_evidence_packet_supplement_pre_review",
"s2_119_iwooos_first_unlock_evidence_packet_supplement_pre_review_outcomes",
"s2_120_iwooos_first_unlock_evidence_packet_reviewer_assignment_preparation",
"s2_121_iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight",
"s2_122_iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcomes",
"s2_123_iwooos_concrete_security_work_map",
"s2_124_iwooos_concrete_security_delivery_checklist",
"s2_125_iwooos_concrete_security_blocker_resolution",
"s2_126_iwooos_three_axis_product_progress",
"s2_127_iwooos_product_rollout_wave_ledger",
"s2_128_iwooos_product_rollout_acceptance_gates",
"s2_129_iwooos_product_rollout_acceptance_outcomes",
"s2_130_iwooos_product_evidence_wiring_map",
"s2_131_iwooos_product_evidence_wiring_preflight",
"s2_132_iwooos_product_evidence_wiring_preflight_outcomes",
"s2_133_iwooos_product_evidence_wiring_preflight_recovery_ledger",
"s2_134_iwooos_product_evidence_wiring_preflight_retry_gates",
"s2_135_iwooos_product_evidence_wiring_preflight_retry_outcomes",
"s2_136_iwooos_product_evidence_wiring_preflight_retry_review_candidate",
"s2_137_iwooos_product_evidence_wiring_preflight_retry_review_candidate_preflight",
"s2_138_iwooos_product_evidence_wiring_preflight_retry_review_candidate_preflight_outcomes",
"s2_139_iwooos_product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_ledger",
"s2_140_iwooos_product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_retry_gates",
"s2_141_iwooos_all_product_coverage_snapshot",
"s2_142_iwooos_first_unlock_path_first_layer",
"s2_143_iwooos_command_map_first_layer",
"s2_144_iwooos_command_palette_security_entry_unified",
"s2_145_iwooos_first_layer_focus_deck",
"s2_146_iwooos_immediate_visual_mesh",
"s2_147_iwooos_gate_radar_first_layer",
"s2_148_iwooos_professional_topology_atlas",
"s2_149_iwooos_topology_node_drilldown",
"s2_150_iwooos_topology_path_explorer",
"s2_151_iwooos_topology_intelligence_deck",
"s2_152_iwooos_decision_runway",
"s2_153_iwooos_executive_snapshot",
"s2_154_iwooos_first_screen_language_polish",
"s2_155_iwooos_first_layer_progressive_disclosure",
"s2_156_iwooos_first_screen_depth_map",
"s2_157_iwooos_progress_evidence_rail",
"s2_158_iwooos_evidence_unlock_queue",
"s2_159_iwooos_s49_request_draft_package",
"s2_160_iwooos_s49_request_draft_frontstage_radar",
"s2_161_iwooos_s49_request_draft_detail_layer",
"s2_162_iwooos_s49_owner_response_intake_first_layer",
"s2_163_iwooos_s49_owner_response_intake_next_gates",
"s2_164_iwooos_s49_owner_response_intake_blocker_focus",
"s2_165_iwooos_s49_owner_response_delivery_cards",
"s2_166_iwooos_progress_integrity_ribbon",
"s2_167_iwooos_kali_112_live_read_only_recheck",
"s2_168_iwooos_kali_112_maintenance_runway",
"s2_169_iwooos_kali_112_progress_recalibration",
]
assert_equal(
"progress_delta_ledger.delta_ids",
[item["delta_id"] for item in progress_delta_ledger],
expected_delta_ids,
)
assert_equal(
"progress_delta_ledger.display_order",
[item["display_order"] for item in progress_delta_ledger],
list(range(1, len(expected_delta_ids) + 1)),
)
for item in progress_delta_ledger:
if item["delta_id"] == "s2_169_iwooos_kali_112_progress_recalibration":
assert_equal(
f"progress_delta_ledger.{item['delta_id']}.progress_axis",
item["progress_axis"],
"headline_read_only_evidence",
)
assert_equal(f"progress_delta_ledger.{item['delta_id']}.headline_percent_delta", item["headline_percent_delta"], 3)
else:
assert_equal(f"progress_delta_ledger.{item['delta_id']}.progress_axis", item["progress_axis"], "framework_detail")
assert_equal(f"progress_delta_ledger.{item['delta_id']}.headline_percent_delta", item["headline_percent_delta"], 0)
assert_true(f"progress_delta_ledger.{item['delta_id']}.framework_delta_visible", item["framework_delta_visible"])
assert_false(f"progress_delta_ledger.{item['delta_id']}.runtime_delta", item["runtime_delta"])
assert_false(f"progress_delta_ledger.{item['delta_id']}.execution_authorized", item["execution_authorized"])
assert_true(f"progress_delta_ledger.{item['delta_id']}.not_authorization", item["not_authorization"])
assert_false("rollup.runtime_execution_authorized", rollup["runtime_execution_authorized"])
assert_equal("rollup.active_runtime_gate_count", rollup_summary["active_runtime_gate_count"], 0)
assert_false("rollup.runtime_actions_executed", rollup_summary["runtime_actions_executed"])
assert_false("rollup.payloads_ingested", rollup_summary["payloads_ingested"])
assert_equal("rollup.github_primary_ready_count", rollup_summary["github_primary_ready_count"], 0)
assert_equal("rollup.owner_response_validation_received_count", rollup_summary["owner_response_validation_received_count"], 0)
assert_equal("rollup.owner_response_validation_accepted_count", rollup_summary["owner_response_validation_accepted_count"], 0)
assert_equal("rollup.workflow_secret_inventory_complete_count", rollup_summary["workflow_secret_inventory_complete_count"], 0)
assert_false("rollup.secret_value_collection_allowed", rollup_summary["secret_value_collection_allowed"])
assert_false("rollup.secret_value_detected", rollup_summary["secret_value_detected"])
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"mirror_owner_response_validation_rollup",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_home_iwooos_security_mirror_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_work_items_iwooos_security_mirror_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_approvals_iwooos_owner_response_gate_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_contracts_iwooos_security_contract_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_tenants_iwooos_tenant_scope_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_runs_iwooos_run_state_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_existing_security_pages_iwooos_reverse_bridge",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_security_control_pages_iwooos_reverse_bridge",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_audit_engineering_pages_iwooos_reverse_bridge",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_frontend_surface_connection_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_github_primary_readiness_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_work_items_github_primary_readiness_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_work_items_owner_response_validation_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_contracts_github_primary_readiness_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_contracts_owner_response_validation_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_approvals_github_primary_readiness_boundary",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_approvals_owner_response_validation_boundary",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_home_github_primary_readiness_summary",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_tenants_github_primary_readiness_scope",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_tenants_owner_response_validation_scope",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_runs_github_primary_readiness_boundary",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_runs_owner_response_validation_boundary",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_run_detail_owner_response_validation_boundary",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_approval_detail_owner_response_validation_boundary",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_awooop_route_coverage_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_gradual_convergence_roadmap",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_collection_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_intake_safety_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_review_outcome_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_human_decision_queue_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_decision_record_draft_guard_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_candidate_preflight_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_candidate_outcome_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_handoff_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_handoff_review_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_handoff_review_outcome_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_review_preparation_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_review_checklist_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_review_outcome_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_assignment_preparation_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_assignment_checklist_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_assignment_outcome_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_assignment_decision_preparation_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_owner_response_formal_record_owner_assignment_decision_checklist_board",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_security_compliance_frontstage_bridge",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_frontstage_security_entry_roles",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_security_compliance_frontstage_route_role_map",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_security_compliance_low_friction_rollout_ladder",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_low_friction_rollout_ladder",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_low_friction_next_action_boundary",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_progress_movement_signal_strip",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_progress_unlock_path",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_unlock_evidence_packet",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_unlock_evidence_packet_preflight_outcomes",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_unlock_evidence_packet_supplement_path",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_unlock_evidence_packet_supplement_pre_review",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_unlock_evidence_packet_supplement_pre_review_outcomes",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_unlock_evidence_packet_reviewer_assignment_preparation",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcomes",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_concrete_security_work_map",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_concrete_security_delivery_checklist",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_concrete_security_blocker_resolution",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_three_axis_product_progress",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_all_product_coverage_snapshot",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_rollout_wave_ledger",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_rollout_acceptance_gates",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_rollout_acceptance_outcomes",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_map",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_outcomes",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_recovery_ledger",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_retry_gates",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_retry_outcomes",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_retry_review_candidate",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_retry_review_candidate_preflight",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_retry_review_candidate_preflight_outcomes",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_ledger",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_iwooos_product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_retry_gates",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"enforce_traditional_chinese_security_surface_wording",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"enforce_awooop_run_detail_traditional_chinese_wording",
)
zh_security_surface_text = json.dumps(
{
"iwooos": web_messages_zh["iwooos"],
"awooop": web_messages_zh["awooop"],
},
ensure_ascii=False,
)
for forbidden in [
"Information Security Mesh",
"Mirror-only / Observe-first",
"Exposure Posture",
"Source-control Supply Chain",
"Owner response missing",
"GitHub Primary Readiness",
"Active runtime gates",
"Candidate repos",
"In-scope repos",
"Owner responses",
"Owner response",
"Workflow inventory",
"Security runs",
"Run visibility",
"Run State",
"Readiness evidence refs",
"Owner response lanes",
"Source-control 邊界",
"Ready for mirror",
"Primary ready",
"AwoooP Operator Console",
"Control Plane",
"Shadow First",
"Operator Runs",
"Run Detail",
"Project / Agent",
"Incident ID",
"Incident Evidence",
"Run Timeline",
]:
assert_text_not_contains("web_messages.zh-TW.security_surface_wording", zh_security_surface_text, forbidden)
zh_awooop_tenants_text = json.dumps(web_messages_zh["awooop"]["tenants"], ensure_ascii=False)
for forbidden in [
"security mirror",
"migration mode",
"tenant policy",
"platform tenants API",
"primary switch",
"refs action",
"runtime tenant",
"posture mirror",
"Host coverage",
"observe-only",
"Tenant policy changes",
"owner response",
"runtime gate",
"secret value",
"workflow / secret",
"received / accepted",
"GitHub repo",
"Project ID",
]:
assert_text_not_contains("web_messages.zh-TW.awooop.tenants_wording", zh_awooop_tenants_text, forbidden)
zh_awooop_runs_text = json.dumps(web_messages_zh["awooop"]["runs"], ensure_ascii=False)
for forbidden in [
"Run Monitor",
"Run Boundary",
"Run visibility",
"Security runs",
"Active runtime gates",
"Owner accepted",
"owner response",
"runtime gate",
"post-check evidence",
"dry-run evidence",
"action button",
"repo",
"secrets",
"secret value",
"workflow / secret",
"received / accepted",
"Candidate Repos",
"In-scope Repos",
"Workflow Inventory",
]:
assert_text_not_contains("web_messages.zh-TW.awooop.runs_wording", zh_awooop_runs_text, forbidden)
zh_awooop_run_detail_text = "\n".join(
collect_string_values(
{
"incidentEvidence": web_messages_zh["awooop"]["incidentEvidence"],
"runDetail": web_messages_zh["awooop"]["runDetail"],
"approvalDecision": web_messages_zh["awooop"]["approvalDecision"],
}
)
)
for forbidden in [
"Trace ID",
"Trigger Ref",
"Trigger",
"Tool",
"Scope",
"First-class",
"Policy enforced",
"Approval executor",
"Legacy bridge",
"Dry-run",
"Tools",
"Incident Evidence",
"Run state",
"audit trail",
"resume",
"Run 會",
]:
assert_text_not_contains("web_messages.zh-TW.awooop_run_detail_wording", zh_awooop_run_detail_text, forbidden)
zh_awooop_work_items_text = json.dumps(
web_messages_zh["awooop"]["workItems"],
ensure_ascii=False,
)
for forbidden in [
"Production 證據",
"Link",
"truth-chain",
"truth-first",
"MCP Gateway",
"Timeline",
"GitHub Primary Readiness",
"active runtime gates",
"Workflow / secret",
"secret value",
"pending dispatch",
"channel events",
"DB truth",
"dispatch 與",
]:
assert_text_not_contains(
"web_messages.zh-TW.awooop_work_items_wording",
zh_awooop_work_items_text,
forbidden,
)
zh_awooop_contracts_value_text = "\n".join(collect_string_values(web_messages_zh["awooop"]["contracts"]))
for forbidden in [
"secret value",
"workflow / secret",
"runtime gate",
"runtime enforcement",
"候選 repo",
"範圍內 repo",
"repo 建立",
"repo / refs",
"refs 變更",
"refs 動作",
"sync / delete / force push",
"received / accepted",
"received / accepted / rejected",
"waiting owner response",
"未 complete",
]:
assert_text_not_contains(
"web_messages.zh-TW.awooop_contracts_wording",
zh_awooop_contracts_value_text,
forbidden,
)
zh_awooop_approvals_owner_validation_text = "\n".join(
collect_string_values(web_messages_zh["awooop"]["approvals"]["ownerResponseValidationBoundary"])
)
for forbidden in [
"secret value",
"workflow / secret",
"runtime gate",
"runtime enforcement",
"approval record",
"repo action",
"repo 建立",
"repo / refs",
"refs action",
"refs 動作",
"sync / delete / force push",
"received / accepted",
"received / accepted / rejected",
"waiting owner response",
]:
assert_text_not_contains(
"web_messages.zh-TW.awooop_approvals_owner_validation_wording",
zh_awooop_approvals_owner_validation_text,
forbidden,
)
zh_awooop_home_security_text = json.dumps(
{
"securityMirror": web_messages_zh["awooop"]["home"]["securityMirror"],
"githubPrimaryReadiness": web_messages_zh["awooop"]["home"]["githubPrimaryReadiness"],
"ownerResponseValidation": web_messages_zh["awooop"]["home"]["ownerResponseValidation"],
},
ensure_ascii=False,
)
for forbidden in [
"secret value",
"secret 明文",
"received / accepted",
"0 received",
"0 accepted",
"Production landing",
"production landing",
"runtime ingestion",
"deployment proof",
"evidence refs",
"Workflow / secret",
"workflow / secret",
"ready count",
"Owner Response Validation",
"Response Packets",
"Owner Attestation",
"Owner Decision",
"Owner Response",
"Reviewer Checklist",
"Reviewer Outcomes",
"Cross-Packet Checks",
"owner evidence",
"owner response",
"owner attestation",
"owner decision",
"checklist items",
"outcome lanes",
]:
assert_text_not_contains(
"web_messages.zh-TW.awooop_home_security_wording",
zh_awooop_home_security_text,
forbidden,
)
zh_awooop_owner_response_validation_text = json.dumps(
web_messages_zh["awooop"]["home"]["ownerResponseValidation"],
ensure_ascii=False,
)
for forbidden in [
"Owner Response Validation",
"Response Packets",
"Owner Attestation",
"Owner Decision",
"Owner Response",
"Reviewer Checklist",
"Reviewer Outcomes",
"Cross-Packet Checks",
"owner evidence",
"owner response",
"owner attestation",
"owner decision",
"secret value",
"checklist items",
"outcome lanes",
]:
assert_text_not_contains(
"web_messages.zh-TW.awooop_owner_response_validation_wording",
zh_awooop_owner_response_validation_text,
forbidden,
)
assert_equal("rollout_policy.schema_version", rollout_policy["schema_version"], "security_rollout_policy_v1")
assert_equal("rollout_policy.default_mode", rollout_policy["default_mode"], "observe")
assert_equal("rollout_policy.enforcement_level", rollout_policy["enforcement_level"], "mirror_only")
assert_equal("rollout_policy.non_blocking_escalation_lane_count", rollout_policy["non_blocking_escalation_lane_count"], 7)
expected_low_friction_lane_ids = [
"lane-low-medium-observation",
"lane-owner-response-missing",
"lane-mirror-data-incomplete",
"lane-source-control-drift-draft",
"lane-kali-observe-finding",
"lane-workflow-secret-name-gap",
"lane-progress-display-holding",
]
non_blocking_lanes = rollout_policy["non_blocking_escalation_lanes"]
assert_equal(
"rollout_policy.non_blocking_escalation_lanes.ids",
[item["lane_id"] for item in non_blocking_lanes],
expected_low_friction_lane_ids,
)
assert_equal(
"rollout_policy.non_blocking_escalation_lanes.display_order",
[item["display_order"] for item in non_blocking_lanes],
list(range(1, len(expected_low_friction_lane_ids) + 1)),
)
for item in non_blocking_lanes:
if item["initial_mode"] not in {"observe", "warn"}:
raise SystemExit(
f"BLOCKED rollout_policy.non_blocking_escalation_lanes.{item['lane_id']}.initial_mode: "
f"expected observe/warn, got {item['initial_mode']!r}"
)
assert_true(
f"rollout_policy.non_blocking_escalation_lanes.{item['lane_id']}.owner_review_required_before_blocking",
item["owner_review_required_before_blocking"],
)
assert_false(
f"rollout_policy.non_blocking_escalation_lanes.{item['lane_id']}.runtime_blocking_allowed",
item["runtime_blocking_allowed"],
)
assert_equal(
f"rollout_policy.non_blocking_escalation_lanes.{item['lane_id']}.awooop_display_mode",
item["awooop_display_mode"],
"display_low_friction_non_blocking_lane_only",
)
assert_true(
f"rollout_policy.non_blocking_escalation_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
rollout_outputs = rollout_policy["allowed_awooop_outputs"]
for output in [
"display_non_blocking_escalation_lanes",
"create_followup_without_blocking",
"show_owner_review_required_before_blocking",
"keep_runtime_blocking_false",
]:
assert_contains("rollout_policy.allowed_awooop_outputs", rollout_outputs, output)
assert_equal("iwooos_projection.schema_version", iwooos_projection["schema_version"], "iwooos_posture_projection_v1")
assert_equal("iwooos_projection.product_id", iwooos_projection["product_id"], "iwooos")
assert_equal("iwooos_projection.display_name", iwooos_projection["display_name"], "IwoooS")
assert_equal("iwooos_projection.mode", iwooos_projection["mode"], "mirror_only")
assert_false("iwooos_projection.runtime_execution_authorized", iwooos_projection["runtime_execution_authorized"])
assert_false("iwooos_projection.action_buttons_allowed", iwooos_projection["action_buttons_allowed"])
assert_true("iwooos_projection.not_authorization", iwooos_projection["not_authorization"])
assert_equal("iwooos_projection.summary.route_path", iwooos_projection["summary"]["route_path"], "/iwooos")
assert_true("iwooos_projection.summary.nav_entry_added", iwooos_projection["summary"]["nav_entry_added"])
assert_true(
"iwooos_projection.summary.command_palette_entry_added",
iwooos_projection["summary"]["command_palette_entry_added"],
)
assert_true(
"iwooos_projection.summary.command_palette_security_action_unified_to_iwooos",
iwooos_projection["summary"]["command_palette_security_action_unified_to_iwooos"],
)
assert_false(
"iwooos_projection.summary.command_palette_security_compliance_direct_action_allowed",
iwooos_projection["summary"]["command_palette_security_compliance_direct_action_allowed"],
)
assert_true(
"iwooos_projection.summary.command_palette_security_keywords_route_to_iwooos",
iwooos_projection["summary"]["command_palette_security_keywords_route_to_iwooos"],
)
assert_equal("iwooos_projection.summary.contract_count", iwooos_projection["summary"]["contract_count"], manifest_count)
assert_equal(
"iwooos_projection.summary.active_runtime_gate_count",
iwooos_projection["summary"]["active_runtime_gate_count"],
rollup_summary["active_runtime_gate_count"],
)
assert_equal(
"iwooos_projection.summary.owner_response_validation_received_count",
iwooos_projection["summary"]["owner_response_validation_received_count"],
rollup_summary["owner_response_validation_received_count"],
)
assert_equal(
"iwooos_projection.summary.owner_response_validation_accepted_count",
iwooos_projection["summary"]["owner_response_validation_accepted_count"],
rollup_summary["owner_response_validation_accepted_count"],
)
assert_equal(
"iwooos_projection.summary.github_primary_ready_count",
iwooos_projection["summary"]["github_primary_ready_count"],
rollup_summary["github_primary_ready_count"],
)
expected_iwooos_source_control_primary_readiness_item_ids = [
"candidate_repo_inventory",
"primary_ready_counter_locked",
"owner_response_validation_waiting",
"refs_truth_waiting_owner",
"workflow_secret_name_inventory_missing",
"rollback_adr_waiting_owner_approval",
]
assert_equal(
"iwooos_projection.summary.source_control_primary_readiness_item_count",
iwooos_projection["summary"]["source_control_primary_readiness_item_count"],
len(expected_iwooos_source_control_primary_readiness_item_ids),
)
assert_false("iwooos_projection.summary.action_buttons_allowed", iwooos_projection["summary"]["action_buttons_allowed"])
assert_true(
"iwooos_projection.summary.progress_integrity_ribbon_first_layer",
iwooos_projection["summary"]["progress_integrity_ribbon_first_layer"],
)
assert_equal(
"iwooos_projection.summary.progress_integrity_ribbon_signal_count",
iwooos_projection["summary"]["progress_integrity_ribbon_signal_count"],
3,
)
assert_equal(
"iwooos_projection.summary.progress_integrity_ribbon_headline_percent",
iwooos_projection["summary"]["progress_integrity_ribbon_headline_percent"],
64,
)
assert_equal(
"iwooos_projection.summary.progress_integrity_ribbon_headline_delta",
iwooos_projection["summary"]["progress_integrity_ribbon_headline_delta"],
3,
)
assert_equal(
"iwooos_projection.summary.progress_integrity_ribbon_read_only_scope_count",
iwooos_projection["summary"]["progress_integrity_ribbon_read_only_scope_count"],
9,
)
assert_equal(
"iwooos_projection.summary.progress_integrity_ribbon_pending_evidence_gate_count",
iwooos_projection["summary"]["progress_integrity_ribbon_pending_evidence_gate_count"],
3,
)
assert_equal(
"iwooos_projection.summary.progress_integrity_ribbon_runtime_gate_count",
iwooos_projection["summary"]["progress_integrity_ribbon_runtime_gate_count"],
0,
)
assert_false(
"iwooos_projection.summary.progress_integrity_ribbon_action_buttons_allowed",
iwooos_projection["summary"]["progress_integrity_ribbon_action_buttons_allowed"],
)
assert_true(
"iwooos_projection.summary.executive_snapshot_first_layer",
iwooos_projection["summary"]["executive_snapshot_first_layer"],
)
assert_equal(
"iwooos_projection.summary.executive_snapshot_card_count",
iwooos_projection["summary"]["executive_snapshot_card_count"],
5,
)
assert_equal(
"iwooos_projection.summary.executive_snapshot_axis_count",
iwooos_projection["summary"]["executive_snapshot_axis_count"],
3,
)
assert_true(
"iwooos_projection.summary.executive_snapshot_above_focus_deck",
iwooos_projection["summary"]["executive_snapshot_above_focus_deck"],
)
assert_true(
"iwooos_projection.summary.executive_snapshot_explains_done_next_blocked",
iwooos_projection["summary"]["executive_snapshot_explains_done_next_blocked"],
)
assert_equal(
"iwooos_projection.summary.executive_snapshot_runtime_gate_count",
iwooos_projection["summary"]["executive_snapshot_runtime_gate_count"],
0,
)
assert_equal(
"iwooos_projection.summary.executive_snapshot_owner_response_received_count",
iwooos_projection["summary"]["executive_snapshot_owner_response_received_count"],
0,
)
assert_equal(
"iwooos_projection.summary.executive_snapshot_owner_response_accepted_count",
iwooos_projection["summary"]["executive_snapshot_owner_response_accepted_count"],
0,
)
assert_equal(
"iwooos_projection.summary.all_product_coverage_snapshot_scope_count",
iwooos_projection["summary"]["all_product_coverage_snapshot_scope_count"],
8,
)
assert_equal(
"iwooos_projection.summary.all_product_coverage_snapshot_read_only_count",
iwooos_projection["summary"]["all_product_coverage_snapshot_read_only_count"],
8,
)
assert_equal(
"iwooos_projection.summary.all_product_coverage_snapshot_runtime_ready_count",
iwooos_projection["summary"]["all_product_coverage_snapshot_runtime_ready_count"],
0,
)
assert_true(
"iwooos_projection.summary.first_screen_depth_map_first_layer",
iwooos_projection["summary"]["first_screen_depth_map_first_layer"],
)
assert_equal(
"iwooos_projection.summary.first_screen_depth_map_layer_count",
iwooos_projection["summary"]["first_screen_depth_map_layer_count"],
4,
)
assert_equal(
"iwooos_projection.summary.first_screen_depth_map_visible_layer_count",
iwooos_projection["summary"]["first_screen_depth_map_visible_layer_count"],
4,
)
assert_equal(
"iwooos_projection.summary.first_screen_depth_map_advanced_group_count",
iwooos_projection["summary"]["first_screen_depth_map_advanced_group_count"],
2,
)
assert_equal(
"iwooos_projection.summary.first_screen_depth_map_ledger_group_count",
iwooos_projection["summary"]["first_screen_depth_map_ledger_group_count"],
4,
)
assert_equal(
"iwooos_projection.summary.first_screen_depth_map_runtime_gate_count",
iwooos_projection["summary"]["first_screen_depth_map_runtime_gate_count"],
0,
)
assert_false(
"iwooos_projection.summary.first_screen_depth_map_advanced_default_visible",
iwooos_projection["summary"]["first_screen_depth_map_advanced_default_visible"],
)
assert_false(
"iwooos_projection.summary.first_screen_depth_map_scope_evidence_default_visible",
iwooos_projection["summary"]["first_screen_depth_map_scope_evidence_default_visible"],
)
assert_true(
"iwooos_projection.summary.progress_evidence_rail_first_layer",
iwooos_projection["summary"]["progress_evidence_rail_first_layer"],
)
assert_equal(
"iwooos_projection.summary.progress_evidence_rail_item_count",
iwooos_projection["summary"]["progress_evidence_rail_item_count"],
5,
)
assert_equal(
"iwooos_projection.summary.progress_evidence_rail_owner_response_received_count",
iwooos_projection["summary"]["progress_evidence_rail_owner_response_received_count"],
0,
)
assert_equal(
"iwooos_projection.summary.progress_evidence_rail_owner_response_accepted_count",
iwooos_projection["summary"]["progress_evidence_rail_owner_response_accepted_count"],
0,
)
assert_equal(
"iwooos_projection.summary.progress_evidence_rail_redacted_evidence_count",
iwooos_projection["summary"]["progress_evidence_rail_redacted_evidence_count"],
0,
)
assert_equal(
"iwooos_projection.summary.progress_evidence_rail_review_acceptance_count",
iwooos_projection["summary"]["progress_evidence_rail_review_acceptance_count"],
0,
)
assert_equal(
"iwooos_projection.summary.progress_evidence_rail_github_primary_ready_count",
iwooos_projection["summary"]["progress_evidence_rail_github_primary_ready_count"],
0,
)
assert_equal(
"iwooos_projection.summary.progress_evidence_rail_runtime_gate_count",
iwooos_projection["summary"]["progress_evidence_rail_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.evidence_unlock_queue_first_layer",
iwooos_projection["summary"]["evidence_unlock_queue_first_layer"],
)
assert_equal(
"iwooos_projection.summary.evidence_unlock_queue_item_count",
iwooos_projection["summary"]["evidence_unlock_queue_item_count"],
4,
)
assert_equal(
"iwooos_projection.summary.evidence_unlock_queue_s4_9_request_draft_template_count",
iwooos_projection["summary"]["evidence_unlock_queue_s4_9_request_draft_template_count"],
5,
)
assert_equal(
"iwooos_projection.summary.evidence_unlock_queue_s4_9_request_draft_ready_count",
iwooos_projection["summary"]["evidence_unlock_queue_s4_9_request_draft_ready_count"],
1,
)
assert_equal(
"iwooos_projection.summary.evidence_unlock_queue_request_sent_count",
iwooos_projection["summary"]["evidence_unlock_queue_request_sent_count"],
0,
)
assert_equal(
"iwooos_projection.summary.evidence_unlock_queue_received_count",
iwooos_projection["summary"]["evidence_unlock_queue_received_count"],
0,
)
assert_equal(
"iwooos_projection.summary.evidence_unlock_queue_accepted_count",
iwooos_projection["summary"]["evidence_unlock_queue_accepted_count"],
0,
)
assert_equal(
"iwooos_projection.summary.evidence_unlock_queue_github_primary_ready_count",
iwooos_projection["summary"]["evidence_unlock_queue_github_primary_ready_count"],
0,
)
assert_equal(
"iwooos_projection.summary.evidence_unlock_queue_runtime_gate_count",
iwooos_projection["summary"]["evidence_unlock_queue_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.s4_9_request_draft_package_first_layer",
iwooos_projection["summary"]["s4_9_request_draft_package_first_layer"],
)
assert_equal(
"iwooos_projection.summary.s4_9_request_draft_package_card_count",
iwooos_projection["summary"]["s4_9_request_draft_package_card_count"],
5,
)
assert_equal(
"iwooos_projection.summary.s4_9_request_draft_package_template_ready_count",
iwooos_projection["summary"]["s4_9_request_draft_package_template_ready_count"],
5,
)
for count_key in [
"s4_9_request_draft_package_request_sent_count",
"s4_9_request_draft_package_owner_response_received_count",
"s4_9_request_draft_package_owner_response_accepted_count",
"s4_9_request_draft_package_runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.summary.{count_key}",
iwooos_projection["summary"][count_key],
0,
)
assert_true(
"iwooos_projection.summary.s4_9_request_draft_detail_first_layer",
iwooos_projection["summary"]["s4_9_request_draft_detail_first_layer"],
)
assert_equal(
"iwooos_projection.summary.s4_9_request_draft_detail_row_count",
iwooos_projection["summary"]["s4_9_request_draft_detail_row_count"],
5,
)
assert_equal(
"iwooos_projection.summary.s4_9_request_draft_detail_required_field_total",
iwooos_projection["summary"]["s4_9_request_draft_detail_required_field_total"],
30,
)
assert_equal(
"iwooos_projection.summary.s4_9_request_draft_detail_forbidden_action_count",
iwooos_projection["summary"]["s4_9_request_draft_detail_forbidden_action_count"],
10,
)
for count_key in [
"s4_9_request_draft_detail_request_sent_count",
"s4_9_request_draft_detail_owner_response_received_count",
"s4_9_request_draft_detail_owner_response_accepted_count",
"s4_9_request_draft_detail_runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.summary.{count_key}",
iwooos_projection["summary"][count_key],
0,
)
assert_true(
"iwooos_projection.summary.s4_9_owner_response_intake_first_layer",
iwooos_projection["summary"]["s4_9_owner_response_intake_first_layer"],
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_lane_count",
iwooos_projection["summary"]["s4_9_owner_response_intake_lane_count"],
5,
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_next_gate_count",
iwooos_projection["summary"]["s4_9_owner_response_intake_next_gate_count"],
3,
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_next_gate_passed_count",
iwooos_projection["summary"]["s4_9_owner_response_intake_next_gate_passed_count"],
0,
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_blocker_focus_count",
iwooos_projection["summary"]["s4_9_owner_response_intake_blocker_focus_count"],
1,
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_current_blocker_gate",
iwooos_projection["summary"]["s4_9_owner_response_intake_current_blocker_gate"],
"G1",
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_next_gate_completion_count",
iwooos_projection["summary"]["s4_9_owner_response_intake_next_gate_completion_count"],
0,
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_next_gate_total",
iwooos_projection["summary"]["s4_9_owner_response_intake_next_gate_total"],
3,
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_delivery_card_count",
iwooos_projection["summary"]["s4_9_owner_response_intake_delivery_card_count"],
3,
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_delivery_card_completed_count",
iwooos_projection["summary"]["s4_9_owner_response_intake_delivery_card_completed_count"],
0,
)
assert_false(
"iwooos_projection.summary.s4_9_owner_response_intake_delivery_raw_payload_allowed",
iwooos_projection["summary"]["s4_9_owner_response_intake_delivery_raw_payload_allowed"],
)
for count_key in [
"s4_9_owner_response_intake_received_count",
"s4_9_owner_response_intake_preflight_passed_count",
"s4_9_owner_response_intake_accepted_count",
"s4_9_owner_response_intake_rejected_count",
"s4_9_owner_response_intake_runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.summary.{count_key}",
iwooos_projection["summary"][count_key],
0,
)
assert_true(
"iwooos_projection.summary.s4_9_owner_response_intake_source_bound",
iwooos_projection["summary"]["s4_9_owner_response_intake_source_bound"],
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_intake_handoff_queue_count",
iwooos_projection["summary"]["s4_9_owner_response_intake_handoff_queue_count"],
5,
)
for count_key in [
"s4_9_owner_response_intake_handoff_queue_ready_count",
"s4_9_owner_response_intake_handoff_queue_received_count",
"s4_9_owner_response_intake_handoff_queue_accepted_count",
"s4_9_owner_response_intake_handoff_queue_runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.summary.{count_key}",
iwooos_projection["summary"][count_key],
0,
)
assert_false(
"iwooos_projection.summary.s4_9_owner_response_intake_handoff_queue_raw_payload_allowed",
iwooos_projection["summary"]["s4_9_owner_response_intake_handoff_queue_raw_payload_allowed"],
)
assert_false(
"iwooos_projection.summary.s4_9_owner_response_intake_handoff_queue_action_buttons_allowed",
iwooos_projection["summary"]["s4_9_owner_response_intake_handoff_queue_action_buttons_allowed"],
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_metadata_intake_field_count",
iwooos_projection["summary"]["s4_9_owner_response_metadata_intake_field_count"],
6,
)
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_metadata_intake_required_count",
iwooos_projection["summary"]["s4_9_owner_response_metadata_intake_required_count"],
6,
)
for count_key in [
"s4_9_owner_response_metadata_intake_filled_count",
"s4_9_owner_response_metadata_intake_received_count",
"s4_9_owner_response_metadata_intake_accepted_count",
"s4_9_owner_response_metadata_intake_runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.summary.{count_key}",
iwooos_projection["summary"][count_key],
0,
)
assert_true(
"iwooos_projection.summary.s4_9_owner_response_metadata_intake_redacted_ref_required",
iwooos_projection["summary"]["s4_9_owner_response_metadata_intake_redacted_ref_required"],
)
for false_key in [
"s4_9_owner_response_metadata_intake_raw_payload_allowed",
"s4_9_owner_response_metadata_intake_secret_plaintext_allowed",
"s4_9_owner_response_metadata_intake_action_buttons_allowed",
]:
assert_false(
f"iwooos_projection.summary.{false_key}",
iwooos_projection["summary"][false_key],
)
assert_equal(
"iwooos_projection.summary.all_product_coverage_snapshot_default_summary_mode",
iwooos_projection["summary"]["all_product_coverage_snapshot_default_summary_mode"],
"compact_first",
)
assert_true(
"iwooos_projection.summary.first_progress_unlock_path_first_layer",
iwooos_projection["summary"]["first_progress_unlock_path_first_layer"],
)
assert_false(
"iwooos_projection.summary.first_progress_unlock_path_default_visible",
iwooos_projection["summary"]["first_progress_unlock_path_default_visible"],
)
assert_true(
"iwooos_projection.summary.first_progress_unlock_path_above_visual_dashboard",
iwooos_projection["summary"]["first_progress_unlock_path_above_visual_dashboard"],
)
assert_equal(
"iwooos_projection.summary.first_progress_unlock_path_step_count",
iwooos_projection["summary"]["first_progress_unlock_path_step_count"],
5,
)
assert_true(
"iwooos_projection.summary.first_progress_unlock_path_boundary_details_collapsed",
iwooos_projection["summary"]["first_progress_unlock_path_boundary_details_collapsed"],
)
assert_equal(
"iwooos_projection.summary.first_progress_unlock_path_owner_response_received_count",
iwooos_projection["summary"]["first_progress_unlock_path_owner_response_received_count"],
0,
)
assert_equal(
"iwooos_projection.summary.first_progress_unlock_path_owner_response_accepted_count",
iwooos_projection["summary"]["first_progress_unlock_path_owner_response_accepted_count"],
0,
)
assert_equal(
"iwooos_projection.summary.first_progress_unlock_path_runtime_gate_count",
iwooos_projection["summary"]["first_progress_unlock_path_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.command_map_first_layer",
iwooos_projection["summary"]["command_map_first_layer"],
)
assert_false(
"iwooos_projection.summary.command_map_default_visible",
iwooos_projection["summary"]["command_map_default_visible"],
)
assert_equal(
"iwooos_projection.summary.command_map_mode_count",
iwooos_projection["summary"]["command_map_mode_count"],
6,
)
assert_equal(
"iwooos_projection.summary.command_map_default_mode",
iwooos_projection["summary"]["command_map_default_mode"],
"unlock",
)
assert_true(
"iwooos_projection.summary.command_map_above_first_progress_unlock_path",
iwooos_projection["summary"]["command_map_above_first_progress_unlock_path"],
)
assert_true(
"iwooos_projection.summary.command_map_navigation_controls_allowed",
iwooos_projection["summary"]["command_map_navigation_controls_allowed"],
)
assert_false(
"iwooos_projection.summary.command_map_execution_action_buttons_allowed",
iwooos_projection["summary"]["command_map_execution_action_buttons_allowed"],
)
assert_equal(
"iwooos_projection.summary.command_map_runtime_gate_count",
iwooos_projection["summary"]["command_map_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.focus_deck_first_layer",
iwooos_projection["summary"]["focus_deck_first_layer"],
)
assert_equal(
"iwooos_projection.summary.focus_deck_item_count",
iwooos_projection["summary"]["focus_deck_item_count"],
5,
)
assert_true(
"iwooos_projection.summary.focus_deck_anchor_navigation_allowed",
iwooos_projection["summary"]["focus_deck_anchor_navigation_allowed"],
)
assert_false(
"iwooos_projection.summary.focus_deck_execution_action_buttons_allowed",
iwooos_projection["summary"]["focus_deck_execution_action_buttons_allowed"],
)
assert_equal(
"iwooos_projection.summary.focus_deck_runtime_gate_count",
iwooos_projection["summary"]["focus_deck_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.focus_deck_above_command_map",
iwooos_projection["summary"]["focus_deck_above_command_map"],
)
assert_true(
"iwooos_projection.summary.immediate_visual_mesh_first_layer",
iwooos_projection["summary"]["immediate_visual_mesh_first_layer"],
)
assert_equal(
"iwooos_projection.summary.immediate_visual_mesh_node_count",
iwooos_projection["summary"]["immediate_visual_mesh_node_count"],
7,
)
assert_equal(
"iwooos_projection.summary.immediate_visual_mesh_link_count",
iwooos_projection["summary"]["immediate_visual_mesh_link_count"],
6,
)
assert_true(
"iwooos_projection.summary.immediate_visual_mesh_above_command_map",
iwooos_projection["summary"]["immediate_visual_mesh_above_command_map"],
)
assert_equal(
"iwooos_projection.summary.immediate_visual_mesh_runtime_gate_count",
iwooos_projection["summary"]["immediate_visual_mesh_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.topology_atlas_first_layer",
iwooos_projection["summary"]["topology_atlas_first_layer"],
)
assert_equal(
"iwooos_projection.summary.topology_atlas_lens_count",
iwooos_projection["summary"]["topology_atlas_lens_count"],
4,
)
assert_equal(
"iwooos_projection.summary.topology_atlas_node_count",
iwooos_projection["summary"]["topology_atlas_node_count"],
7,
)
assert_equal(
"iwooos_projection.summary.topology_drilldown_node_count",
iwooos_projection["summary"]["topology_drilldown_node_count"],
7,
)
assert_equal(
"iwooos_projection.summary.topology_drilldown_default_node",
iwooos_projection["summary"]["topology_drilldown_default_node"],
"productSurface",
)
assert_true(
"iwooos_projection.summary.topology_drilldown_interactive_node_allowed",
iwooos_projection["summary"]["topology_drilldown_interactive_node_allowed"],
)
assert_equal(
"iwooos_projection.summary.topology_path_explorer_path_count",
iwooos_projection["summary"]["topology_path_explorer_path_count"],
4,
)
assert_equal(
"iwooos_projection.summary.topology_path_explorer_default_path",
iwooos_projection["summary"]["topology_path_explorer_default_path"],
"externalToGate",
)
assert_true(
"iwooos_projection.summary.topology_path_explorer_interactive_path_allowed",
iwooos_projection["summary"]["topology_path_explorer_interactive_path_allowed"],
)
assert_equal(
"iwooos_projection.summary.topology_intelligence_deck_count",
iwooos_projection["summary"]["topology_intelligence_deck_count"],
4,
)
assert_equal(
"iwooos_projection.summary.topology_intelligence_default_item",
iwooos_projection["summary"]["topology_intelligence_default_item"],
"assetContext",
)
assert_true(
"iwooos_projection.summary.topology_intelligence_interactive_item_allowed",
iwooos_projection["summary"]["topology_intelligence_interactive_item_allowed"],
)
assert_equal(
"iwooos_projection.summary.topology_atlas_layer_count",
iwooos_projection["summary"]["topology_atlas_layer_count"],
5,
)
assert_equal(
"iwooos_projection.summary.topology_atlas_technical_chart_count",
iwooos_projection["summary"]["topology_atlas_technical_chart_count"],
3,
)
assert_true(
"iwooos_projection.summary.topology_atlas_interactive_lens_allowed",
iwooos_projection["summary"]["topology_atlas_interactive_lens_allowed"],
)
assert_true(
"iwooos_projection.summary.topology_atlas_above_gate_radar",
iwooos_projection["summary"]["topology_atlas_above_gate_radar"],
)
assert_equal(
"iwooos_projection.summary.topology_atlas_runtime_gate_count",
iwooos_projection["summary"]["topology_atlas_runtime_gate_count"],
0,
)
assert_equal(
"iwooos_projection.summary.topology_drilldown_runtime_gate_count",
iwooos_projection["summary"]["topology_drilldown_runtime_gate_count"],
0,
)
assert_equal(
"iwooos_projection.summary.topology_path_explorer_runtime_gate_count",
iwooos_projection["summary"]["topology_path_explorer_runtime_gate_count"],
0,
)
assert_equal(
"iwooos_projection.summary.topology_intelligence_runtime_gate_count",
iwooos_projection["summary"]["topology_intelligence_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.decision_runway_first_layer",
iwooos_projection["summary"]["decision_runway_first_layer"],
)
assert_false(
"iwooos_projection.summary.decision_runway_default_visible",
iwooos_projection["summary"]["decision_runway_default_visible"],
)
assert_equal(
"iwooos_projection.summary.decision_runway_step_count",
iwooos_projection["summary"]["decision_runway_step_count"],
5,
)
assert_equal(
"iwooos_projection.summary.decision_runway_default_step",
iwooos_projection["summary"]["decision_runway_default_step"],
"ownerEvidence",
)
assert_equal(
"iwooos_projection.summary.decision_runway_dependency_count",
iwooos_projection["summary"]["decision_runway_dependency_count"],
7,
)
assert_equal(
"iwooos_projection.summary.decision_runway_boundary_signal_count",
iwooos_projection["summary"]["decision_runway_boundary_signal_count"],
4,
)
assert_true(
"iwooos_projection.summary.decision_runway_above_gate_radar",
iwooos_projection["summary"]["decision_runway_above_gate_radar"],
)
assert_true(
"iwooos_projection.summary.decision_runway_interactive_step_allowed",
iwooos_projection["summary"]["decision_runway_interactive_step_allowed"],
)
assert_equal(
"iwooos_projection.summary.decision_runway_runtime_gate_count",
iwooos_projection["summary"]["decision_runway_runtime_gate_count"],
0,
)
assert_equal(
"iwooos_projection.summary.decision_runway_owner_response_received_count",
iwooos_projection["summary"]["decision_runway_owner_response_received_count"],
0,
)
assert_equal(
"iwooos_projection.summary.decision_runway_owner_response_accepted_count",
iwooos_projection["summary"]["decision_runway_owner_response_accepted_count"],
0,
)
assert_true(
"iwooos_projection.summary.gate_radar_first_layer",
iwooos_projection["summary"]["gate_radar_first_layer"],
)
assert_false(
"iwooos_projection.summary.gate_radar_default_visible",
iwooos_projection["summary"]["gate_radar_default_visible"],
)
assert_equal(
"iwooos_projection.summary.gate_radar_lane_count",
iwooos_projection["summary"]["gate_radar_lane_count"],
4,
)
assert_equal(
"iwooos_projection.summary.gate_radar_default_lane",
iwooos_projection["summary"]["gate_radar_default_lane"],
"visible",
)
assert_true(
"iwooos_projection.summary.gate_radar_above_command_map",
iwooos_projection["summary"]["gate_radar_above_command_map"],
)
assert_true(
"iwooos_projection.summary.gate_radar_interactive_lens_allowed",
iwooos_projection["summary"]["gate_radar_interactive_lens_allowed"],
)
assert_equal(
"iwooos_projection.summary.gate_radar_runtime_gate_count",
iwooos_projection["summary"]["gate_radar_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.all_product_coverage_snapshot_detail_ledger_collapsed",
iwooos_projection["summary"]["all_product_coverage_snapshot_detail_ledger_collapsed"],
)
assert_true(
"iwooos_projection.summary.global_security_mesh_matrix_first_layer",
iwooos_projection["summary"]["global_security_mesh_matrix_first_layer"],
)
assert_false(
"iwooos_projection.summary.global_security_mesh_matrix_default_visible",
iwooos_projection["summary"]["global_security_mesh_matrix_default_visible"],
)
assert_equal(
"iwooos_projection.summary.global_security_mesh_matrix_asset_count",
iwooos_projection["summary"]["global_security_mesh_matrix_asset_count"],
9,
)
assert_equal(
"iwooos_projection.summary.global_security_mesh_matrix_read_only_count",
iwooos_projection["summary"]["global_security_mesh_matrix_read_only_count"],
9,
)
assert_equal(
"iwooos_projection.summary.global_security_mesh_matrix_runtime_gate_count",
iwooos_projection["summary"]["global_security_mesh_matrix_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.host_tool_evidence_chain_first_layer",
iwooos_projection["summary"]["host_tool_evidence_chain_first_layer"],
)
assert_false(
"iwooos_projection.summary.host_tool_evidence_chain_default_visible",
iwooos_projection["summary"]["host_tool_evidence_chain_default_visible"],
)
assert_equal(
"iwooos_projection.summary.host_tool_evidence_chain_host_count",
iwooos_projection["summary"]["host_tool_evidence_chain_host_count"],
3,
)
assert_equal(
"iwooos_projection.summary.host_tool_evidence_chain_tool_lane_count",
iwooos_projection["summary"]["host_tool_evidence_chain_tool_lane_count"],
6,
)
assert_equal(
"iwooos_projection.summary.host_tool_evidence_chain_step_count",
iwooos_projection["summary"]["host_tool_evidence_chain_step_count"],
5,
)
assert_true(
"iwooos_projection.summary.vibework_security_onboarding_first_layer",
iwooos_projection["summary"]["vibework_security_onboarding_first_layer"],
)
assert_false(
"iwooos_projection.summary.vibework_security_onboarding_default_visible",
iwooos_projection["summary"]["vibework_security_onboarding_default_visible"],
)
assert_equal(
"iwooos_projection.summary.vibework_security_onboarding_item_count",
iwooos_projection["summary"]["vibework_security_onboarding_item_count"],
6,
)
assert_equal(
"iwooos_projection.summary.vibework_security_onboarding_runtime_gate_count",
iwooos_projection["summary"]["vibework_security_onboarding_runtime_gate_count"],
0,
)
assert_true(
"iwooos_projection.summary.agent_bounty_security_onboarding_first_layer",
iwooos_projection["summary"]["agent_bounty_security_onboarding_first_layer"],
)
assert_false(
"iwooos_projection.summary.agent_bounty_security_onboarding_default_visible",
iwooos_projection["summary"]["agent_bounty_security_onboarding_default_visible"],
)
assert_equal(
"iwooos_projection.summary.agent_bounty_security_onboarding_item_count",
iwooos_projection["summary"]["agent_bounty_security_onboarding_item_count"],
7,
)
assert_equal(
"iwooos_projection.summary.agent_bounty_security_onboarding_runtime_gate_count",
iwooos_projection["summary"]["agent_bounty_security_onboarding_runtime_gate_count"],
0,
)
assert_equal(
"iwooos_projection.summary.rollout_risk_read_only_card_count",
iwooos_projection["summary"]["rollout_risk_read_only_card_count"],
4,
)
assert_equal(
"iwooos_projection.summary.rollout_risk_awoooi_rollout_risk",
iwooos_projection["summary"]["rollout_risk_awoooi_rollout_risk"],
1,
)
assert_equal(
"iwooos_projection.summary.rollout_risk_runtime_gate_count",
iwooos_projection["summary"]["rollout_risk_runtime_gate_count"],
0,
)
assert_equal(
"high_value_config_coverage.schema",
high_value_config_coverage["schema_version"],
"high_value_config_control_coverage_v1",
)
assert_equal(
"high_value_config_coverage.summary.category_count",
high_value_config_coverage["summary"]["category_count"],
14,
)
assert_equal(
"high_value_config_coverage.summary.c0_category_count",
high_value_config_coverage["summary"]["c0_category_count"],
8,
)
assert_equal(
"high_value_config_coverage.summary.c1_category_count",
high_value_config_coverage["summary"]["c1_category_count"],
4,
)
assert_equal(
"high_value_config_coverage.summary.average_coverage_percent",
high_value_config_coverage["summary"]["average_coverage_percent"],
73,
)
assert_equal(
"high_value_config_coverage.summary.needs_live_evidence_count",
high_value_config_coverage["summary"]["needs_live_evidence_count"],
10,
)
for key in [
"owner_response_received_count",
"owner_response_accepted_count",
"runtime_gate_count",
"action_button_count",
]:
assert_equal(
f"high_value_config_coverage.summary.{key}",
high_value_config_coverage["summary"][key],
0,
)
for key, value in high_value_config_coverage["execution_boundaries"].items():
assert_false(f"high_value_config_coverage.execution_boundaries.{key}", value)
assert_equal(
"high_value_config_coverage.coverage_categories.count",
len(high_value_config_coverage["coverage_categories"]),
14,
)
assert_contains(
"high_value_config_coverage.coverage_categories.agent_bounty",
[item["category_id"] for item in high_value_config_coverage["coverage_categories"]],
"agent_bounty_protocol_runtime",
)
agent_bounty_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "agent_bounty_protocol_runtime"
)
assert_equal(
"high_value_config_coverage.coverage_categories.agent_bounty.coverage_percent",
agent_bounty_category["coverage_percent"],
68,
)
assert_equal(
"high_value_config_coverage.coverage_categories.agent_bounty.coverage_status",
agent_bounty_category["coverage_status"],
"owner_request_draft_ready_needs_runtime_owner",
)
for evidence_ref in [
"docs/security/AGENT-BOUNTY-IWOOOS-ONBOARDING-HANDOFF.md",
"docs/security/agent-bounty-iwooos-onboarding-handoff.snapshot.json",
"docs/security/AGENT-BOUNTY-OWNER-REQUEST-DRAFT.md",
"docs/security/agent-bounty-owner-request-draft.snapshot.json",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.agent_bounty.evidence_refs",
agent_bounty_category["evidence_refs"],
evidence_ref,
)
dns_tls_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "dns_tls_certbot"
)
assert_equal(
"high_value_config_coverage.coverage_categories.dns_tls.coverage_percent",
dns_tls_category["coverage_percent"],
78,
)
assert_equal(
"high_value_config_coverage.coverage_categories.dns_tls.coverage_status",
dns_tls_category["coverage_status"],
"owner_response_acceptance_ledger_ready_needs_certificate_owner_evidence",
)
for evidence_ref in [
"docs/security/DOMAIN-TLS-CERTBOT-INVENTORY.md",
"docs/security/domain-tls-certbot-inventory.snapshot.json",
"docs/security/DOMAIN-TLS-CERTBOT-OWNER-CONFIRMATION-REQUEST.md",
"docs/security/domain-tls-certbot-owner-confirmation-request.snapshot.json",
"docs/security/DOMAIN-TLS-CERTBOT-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/domain-tls-certbot-owner-response-acceptance.snapshot.json",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.dns_tls.evidence_refs",
dns_tls_category["evidence_refs"],
evidence_ref,
)
assert_equal(
"agent_bounty_owner_request_draft.schema",
agent_bounty_owner_request_draft["schema_version"],
"agent_bounty_owner_request_draft_v1",
)
assert_equal(
"agent_bounty_owner_request_draft.status",
agent_bounty_owner_request_draft["status"],
"owner_request_draft_ready_not_dispatched",
)
assert_equal(
"agent_bounty_owner_request_draft.product_name",
agent_bounty_owner_request_draft["product_name"],
"agent-bounty-protocol",
)
assert_equal(
"agent_bounty_owner_request_draft.source_handoff_schema_version",
agent_bounty_owner_request_draft["source_handoff_schema_version"],
"agent_bounty_iwooos_onboarding_handoff_v1",
)
assert_equal(
"agent_bounty_owner_request_draft.source_handoff_status",
agent_bounty_owner_request_draft["source_handoff_status"],
"draft_waiting_owner_review",
)
expected_agent_bounty_owner_request_summary = {
"request_draft_count": 11,
"control_boundary_request_count": 4,
"product_surface_request_count": 7,
"write_capable_request_draft_count": 8,
"treasury_related_request_draft_count": 4,
"mcp_a2a_related_request_draft_count": 5,
"live_evidence_required_request_count": 11,
"request_field_count": 26,
"required_owner_field_count": 22,
"owner_role_field_count": 13,
"forbidden_input_count": 25,
"blocked_action_count": 28,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"repo_refs_truth_accepted_count": 0,
"data_classification_accepted_count": 0,
"deployment_boundary_accepted_count": 0,
"external_agent_boundary_accepted_count": 0,
"settlement_treasury_accepted_count": 0,
"auth_abuse_boundary_accepted_count": 0,
"runtime_gate_count": 0,
"runtime_execution_authorized_count": 0,
"production_deploy_authorized_count": 0,
"repo_creation_authorized_count": 0,
"refs_sync_authorized_count": 0,
"workflow_modification_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"env_file_read_authorized_count": 0,
"active_scan_authorized_count": 0,
"credentialed_scan_authorized_count": 0,
"deploy_authorized_count": 0,
"compose_restart_authorized_count": 0,
"db_migration_authorized_count": 0,
"daemon_start_authorized_count": 0,
"cron_enable_authorized_count": 0,
"auto_claim_authorized_count": 0,
"auto_submit_authorized_count": 0,
"external_agent_message_authorized_count": 0,
"telegram_send_authorized_count": 0,
"discord_send_authorized_count": 0,
"github_comment_authorized_count": 0,
"payout_authorized_count": 0,
"withdrawal_authorized_count": 0,
"staking_action_authorized_count": 0,
"webhook_secret_change_authorized_count": 0,
"shared_database_authorized_count": 0,
"shared_session_authorized_count": 0,
"shared_rbac_authorized_count": 0,
"host_write_authorized_count": 0,
"production_write_authorized_count": 0,
"action_button_count": 0,
}
for key, expected in expected_agent_bounty_owner_request_summary.items():
assert_equal(
f"agent_bounty_owner_request_draft.summary.{key}",
agent_bounty_owner_request_draft["summary"][key],
expected,
)
for key, value in agent_bounty_owner_request_draft["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"agent_bounty_owner_request_draft.execution_boundaries.{key}", value)
else:
assert_false(f"agent_bounty_owner_request_draft.execution_boundaries.{key}", value)
assert_equal(
"agent_bounty_owner_request_draft.request_drafts.count",
len(agent_bounty_owner_request_draft["request_drafts"]),
11,
)
agent_bounty_request_ids = [
item["request_id"] for item in agent_bounty_owner_request_draft["request_drafts"]
]
for request_id in [
"agent_bounty_owner_request:repo_refs_boundary",
"agent_bounty_owner_request:deployment_boundary",
"agent_bounty_owner_request:mcp-and-open-task-api",
"agent_bounty_owner_request:a2a-agent-protocol",
"agent_bounty_owner_request:automation-and-cron",
"agent_bounty_owner_request:admin-and-treasury",
"agent_bounty_owner_request:webhooks-and-traffic",
]:
assert_contains(
"agent_bounty_owner_request_draft.request_drafts",
agent_bounty_request_ids,
request_id,
)
for draft in agent_bounty_owner_request_draft["request_drafts"]:
assert_equal(
f"agent_bounty_owner_request_draft.{draft['request_id']}.required_owner_fields",
len(draft["required_owner_fields"]),
22,
)
assert_equal(
f"agent_bounty_owner_request_draft.{draft['request_id']}.forbidden_inputs",
len(draft["forbidden_inputs"]),
25,
)
assert_equal(
f"agent_bounty_owner_request_draft.{draft['request_id']}.blocked_actions",
len(draft["blocked_actions"]),
28,
)
assert_true(
f"agent_bounty_owner_request_draft.{draft['request_id']}.not_approval",
draft["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"repo_refs_truth_accepted",
"data_classification_accepted",
"deployment_boundary_accepted",
"external_agent_boundary_accepted",
"settlement_treasury_accepted",
"auth_abuse_boundary_accepted",
"runtime_gate",
"runtime_execution_authorized",
"production_deploy_authorized",
"repo_creation_authorized",
"refs_sync_authorized",
"workflow_modification_authorized",
"secret_value_collection_allowed",
"env_file_read_authorized",
"active_scan_authorized",
"credentialed_scan_authorized",
"deploy_authorized",
"compose_restart_authorized",
"db_migration_authorized",
"daemon_start_authorized",
"cron_enable_authorized",
"auto_claim_authorized",
"auto_submit_authorized",
"external_agent_message_authorized",
"telegram_send_authorized",
"discord_send_authorized",
"github_comment_authorized",
"payout_authorized",
"withdrawal_authorized",
"staking_action_authorized",
"webhook_secret_change_authorized",
"shared_database_authorized",
"shared_session_authorized",
"shared_rbac_authorized",
"host_write_authorized",
"production_write_authorized",
"action_buttons_allowed",
]:
assert_false(
f"agent_bounty_owner_request_draft.{draft['request_id']}.{false_key}",
draft[false_key],
)
nginx_gateway_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "nginx_public_gateway"
)
assert_equal(
"high_value_config_coverage.coverage_categories.nginx.coverage_percent",
nginx_gateway_category["coverage_percent"],
92,
)
assert_equal(
"high_value_config_coverage.coverage_categories.nginx.coverage_status",
nginx_gateway_category["coverage_status"],
"post_incident_readback_plan_ready_needs_public_gateway_owner_evidence",
)
for evidence_ref in [
"docs/security/PUBLIC-GATEWAY-PREFLIGHT-INVENTORY.md",
"docs/security/public-gateway-preflight-inventory.snapshot.json",
"docs/security/PUBLIC-GATEWAY-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/public-gateway-owner-response-acceptance.snapshot.json",
"docs/security/PUBLIC-GATEWAY-RENDERED-DIFF-ACCEPTANCE.md",
"docs/security/public-gateway-rendered-diff-acceptance.snapshot.json",
"docs/security/PUBLIC-GATEWAY-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/public-gateway-post-incident-readback-plan.snapshot.json",
"docs/schemas/public_gateway_preflight_inventory_v1.schema.json",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.nginx.evidence_refs",
nginx_gateway_category["evidence_refs"],
evidence_ref,
)
k8s_gitops_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "k8s_production_gitops"
)
assert_equal(
"high_value_config_coverage.coverage_categories.k8s.coverage_percent",
k8s_gitops_category["coverage_percent"],
66,
)
assert_equal(
"high_value_config_coverage.coverage_categories.k8s.coverage_status",
k8s_gitops_category["coverage_status"],
"post_incident_readback_plan_ready_needs_gitops_owner_evidence",
)
for evidence_ref in [
"docs/security/HIGH-VALUE-CONFIG-CHANGE-GATE.md",
"docs/security/K8S-ARGOCD-MANIFEST-INVENTORY.md",
"docs/security/k8s-argocd-manifest-inventory.snapshot.json",
"docs/security/K8S-ARGOCD-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/k8s-argocd-owner-response-acceptance.snapshot.json",
"docs/security/K8S-ARGOCD-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/k8s-argocd-change-evidence-acceptance.snapshot.json",
"docs/security/K8S-ARGOCD-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/k8s-argocd-post-incident-readback-plan.snapshot.json",
"k8s/awoooi-prod",
"k8s/argocd",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.k8s.evidence_refs",
k8s_gitops_category["evidence_refs"],
evidence_ref,
)
secret_metadata_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "secret_metadata"
)
assert_equal(
"high_value_config_coverage.coverage_categories.secret_metadata.coverage_percent",
secret_metadata_category["coverage_percent"],
70,
)
assert_equal(
"high_value_config_coverage.coverage_categories.secret_metadata.coverage_status",
secret_metadata_category["coverage_status"],
"post_incident_readback_plan_ready_needs_secret_injection_owner_evidence",
)
for evidence_ref in [
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md",
"docs/security/source-control-workflow-secret-name-inventory.snapshot.json",
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
"docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
"docs/security/CD-RUNNER-SECRET-INJECTION-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/cd-runner-secret-injection-change-evidence-acceptance.snapshot.json",
"docs/security/CD-RUNNER-SECRET-INJECTION-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/cd-runner-secret-injection-post-incident-readback-plan.snapshot.json",
"docs/security/SECRETS_REFERENCE.md",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.secret_metadata.evidence_refs",
secret_metadata_category["evidence_refs"],
evidence_ref,
)
workflow_runner_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "gitea_workflow_runner_source_control"
)
assert_equal(
"high_value_config_coverage.coverage_categories.workflow_runner.coverage_percent",
workflow_runner_category["coverage_percent"],
74,
)
assert_equal(
"high_value_config_coverage.coverage_categories.workflow_runner.coverage_status",
workflow_runner_category["coverage_status"],
"post_incident_readback_plan_ready_needs_workflow_runner_owner_evidence",
)
for evidence_ref in [
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md",
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
"docs/security/CD-RUNNER-SECRET-INJECTION-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/cd-runner-secret-injection-change-evidence-acceptance.snapshot.json",
"docs/security/CD-RUNNER-SECRET-INJECTION-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/cd-runner-secret-injection-post-incident-readback-plan.snapshot.json",
"docs/security/SOURCE-CONTROL-PRIMARY-READINESS-GATE.md",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.workflow_runner.evidence_refs",
workflow_runner_category["evidence_refs"],
evidence_ref,
)
public_runtime_config_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "public_admin_api_runtime_config"
)
assert_equal(
"high_value_config_coverage.coverage_categories.public_runtime_config.coverage_percent",
public_runtime_config_category["coverage_percent"],
66,
)
assert_equal(
"high_value_config_coverage.coverage_categories.public_runtime_config.coverage_status",
public_runtime_config_category["coverage_status"],
"frontend_sensitive_surface_guard_ready_needs_runtime_config_owner_evidence",
)
for evidence_ref in [
"docs/HARD_RULES.md",
"docs/security/IWOOOS-CONFIG-CONTROL-INVENTORY.md",
"docs/security/PUBLIC-RUNTIME-CONFIG-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/public-runtime-config-change-evidence-acceptance.snapshot.json",
"docs/security/public-frontend-sensitive-surface-guard.snapshot.json",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.public_runtime_config.evidence_refs",
public_runtime_config_category["evidence_refs"],
evidence_ref,
)
docker_systemd_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "docker_compose_systemd_host_config"
)
assert_equal(
"high_value_config_coverage.coverage_categories.docker.coverage_percent",
docker_systemd_category["coverage_percent"],
68,
)
assert_equal(
"high_value_config_coverage.coverage_categories.docker.coverage_status",
docker_systemd_category["coverage_status"],
"external_host_intrusion_prevention_control_ready_needs_host_service_owner_evidence",
)
for evidence_ref in [
"docs/security/HOST-SERVICE-CONFIG-INVENTORY.md",
"docs/security/host-service-config-inventory.snapshot.json",
"docs/security/HOST-SERVICE-OWNER-REQUEST-DRAFT.md",
"docs/security/host-service-owner-request-draft.snapshot.json",
"docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/host-service-owner-response-acceptance.snapshot.json",
"docs/security/HOST-SERVICE-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/host-service-change-evidence-acceptance.snapshot.json",
"docs/security/HOST-SERVICE-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/host-service-post-incident-readback-plan.snapshot.json",
"docs/security/EXTERNAL-HOST-INTRUSION-PREVENTION-CONTROL.md",
"docs/security/external-host-intrusion-prevention-control.snapshot.json",
"scripts/security/external-host-intrusion-prevention-control.py",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.docker.evidence_refs",
docker_systemd_category["evidence_refs"],
evidence_ref,
)
ssh_network_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "ssh_firewall_network_access"
)
assert_equal(
"high_value_config_coverage.coverage_categories.ssh_network.coverage_percent",
ssh_network_category["coverage_percent"],
70,
)
assert_equal(
"high_value_config_coverage.coverage_categories.ssh_network.coverage_status",
ssh_network_category["coverage_status"],
"external_host_intrusion_prevention_control_ready_needs_network_owner_evidence",
)
for evidence_ref in [
"docs/security/SSH-NETWORK-ACCESS-INVENTORY.md",
"docs/security/ssh-network-access-inventory.snapshot.json",
"docs/security/SSH-NETWORK-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/ssh-network-owner-response-acceptance.snapshot.json",
"docs/security/PORT-FIREWALL-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/port-firewall-change-evidence-acceptance.snapshot.json",
"docs/security/SSH-NETWORK-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/ssh-network-post-incident-readback-plan.snapshot.json",
"docs/security/EXTERNAL-HOST-INTRUSION-PREVENTION-CONTROL.md",
"docs/security/external-host-intrusion-prevention-control.snapshot.json",
"scripts/security/external-host-intrusion-prevention-control.py",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.ssh_network.evidence_refs",
ssh_network_category["evidence_refs"],
evidence_ref,
)
ai_provider_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "ai_provider_model_routing"
)
assert_equal(
"high_value_config_coverage.coverage_categories.ai_provider.coverage_percent",
ai_provider_category["coverage_percent"],
64,
)
assert_equal(
"high_value_config_coverage.coverage_categories.ai_provider.coverage_status",
ai_provider_category["coverage_status"],
"owner_response_acceptance_ready_needs_provider_owner_evidence",
)
for evidence_ref in [
"docs/HARD_RULES.md",
"docs/ai",
"docs/security/AI-PROVIDER-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/ai-provider-owner-response-acceptance.snapshot.json",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.ai_provider.evidence_refs",
ai_provider_category["evidence_refs"],
evidence_ref,
)
backup_restore_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "backup_restore_credential"
)
assert_equal(
"high_value_config_coverage.coverage_categories.backup_restore.coverage_percent",
backup_restore_category["coverage_percent"],
66,
)
assert_equal(
"high_value_config_coverage.coverage_categories.backup_restore.coverage_status",
backup_restore_category["coverage_status"],
"post_incident_readback_plan_ready_needs_backup_restore_owner_evidence",
)
for evidence_ref in [
"docs/security/BACKUP-RESTORE-ESCROW-INVENTORY.md",
"docs/security/backup-restore-escrow-inventory.snapshot.json",
"docs/security/BACKUP-RESTORE-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/backup-restore-owner-response-acceptance.snapshot.json",
"docs/security/BACKUP-RESTORE-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/backup-restore-post-incident-readback-plan.snapshot.json",
"docs/schemas/backup_restore_escrow_inventory_v1.schema.json",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.backup_restore.evidence_refs",
backup_restore_category["evidence_refs"],
evidence_ref,
)
monitoring_category = next(
item
for item in high_value_config_coverage["coverage_categories"]
if item["category_id"] == "monitoring_alerting_observability"
)
assert_equal(
"high_value_config_coverage.coverage_categories.monitoring.coverage_percent",
monitoring_category["coverage_percent"],
78,
)
assert_equal(
"high_value_config_coverage.coverage_categories.monitoring.coverage_status",
monitoring_category["coverage_status"],
"soc_siem_kali_wazuh_integration_control_ready_needs_soc_owner_evidence",
)
for evidence_ref in [
"docs/security/MONITORING-ALERTING-OBSERVABILITY-INVENTORY.md",
"docs/security/monitoring-alerting-observability-inventory.snapshot.json",
"docs/security/MONITORING-OWNER-REQUEST-DRAFT.md",
"docs/security/monitoring-owner-request-draft.snapshot.json",
"docs/security/MONITORING-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/monitoring-owner-response-acceptance.snapshot.json",
"docs/security/MONITORING-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/monitoring-post-incident-readback-plan.snapshot.json",
"docs/security/WAZUH-IWOOOS-INTRUSION-READBACK-PLAN.md",
"docs/security/wazuh-iwooos-intrusion-readback-plan.snapshot.json",
"scripts/security/wazuh-iwooos-intrusion-readback-plan.py",
"docs/security/EXTERNAL-HOST-INTRUSION-PREVENTION-CONTROL.md",
"docs/security/external-host-intrusion-prevention-control.snapshot.json",
"scripts/security/external-host-intrusion-prevention-control.py",
"docs/security/SOC-SIEM-KALI-WAZUH-INTEGRATION-CONTROL.md",
"docs/security/soc-siem-kali-wazuh-integration-control.snapshot.json",
"scripts/security/soc-siem-kali-wazuh-integration-control.py",
"apps/web/src/app/api/iwooos/wazuh/route.ts",
"docs/schemas/monitoring_alerting_observability_inventory_v1.schema.json",
]:
assert_contains(
"high_value_config_coverage.coverage_categories.monitoring.evidence_refs",
monitoring_category["evidence_refs"],
evidence_ref,
)
assert_equal(
"external_host_intrusion_prevention_control.schema",
external_host_intrusion_prevention_control["schema_version"],
"external_host_intrusion_prevention_control_v1",
)
assert_equal(
"external_host_intrusion_prevention_control.status",
external_host_intrusion_prevention_control["status"],
"external_host_intrusion_prevention_control_ready_no_runtime_action",
)
assert_equal(
"external_host_intrusion_prevention_control.prevention_domains.count",
len(external_host_intrusion_prevention_control["prevention_domains"]),
12,
)
assert_equal(
"external_host_intrusion_prevention_control.control_candidates.count",
len(external_host_intrusion_prevention_control["control_candidates"]),
14,
)
assert_equal(
"external_host_intrusion_prevention_control.reviewer_checks.count",
len(external_host_intrusion_prevention_control["reviewer_checks"]),
34,
)
assert_equal(
"external_host_intrusion_prevention_control.outcome_lanes.count",
len(external_host_intrusion_prevention_control["outcome_lanes"]),
12,
)
assert_equal(
"external_host_intrusion_prevention_control.blocked_actions.count",
len(external_host_intrusion_prevention_control["blocked_actions"]),
82,
)
expected_external_host_intrusion_prevention_summary = {
"prevention_domain_count": 12,
"host_alias_count": 4,
"sensor_alias_count": 1,
"control_candidate_count": 14,
"c0_control_candidate_count": 10,
"c1_control_candidate_count": 4,
"p0_control_candidate_count": 14,
"urgent_prevention_candidate_count": 14,
"maintenance_window_required_candidate_count": 14,
"break_glass_required_candidate_count": 10,
"owner_approval_required_candidate_count": 14,
"cross_project_sync_required_candidate_count": 14,
"rollback_required_candidate_count": 14,
"validation_required_candidate_count": 14,
"wazuh_event_required_candidate_count": 7,
"host_forensics_required_candidate_count": 6,
"config_diff_required_candidate_count": 8,
"backup_restore_required_candidate_count": 1,
"no_false_green_required_candidate_count": 14,
"required_owner_field_count": 36,
"reviewer_check_count": 34,
"outcome_lane_count": 12,
"blocked_action_count": 82,
"coverage_percent_after_prevention_control": 74,
"docker_compose_systemd_host_config_coverage_percent_after_prevention_control": 68,
"ssh_firewall_network_access_coverage_percent_after_prevention_control": 70,
"monitoring_alerting_observability_coverage_percent_after_prevention_control": 74,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"evidence_ref_received_count": 0,
"evidence_ref_accepted_count": 0,
"prevention_control_accepted_count": 0,
"containment_decision_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_plan_accepted_count": 0,
"postcheck_accepted_count": 0,
"wazuh_active_response_enabled_count": 0,
"host_write_authorized_count": 0,
"ssh_write_authorized_count": 0,
"firewall_change_authorized_count": 0,
"nginx_reload_authorized_count": 0,
"docker_restart_authorized_count": 0,
"systemctl_restart_authorized_count": 0,
"argocd_sync_authorized_count": 0,
"workflow_modification_authorized_count": 0,
"runner_change_authorized_count": 0,
"repo_secret_change_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"active_scan_authorized_count": 0,
"package_upgrade_authorized_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_external_host_intrusion_prevention_summary.items():
assert_equal(
f"external_host_intrusion_prevention_control.summary.{key}",
external_host_intrusion_prevention_control["summary"][key],
expected,
)
for key, value in external_host_intrusion_prevention_control["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"external_host_intrusion_prevention_control.execution_boundaries.{key}", value)
else:
assert_false(f"external_host_intrusion_prevention_control.execution_boundaries.{key}", value)
assert_equal(
"soc_siem_kali_wazuh_integration_control.schema",
soc_siem_kali_wazuh_integration_control["schema_version"],
"soc_siem_kali_wazuh_integration_control_v1",
)
assert_equal(
"soc_siem_kali_wazuh_integration_control.status",
soc_siem_kali_wazuh_integration_control["status"],
"soc_siem_kali_wazuh_integration_control_ready_no_runtime_action",
)
for key, expected in {
"standard_frameworks": 7,
"control_domains": 16,
"signal_sources": 12,
"control_candidates": 20,
"reviewer_checks": 36,
"outcome_lanes": 14,
"blocked_actions": 103,
}.items():
assert_equal(
f"soc_siem_kali_wazuh_integration_control.{key}.count",
len(soc_siem_kali_wazuh_integration_control[key]),
expected,
)
expected_soc_siem_kali_wazuh_integration_summary = {
"standard_framework_count": 7,
"control_domain_count": 16,
"c0_control_domain_count": 12,
"c1_control_domain_count": 4,
"signal_source_count": 12,
"control_candidate_count": 20,
"c0_control_candidate_count": 12,
"c1_control_candidate_count": 8,
"p0_control_candidate_count": 12,
"p1_control_candidate_count": 8,
"required_owner_field_count": 42,
"reviewer_check_count": 36,
"outcome_lane_count": 14,
"blocked_action_count": 103,
"coverage_percent_after_soc_integration_control": 78,
"monitoring_alerting_observability_coverage_percent_after_soc_control": 78,
"security_evidence_tooling_coverage_percent_after_soc_control": 88,
"wazuh_event_ref_received_count": 0,
"kali_scope_ref_accepted_count": 0,
"kali_finding_envelope_accepted_count": 0,
"siem_correlation_rule_accepted_count": 0,
"alert_route_accepted_count": 0,
"incident_case_accepted_count": 0,
"forensic_evidence_accepted_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"active_response_enabled_count": 0,
"kali_active_scan_authorized_count": 0,
"kali_execute_authorized_count": 0,
"prometheus_reload_authorized_count": 0,
"alertmanager_reload_authorized_count": 0,
"telegram_send_authorized_count": 0,
"soar_case_create_authorized_count": 0,
"auto_block_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_soc_siem_kali_wazuh_integration_summary.items():
assert_equal(
f"soc_siem_kali_wazuh_integration_control.summary.{key}",
soc_siem_kali_wazuh_integration_control["summary"][key],
expected,
)
for key, value in soc_siem_kali_wazuh_integration_control["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"soc_siem_kali_wazuh_integration_control.execution_boundaries.{key}", value)
else:
assert_false(f"soc_siem_kali_wazuh_integration_control.execution_boundaries.{key}", value)
assert_equal(
"host_service_config_inventory.schema",
host_service_config_inventory["schema_version"],
"host_service_config_inventory_v1",
)
assert_equal(
"host_service_config_inventory.status",
host_service_config_inventory["status"],
"repo_only_inventory_ready",
)
assert_equal(
"host_service_config_inventory.source_scope",
host_service_config_inventory["source_scope"],
"committed_repo_files_only",
)
expected_host_service_config_summary = {
"surface_count": 9,
"source_exists_count": 9,
"expected_host_scope_count": 5,
"docker_compose_source_count": 5,
"host_repair_whitelist_count": 2,
"systemd_restart_surface_count": 1,
"write_capable_surface_count": 3,
"surfaces_requiring_owner_response_count": 9,
"surfaces_requiring_live_evidence_count": 8,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"restart_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_before_inventory": 42,
"coverage_percent_after_inventory": 50,
}
for key, expected in expected_host_service_config_summary.items():
assert_equal(
f"host_service_config_inventory.summary.{key}",
host_service_config_inventory["summary"][key],
expected,
)
for key, value in host_service_config_inventory["execution_boundaries"].items():
assert_false(f"host_service_config_inventory.execution_boundaries.{key}", value)
assert_equal(
"host_service_config_inventory.config_surfaces.count",
len(host_service_config_inventory["config_surfaces"]),
9,
)
host_service_surface_ids = [item["surface_id"] for item in host_service_config_inventory["config_surfaces"]]
for surface_id in [
"repair_bot_110_whitelist",
"repair_bot_188_whitelist",
"monitoring_110_compose",
"config_backup_host_capture",
]:
assert_contains(
"host_service_config_inventory.config_surfaces",
host_service_surface_ids,
surface_id,
)
for surface in host_service_config_inventory["config_surfaces"]:
assert_true(
f"host_service_config_inventory.config_surfaces.{surface['surface_id']}.source_exists",
surface["source_exists"],
)
assert_equal(
f"host_service_config_inventory.config_surfaces.{surface['surface_id']}.sha256_length",
len(surface["sha256"]),
64,
)
assert_true(
f"host_service_config_inventory.config_surfaces.{surface['surface_id']}.requires_owner_response",
surface["requires_owner_response"],
)
for key in [
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"restart_window_accepted",
"rollback_owner_accepted",
"runtime_gate_open",
"action_buttons_allowed",
]:
assert_false(
f"host_service_config_inventory.config_surfaces.{surface['surface_id']}.{key}",
surface[key],
)
assert_equal(
"host_service_config_inventory.write_capable_surfaces.count",
len(host_service_config_inventory["write_capable_surfaces"]),
3,
)
for surface_id in [
"ansible_docker_compose_service_role",
"repair_bot_110_whitelist",
"repair_bot_188_whitelist",
]:
assert_contains(
"host_service_config_inventory.write_capable_surfaces",
[item["surface_id"] for item in host_service_config_inventory["write_capable_surfaces"]],
surface_id,
)
assert_equal(
"host_service_owner_request_draft.schema",
host_service_owner_request_draft["schema_version"],
"host_service_owner_request_draft_v1",
)
assert_equal(
"host_service_owner_request_draft.status",
host_service_owner_request_draft["status"],
"owner_request_draft_ready_not_dispatched",
)
assert_equal(
"host_service_owner_request_draft.source_inventory_schema_version",
host_service_owner_request_draft["source_inventory_schema_version"],
"host_service_config_inventory_v1",
)
expected_host_service_owner_request_summary = {
"request_draft_count": 9,
"write_capable_request_draft_count": 3,
"live_evidence_required_request_count": 8,
"request_field_count": 22,
"required_owner_field_count": 12,
"blocked_action_count": 14,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"restart_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"post_check_plan_accepted_count": 0,
"host_write_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"docker_compose_action_authorized_count": 0,
"systemctl_action_authorized_count": 0,
"repair_bot_execution_authorized_count": 0,
"ansible_apply_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"active_scan_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_host_service_owner_request_summary.items():
assert_equal(
f"host_service_owner_request_draft.summary.{key}",
host_service_owner_request_draft["summary"][key],
expected,
)
for key, value in host_service_owner_request_draft["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"host_service_owner_request_draft.execution_boundaries.{key}", value)
else:
assert_false(f"host_service_owner_request_draft.execution_boundaries.{key}", value)
assert_equal(
"host_service_owner_request_draft.request_drafts.count",
len(host_service_owner_request_draft["request_drafts"]),
9,
)
host_service_owner_request_ids = [
item["request_id"] for item in host_service_owner_request_draft["request_drafts"]
]
for request_id in [
"host_service_owner_request:repair_bot_110_whitelist",
"host_service_owner_request:repair_bot_188_whitelist",
"host_service_owner_request:ansible_docker_compose_service_role",
"host_service_owner_request:config_backup_host_capture",
]:
assert_contains(
"host_service_owner_request_draft.request_drafts",
host_service_owner_request_ids,
request_id,
)
for draft in host_service_owner_request_draft["request_drafts"]:
assert_equal(
f"host_service_owner_request_draft.{draft['request_id']}.required_owner_fields",
len(draft["required_owner_fields"]),
12,
)
assert_equal(
f"host_service_owner_request_draft.{draft['request_id']}.blocked_actions",
len(draft["blocked_actions"]),
14,
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"restart_window_accepted",
"rollback_owner_accepted",
"post_check_plan_accepted",
"host_write_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"docker_compose_action_authorized",
"systemctl_action_authorized",
"repair_bot_execution_authorized",
"ansible_apply_authorized",
"secret_value_collection_allowed",
"active_scan_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"host_service_owner_request_draft.{draft['request_id']}.{false_key}",
draft[false_key],
)
assert_equal(
"host_service_owner_response_acceptance.schema",
host_service_owner_response_acceptance["schema_version"],
"host_service_owner_response_acceptance_v1",
)
assert_equal(
"host_service_owner_response_acceptance.status",
host_service_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
assert_equal(
"host_service_owner_response_acceptance.source_inventory_schema_version",
host_service_owner_response_acceptance["source_inventory_schema_version"],
"host_service_config_inventory_v1",
)
assert_equal(
"host_service_owner_response_acceptance.source_owner_request_schema_version",
host_service_owner_response_acceptance["source_owner_request_schema_version"],
"host_service_owner_request_draft_v1",
)
expected_host_service_owner_response_acceptance_summary = {
"source_owner_request_count": 9,
"acceptance_candidate_count": 9,
"write_capable_acceptance_candidate_count": 3,
"live_evidence_required_candidate_count": 8,
"acceptance_field_count": 34,
"required_owner_field_count": 18,
"reviewer_check_count": 21,
"outcome_lane_count": 8,
"blocked_action_count": 27,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"live_evidence_received_count": 0,
"live_config_hash_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"restart_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"post_check_plan_accepted_count": 0,
"disable_switch_accepted_count": 0,
"config_source_of_truth_accepted_count": 0,
"service_dependency_map_accepted_count": 0,
"port_binding_inventory_accepted_count": 0,
"cold_start_sequence_accepted_count": 0,
"incident_recovery_evidence_accepted_count": 0,
"daemon_runner_contention_accepted_count": 0,
"host_write_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"docker_compose_action_authorized_count": 0,
"systemctl_action_authorized_count": 0,
"repair_bot_execution_authorized_count": 0,
"ansible_apply_authorized_count": 0,
"sudo_action_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"active_scan_authorized_count": 0,
"live_host_read_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_host_service_owner_response_acceptance_summary.items():
assert_equal(
f"host_service_owner_response_acceptance.summary.{key}",
host_service_owner_response_acceptance["summary"][key],
expected,
)
for key, value in host_service_owner_response_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"host_service_owner_response_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"host_service_owner_response_acceptance.execution_boundaries.{key}", value)
assert_equal(
"host_service_owner_response_acceptance.acceptance_candidates.count",
len(host_service_owner_response_acceptance["acceptance_candidates"]),
9,
)
expected_host_service_acceptance_ids = [
"host_service_owner_response_acceptance:local_dev_compose",
"host_service_owner_response_acceptance:monitoring_110_compose",
"host_service_owner_response_acceptance:monitoring_exporters_188_compose",
"host_service_owner_response_acceptance:sentry_110_reference_compose",
"host_service_owner_response_acceptance:langfuse_110_compose",
"host_service_owner_response_acceptance:ansible_docker_compose_service_role",
"host_service_owner_response_acceptance:repair_bot_110_whitelist",
"host_service_owner_response_acceptance:repair_bot_188_whitelist",
"host_service_owner_response_acceptance:config_backup_host_capture",
]
assert_equal(
"host_service_owner_response_acceptance.acceptance_candidates",
[item["acceptance_candidate_id"] for item in host_service_owner_response_acceptance["acceptance_candidates"]],
expected_host_service_acceptance_ids,
)
expected_host_service_checks = [
"owner_identity_present",
"decision_reason_present",
"affected_scope_matches_surface",
"redacted_refs_only",
"secret_value_absent",
"live_config_hash_metadata_only",
"maintenance_window_present",
"restart_window_separate_from_action",
"rollback_owner_present",
"post_check_plan_present",
"disable_switch_present",
"config_source_of_truth_present",
"service_dependency_map_present",
"port_binding_inventory_present",
"cold_start_sequence_present",
"incident_recovery_evidence_present",
"daemon_runner_contention_reviewed",
"silent_restart_not_accepted",
"write_capable_requires_extra_review",
"no_runtime_request",
"counts_transition_safe",
]
assert_equal(
"host_service_owner_response_acceptance.reviewer_checks",
[item["check_id"] for item in host_service_owner_response_acceptance["reviewer_checks"]],
expected_host_service_checks,
)
expected_host_service_lanes = [
"waiting_owner_response",
"quarantine_secret_or_raw_payload",
"reject_execution_request",
"request_supplement",
"incident_recovery_backfill_required",
"ready_for_host_service_review",
"owner_review_only_update",
"waiting_runtime_gate",
]
assert_equal(
"host_service_owner_response_acceptance.outcome_lanes",
[item["lane_id"] for item in host_service_owner_response_acceptance["outcome_lanes"]],
expected_host_service_lanes,
)
expected_host_service_blocked_actions = [
"ssh_read",
"ssh_write",
"docker_compose_up",
"docker_compose_down",
"docker_compose_pull",
"systemctl_restart",
"systemctl_reload",
"repair_bot_execute",
"ansible_apply",
"sudo_action",
"host_file_write",
"firewall_change",
"secret_value_collection",
"active_scan",
"live_host_read",
"raw_live_config_storage",
"restart_without_window",
"rollback_without_owner",
"accept_silent_restart",
"treat_service_healthy_as_config_accepted",
"skip_config_source_of_truth_review",
"skip_service_dependency_map",
"skip_port_binding_review",
"skip_cold_start_sequence",
"hide_daemon_runner_contention",
"runtime_gate_open",
"add_action_button",
]
assert_equal(
"host_service_owner_response_acceptance.blocked_actions",
host_service_owner_response_acceptance["blocked_actions"],
expected_host_service_blocked_actions,
)
for item in host_service_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"host_service_owner_response_acceptance.{item['acceptance_candidate_id']}.acceptance_fields",
len(item["acceptance_fields"]),
34,
)
assert_equal(
f"host_service_owner_response_acceptance.{item['acceptance_candidate_id']}.required_owner_fields",
len(item["required_owner_fields"]),
18,
)
assert_equal(
f"host_service_owner_response_acceptance.{item['acceptance_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
21,
)
assert_equal(
f"host_service_owner_response_acceptance.{item['acceptance_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
8,
)
assert_equal(
f"host_service_owner_response_acceptance.{item['acceptance_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
27,
)
assert_true(
f"host_service_owner_response_acceptance.{item['acceptance_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"live_evidence_received",
"live_config_hash_accepted",
"maintenance_window_accepted",
"restart_window_accepted",
"rollback_owner_accepted",
"post_check_plan_accepted",
"disable_switch_accepted",
"config_source_of_truth_accepted",
"service_dependency_map_accepted",
"port_binding_inventory_accepted",
"cold_start_sequence_accepted",
"incident_recovery_evidence_accepted",
"daemon_runner_contention_accepted",
"host_write_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"docker_compose_action_authorized",
"systemctl_action_authorized",
"repair_bot_execution_authorized",
"ansible_apply_authorized",
"sudo_action_authorized",
"secret_value_collection_allowed",
"active_scan_authorized",
"live_host_read_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"host_service_owner_response_acceptance.{item['acceptance_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"host_service_change_evidence_acceptance.schema",
host_service_change_evidence_acceptance["schema_version"],
"host_service_change_evidence_acceptance_v1",
)
assert_equal(
"host_service_change_evidence_acceptance.status",
host_service_change_evidence_acceptance["status"],
"change_evidence_acceptance_ready_no_runtime_action",
)
assert_equal(
"host_service_change_evidence_acceptance.source_owner_response_acceptance_schema_version",
host_service_change_evidence_acceptance["source_owner_response_acceptance_schema_version"],
"host_service_owner_response_acceptance_v1",
)
expected_host_service_change_evidence_summary = {
"source_acceptance_candidate_count": 9,
"change_evidence_candidate_count": 9,
"write_capable_change_evidence_candidate_count": 3,
"live_evidence_required_candidate_count": 8,
"change_evidence_field_count": 45,
"required_evidence_field_count": 25,
"reviewer_check_count": 26,
"outcome_lane_count": 10,
"blocked_action_count": 39,
"change_evidence_received_count": 0,
"change_evidence_accepted_count": 0,
"actor_identified_count": 0,
"docker_daemon_state_accepted_count": 0,
"compose_stack_state_accepted_count": 0,
"systemd_unit_state_accepted_count": 0,
"failed_unit_review_accepted_count": 0,
"port_binding_state_accepted_count": 0,
"dependency_impact_accepted_count": 0,
"cold_start_sequence_accepted_count": 0,
"runner_or_repair_bot_contention_accepted_count": 0,
"public_route_recovery_accepted_count": 0,
"admin_route_recovery_accepted_count": 0,
"agent_provider_health_accepted_count": 0,
"monitoring_alert_accepted_count": 0,
"operator_notification_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"restoration_time_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"host_write_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"live_host_read_authorized_count": 0,
"docker_compose_action_authorized_count": 0,
"docker_restart_authorized_count": 0,
"systemctl_action_authorized_count": 0,
"repair_bot_execution_authorized_count": 0,
"ansible_apply_authorized_count": 0,
"sudo_action_authorized_count": 0,
"route_smoke_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"active_scan_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_before_acceptance": 58,
"coverage_percent_after_acceptance": 62,
}
for key, expected in expected_host_service_change_evidence_summary.items():
assert_equal(
f"host_service_change_evidence_acceptance.summary.{key}",
host_service_change_evidence_acceptance["summary"][key],
expected,
)
for key, value in host_service_change_evidence_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"host_service_change_evidence_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"host_service_change_evidence_acceptance.execution_boundaries.{key}", value)
assert_equal(
"host_service_change_evidence_acceptance.change_evidence_candidates.count",
len(host_service_change_evidence_acceptance["change_evidence_candidates"]),
9,
)
expected_host_service_change_ids = [
"host_service_change_evidence:local_dev_compose",
"host_service_change_evidence:monitoring_110_compose",
"host_service_change_evidence:monitoring_exporters_188_compose",
"host_service_change_evidence:sentry_110_reference_compose",
"host_service_change_evidence:langfuse_110_compose",
"host_service_change_evidence:ansible_docker_compose_service_role",
"host_service_change_evidence:repair_bot_110_whitelist",
"host_service_change_evidence:repair_bot_188_whitelist",
"host_service_change_evidence:config_backup_host_capture",
]
assert_equal(
"host_service_change_evidence_acceptance.change_evidence_candidates",
[item["change_evidence_candidate_id"] for item in host_service_change_evidence_acceptance["change_evidence_candidates"]],
expected_host_service_change_ids,
)
for item in host_service_change_evidence_acceptance["change_evidence_candidates"]:
assert_equal(
f"host_service_change_evidence_acceptance.{item['change_evidence_candidate_id']}.required_evidence_fields",
len(item["required_evidence_fields"]),
25,
)
assert_equal(
f"host_service_change_evidence_acceptance.{item['change_evidence_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
26,
)
assert_equal(
f"host_service_change_evidence_acceptance.{item['change_evidence_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
10,
)
assert_equal(
f"host_service_change_evidence_acceptance.{item['change_evidence_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
39,
)
assert_true(
f"host_service_change_evidence_acceptance.{item['change_evidence_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"change_evidence_received",
"change_evidence_accepted",
"change_evidence_rejected",
"change_evidence_quarantined",
"recovery_supplement_requested",
"actor_identified",
"docker_daemon_state_accepted",
"compose_stack_state_accepted",
"systemd_unit_state_accepted",
"failed_unit_review_accepted",
"port_binding_state_accepted",
"dependency_impact_accepted",
"cold_start_sequence_accepted",
"runner_or_repair_bot_contention_accepted",
"public_route_recovery_accepted",
"admin_route_recovery_accepted",
"agent_provider_health_accepted",
"monitoring_alert_accepted",
"operator_notification_accepted",
"cross_project_sync_accepted",
"restoration_time_accepted",
"rollback_owner_accepted",
"postcheck_evidence_accepted",
"host_write_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"live_host_read_authorized",
"docker_compose_action_authorized",
"docker_restart_authorized",
"systemctl_action_authorized",
"repair_bot_execution_authorized",
"ansible_apply_authorized",
"sudo_action_authorized",
"route_smoke_authorized",
"secret_value_collection_allowed",
"active_scan_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"host_service_change_evidence_acceptance.{item['change_evidence_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"host_service_post_incident_readback_plan.schema",
host_service_post_incident_readback_plan["schema_version"],
"host_service_post_incident_readback_plan_v1",
)
assert_equal(
"host_service_post_incident_readback_plan.status",
host_service_post_incident_readback_plan["status"],
"post_incident_readback_plan_ready_no_runtime_action",
)
assert_equal(
"host_service_post_incident_readback_plan.source_schema_version",
host_service_post_incident_readback_plan["source_schema_version"],
"host_service_change_evidence_acceptance_v1",
)
expected_host_service_post_incident_summary = {
"readback_candidate_count": 9,
"write_capable_readback_candidate_count": 3,
"live_evidence_required_readback_candidate_count": 8,
"recovery_health_impact_review_required_candidate_count": 9,
"cross_project_sync_required_candidate_count": 9,
"no_false_green_required_candidate_count": 9,
"readback_field_count": 36,
"required_readback_field_count": 28,
"reviewer_check_count": 28,
"outcome_lane_count": 10,
"blocked_action_count": 41,
"post_incident_readback_received_count": 0,
"post_incident_readback_accepted_count": 0,
"actor_attribution_accepted_count": 0,
"before_after_state_accepted_count": 0,
"docker_daemon_state_accepted_count": 0,
"compose_stack_state_accepted_count": 0,
"systemd_unit_state_accepted_count": 0,
"failed_unit_review_accepted_count": 0,
"port_binding_state_accepted_count": 0,
"dependency_impact_accepted_count": 0,
"public_route_recovery_accepted_count": 0,
"admin_route_recovery_accepted_count": 0,
"agent_provider_health_accepted_count": 0,
"monitoring_alert_accepted_count": 0,
"operator_notification_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"restoration_evidence_accepted_count": 0,
"postcheck_readback_accepted_count": 0,
"recurrence_guard_accepted_count": 0,
"no_false_green_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_after_readback_plan": 64,
}
for key, expected in expected_host_service_post_incident_summary.items():
assert_equal(
f"host_service_post_incident_readback_plan.summary.{key}",
host_service_post_incident_readback_plan["summary"][key],
expected,
)
for key, value in host_service_post_incident_readback_plan["boundaries"].items():
if key == "not_authorization":
assert_true(f"host_service_post_incident_readback_plan.boundaries.{key}", value)
else:
assert_false(f"host_service_post_incident_readback_plan.boundaries.{key}", value)
assert_equal(
"host_service_post_incident_readback_plan.readback_candidates.count",
len(host_service_post_incident_readback_plan["readback_candidates"]),
9,
)
expected_host_service_readback_ids = [
"host_service_post_incident_readback:local_dev_compose",
"host_service_post_incident_readback:monitoring_110_compose",
"host_service_post_incident_readback:monitoring_exporters_188_compose",
"host_service_post_incident_readback:sentry_110_reference_compose",
"host_service_post_incident_readback:langfuse_110_compose",
"host_service_post_incident_readback:ansible_docker_compose_service_role",
"host_service_post_incident_readback:repair_bot_110_whitelist",
"host_service_post_incident_readback:repair_bot_188_whitelist",
"host_service_post_incident_readback:config_backup_host_capture",
]
assert_equal(
"host_service_post_incident_readback_plan.readback_candidates",
[item["readback_candidate_id"] for item in host_service_post_incident_readback_plan["readback_candidates"]],
expected_host_service_readback_ids,
)
for item in host_service_post_incident_readback_plan["readback_candidates"]:
assert_equal(
f"host_service_post_incident_readback_plan.{item['readback_candidate_id']}.required_readback_fields",
len(item["required_readback_fields"]),
28,
)
assert_equal(
f"host_service_post_incident_readback_plan.{item['readback_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
28,
)
assert_equal(
f"host_service_post_incident_readback_plan.{item['readback_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
10,
)
assert_equal(
f"host_service_post_incident_readback_plan.{item['readback_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
41,
)
assert_true(
f"host_service_post_incident_readback_plan.{item['readback_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"post_incident_readback_received",
"post_incident_readback_accepted",
"actor_attribution_accepted",
"before_after_state_accepted",
"docker_daemon_state_accepted",
"compose_stack_state_accepted",
"systemd_unit_state_accepted",
"failed_unit_review_accepted",
"port_binding_state_accepted",
"dependency_impact_accepted",
"public_route_recovery_accepted",
"admin_route_recovery_accepted",
"agent_provider_health_accepted",
"monitoring_alert_accepted",
"operator_notification_accepted",
"cross_project_sync_accepted",
"restoration_evidence_accepted",
"postcheck_readback_accepted",
"recurrence_guard_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"no_false_green_accepted",
"ssh_read_authorized",
"ssh_write_authorized",
"live_host_read_authorized",
"docker_action_authorized",
"systemctl_action_authorized",
"repair_bot_execution_authorized",
"ansible_apply_authorized",
"route_smoke_authorized",
"secret_value_collection_allowed",
"active_scan_authorized",
"runtime_gate",
"action_buttons_allowed",
"production_write_authorized",
]:
assert_false(
f"host_service_post_incident_readback_plan.{item['readback_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"ssh_network_access_inventory.schema",
ssh_network_access_inventory["schema_version"],
"ssh_network_access_inventory_v1",
)
assert_equal(
"ssh_network_access_inventory.status",
ssh_network_access_inventory["status"],
"repo_only_inventory_ready",
)
assert_equal(
"ssh_network_access_inventory.source_scope",
ssh_network_access_inventory["source_scope"],
"committed_repo_files_only",
)
expected_ssh_network_access_summary = {
"surface_count": 16,
"source_exists_count": 16,
"expected_scope_count": 16,
"ssh_source_surface_count": 11,
"network_policy_surface_count": 2,
"nodeport_surface_count": 2,
"sudoers_surface_count": 1,
"wireguard_surface_count": 1,
"write_capable_surface_count": 6,
"surfaces_requiring_owner_response_count": 16,
"surfaces_requiring_live_evidence_count": 16,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_before_inventory": 48,
"coverage_percent_after_inventory": 54,
}
for key, expected in expected_ssh_network_access_summary.items():
assert_equal(
f"ssh_network_access_inventory.summary.{key}",
ssh_network_access_inventory["summary"][key],
expected,
)
for key, value in ssh_network_access_inventory["execution_boundaries"].items():
assert_false(f"ssh_network_access_inventory.execution_boundaries.{key}", value)
assert_equal(
"ssh_network_access_inventory.access_surfaces.count",
len(ssh_network_access_inventory["access_surfaces"]),
16,
)
ssh_network_surface_ids = [item["surface_id"] for item in ssh_network_access_inventory["access_surfaces"]]
for surface_id in [
"ansible_inventory_ssh_targets",
"gitea_cd_known_hosts_secret",
"host_ops_sudoers_wrapper",
"k8s_prod_network_policy",
"argocd_metrics_nodeport",
"velero_metrics_nodeport",
"wireguard_mesh_runbook",
"alert_rules_ssh_actions",
]:
assert_contains(
"ssh_network_access_inventory.access_surfaces",
ssh_network_surface_ids,
surface_id,
)
for surface in ssh_network_access_inventory["access_surfaces"]:
assert_true(
f"ssh_network_access_inventory.access_surfaces.{surface['surface_id']}.source_exists",
surface["source_exists"],
)
assert_equal(
f"ssh_network_access_inventory.access_surfaces.{surface['surface_id']}.sha256_length",
len(surface["sha256"]),
64,
)
assert_true(
f"ssh_network_access_inventory.access_surfaces.{surface['surface_id']}.requires_live_evidence",
surface["requires_live_evidence"],
)
assert_true(
f"ssh_network_access_inventory.access_surfaces.{surface['surface_id']}.requires_owner_response",
surface["requires_owner_response"],
)
for key in [
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"maintenance_window_accepted",
"rollback_owner_accepted",
"runtime_gate_open",
"action_buttons_allowed",
]:
assert_false(
f"ssh_network_access_inventory.access_surfaces.{surface['surface_id']}.{key}",
surface[key],
)
assert_equal(
"ssh_network_access_inventory.write_capable_surfaces.count",
len(ssh_network_access_inventory["write_capable_surfaces"]),
6,
)
for surface_id in [
"gitea_cd_deploy_ssh",
"gitea_cd_dev_ssh",
"deploy_alerts_ssh_path",
"monitoring_exporter_deploy_ssh",
"host_ops_sudoers_wrapper",
"alert_rules_ssh_actions",
]:
assert_contains(
"ssh_network_access_inventory.write_capable_surfaces",
[item["surface_id"] for item in ssh_network_access_inventory["write_capable_surfaces"]],
surface_id,
)
assert_equal(
"ssh_network_owner_request_draft.schema",
ssh_network_owner_request_draft["schema_version"],
"ssh_network_owner_request_draft_v1",
)
assert_equal(
"ssh_network_owner_request_draft.status",
ssh_network_owner_request_draft["status"],
"owner_request_draft_ready_not_dispatched",
)
assert_equal(
"ssh_network_owner_request_draft.source_inventory_schema_version",
ssh_network_owner_request_draft["source_inventory_schema_version"],
"ssh_network_access_inventory_v1",
)
expected_ssh_network_owner_request_summary = {
"request_draft_count": 16,
"write_capable_request_draft_count": 6,
"live_evidence_required_request_count": 16,
"request_field_count": 23,
"required_owner_field_count": 13,
"blocked_action_count": 16,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"validation_plan_accepted_count": 0,
"host_write_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"host_keyscan_authorized_count": 0,
"known_hosts_patch_authorized_count": 0,
"firewall_change_authorized_count": 0,
"port_change_authorized_count": 0,
"network_policy_apply_authorized_count": 0,
"nodeport_change_authorized_count": 0,
"wireguard_change_authorized_count": 0,
"sudo_action_authorized_count": 0,
"deploy_ssh_action_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"ssh_key_collection_allowed_count": 0,
"active_scan_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_ssh_network_owner_request_summary.items():
assert_equal(
f"ssh_network_owner_request_draft.summary.{key}",
ssh_network_owner_request_draft["summary"][key],
expected,
)
for key, value in ssh_network_owner_request_draft["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"ssh_network_owner_request_draft.execution_boundaries.{key}", value)
else:
assert_false(f"ssh_network_owner_request_draft.execution_boundaries.{key}", value)
assert_equal(
"ssh_network_owner_request_draft.request_drafts.count",
len(ssh_network_owner_request_draft["request_drafts"]),
16,
)
ssh_network_owner_request_ids = [
item["request_id"] for item in ssh_network_owner_request_draft["request_drafts"]
]
for request_id in [
"ssh_network_owner_request:gitea_cd_known_hosts_secret",
"ssh_network_owner_request:deploy_alerts_ssh_path",
"ssh_network_owner_request:host_ops_sudoers_wrapper",
"ssh_network_owner_request:argocd_metrics_nodeport",
"ssh_network_owner_request:wireguard_mesh_runbook",
"ssh_network_owner_request:alert_rules_ssh_actions",
]:
assert_contains(
"ssh_network_owner_request_draft.request_drafts",
ssh_network_owner_request_ids,
request_id,
)
for draft in ssh_network_owner_request_draft["request_drafts"]:
assert_equal(
f"ssh_network_owner_request_draft.{draft['request_id']}.required_owner_fields",
len(draft["required_owner_fields"]),
13,
)
assert_equal(
f"ssh_network_owner_request_draft.{draft['request_id']}.blocked_actions",
len(draft["blocked_actions"]),
16,
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"maintenance_window_accepted",
"rollback_owner_accepted",
"validation_plan_accepted",
"host_write_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"host_keyscan_authorized",
"known_hosts_patch_authorized",
"firewall_change_authorized",
"port_change_authorized",
"network_policy_apply_authorized",
"nodeport_change_authorized",
"wireguard_change_authorized",
"sudo_action_authorized",
"deploy_ssh_action_authorized",
"secret_value_collection_allowed",
"ssh_key_collection_allowed",
"active_scan_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"ssh_network_owner_request_draft.{draft['request_id']}.{false_key}",
draft[false_key],
)
assert_equal(
"ssh_network_owner_response_acceptance.schema",
ssh_network_owner_response_acceptance["schema_version"],
"ssh_network_owner_response_acceptance_v1",
)
assert_equal(
"ssh_network_owner_response_acceptance.status",
ssh_network_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
assert_equal(
"ssh_network_owner_response_acceptance.source_inventory_schema_version",
ssh_network_owner_response_acceptance["source_inventory_schema_version"],
"ssh_network_access_inventory_v1",
)
assert_equal(
"ssh_network_owner_response_acceptance.source_inventory_status",
ssh_network_owner_response_acceptance["source_inventory_status"],
"repo_only_inventory_ready",
)
assert_equal(
"ssh_network_owner_response_acceptance.source_owner_request_schema_version",
ssh_network_owner_response_acceptance["source_owner_request_schema_version"],
"ssh_network_owner_request_draft_v1",
)
assert_equal(
"ssh_network_owner_response_acceptance.source_owner_request_status",
ssh_network_owner_response_acceptance["source_owner_request_status"],
"owner_request_draft_ready_not_dispatched",
)
expected_ssh_network_owner_response_acceptance_summary = {
"source_surface_count": 16,
"source_request_draft_count": 16,
"acceptance_candidate_count": 16,
"write_capable_acceptance_candidate_count": 6,
"live_evidence_required_candidate_count": 16,
"acceptance_field_count": 29,
"required_owner_field_count": 13,
"reviewer_check_count": 15,
"outcome_lane_count": 7,
"blocked_action_count": 22,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"live_evidence_received_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"validation_plan_accepted_count": 0,
"firewall_owner_accepted_count": 0,
"host_key_pinning_accepted_count": 0,
"port_policy_accepted_count": 0,
"network_policy_diff_accepted_count": 0,
"nodeport_exposure_accepted_count": 0,
"wireguard_cutover_accepted_count": 0,
"host_write_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"host_keyscan_authorized_count": 0,
"known_hosts_patch_authorized_count": 0,
"firewall_change_authorized_count": 0,
"port_change_authorized_count": 0,
"port_close_authorized_count": 0,
"port_open_authorized_count": 0,
"network_policy_apply_authorized_count": 0,
"nodeport_change_authorized_count": 0,
"wireguard_change_authorized_count": 0,
"sudo_action_authorized_count": 0,
"deploy_ssh_action_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"ssh_key_collection_allowed_count": 0,
"active_scan_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_ssh_network_owner_response_acceptance_summary.items():
assert_equal(
f"ssh_network_owner_response_acceptance.summary.{key}",
ssh_network_owner_response_acceptance["summary"][key],
expected,
)
for key, value in ssh_network_owner_response_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"ssh_network_owner_response_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"ssh_network_owner_response_acceptance.execution_boundaries.{key}", value)
assert_equal(
"ssh_network_owner_response_acceptance.acceptance_candidates.count",
len(ssh_network_owner_response_acceptance["acceptance_candidates"]),
16,
)
ssh_network_acceptance_ids = [
item["acceptance_candidate_id"]
for item in ssh_network_owner_response_acceptance["acceptance_candidates"]
]
for acceptance_candidate_id in [
"ssh_network_owner_response_acceptance:gitea_cd_known_hosts_secret",
"ssh_network_owner_response_acceptance:deploy_alerts_ssh_path",
"ssh_network_owner_response_acceptance:host_ops_sudoers_wrapper",
"ssh_network_owner_response_acceptance:argocd_metrics_nodeport",
"ssh_network_owner_response_acceptance:wireguard_mesh_runbook",
"ssh_network_owner_response_acceptance:alert_rules_ssh_actions",
]:
assert_contains(
"ssh_network_owner_response_acceptance.acceptance_candidates",
ssh_network_acceptance_ids,
acceptance_candidate_id,
)
assert_equal(
"ssh_network_owner_response_acceptance.reviewer_checks.count",
len(ssh_network_owner_response_acceptance["reviewer_checks"]),
15,
)
assert_equal(
"ssh_network_owner_response_acceptance.outcome_lanes.count",
len(ssh_network_owner_response_acceptance["outcome_lanes"]),
7,
)
assert_equal(
"ssh_network_owner_response_acceptance.blocked_actions.count",
len(ssh_network_owner_response_acceptance["blocked_actions"]),
22,
)
for item in ssh_network_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"ssh_network_owner_response_acceptance.{item['acceptance_candidate_id']}.acceptance_fields",
len(item["acceptance_fields"]),
29,
)
assert_equal(
f"ssh_network_owner_response_acceptance.{item['acceptance_candidate_id']}.required_owner_fields",
len(item["required_owner_fields"]),
13,
)
assert_equal(
f"ssh_network_owner_response_acceptance.{item['acceptance_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
15,
)
assert_equal(
f"ssh_network_owner_response_acceptance.{item['acceptance_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
7,
)
assert_equal(
f"ssh_network_owner_response_acceptance.{item['acceptance_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
22,
)
assert_true(
f"ssh_network_owner_response_acceptance.{item['acceptance_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"live_evidence_received",
"maintenance_window_accepted",
"rollback_owner_accepted",
"validation_plan_accepted",
"firewall_owner_accepted",
"host_key_pinning_accepted",
"port_policy_accepted",
"network_policy_diff_accepted",
"nodeport_exposure_accepted",
"wireguard_cutover_accepted",
"host_write_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"host_keyscan_authorized",
"known_hosts_patch_authorized",
"firewall_change_authorized",
"port_change_authorized",
"port_close_authorized",
"port_open_authorized",
"network_policy_apply_authorized",
"nodeport_change_authorized",
"wireguard_change_authorized",
"sudo_action_authorized",
"deploy_ssh_action_authorized",
"secret_value_collection_allowed",
"ssh_key_collection_allowed",
"active_scan_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"ssh_network_owner_response_acceptance.{item['acceptance_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"port_firewall_change_evidence_acceptance.schema",
port_firewall_change_evidence_acceptance["schema_version"],
"port_firewall_change_evidence_acceptance_v1",
)
assert_equal(
"port_firewall_change_evidence_acceptance.status",
port_firewall_change_evidence_acceptance["status"],
"change_evidence_acceptance_ready_no_runtime_action",
)
assert_equal(
"port_firewall_change_evidence_acceptance.source_acceptance_schema_version",
port_firewall_change_evidence_acceptance["source_acceptance_schema_version"],
"ssh_network_owner_response_acceptance_v1",
)
assert_equal(
"port_firewall_change_evidence_acceptance.source_acceptance_status",
port_firewall_change_evidence_acceptance["source_acceptance_status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
expected_port_firewall_change_evidence_summary = {
"source_acceptance_candidate_count": 16,
"change_evidence_candidate_count": 14,
"write_capable_change_evidence_candidate_count": 6,
"policy_or_exposure_candidate_count": 5,
"change_evidence_field_count": 40,
"required_evidence_field_count": 21,
"reviewer_check_count": 21,
"outcome_lane_count": 9,
"blocked_action_count": 28,
"change_evidence_received_count": 0,
"change_evidence_accepted_count": 0,
"change_evidence_rejected_count": 0,
"change_evidence_quarantined_count": 0,
"impact_supplement_requested_count": 0,
"actor_identified_count": 0,
"affected_scope_accepted_count": 0,
"before_state_accepted_count": 0,
"after_state_accepted_count": 0,
"firewall_rule_diff_accepted_count": 0,
"port_policy_accepted_count": 0,
"service_dependency_accepted_count": 0,
"customer_impact_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"incident_severity_accepted_count": 0,
"restoration_time_accepted_count": 0,
"service_health_impact_accepted_count": 0,
"operator_notification_accepted_count": 0,
"incident_commander_accepted_count": 0,
"emergency_change_classification_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"rollback_plan_accepted_count": 0,
"validation_plan_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"host_write_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"live_firewall_read_authorized_count": 0,
"firewall_change_authorized_count": 0,
"port_change_authorized_count": 0,
"port_close_authorized_count": 0,
"port_open_authorized_count": 0,
"network_policy_apply_authorized_count": 0,
"nodeport_change_authorized_count": 0,
"wireguard_change_authorized_count": 0,
"sudo_action_authorized_count": 0,
"deploy_ssh_action_authorized_count": 0,
"route_smoke_authorized_count": 0,
"public_gateway_reload_authorized_count": 0,
"nginx_reload_authorized_count": 0,
"host_restart_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"ssh_key_collection_allowed_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_port_firewall_change_evidence_summary.items():
assert_equal(
f"port_firewall_change_evidence_acceptance.summary.{key}",
port_firewall_change_evidence_acceptance["summary"][key],
expected,
)
for key, value in port_firewall_change_evidence_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"port_firewall_change_evidence_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"port_firewall_change_evidence_acceptance.execution_boundaries.{key}", value)
assert_equal(
"port_firewall_change_evidence_acceptance.change_evidence_candidates.count",
len(port_firewall_change_evidence_acceptance["change_evidence_candidates"]),
14,
)
port_firewall_change_candidate_ids = [
item["change_evidence_candidate_id"]
for item in port_firewall_change_evidence_acceptance["change_evidence_candidates"]
]
for change_evidence_candidate_id in [
"port_firewall_change_evidence:deploy_alerts_ssh_path",
"port_firewall_change_evidence:host_ops_sudoers_wrapper",
"port_firewall_change_evidence:argocd_metrics_nodeport",
"port_firewall_change_evidence:velero_metrics_nodeport",
"port_firewall_change_evidence:wireguard_mesh_runbook",
"port_firewall_change_evidence:alert_rules_ssh_actions",
]:
assert_contains(
"port_firewall_change_evidence_acceptance.change_evidence_candidates",
port_firewall_change_candidate_ids,
change_evidence_candidate_id,
)
assert_equal(
"port_firewall_change_evidence_acceptance.reviewer_checks.count",
len(port_firewall_change_evidence_acceptance["reviewer_checks"]),
21,
)
assert_equal(
"port_firewall_change_evidence_acceptance.outcome_lanes.count",
len(port_firewall_change_evidence_acceptance["outcome_lanes"]),
9,
)
assert_equal(
"port_firewall_change_evidence_acceptance.blocked_actions.count",
len(port_firewall_change_evidence_acceptance["blocked_actions"]),
28,
)
for item in port_firewall_change_evidence_acceptance["change_evidence_candidates"]:
assert_equal(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.change_evidence_fields",
len(item["change_evidence_fields"]),
40,
)
assert_equal(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.required_evidence_fields",
len(item["required_evidence_fields"]),
21,
)
assert_equal(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
21,
)
assert_equal(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
9,
)
assert_equal(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
28,
)
for required_field in [
"incident_severity",
"restoration_time_ref",
"service_health_impact_refs",
"operator_notification_refs",
"incident_commander_or_owner",
]:
assert_contains(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.required_evidence_fields",
item["required_evidence_fields"],
required_field,
)
for reviewer_check in [
"incident_severity_present",
"service_health_impact_present",
"restoration_time_present",
"operator_notification_present",
"break_glass_classification_present",
]:
assert_contains(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.reviewer_checks",
item["reviewer_checks"],
reviewer_check,
)
assert_contains(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.outcome_lanes",
item["outcome_lanes"],
"emergency_change_backfill_required",
)
for blocked_action in [
"mark_incident_resolved_without_health_evidence",
"hide_cross_project_impact",
"close_management_port_without_owner",
"treat_break_glass_as_approval",
]:
assert_contains(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.blocked_actions",
item["blocked_actions"],
blocked_action,
)
assert_true(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.not_approval",
item["not_approval"],
)
assert_true(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.incident_backfill_only",
item["incident_backfill_only"],
)
for false_key in [
"change_evidence_received",
"change_evidence_accepted",
"change_evidence_rejected",
"change_evidence_quarantined",
"impact_supplement_requested",
"actor_identified",
"affected_scope_accepted",
"before_state_accepted",
"after_state_accepted",
"firewall_rule_diff_accepted",
"port_policy_accepted",
"service_dependency_accepted",
"customer_impact_accepted",
"cross_project_sync_accepted",
"incident_severity_accepted",
"restoration_time_accepted",
"service_health_impact_accepted",
"operator_notification_accepted",
"incident_commander_accepted",
"emergency_change_classification_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"rollback_plan_accepted",
"validation_plan_accepted",
"postcheck_evidence_accepted",
"host_write_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"live_firewall_read_authorized",
"firewall_change_authorized",
"port_change_authorized",
"port_close_authorized",
"port_open_authorized",
"network_policy_apply_authorized",
"nodeport_change_authorized",
"wireguard_change_authorized",
"sudo_action_authorized",
"deploy_ssh_action_authorized",
"route_smoke_authorized",
"public_gateway_reload_authorized",
"nginx_reload_authorized",
"host_restart_authorized",
"secret_value_collection_allowed",
"ssh_key_collection_allowed",
"runtime_gate",
"runtime_execution_authorized",
"production_write_authorized",
"action_buttons_allowed",
]:
assert_false(
f"port_firewall_change_evidence_acceptance.{item['change_evidence_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"ssh_network_post_incident_readback_plan.schema",
ssh_network_post_incident_readback_plan["schema_version"],
"ssh_network_post_incident_readback_plan_v1",
)
assert_equal(
"ssh_network_post_incident_readback_plan.status",
ssh_network_post_incident_readback_plan["status"],
"post_incident_readback_plan_ready_no_runtime_action",
)
assert_equal(
"ssh_network_post_incident_readback_plan.source_schema_version",
ssh_network_post_incident_readback_plan["source_schema_version"],
"port_firewall_change_evidence_acceptance_v1",
)
assert_equal(
"ssh_network_post_incident_readback_plan.source_status",
ssh_network_post_incident_readback_plan["source_status"],
"change_evidence_acceptance_ready_no_runtime_action",
)
expected_ssh_network_post_incident_readback_summary = {
"readback_candidate_count": 14,
"write_capable_readback_candidate_count": 6,
"policy_or_exposure_readback_candidate_count": 5,
"health_impact_review_required_candidate_count": 14,
"cross_project_sync_required_candidate_count": 14,
"recurrence_guard_required_candidate_count": 14,
"readback_field_count": 30,
"required_readback_field_count": 24,
"reviewer_check_count": 24,
"outcome_lane_count": 10,
"blocked_action_count": 34,
"post_incident_readback_received_count": 0,
"post_incident_readback_accepted_count": 0,
"actor_attribution_accepted_count": 0,
"before_after_state_accepted_count": 0,
"service_dependency_accepted_count": 0,
"public_route_impact_accepted_count": 0,
"ai_provider_impact_accepted_count": 0,
"monitoring_alert_impact_accepted_count": 0,
"operator_notification_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"restoration_evidence_accepted_count": 0,
"postcheck_readback_accepted_count": 0,
"recurrence_guard_accepted_count": 0,
"no_false_green_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_after_readback_plan": 64,
}
for key, expected in expected_ssh_network_post_incident_readback_summary.items():
assert_equal(
f"ssh_network_post_incident_readback_plan.summary.{key}",
ssh_network_post_incident_readback_plan["summary"][key],
expected,
)
for key, value in ssh_network_post_incident_readback_plan["boundaries"].items():
if key == "not_authorization":
assert_true(f"ssh_network_post_incident_readback_plan.boundaries.{key}", value)
else:
assert_false(f"ssh_network_post_incident_readback_plan.boundaries.{key}", value)
assert_equal(
"ssh_network_post_incident_readback_plan.readback_candidates.count",
len(ssh_network_post_incident_readback_plan["readback_candidates"]),
14,
)
ssh_network_post_incident_readback_ids = [
item["readback_candidate_id"]
for item in ssh_network_post_incident_readback_plan["readback_candidates"]
]
for readback_candidate_id in [
"ssh_network_post_incident_readback:gitea_cd_deploy_ssh",
"ssh_network_post_incident_readback:deploy_alerts_ssh_path",
"ssh_network_post_incident_readback:argocd_metrics_nodeport",
"ssh_network_post_incident_readback:velero_metrics_nodeport",
"ssh_network_post_incident_readback:wireguard_mesh_runbook",
"ssh_network_post_incident_readback:alert_rules_ssh_actions",
]:
assert_contains(
"ssh_network_post_incident_readback_plan.readback_candidates",
ssh_network_post_incident_readback_ids,
readback_candidate_id,
)
assert_equal(
"ssh_network_post_incident_readback_plan.reviewer_checks.count",
len(ssh_network_post_incident_readback_plan["reviewer_checks"]),
24,
)
assert_equal(
"ssh_network_post_incident_readback_plan.outcome_lanes.count",
len(ssh_network_post_incident_readback_plan["outcome_lanes"]),
10,
)
assert_equal(
"ssh_network_post_incident_readback_plan.blocked_actions.count",
len(ssh_network_post_incident_readback_plan["blocked_actions"]),
34,
)
for item in ssh_network_post_incident_readback_plan["readback_candidates"]:
assert_equal(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.readback_fields",
len(item["readback_fields"]),
30,
)
assert_equal(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.required_readback_fields",
len(item["required_readback_fields"]),
24,
)
assert_equal(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
24,
)
assert_equal(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
10,
)
assert_equal(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
34,
)
for required_field in [
"actor_attribution_ref",
"before_state_ref",
"after_state_ref",
"public_route_impact_ref",
"ai_provider_impact_ref",
"monitoring_alert_impact_ref",
"cross_project_sync_ref",
"restoration_evidence_ref",
"recurrence_guard_ref",
"no_false_green_attestation",
]:
assert_contains(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.required_readback_fields",
item["required_readback_fields"],
required_field,
)
for reviewer_check in [
"actor_not_anonymous",
"before_after_state_present",
"ai_provider_impact_present",
"monitoring_alert_impact_present",
"cross_project_sync_present",
"recurrence_guard_present",
"no_false_green_route_200",
"runtime_stays_zero",
]:
assert_contains(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.reviewer_checks",
item["reviewer_checks"],
reviewer_check,
)
for blocked_action in [
"live_firewall_read",
"firewall_change",
"port_close",
"route_smoke",
"host_restart",
"treat_route_200_as_all_green",
"close_management_port_without_owner",
"open_runtime_gate",
]:
assert_contains(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.blocked_actions",
item["blocked_actions"],
blocked_action,
)
assert_true(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"post_incident_readback_received",
"post_incident_readback_accepted",
"actor_attribution_accepted",
"before_after_state_accepted",
"service_dependency_accepted",
"public_route_impact_accepted",
"ai_provider_impact_accepted",
"monitoring_alert_impact_accepted",
"operator_notification_accepted",
"cross_project_sync_accepted",
"restoration_evidence_accepted",
"postcheck_readback_accepted",
"recurrence_guard_accepted",
"no_false_green_accepted",
"ssh_read_authorized",
"ssh_write_authorized",
"live_firewall_read_authorized",
"firewall_change_authorized",
"port_change_authorized",
"port_close_authorized",
"port_open_authorized",
"network_policy_apply_authorized",
"nodeport_change_authorized",
"wireguard_change_authorized",
"route_smoke_authorized",
"host_restart_authorized",
"secret_value_collection_allowed",
"runtime_gate",
"production_write_authorized",
"active_scan_authorized",
"provider_switch_authorized",
"prompt_send_authorized",
"action_buttons_allowed",
]:
assert_false(
f"ssh_network_post_incident_readback_plan.{item['readback_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"backup_restore_escrow_inventory.schema",
backup_restore_escrow_inventory["schema_version"],
"backup_restore_escrow_inventory_v1",
)
assert_equal(
"backup_restore_escrow_inventory.status",
backup_restore_escrow_inventory["status"],
"repo_only_inventory_ready",
)
assert_equal(
"backup_restore_escrow_inventory.source_scope",
backup_restore_escrow_inventory["source_scope"],
"committed_repo_files_only",
)
expected_backup_restore_escrow_summary = {
"surface_count": 38,
"source_exists_count": 38,
"expected_scope_count": 38,
"backup_script_surface_count": 15,
"restore_drill_surface_count": 4,
"offsite_escrow_surface_count": 8,
"velero_surface_count": 5,
"retention_surface_count": 3,
"credential_surface_count": 5,
"alert_surface_count": 1,
"dr_readiness_contract_surface_count": 3,
"write_capable_surface_count": 27,
"surfaces_requiring_owner_response_count": 38,
"surfaces_requiring_live_evidence_count": 38,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"restore_drill_accepted_count": 0,
"offsite_sync_accepted_count": 0,
"credential_escrow_accepted_count": 0,
"retention_change_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_before_inventory": 52,
"coverage_percent_after_inventory": 58,
}
for key, expected in expected_backup_restore_escrow_summary.items():
assert_equal(
f"backup_restore_escrow_inventory.summary.{key}",
backup_restore_escrow_inventory["summary"][key],
expected,
)
for key, value in backup_restore_escrow_inventory["execution_boundaries"].items():
assert_false(f"backup_restore_escrow_inventory.execution_boundaries.{key}", value)
assert_equal(
"backup_restore_escrow_inventory.backup_surfaces.count",
len(backup_restore_escrow_inventory["backup_surfaces"]),
38,
)
backup_restore_surface_ids = [item["surface_id"] for item in backup_restore_escrow_inventory["backup_surfaces"]]
for surface_id in [
"backup_all_orchestrator",
"backup_common_restic_retention",
"offsite_sync_controller",
"credential_escrow_marker",
"velero_restore_test_script_configmap",
"velero_credentials_manifest",
"backup_restore_alert_rules",
"backup_restore_drill_approval_template",
"cold_start_sop",
]:
assert_contains(
"backup_restore_escrow_inventory.backup_surfaces",
backup_restore_surface_ids,
surface_id,
)
for surface in backup_restore_escrow_inventory["backup_surfaces"]:
assert_true(
f"backup_restore_escrow_inventory.backup_surfaces.{surface['surface_id']}.source_exists",
surface["source_exists"],
)
assert_equal(
f"backup_restore_escrow_inventory.backup_surfaces.{surface['surface_id']}.sha256_length",
len(surface["sha256"]),
64,
)
assert_true(
f"backup_restore_escrow_inventory.backup_surfaces.{surface['surface_id']}.requires_live_evidence",
surface["requires_live_evidence"],
)
assert_true(
f"backup_restore_escrow_inventory.backup_surfaces.{surface['surface_id']}.requires_owner_response",
surface["requires_owner_response"],
)
for key in [
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"restore_drill_accepted",
"offsite_sync_accepted",
"credential_escrow_accepted",
"retention_change_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"runtime_gate_open",
"action_buttons_allowed",
]:
assert_false(
f"backup_restore_escrow_inventory.backup_surfaces.{surface['surface_id']}.{key}",
surface[key],
)
assert_equal(
"backup_restore_escrow_inventory.write_capable_surfaces.count",
len(backup_restore_escrow_inventory["write_capable_surfaces"]),
27,
)
for surface_id in [
"backup_all_orchestrator",
"backup_awoooi_service_script",
"latest_only_retention_enforcer",
"offsite_sync_controller",
"credential_escrow_marker",
"offsite_rclone_config",
"backup_health_textfile_exporter",
"velero_restore_test_cronjob",
"velero_restore_test_script_configmap",
"velero_standalone_restore_test_script",
"velero_credentials_manifest",
"velero_install_manifest",
]:
assert_contains(
"backup_restore_escrow_inventory.write_capable_surfaces",
[item["surface_id"] for item in backup_restore_escrow_inventory["write_capable_surfaces"]],
surface_id,
)
assert_equal(
"backup_restore_owner_request_draft.schema",
backup_restore_owner_request_draft["schema_version"],
"backup_restore_owner_request_draft_v1",
)
assert_equal(
"backup_restore_owner_request_draft.status",
backup_restore_owner_request_draft["status"],
"owner_request_draft_ready_not_dispatched",
)
assert_equal(
"backup_restore_owner_request_draft.source_inventory_schema_version",
backup_restore_owner_request_draft["source_inventory_schema_version"],
"backup_restore_escrow_inventory_v1",
)
expected_backup_restore_owner_request_summary = {
"request_draft_count": 38,
"write_capable_request_draft_count": 27,
"live_evidence_required_request_count": 38,
"request_field_count": 24,
"required_owner_field_count": 14,
"blocked_action_count": 18,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"restore_drill_accepted_count": 0,
"offsite_sync_accepted_count": 0,
"credential_escrow_accepted_count": 0,
"retention_change_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"validation_plan_accepted_count": 0,
"backup_run_authorized_count": 0,
"restore_run_authorized_count": 0,
"offsite_sync_authorized_count": 0,
"offsite_remote_delete_authorized_count": 0,
"credential_escrow_marker_write_authorized_count": 0,
"retention_change_authorized_count": 0,
"restic_prune_authorized_count": 0,
"rclone_config_authorized_count": 0,
"velero_restore_authorized_count": 0,
"velero_backup_authorized_count": 0,
"kubectl_action_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"host_write_authorized_count": 0,
"active_scan_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_backup_restore_owner_request_summary.items():
assert_equal(
f"backup_restore_owner_request_draft.summary.{key}",
backup_restore_owner_request_draft["summary"][key],
expected,
)
for key, value in backup_restore_owner_request_draft["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"backup_restore_owner_request_draft.execution_boundaries.{key}", value)
else:
assert_false(f"backup_restore_owner_request_draft.execution_boundaries.{key}", value)
assert_equal(
"backup_restore_owner_request_draft.request_drafts.count",
len(backup_restore_owner_request_draft["request_drafts"]),
38,
)
backup_restore_owner_request_ids = [
item["request_id"] for item in backup_restore_owner_request_draft["request_drafts"]
]
for request_id in [
"backup_restore_owner_request:backup_all_orchestrator",
"backup_restore_owner_request:backup_awoooi_service_script",
"backup_restore_owner_request:offsite_sync_controller",
"backup_restore_owner_request:credential_escrow_marker",
"backup_restore_owner_request:velero_restore_test_cronjob",
"backup_restore_owner_request:cold_start_sop",
]:
assert_contains(
"backup_restore_owner_request_draft.request_drafts",
backup_restore_owner_request_ids,
request_id,
)
for draft in backup_restore_owner_request_draft["request_drafts"]:
assert_equal(
f"backup_restore_owner_request_draft.{draft['request_id']}.required_owner_fields",
len(draft["required_owner_fields"]),
14,
)
assert_equal(
f"backup_restore_owner_request_draft.{draft['request_id']}.blocked_actions",
len(draft["blocked_actions"]),
18,
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"restore_drill_accepted",
"offsite_sync_accepted",
"credential_escrow_accepted",
"retention_change_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"validation_plan_accepted",
"backup_run_authorized",
"restore_run_authorized",
"offsite_sync_authorized",
"offsite_remote_delete_authorized",
"credential_escrow_marker_write_authorized",
"retention_change_authorized",
"restic_prune_authorized",
"rclone_config_authorized",
"velero_restore_authorized",
"velero_backup_authorized",
"kubectl_action_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"secret_value_collection_allowed",
"host_write_authorized",
"active_scan_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"backup_restore_owner_request_draft.{draft['request_id']}.{false_key}",
draft[false_key],
)
assert_equal(
"backup_restore_owner_response_acceptance.schema",
backup_restore_owner_response_acceptance["schema_version"],
"backup_restore_owner_response_acceptance_v1",
)
assert_equal(
"backup_restore_owner_response_acceptance.status",
backup_restore_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
assert_equal(
"backup_restore_owner_response_acceptance.source_inventory_schema_version",
backup_restore_owner_response_acceptance["source_inventory_schema_version"],
"backup_restore_escrow_inventory_v1",
)
assert_equal(
"backup_restore_owner_response_acceptance.source_inventory_status",
backup_restore_owner_response_acceptance["source_inventory_status"],
"repo_only_inventory_ready",
)
assert_equal(
"backup_restore_owner_response_acceptance.source_owner_request_schema_version",
backup_restore_owner_response_acceptance["source_owner_request_schema_version"],
"backup_restore_owner_request_draft_v1",
)
assert_equal(
"backup_restore_owner_response_acceptance.source_owner_request_status",
backup_restore_owner_response_acceptance["source_owner_request_status"],
"owner_request_draft_ready_not_dispatched",
)
expected_backup_restore_owner_response_acceptance_summary = {
"source_surface_count": 38,
"source_request_draft_count": 38,
"acceptance_candidate_count": 38,
"write_capable_acceptance_candidate_count": 27,
"live_evidence_required_candidate_count": 38,
"acceptance_field_count": 33,
"required_owner_field_count": 23,
"reviewer_check_count": 22,
"outcome_lane_count": 9,
"blocked_action_count": 31,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"live_evidence_received_count": 0,
"restore_drill_accepted_count": 0,
"offsite_sync_accepted_count": 0,
"credential_escrow_accepted_count": 0,
"retention_change_accepted_count": 0,
"freshness_slo_accepted_count": 0,
"restore_target_isolation_accepted_count": 0,
"backup_dependency_map_accepted_count": 0,
"data_classification_accepted_count": 0,
"remote_delete_guard_accepted_count": 0,
"retention_runway_accepted_count": 0,
"restore_observer_stop_condition_accepted_count": 0,
"credential_recovery_drill_accepted_count": 0,
"backup_health_no_false_green_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"validation_plan_accepted_count": 0,
"backup_run_authorized_count": 0,
"restore_run_authorized_count": 0,
"offsite_sync_authorized_count": 0,
"offsite_remote_delete_authorized_count": 0,
"credential_escrow_marker_write_authorized_count": 0,
"retention_change_authorized_count": 0,
"restic_prune_authorized_count": 0,
"rclone_config_authorized_count": 0,
"velero_restore_authorized_count": 0,
"velero_backup_authorized_count": 0,
"kubectl_action_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"host_write_authorized_count": 0,
"active_scan_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_backup_restore_owner_response_acceptance_summary.items():
assert_equal(
f"backup_restore_owner_response_acceptance.summary.{key}",
backup_restore_owner_response_acceptance["summary"][key],
expected,
)
for key, value in backup_restore_owner_response_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"backup_restore_owner_response_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"backup_restore_owner_response_acceptance.execution_boundaries.{key}", value)
assert_equal(
"backup_restore_owner_response_acceptance.acceptance_candidates.count",
len(backup_restore_owner_response_acceptance["acceptance_candidates"]),
38,
)
backup_restore_acceptance_ids = [
item["acceptance_candidate_id"]
for item in backup_restore_owner_response_acceptance["acceptance_candidates"]
]
for acceptance_candidate_id in [
"backup_restore_owner_response_acceptance:backup_all_orchestrator",
"backup_restore_owner_response_acceptance:backup_awoooi_service_script",
"backup_restore_owner_response_acceptance:backup_common_restic_retention",
"backup_restore_owner_response_acceptance:offsite_sync_controller",
"backup_restore_owner_response_acceptance:credential_escrow_marker",
"backup_restore_owner_response_acceptance:velero_restore_test_cronjob",
"backup_restore_owner_response_acceptance:backup_health_textfile_exporter",
"backup_restore_owner_response_acceptance:cold_start_sop",
]:
assert_contains(
"backup_restore_owner_response_acceptance.acceptance_candidates",
backup_restore_acceptance_ids,
acceptance_candidate_id,
)
assert_equal(
"backup_restore_owner_response_acceptance.reviewer_checks.count",
len(backup_restore_owner_response_acceptance["reviewer_checks"]),
22,
)
assert_equal(
"backup_restore_owner_response_acceptance.outcome_lanes.count",
len(backup_restore_owner_response_acceptance["outcome_lanes"]),
9,
)
assert_equal(
"backup_restore_owner_response_acceptance.blocked_actions.count",
len(backup_restore_owner_response_acceptance["blocked_actions"]),
31,
)
for item in backup_restore_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"backup_restore_owner_response_acceptance.{item['acceptance_candidate_id']}.acceptance_fields",
len(item["acceptance_fields"]),
33,
)
assert_equal(
f"backup_restore_owner_response_acceptance.{item['acceptance_candidate_id']}.required_owner_fields",
len(item["required_owner_fields"]),
23,
)
assert_equal(
f"backup_restore_owner_response_acceptance.{item['acceptance_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
22,
)
assert_equal(
f"backup_restore_owner_response_acceptance.{item['acceptance_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
9,
)
assert_equal(
f"backup_restore_owner_response_acceptance.{item['acceptance_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
31,
)
assert_true(
f"backup_restore_owner_response_acceptance.{item['acceptance_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"live_evidence_received",
"restore_drill_accepted",
"offsite_sync_accepted",
"credential_escrow_accepted",
"retention_change_accepted",
"freshness_slo_accepted",
"restore_target_isolation_accepted",
"backup_dependency_map_accepted",
"data_classification_accepted",
"remote_delete_guard_accepted",
"retention_runway_accepted",
"restore_observer_stop_condition_accepted",
"credential_recovery_drill_accepted",
"backup_health_no_false_green_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"validation_plan_accepted",
"backup_run_authorized",
"restore_run_authorized",
"offsite_sync_authorized",
"offsite_remote_delete_authorized",
"credential_escrow_marker_write_authorized",
"retention_change_authorized",
"restic_prune_authorized",
"rclone_config_authorized",
"velero_restore_authorized",
"velero_backup_authorized",
"kubectl_action_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"secret_value_collection_allowed",
"host_write_authorized",
"active_scan_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"backup_restore_owner_response_acceptance.{item['acceptance_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"backup_restore_post_incident_readback_plan.schema",
backup_restore_post_incident_readback_plan["schema_version"],
"backup_restore_post_incident_readback_plan_v1",
)
assert_equal(
"backup_restore_post_incident_readback_plan.status",
backup_restore_post_incident_readback_plan["status"],
"post_incident_readback_plan_ready_no_runtime_action",
)
assert_equal(
"backup_restore_post_incident_readback_plan.source_schema_version",
backup_restore_post_incident_readback_plan["source_schema_version"],
"backup_restore_owner_response_acceptance_v1",
)
assert_equal(
"backup_restore_post_incident_readback_plan.source_status",
backup_restore_post_incident_readback_plan["source_status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
for source_path in [
"docs/security/BACKUP-RESTORE-ESCROW-INVENTORY.md",
"docs/security/backup-restore-escrow-inventory.snapshot.json",
"docs/security/BACKUP-RESTORE-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/backup-restore-owner-response-acceptance.snapshot.json",
]:
assert_contains(
"backup_restore_post_incident_readback_plan.source_paths",
backup_restore_post_incident_readback_plan["source_paths"],
source_path,
)
expected_backup_restore_post_incident_readback_summary = {
"source_acceptance_candidate_count": 38,
"source_write_capable_acceptance_candidate_count": 27,
"source_live_evidence_required_candidate_count": 38,
"source_required_owner_field_count": 23,
"source_reviewer_check_count": 22,
"source_blocked_action_count": 31,
"source_owner_response_accepted_count": 0,
"source_runtime_gate_count": 0,
"readback_candidate_count": 38,
"write_capable_readback_candidate_count": 27,
"live_evidence_required_readback_candidate_count": 38,
"restore_drill_readback_required_candidate_count": 38,
"offsite_or_escrow_readback_required_candidate_count": 20,
"retention_or_remote_delete_readback_required_candidate_count": 17,
"cross_project_sync_required_candidate_count": 38,
"no_false_green_required_candidate_count": 38,
"readback_field_count": 45,
"required_readback_field_count": 34,
"reviewer_check_count": 32,
"outcome_lane_count": 11,
"blocked_action_count": 51,
"post_incident_readback_received_count": 0,
"post_incident_readback_accepted_count": 0,
"actor_attribution_accepted_count": 0,
"before_after_freshness_accepted_count": 0,
"backup_status_readback_accepted_count": 0,
"restore_drill_readback_accepted_count": 0,
"restore_target_isolation_readback_accepted_count": 0,
"offsite_sync_readback_accepted_count": 0,
"offsite_remote_delete_guard_accepted_count": 0,
"credential_escrow_non_secret_readback_accepted_count": 0,
"credential_recovery_drill_readback_accepted_count": 0,
"retention_runway_readback_accepted_count": 0,
"retention_or_prune_decision_accepted_count": 0,
"backup_dependency_map_readback_accepted_count": 0,
"data_classification_readback_accepted_count": 0,
"restore_observer_stop_condition_accepted_count": 0,
"backup_health_no_false_green_readback_accepted_count": 0,
"alert_textfile_readback_accepted_count": 0,
"cold_start_dr_scorecard_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"rollback_validation_accepted_count": 0,
"post_change_monitoring_accepted_count": 0,
"postcheck_readback_accepted_count": 0,
"recurrence_guard_accepted_count": 0,
"no_false_green_accepted_count": 0,
"backup_run_authorized_count": 0,
"restore_run_authorized_count": 0,
"offsite_sync_authorized_count": 0,
"offsite_remote_delete_authorized_count": 0,
"credential_escrow_marker_write_authorized_count": 0,
"credential_recovery_execution_authorized_count": 0,
"retention_change_authorized_count": 0,
"restic_prune_authorized_count": 0,
"rclone_config_authorized_count": 0,
"velero_restore_authorized_count": 0,
"velero_backup_authorized_count": 0,
"kubectl_action_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"host_write_authorized_count": 0,
"active_scan_authorized_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_after_readback_plan": 66,
}
for key, expected in expected_backup_restore_post_incident_readback_summary.items():
assert_equal(
f"backup_restore_post_incident_readback_plan.summary.{key}",
backup_restore_post_incident_readback_plan["summary"][key],
expected,
)
for key, value in backup_restore_post_incident_readback_plan["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"backup_restore_post_incident_readback_plan.execution_boundaries.{key}", value)
else:
assert_false(f"backup_restore_post_incident_readback_plan.execution_boundaries.{key}", value)
assert_equal(
"backup_restore_post_incident_readback_plan.readback_candidates.count",
len(backup_restore_post_incident_readback_plan["readback_candidates"]),
38,
)
for candidate_id in [
"backup_restore_post_incident_readback:backup_all_orchestrator",
"backup_restore_post_incident_readback:backup_awoooi_service_script",
"backup_restore_post_incident_readback:backup_common_restic_retention",
"backup_restore_post_incident_readback:offsite_sync_controller",
"backup_restore_post_incident_readback:credential_escrow_marker",
"backup_restore_post_incident_readback:velero_restore_test_cronjob",
"backup_restore_post_incident_readback:backup_health_textfile_exporter",
"backup_restore_post_incident_readback:cold_start_sop",
]:
assert_contains(
"backup_restore_post_incident_readback_plan.readback_candidates",
[
item["post_incident_readback_candidate_id"]
for item in backup_restore_post_incident_readback_plan["readback_candidates"]
],
candidate_id,
)
assert_equal(
"backup_restore_post_incident_readback_plan.required_readback_fields.count",
len(backup_restore_post_incident_readback_plan["required_readback_fields"]),
34,
)
assert_equal(
"backup_restore_post_incident_readback_plan.reviewer_checks.count",
len(backup_restore_post_incident_readback_plan["reviewer_checks"]),
32,
)
assert_equal(
"backup_restore_post_incident_readback_plan.outcome_lanes.count",
len(backup_restore_post_incident_readback_plan["outcome_lanes"]),
11,
)
assert_equal(
"backup_restore_post_incident_readback_plan.blocked_actions.count",
len(backup_restore_post_incident_readback_plan["blocked_actions"]),
51,
)
for item in backup_restore_post_incident_readback_plan["readback_candidates"]:
assert_equal(
f"backup_restore_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.readback_fields",
len(item["readback_fields"]),
45,
)
assert_equal(
f"backup_restore_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.required_readback_fields",
len(item["required_readback_fields"]),
34,
)
assert_equal(
f"backup_restore_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
32,
)
assert_equal(
f"backup_restore_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
11,
)
assert_equal(
f"backup_restore_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
51,
)
assert_true(
f"backup_restore_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"post_incident_readback_received",
"post_incident_readback_accepted",
"actor_attribution_accepted",
"before_after_freshness_accepted",
"backup_status_readback_accepted",
"restore_drill_readback_accepted",
"restore_target_isolation_readback_accepted",
"offsite_sync_readback_accepted",
"offsite_remote_delete_guard_accepted",
"credential_escrow_non_secret_readback_accepted",
"credential_recovery_drill_readback_accepted",
"retention_runway_readback_accepted",
"retention_or_prune_decision_accepted",
"backup_dependency_map_readback_accepted",
"data_classification_readback_accepted",
"restore_observer_stop_condition_accepted",
"backup_health_no_false_green_readback_accepted",
"alert_textfile_readback_accepted",
"cold_start_dr_scorecard_accepted",
"cross_project_sync_accepted",
"rollback_validation_accepted",
"post_change_monitoring_accepted",
"postcheck_readback_accepted",
"recurrence_guard_accepted",
"no_false_green_accepted",
"backup_run_authorized",
"restore_run_authorized",
"offsite_sync_authorized",
"offsite_remote_delete_authorized",
"credential_escrow_marker_write_authorized",
"credential_recovery_execution_authorized",
"retention_change_authorized",
"restic_prune_authorized",
"rclone_config_authorized",
"velero_restore_authorized",
"velero_backup_authorized",
"kubectl_action_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"secret_value_collection_allowed",
"host_write_authorized",
"active_scan_authorized",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"backup_restore_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"monitoring_alerting_observability_inventory.schema",
monitoring_alerting_observability_inventory["schema_version"],
"monitoring_alerting_observability_inventory_v1",
)
assert_equal(
"monitoring_alerting_observability_inventory.status",
monitoring_alerting_observability_inventory["status"],
"repo_only_inventory_ready",
)
assert_equal(
"monitoring_alerting_observability_inventory.source_scope",
monitoring_alerting_observability_inventory["source_scope"],
"committed_repo_files_only",
)
expected_monitoring_alerting_observability_summary = {
"surface_count": 60,
"source_exists_count": 60,
"expected_scope_count": 60,
"prometheus_config_surface_count": 8,
"alert_rule_surface_count": 13,
"alertmanager_receiver_surface_count": 1,
"grafana_surface_count": 6,
"signoz_surface_count": 3,
"sentry_surface_count": 4,
"langfuse_surface_count": 3,
"notification_policy_surface_count": 4,
"telegram_surface_count": 3,
"otel_surface_count": 1,
"deploy_or_reload_surface_count": 6,
"drift_guard_surface_count": 1,
"smoke_surface_count": 4,
"write_capable_surface_count": 11,
"surfaces_requiring_owner_response_count": 60,
"surfaces_requiring_live_evidence_count": 60,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"reload_owner_accepted_count": 0,
"receiver_owner_accepted_count": 0,
"route_smoke_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_before_inventory": 56,
"coverage_percent_after_inventory": 62,
}
for key, expected in expected_monitoring_alerting_observability_summary.items():
assert_equal(
f"monitoring_alerting_observability_inventory.summary.{key}",
monitoring_alerting_observability_inventory["summary"][key],
expected,
)
for key, value in monitoring_alerting_observability_inventory["execution_boundaries"].items():
assert_false(f"monitoring_alerting_observability_inventory.execution_boundaries.{key}", value)
assert_equal(
"monitoring_alerting_observability_inventory.observability_surfaces.count",
len(monitoring_alerting_observability_inventory["observability_surfaces"]),
60,
)
monitoring_surface_ids = [
item["surface_id"] for item in monitoring_alerting_observability_inventory["observability_surfaces"]
]
for surface_id in [
"prometheus_k8s_base_config",
"alertmanager_receiver_config",
"prometheus_alerts_ops",
"grafana_ai_slo_dashboard",
"signoz_otel_collector_config",
"sentry_self_hosted_compose",
"langfuse_compose",
"telegram_gateway_service",
"deploy_alertmanager_config_script",
"prometheus_rule_drift_guard_script",
"alert_chain_smoke_script",
]:
assert_contains(
"monitoring_alerting_observability_inventory.observability_surfaces",
monitoring_surface_ids,
surface_id,
)
for surface in monitoring_alerting_observability_inventory["observability_surfaces"]:
assert_true(
f"monitoring_alerting_observability_inventory.observability_surfaces.{surface['surface_id']}.source_exists",
surface["source_exists"],
)
assert_equal(
f"monitoring_alerting_observability_inventory.observability_surfaces.{surface['surface_id']}.sha256_length",
len(surface["sha256"]),
64,
)
assert_true(
f"monitoring_alerting_observability_inventory.observability_surfaces.{surface['surface_id']}.requires_live_evidence",
surface["requires_live_evidence"],
)
assert_true(
f"monitoring_alerting_observability_inventory.observability_surfaces.{surface['surface_id']}.requires_owner_response",
surface["requires_owner_response"],
)
for key in [
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"reload_owner_accepted",
"receiver_owner_accepted",
"route_smoke_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"runtime_gate_open",
"action_buttons_allowed",
]:
assert_false(
f"monitoring_alerting_observability_inventory.observability_surfaces.{surface['surface_id']}.{key}",
surface[key],
)
assert_equal(
"monitoring_alerting_observability_inventory.write_capable_surfaces.count",
len(monitoring_alerting_observability_inventory["write_capable_surfaces"]),
11,
)
for surface_id in [
"deploy_alertmanager_config_script",
"deploy_prometheus_alerts_script",
"k8s_deploy_prometheus_config_script",
"api_apply_prometheus_config_script",
"monitoring_exporter_deploy_script",
"sentry_self_hosted_deploy",
"telegram_gateway_service",
"notification_manager_service",
"converged_alert_recurrence_notifier",
"fire_live_alert_script",
"fire_test_alert_script",
]:
assert_contains(
"monitoring_alerting_observability_inventory.write_capable_surfaces",
[item["surface_id"] for item in monitoring_alerting_observability_inventory["write_capable_surfaces"]],
surface_id,
)
assert_equal(
"monitoring_owner_request_draft.schema",
monitoring_owner_request_draft["schema_version"],
"monitoring_owner_request_draft_v1",
)
assert_equal(
"monitoring_owner_request_draft.status",
monitoring_owner_request_draft["status"],
"owner_request_draft_ready_not_dispatched",
)
assert_equal(
"monitoring_owner_request_draft.source_inventory_schema_version",
monitoring_owner_request_draft["source_inventory_schema_version"],
"monitoring_alerting_observability_inventory_v1",
)
assert_equal(
"monitoring_owner_request_draft.source_inventory_status",
monitoring_owner_request_draft["source_inventory_status"],
"repo_only_inventory_ready",
)
expected_monitoring_owner_request_summary = {
"request_draft_count": 60,
"write_capable_request_draft_count": 11,
"live_evidence_required_request_count": 60,
"request_field_count": 24,
"required_owner_field_count": 14,
"blocked_action_count": 24,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"live_evidence_received_count": 0,
"reload_owner_accepted_count": 0,
"receiver_owner_accepted_count": 0,
"route_smoke_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"validation_plan_accepted_count": 0,
"prometheus_reload_authorized_count": 0,
"alertmanager_reload_authorized_count": 0,
"grafana_dashboard_apply_authorized_count": 0,
"signoz_rule_apply_authorized_count": 0,
"sentry_deploy_authorized_count": 0,
"langfuse_config_change_authorized_count": 0,
"otel_collector_reload_authorized_count": 0,
"receiver_route_change_authorized_count": 0,
"silence_policy_change_authorized_count": 0,
"telegram_send_authorized_count": 0,
"notification_route_change_authorized_count": 0,
"webhook_receiver_change_authorized_count": 0,
"remote_write_change_authorized_count": 0,
"exporter_deploy_authorized_count": 0,
"live_alert_fire_authorized_count": 0,
"alert_chain_smoke_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"kubectl_action_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"host_write_authorized_count": 0,
"active_scan_authorized_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_monitoring_owner_request_summary.items():
assert_equal(
f"monitoring_owner_request_draft.summary.{key}",
monitoring_owner_request_draft["summary"][key],
expected,
)
for key, value in monitoring_owner_request_draft["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"monitoring_owner_request_draft.execution_boundaries.{key}", value)
else:
assert_false(f"monitoring_owner_request_draft.execution_boundaries.{key}", value)
assert_equal(
"monitoring_owner_request_draft.request_drafts.count",
len(monitoring_owner_request_draft["request_drafts"]),
60,
)
monitoring_owner_request_ids = [
item["request_id"] for item in monitoring_owner_request_draft["request_drafts"]
]
for request_id in [
"monitoring_owner_request:alertmanager_receiver_config",
"monitoring_owner_request:deploy_alertmanager_config_script",
"monitoring_owner_request:telegram_gateway_service",
"monitoring_owner_request:fire_live_alert_script",
"monitoring_owner_request:sentry_self_hosted_deploy",
"monitoring_owner_request:langfuse_compose",
]:
assert_contains(
"monitoring_owner_request_draft.request_drafts",
monitoring_owner_request_ids,
request_id,
)
for draft in monitoring_owner_request_draft["request_drafts"]:
assert_equal(
f"monitoring_owner_request_draft.{draft['request_id']}.required_owner_fields",
len(draft["required_owner_fields"]),
14,
)
assert_equal(
f"monitoring_owner_request_draft.{draft['request_id']}.blocked_actions",
len(draft["blocked_actions"]),
24,
)
assert_true(
f"monitoring_owner_request_draft.{draft['request_id']}.not_approval",
draft["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"live_evidence_received",
"reload_owner_accepted",
"receiver_owner_accepted",
"route_smoke_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"validation_plan_accepted",
"prometheus_reload_authorized",
"alertmanager_reload_authorized",
"grafana_dashboard_apply_authorized",
"signoz_rule_apply_authorized",
"sentry_deploy_authorized",
"langfuse_config_change_authorized",
"otel_collector_reload_authorized",
"receiver_route_change_authorized",
"silence_policy_change_authorized",
"telegram_send_authorized",
"notification_route_change_authorized",
"webhook_receiver_change_authorized",
"remote_write_change_authorized",
"exporter_deploy_authorized",
"live_alert_fire_authorized",
"alert_chain_smoke_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"kubectl_action_authorized",
"secret_value_collection_allowed",
"host_write_authorized",
"active_scan_authorized",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"monitoring_owner_request_draft.{draft['request_id']}.{false_key}",
draft[false_key],
)
assert_equal(
"monitoring_owner_response_acceptance.schema",
monitoring_owner_response_acceptance["schema_version"],
"monitoring_owner_response_acceptance_v1",
)
assert_equal(
"monitoring_owner_response_acceptance.status",
monitoring_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
assert_equal(
"monitoring_owner_response_acceptance.source_inventory_schema_version",
monitoring_owner_response_acceptance["source_inventory_schema_version"],
"monitoring_alerting_observability_inventory_v1",
)
assert_equal(
"monitoring_owner_response_acceptance.source_inventory_status",
monitoring_owner_response_acceptance["source_inventory_status"],
"repo_only_inventory_ready",
)
assert_equal(
"monitoring_owner_response_acceptance.source_owner_request_schema_version",
monitoring_owner_response_acceptance["source_owner_request_schema_version"],
"monitoring_owner_request_draft_v1",
)
assert_equal(
"monitoring_owner_response_acceptance.source_owner_request_status",
monitoring_owner_response_acceptance["source_owner_request_status"],
"owner_request_draft_ready_not_dispatched",
)
expected_monitoring_owner_response_acceptance_summary = {
"source_surface_count": 60,
"source_request_draft_count": 60,
"acceptance_candidate_count": 60,
"write_capable_acceptance_candidate_count": 11,
"live_evidence_required_candidate_count": 60,
"acceptance_field_count": 38,
"required_owner_field_count": 14,
"reviewer_check_count": 23,
"outcome_lane_count": 12,
"blocked_action_count": 34,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"live_evidence_received_count": 0,
"live_config_hash_accepted_count": 0,
"reload_owner_accepted_count": 0,
"receiver_owner_accepted_count": 0,
"route_smoke_accepted_count": 0,
"incident_context_accepted_count": 0,
"alert_chain_health_accepted_count": 0,
"receiver_receipt_proof_accepted_count": 0,
"stale_alert_review_accepted_count": 0,
"silence_or_dedup_review_accepted_count": 0,
"false_green_risk_review_accepted_count": 0,
"post_reload_readback_plan_accepted_count": 0,
"cross_project_notification_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"validation_plan_accepted_count": 0,
"noise_budget_owner_accepted_count": 0,
"prometheus_reload_authorized_count": 0,
"alertmanager_reload_authorized_count": 0,
"grafana_dashboard_apply_authorized_count": 0,
"signoz_rule_apply_authorized_count": 0,
"sentry_deploy_authorized_count": 0,
"langfuse_config_change_authorized_count": 0,
"otel_collector_reload_authorized_count": 0,
"receiver_route_change_authorized_count": 0,
"silence_policy_change_authorized_count": 0,
"telegram_send_authorized_count": 0,
"notification_route_change_authorized_count": 0,
"webhook_receiver_change_authorized_count": 0,
"remote_write_change_authorized_count": 0,
"exporter_deploy_authorized_count": 0,
"live_alert_fire_authorized_count": 0,
"alert_chain_smoke_authorized_count": 0,
"ssh_read_authorized_count": 0,
"ssh_write_authorized_count": 0,
"kubectl_action_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"host_write_authorized_count": 0,
"active_scan_authorized_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_monitoring_owner_response_acceptance_summary.items():
assert_equal(
f"monitoring_owner_response_acceptance.summary.{key}",
monitoring_owner_response_acceptance["summary"][key],
expected,
)
for key, value in monitoring_owner_response_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"monitoring_owner_response_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"monitoring_owner_response_acceptance.execution_boundaries.{key}", value)
assert_equal(
"monitoring_owner_response_acceptance.acceptance_candidates.count",
len(monitoring_owner_response_acceptance["acceptance_candidates"]),
60,
)
monitoring_acceptance_ids = [
item["acceptance_candidate_id"]
for item in monitoring_owner_response_acceptance["acceptance_candidates"]
]
for acceptance_candidate_id in [
"monitoring_owner_response_acceptance:alertmanager_receiver_config",
"monitoring_owner_response_acceptance:deploy_alertmanager_config_script",
"monitoring_owner_response_acceptance:telegram_gateway_service",
"monitoring_owner_response_acceptance:fire_live_alert_script",
"monitoring_owner_response_acceptance:sentry_self_hosted_deploy",
"monitoring_owner_response_acceptance:langfuse_compose",
]:
assert_contains(
"monitoring_owner_response_acceptance.acceptance_candidates",
monitoring_acceptance_ids,
acceptance_candidate_id,
)
assert_equal(
"monitoring_owner_response_acceptance.reviewer_checks.count",
len(monitoring_owner_response_acceptance["reviewer_checks"]),
23,
)
assert_equal(
"monitoring_owner_response_acceptance.outcome_lanes.count",
len(monitoring_owner_response_acceptance["outcome_lanes"]),
12,
)
assert_equal(
"monitoring_owner_response_acceptance.blocked_actions.count",
len(monitoring_owner_response_acceptance["blocked_actions"]),
34,
)
for item in monitoring_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"monitoring_owner_response_acceptance.{item['acceptance_candidate_id']}.acceptance_fields",
len(item["acceptance_fields"]),
38,
)
assert_equal(
f"monitoring_owner_response_acceptance.{item['acceptance_candidate_id']}.required_owner_fields",
len(item["required_owner_fields"]),
14,
)
assert_equal(
f"monitoring_owner_response_acceptance.{item['acceptance_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
23,
)
assert_equal(
f"monitoring_owner_response_acceptance.{item['acceptance_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
12,
)
assert_equal(
f"monitoring_owner_response_acceptance.{item['acceptance_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
34,
)
assert_true(
f"monitoring_owner_response_acceptance.{item['acceptance_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"live_evidence_received",
"live_config_hash_accepted",
"reload_owner_accepted",
"receiver_owner_accepted",
"route_smoke_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"validation_plan_accepted",
"noise_budget_owner_accepted",
"prometheus_reload_authorized",
"alertmanager_reload_authorized",
"grafana_dashboard_apply_authorized",
"signoz_rule_apply_authorized",
"sentry_deploy_authorized",
"langfuse_config_change_authorized",
"otel_collector_reload_authorized",
"receiver_route_change_authorized",
"silence_policy_change_authorized",
"telegram_send_authorized",
"notification_route_change_authorized",
"webhook_receiver_change_authorized",
"remote_write_change_authorized",
"exporter_deploy_authorized",
"live_alert_fire_authorized",
"alert_chain_smoke_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"kubectl_action_authorized",
"secret_value_collection_allowed",
"host_write_authorized",
"active_scan_authorized",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"monitoring_owner_response_acceptance.{item['acceptance_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"monitoring_post_incident_readback_plan.schema",
monitoring_post_incident_readback_plan["schema_version"],
"monitoring_post_incident_readback_plan_v1",
)
assert_equal(
"monitoring_post_incident_readback_plan.status",
monitoring_post_incident_readback_plan["status"],
"post_incident_readback_plan_ready_no_runtime_action",
)
assert_equal(
"monitoring_post_incident_readback_plan.source_schema_version",
monitoring_post_incident_readback_plan["source_schema_version"],
"monitoring_owner_response_acceptance_v1",
)
assert_equal(
"monitoring_post_incident_readback_plan.source_status",
monitoring_post_incident_readback_plan["source_status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
for source_path in [
"docs/security/MONITORING-ALERTING-OBSERVABILITY-INVENTORY.md",
"docs/security/monitoring-alerting-observability-inventory.snapshot.json",
"docs/security/MONITORING-OWNER-REQUEST-DRAFT.md",
"docs/security/monitoring-owner-request-draft.snapshot.json",
"docs/security/MONITORING-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/monitoring-owner-response-acceptance.snapshot.json",
]:
assert_contains(
"monitoring_post_incident_readback_plan.source_paths",
monitoring_post_incident_readback_plan["source_paths"],
source_path,
)
expected_monitoring_post_incident_summary = {
"source_acceptance_candidate_count": 60,
"source_write_capable_acceptance_candidate_count": 11,
"source_live_evidence_required_candidate_count": 60,
"source_acceptance_field_count": 38,
"source_required_owner_field_count": 14,
"source_reviewer_check_count": 23,
"source_outcome_lane_count": 12,
"source_blocked_action_count": 34,
"source_owner_response_accepted_count": 0,
"source_alert_chain_health_accepted_count": 0,
"source_receiver_receipt_proof_accepted_count": 0,
"source_runtime_gate_count": 0,
"readback_candidate_count": 60,
"write_capable_readback_candidate_count": 11,
"live_evidence_required_readback_candidate_count": 60,
"alert_rule_readback_candidate_count": 13,
"deploy_or_reload_readback_candidate_count": 6,
"receiver_receipt_review_required_candidate_count": 60,
"stale_silence_review_required_candidate_count": 60,
"freshness_alert_chain_review_required_candidate_count": 60,
"no_false_green_required_candidate_count": 60,
"readback_field_count": 39,
"required_readback_field_count": 30,
"reviewer_check_count": 28,
"outcome_lane_count": 11,
"blocked_action_count": 53,
"post_incident_readback_received_count": 0,
"post_incident_readback_accepted_count": 0,
"actor_attribution_accepted_count": 0,
"change_or_outage_time_window_accepted_count": 0,
"intent_or_break_glass_accepted_count": 0,
"before_after_alert_state_accepted_count": 0,
"rule_datasource_scrape_state_accepted_count": 0,
"receiver_route_state_accepted_count": 0,
"reload_or_no_reload_accepted_count": 0,
"receiver_receipt_readback_accepted_count": 0,
"stale_pending_resolved_review_accepted_count": 0,
"silence_mute_dedup_inhibit_review_accepted_count": 0,
"dashboard_trace_log_freshness_accepted_count": 0,
"notification_delivery_metadata_accepted_count": 0,
"alert_chain_health_readback_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"rollback_or_disable_validation_accepted_count": 0,
"post_change_monitoring_accepted_count": 0,
"postcheck_readback_accepted_count": 0,
"recurrence_guard_accepted_count": 0,
"no_false_green_accepted_count": 0,
"prometheus_reload_authorized_count": 0,
"alertmanager_reload_authorized_count": 0,
"grafana_dashboard_apply_authorized_count": 0,
"signoz_rule_apply_authorized_count": 0,
"sentry_deploy_authorized_count": 0,
"langfuse_config_change_authorized_count": 0,
"otel_collector_reload_authorized_count": 0,
"receiver_route_change_authorized_count": 0,
"silence_policy_change_authorized_count": 0,
"telegram_send_authorized_count": 0,
"notification_route_change_authorized_count": 0,
"webhook_receiver_change_authorized_count": 0,
"remote_write_change_authorized_count": 0,
"exporter_deploy_authorized_count": 0,
"live_alert_fire_authorized_count": 0,
"alert_chain_smoke_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"host_write_authorized_count": 0,
"active_scan_authorized_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_after_readback_plan": 70,
}
for key, expected in expected_monitoring_post_incident_summary.items():
assert_equal(
f"monitoring_post_incident_readback_plan.summary.{key}",
monitoring_post_incident_readback_plan["summary"][key],
expected,
)
for key, value in monitoring_post_incident_readback_plan["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"monitoring_post_incident_readback_plan.execution_boundaries.{key}", value)
else:
assert_false(f"monitoring_post_incident_readback_plan.execution_boundaries.{key}", value)
assert_equal(
"monitoring_post_incident_readback_plan.readback_candidates.count",
len(monitoring_post_incident_readback_plan["readback_candidates"]),
60,
)
monitoring_post_incident_ids = [
item["post_incident_readback_candidate_id"]
for item in monitoring_post_incident_readback_plan["readback_candidates"]
]
for post_incident_readback_candidate_id in [
"monitoring_post_incident_readback:alertmanager_receiver_config",
"monitoring_post_incident_readback:deploy_alertmanager_config_script",
"monitoring_post_incident_readback:telegram_gateway_service",
"monitoring_post_incident_readback:fire_live_alert_script",
"monitoring_post_incident_readback:sentry_self_hosted_deploy",
"monitoring_post_incident_readback:langfuse_compose",
]:
assert_contains(
"monitoring_post_incident_readback_plan.readback_candidates",
monitoring_post_incident_ids,
post_incident_readback_candidate_id,
)
assert_equal(
"monitoring_post_incident_readback_plan.reviewer_checks.count",
len(monitoring_post_incident_readback_plan["reviewer_checks"]),
28,
)
assert_equal(
"monitoring_post_incident_readback_plan.outcome_lanes.count",
len(monitoring_post_incident_readback_plan["outcome_lanes"]),
11,
)
assert_equal(
"monitoring_post_incident_readback_plan.blocked_actions.count",
len(monitoring_post_incident_readback_plan["blocked_actions"]),
53,
)
for item in monitoring_post_incident_readback_plan["readback_candidates"]:
assert_equal(
f"monitoring_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.readback_fields",
len(item["readback_fields"]),
39,
)
assert_equal(
f"monitoring_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.required_readback_fields",
len(item["required_readback_fields"]),
30,
)
assert_equal(
f"monitoring_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
28,
)
assert_equal(
f"monitoring_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
11,
)
assert_equal(
f"monitoring_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
53,
)
assert_true(
f"monitoring_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"post_incident_readback_received",
"post_incident_readback_accepted",
"actor_attribution_accepted",
"change_or_outage_time_window_accepted",
"intent_or_break_glass_accepted",
"before_after_alert_state_accepted",
"rule_datasource_scrape_state_accepted",
"receiver_route_state_accepted",
"reload_or_no_reload_accepted",
"receiver_receipt_readback_accepted",
"stale_pending_resolved_review_accepted",
"silence_mute_dedup_inhibit_review_accepted",
"dashboard_trace_log_freshness_accepted",
"notification_delivery_metadata_accepted",
"alert_chain_health_readback_accepted",
"cross_project_sync_accepted",
"rollback_or_disable_validation_accepted",
"post_change_monitoring_accepted",
"postcheck_readback_accepted",
"recurrence_guard_accepted",
"no_false_green_accepted",
"prometheus_reload_authorized",
"alertmanager_reload_authorized",
"grafana_dashboard_apply_authorized",
"signoz_rule_apply_authorized",
"sentry_deploy_authorized",
"langfuse_config_change_authorized",
"otel_collector_reload_authorized",
"receiver_route_change_authorized",
"silence_policy_change_authorized",
"telegram_send_authorized",
"notification_route_change_authorized",
"webhook_receiver_change_authorized",
"remote_write_change_authorized",
"exporter_deploy_authorized",
"live_alert_fire_authorized",
"alert_chain_smoke_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"kubectl_action_authorized",
"secret_value_collection_allowed",
"host_write_authorized",
"active_scan_authorized",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"monitoring_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"ai_provider_owner_response_acceptance.schema",
ai_provider_owner_response_acceptance["schema_version"],
"ai_provider_owner_response_acceptance_v1",
)
assert_equal(
"ai_provider_owner_response_acceptance.status",
ai_provider_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
expected_ai_provider_owner_response_acceptance_summary = {
"acceptance_candidate_count": 8,
"write_capable_acceptance_candidate_count": 5,
"paid_provider_related_candidate_count": 5,
"data_egress_candidate_count": 6,
"live_evidence_required_candidate_count": 6,
"acceptance_field_count": 37,
"required_owner_field_count": 24,
"reviewer_check_count": 24,
"outcome_lane_count": 10,
"blocked_action_count": 38,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"fallback_order_accepted_count": 0,
"dry_run_result_accepted_count": 0,
"benchmark_result_accepted_count": 0,
"cost_review_accepted_count": 0,
"privacy_review_accepted_count": 0,
"data_classification_accepted_count": 0,
"prompt_redaction_accepted_count": 0,
"secret_handling_accepted_count": 0,
"quota_budget_accepted_count": 0,
"latency_slo_accepted_count": 0,
"quality_gate_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"provider_switch_authorized_count": 0,
"external_provider_call_authorized_count": 0,
"paid_provider_call_authorized_count": 0,
"prompt_send_authorized_count": 0,
"live_endpoint_probe_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_after_acceptance": 64,
}
for key, expected in expected_ai_provider_owner_response_acceptance_summary.items():
assert_equal(
f"ai_provider_owner_response_acceptance.summary.{key}",
ai_provider_owner_response_acceptance["summary"][key],
expected,
)
for key, value in ai_provider_owner_response_acceptance["boundaries"].items():
if key == "not_authorization":
assert_true(f"ai_provider_owner_response_acceptance.boundaries.{key}", value)
else:
assert_false(f"ai_provider_owner_response_acceptance.boundaries.{key}", value)
assert_equal(
"ai_provider_owner_response_acceptance.acceptance_candidates.count",
len(ai_provider_owner_response_acceptance["acceptance_candidates"]),
8,
)
expected_ai_provider_candidate_ids = [
"ai_provider_owner_response_acceptance:ai_router_provider_policy",
"ai_provider_owner_response_acceptance:ollama_proxy_gateway",
"ai_provider_owner_response_acceptance:fallback_order_and_circuit_breaker",
"ai_provider_owner_response_acceptance:cost_budget_and_quota",
"ai_provider_owner_response_acceptance:privacy_data_egress_boundary",
"ai_provider_owner_response_acceptance:benchmark_dry_run_pack",
"ai_provider_owner_response_acceptance:model_card_and_version_inventory",
"ai_provider_owner_response_acceptance:agent_replacement_candidate_runtime_boundary",
]
assert_equal(
"ai_provider_owner_response_acceptance.acceptance_candidates",
[item["acceptance_candidate_id"] for item in ai_provider_owner_response_acceptance["acceptance_candidates"]],
expected_ai_provider_candidate_ids,
)
assert_equal(
"ai_provider_owner_response_acceptance.reviewer_checks.count",
len(ai_provider_owner_response_acceptance["reviewer_checks"]),
24,
)
assert_equal(
"ai_provider_owner_response_acceptance.outcome_lanes.count",
len(ai_provider_owner_response_acceptance["outcome_lanes"]),
10,
)
assert_equal(
"ai_provider_owner_response_acceptance.blocked_actions.count",
len(ai_provider_owner_response_acceptance["blocked_actions"]),
38,
)
for item in ai_provider_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"ai_provider_owner_response_acceptance.{item['acceptance_candidate_id']}.acceptance_fields",
len(item["acceptance_fields"]),
37,
)
assert_equal(
f"ai_provider_owner_response_acceptance.{item['acceptance_candidate_id']}.required_owner_fields",
len(item["required_owner_fields"]),
24,
)
assert_equal(
f"ai_provider_owner_response_acceptance.{item['acceptance_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
24,
)
assert_equal(
f"ai_provider_owner_response_acceptance.{item['acceptance_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
10,
)
assert_equal(
f"ai_provider_owner_response_acceptance.{item['acceptance_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
38,
)
assert_true(
f"ai_provider_owner_response_acceptance.{item['acceptance_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"fallback_order_accepted",
"dry_run_result_accepted",
"benchmark_result_accepted",
"cost_review_accepted",
"privacy_review_accepted",
"data_classification_accepted",
"prompt_redaction_accepted",
"secret_handling_accepted",
"quota_budget_accepted",
"latency_slo_accepted",
"quality_gate_accepted",
"rollback_owner_accepted",
"maintenance_window_accepted",
"postcheck_evidence_accepted",
"provider_switch_authorized",
"model_route_change_authorized",
"fallback_order_change_authorized",
"ollama_proxy_change_authorized",
"nginx_reload_authorized",
"env_change_authorized",
"external_provider_call_authorized",
"paid_provider_call_authorized",
"prompt_send_authorized",
"live_endpoint_probe_authorized",
"benchmark_live_call_authorized",
"dry_run_external_call_authorized",
"quota_increase_authorized",
"cost_limit_change_authorized",
"privacy_boundary_change_authorized",
"data_egress_change_authorized",
"secret_value_collection_allowed",
"secret_hash_collection_allowed",
"partial_token_collection_allowed",
"api_key_rotation_authorized",
"secret_store_read_authorized",
"model_download_authorized",
"sdk_install_authorized",
"agent_runtime_enable_authorized",
"shadow_or_canary_enable_authorized",
"production_deploy_authorized",
"workflow_dispatch_authorized",
"host_write_authorized",
"ssh_read_authorized",
"ssh_write_authorized",
"active_scan_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"ai_provider_owner_response_acceptance.{item['acceptance_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"public_gateway_preflight_inventory.schema",
public_gateway_preflight_inventory["schema_version"],
"public_gateway_preflight_inventory_v1",
)
assert_equal(
"public_gateway_preflight_inventory.status",
public_gateway_preflight_inventory["status"],
"repo_only_preflight_contract_ready",
)
assert_equal(
"public_gateway_preflight_inventory.source_scope",
public_gateway_preflight_inventory["source_scope"],
"committed_nginx_and_domain_tls_snapshots_only",
)
expected_public_gateway_preflight_summary = {
"source_config_count": 3,
"c0_source_config_count": 2,
"managed_domain_count": 14,
"route_impact_count": 14,
"unique_upstream_count": 14,
"tls_certificate_path_count": 10,
"certificate_owner_confirmation_required_count": 4,
"admin_route_domain_count": 1,
"websocket_route_domain_count": 6,
"acme_challenge_domain_count": 7,
"preflight_gate_count": 12,
"repo_only_preflight_ready_count": 2,
"owner_acceptance_required_gate_count": 10,
"preflight_gate_accepted_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_provided_live_conf_received_count": 0,
"rendered_diff_ready_count": 0,
"nginx_test_evidence_count": 0,
"route_smoke_evidence_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_before_preflight": 78,
"coverage_percent_after_preflight": 84,
}
for key, expected in expected_public_gateway_preflight_summary.items():
assert_equal(
f"public_gateway_preflight_inventory.summary.{key}",
public_gateway_preflight_inventory["summary"][key],
expected,
)
for key, value in public_gateway_preflight_inventory["execution_boundaries"].items():
assert_false(f"public_gateway_preflight_inventory.execution_boundaries.{key}", value)
assert_equal(
"public_gateway_preflight_inventory.required_preflight_gates.count",
len(public_gateway_preflight_inventory["required_preflight_gates"]),
12,
)
assert_equal(
"public_gateway_preflight_inventory.config_preflight_rows.count",
len(public_gateway_preflight_inventory["config_preflight_rows"]),
3,
)
assert_equal(
"public_gateway_preflight_inventory.route_impacts.count",
len(public_gateway_preflight_inventory["route_impacts"]),
14,
)
for row in public_gateway_preflight_inventory["config_preflight_rows"]:
assert_true(
f"public_gateway_preflight_inventory.config_preflight_rows.{row['config_id']}.repo_source_hash_ready",
row["repo_source_hash_ready"],
)
for key in [
"owner_response_received",
"owner_response_accepted",
"live_conf_evidence_received",
"rendered_diff_ready",
"nginx_test_evidence_received",
"route_smoke_evidence_received",
"maintenance_window_accepted",
"rollback_owner_accepted",
"runtime_gate_open",
]:
assert_false(f"public_gateway_preflight_inventory.config_preflight_rows.{row['config_id']}.{key}", row[key])
for route_impact in public_gateway_preflight_inventory["route_impacts"]:
assert_true(
f"public_gateway_preflight_inventory.route_impacts.{route_impact['domain']}.public_route_smoke_required",
route_impact["public_route_smoke_required"],
)
assert_false(
f"public_gateway_preflight_inventory.route_impacts.{route_impact['domain']}.owner_response_accepted",
route_impact["owner_response_accepted"],
)
assert_false(
f"public_gateway_preflight_inventory.route_impacts.{route_impact['domain']}.route_smoke_accepted",
route_impact["route_smoke_accepted"],
)
assert_equal(
"public_gateway_live_conf_export_request.schema",
public_gateway_live_conf_export_request["schema_version"],
"public_gateway_live_conf_export_request_v1",
)
assert_equal(
"public_gateway_live_conf_export_request.source_preflight_schema_version",
public_gateway_live_conf_export_request["source_preflight_schema_version"],
"public_gateway_preflight_inventory_v1",
)
assert_equal(
"public_gateway_live_conf_export_request.status",
public_gateway_live_conf_export_request["status"],
"live_conf_export_request_ready_not_dispatched",
)
expected_public_gateway_live_conf_export_summary = {
"export_request_count": 3,
"c0_export_request_count": 2,
"c1_export_request_count": 1,
"export_request_field_count": 12,
"redaction_rule_count": 8,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"redacted_export_received_count": 0,
"raw_live_conf_stored_count": 0,
"rendered_diff_ready_count": 0,
"nginx_test_authorized_count": 0,
"nginx_test_executed_count": 0,
"nginx_reload_authorized_count": 0,
"route_smoke_authorized_count": 0,
"route_smoke_executed_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_public_gateway_live_conf_export_summary.items():
assert_equal(
f"public_gateway_live_conf_export_request.summary.{key}",
public_gateway_live_conf_export_request["summary"][key],
expected,
)
for false_key in [
"ssh_read_authorized",
"host_live_conf_read_authorized",
"raw_live_conf_storage_allowed",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"route_smoke_authorized",
"route_smoke_executed",
"dns_query_executed",
"live_tls_probe_executed",
"certbot_renew_authorized",
"runtime_execution_authorized",
"action_buttons_allowed",
"secret_value_collection_allowed",
"production_write_authorized",
]:
assert_false(
f"public_gateway_live_conf_export_request.execution_boundaries.{false_key}",
public_gateway_live_conf_export_request["execution_boundaries"][false_key],
)
assert_true(
"public_gateway_live_conf_export_request.execution_boundaries.not_authorization",
public_gateway_live_conf_export_request["execution_boundaries"]["not_authorization"],
)
expected_public_gateway_live_conf_export_ids = [
"public_gateway_live_conf_export:host188_all_sites",
"public_gateway_live_conf_export:host188_internal_tools_https",
"public_gateway_live_conf_export:host110_ollama_proxy",
]
assert_equal(
"public_gateway_live_conf_export_request.export_request_ids",
[item["export_request_id"] for item in public_gateway_live_conf_export_request["export_requests"]],
expected_public_gateway_live_conf_export_ids,
)
for item in public_gateway_live_conf_export_request["export_requests"]:
assert_equal(
f"public_gateway_live_conf_export_request.{item['export_request_id']}.field_count",
len(item["export_request_fields"]),
12,
)
assert_equal(
f"public_gateway_live_conf_export_request.{item['export_request_id']}.redaction_rule_count",
len(item["redaction_rules"]),
8,
)
assert_true(
f"public_gateway_live_conf_export_request.{item['export_request_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"redacted_export_received",
"raw_live_conf_stored",
"rendered_diff_ready",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"route_smoke_authorized",
"route_smoke_executed",
"runtime_gate",
"action_buttons_allowed",
"secret_value_collection_allowed",
"production_write_authorized",
]:
assert_false(
f"public_gateway_live_conf_export_request.{item['export_request_id']}.{false_key}",
item[false_key],
)
assert_equal(
"public_gateway_redacted_export_intake_preflight.schema",
public_gateway_redacted_export_intake_preflight["schema_version"],
"public_gateway_redacted_export_intake_preflight_v1",
)
assert_equal(
"public_gateway_redacted_export_intake_preflight.source_export_request_schema_version",
public_gateway_redacted_export_intake_preflight["source_export_request_schema_version"],
"public_gateway_live_conf_export_request_v1",
)
assert_equal(
"public_gateway_redacted_export_intake_preflight.status",
public_gateway_redacted_export_intake_preflight["status"],
"redacted_export_intake_preflight_ready_no_payload_received",
)
expected_public_gateway_redacted_export_intake_summary = {
"intake_candidate_count": 3,
"c0_intake_candidate_count": 2,
"c1_intake_candidate_count": 1,
"intake_field_count": 11,
"validation_check_count": 10,
"rejection_guard_count": 12,
"reviewer_intake_lane_count": 5,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"redacted_export_received_count": 0,
"accepted_redacted_export_count": 0,
"quarantined_payload_count": 0,
"rejected_intake_count": 0,
"rendered_diff_candidate_count": 0,
"raw_live_conf_stored_count": 0,
"nginx_test_authorized_count": 0,
"nginx_test_executed_count": 0,
"nginx_reload_authorized_count": 0,
"route_smoke_authorized_count": 0,
"route_smoke_executed_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_public_gateway_redacted_export_intake_summary.items():
assert_equal(
f"public_gateway_redacted_export_intake_preflight.summary.{key}",
public_gateway_redacted_export_intake_preflight["summary"][key],
expected,
)
for false_key in [
"request_sent",
"recipient_confirmed",
"redacted_export_received",
"raw_live_conf_storage_allowed",
"rendered_diff_authorized",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"route_smoke_authorized",
"route_smoke_executed",
"dns_query_executed",
"live_tls_probe_executed",
"certbot_renew_authorized",
"ssh_read_authorized",
"host_live_conf_read_authorized",
"runtime_execution_authorized",
"action_buttons_allowed",
"secret_value_collection_allowed",
"production_write_authorized",
]:
assert_false(
f"public_gateway_redacted_export_intake_preflight.execution_boundaries.{false_key}",
public_gateway_redacted_export_intake_preflight["execution_boundaries"][false_key],
)
assert_true(
"public_gateway_redacted_export_intake_preflight.execution_boundaries.not_authorization",
public_gateway_redacted_export_intake_preflight["execution_boundaries"]["not_authorization"],
)
expected_public_gateway_redacted_export_intake_ids = [
"public_gateway_redacted_export_intake:host188_all_sites",
"public_gateway_redacted_export_intake:host188_internal_tools_https",
"public_gateway_redacted_export_intake:host110_ollama_proxy",
]
assert_equal(
"public_gateway_redacted_export_intake_preflight.intake_ids",
[item["intake_id"] for item in public_gateway_redacted_export_intake_preflight["intake_candidates"]],
expected_public_gateway_redacted_export_intake_ids,
)
expected_public_gateway_redacted_export_validation_check_ids = [
"source_export_request_snapshot_current",
"request_sent_metadata_required",
"recipient_confirmed_metadata_required",
"redacted_export_ref_required",
"raw_live_conf_payload_blocked",
"redaction_policy_attestation_required",
"secret_marker_scan_required",
"scope_matches_export_request",
"quarantine_before_storage",
"rendered_diff_gate_separate",
]
assert_equal(
"public_gateway_redacted_export_intake_preflight.validation_check_ids",
[item["check_id"] for item in public_gateway_redacted_export_intake_preflight["validation_checks"]],
expected_public_gateway_redacted_export_validation_check_ids,
)
expected_public_gateway_redacted_export_rejection_guards = [
"raw_live_conf_payload",
"tls_private_key",
"token_secret_cookie_session",
"authorization_header_or_basic_auth",
"unredacted_upstream_credential",
"db_url_or_env_dump",
"shell_history_or_private_key",
"unredacted_log_or_screenshot",
"nginx_test_execution_request",
"nginx_reload_or_route_change_request",
"dns_tls_certbot_request",
"ssh_host_write_or_runtime_request",
]
assert_equal(
"public_gateway_redacted_export_intake_preflight.rejection_guards",
public_gateway_redacted_export_intake_preflight["rejection_guards"],
expected_public_gateway_redacted_export_rejection_guards,
)
expected_public_gateway_redacted_export_lane_ids = [
"keep_waiting_redacted_export",
"request_more_metadata",
"quarantine_sensitive_payload",
"reject_execution_request",
"ready_for_rendered_diff_preflight",
]
assert_equal(
"public_gateway_redacted_export_intake_preflight.reviewer_intake_lane_ids",
[item["lane_id"] for item in public_gateway_redacted_export_intake_preflight["reviewer_intake_lanes"]],
expected_public_gateway_redacted_export_lane_ids,
)
for item in public_gateway_redacted_export_intake_preflight["intake_candidates"]:
assert_equal(
f"public_gateway_redacted_export_intake_preflight.{item['intake_id']}.field_count",
len(item["intake_fields"]),
11,
)
assert_true(
f"public_gateway_redacted_export_intake_preflight.{item['intake_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"redacted_export_received",
"accepted_redacted_export",
"quarantine_written",
"rejected_intake",
"raw_live_conf_stored",
"rendered_diff_candidate",
"rendered_diff_authorized",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"route_smoke_authorized",
"route_smoke_executed",
"runtime_gate",
"action_buttons_allowed",
"secret_value_collection_allowed",
"production_write_authorized",
]:
assert_false(
f"public_gateway_redacted_export_intake_preflight.{item['intake_id']}.{false_key}",
item[false_key],
)
assert_equal(
"public_gateway_rendered_diff_gate_draft.schema",
public_gateway_rendered_diff_gate_draft["schema_version"],
"public_gateway_rendered_diff_gate_draft_v1",
)
assert_equal(
"public_gateway_rendered_diff_gate_draft.source_intake_preflight_schema_version",
public_gateway_rendered_diff_gate_draft["source_intake_preflight_schema_version"],
"public_gateway_redacted_export_intake_preflight_v1",
)
assert_equal(
"public_gateway_rendered_diff_gate_draft.status",
public_gateway_rendered_diff_gate_draft["status"],
"rendered_diff_gate_draft_ready_no_runtime_action",
)
expected_public_gateway_rendered_diff_summary = {
"diff_gate_candidate_count": 3,
"c0_diff_gate_candidate_count": 2,
"c1_diff_gate_candidate_count": 1,
"diff_gate_field_count": 12,
"preflight_stage_count": 7,
"blocked_action_count": 14,
"redacted_export_accepted_count": 0,
"rendered_diff_candidate_count": 0,
"rendered_diff_ready_count": 0,
"nginx_test_authorized_count": 0,
"nginx_test_executed_count": 0,
"nginx_reload_authorized_count": 0,
"nginx_reload_executed_count": 0,
"route_smoke_authorized_count": 0,
"route_smoke_executed_count": 0,
"dns_tls_probe_authorized_count": 0,
"certbot_renew_authorized_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_public_gateway_rendered_diff_summary.items():
assert_equal(
f"public_gateway_rendered_diff_gate_draft.summary.{key}",
public_gateway_rendered_diff_gate_draft["summary"][key],
expected,
)
for false_key in [
"read_live_conf_over_ssh",
"store_raw_live_conf",
"rendered_diff_authorized",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"route_smoke_authorized",
"route_smoke_executed",
"dns_tls_probe_authorized",
"certbot_renew_authorized",
"production_write_authorized",
"runtime_execution_authorized",
"action_buttons_allowed",
]:
assert_false(
f"public_gateway_rendered_diff_gate_draft.execution_boundaries.{false_key}",
public_gateway_rendered_diff_gate_draft["execution_boundaries"][false_key],
)
assert_true(
"public_gateway_rendered_diff_gate_draft.execution_boundaries.not_authorization",
public_gateway_rendered_diff_gate_draft["execution_boundaries"]["not_authorization"],
)
expected_public_gateway_rendered_diff_ids = [
"public_gateway_rendered_diff_gate:host188_all_sites",
"public_gateway_rendered_diff_gate:host188_internal_tools_https",
"public_gateway_rendered_diff_gate:host110_ollama_proxy",
]
assert_equal(
"public_gateway_rendered_diff_gate_draft.diff_gate_ids",
[item["diff_gate_id"] for item in public_gateway_rendered_diff_gate_draft["diff_gate_candidates"]],
expected_public_gateway_rendered_diff_ids,
)
expected_public_gateway_rendered_diff_stage_ids = [
"redacted_export_acceptance_required",
"normalize_without_raw_conf_storage",
"rendered_diff_owner_review_required",
"nginx_test_approval_package_required",
"reload_approval_separate",
"route_smoke_matrix_required",
"postcheck_and_rollback_required",
]
assert_equal(
"public_gateway_rendered_diff_gate_draft.preflight_stage_ids",
[item["stage_id"] for item in public_gateway_rendered_diff_gate_draft["preflight_stages"]],
expected_public_gateway_rendered_diff_stage_ids,
)
expected_public_gateway_rendered_diff_blocked_actions = [
"read_live_conf_over_ssh",
"store_raw_live_conf",
"render_diff_from_unredacted_payload",
"nginx_test_without_approval",
"nginx_reload_without_approval",
"route_smoke_without_plan",
"dns_probe_without_approval",
"tls_probe_without_approval",
"certbot_renew_without_approval",
"modify_nginx_conf",
"modify_dns_tls_config",
"change_public_route",
"write_production_host",
"open_runtime_gate",
]
assert_equal(
"public_gateway_rendered_diff_gate_draft.blocked_actions",
public_gateway_rendered_diff_gate_draft["blocked_actions"],
expected_public_gateway_rendered_diff_blocked_actions,
)
for item in public_gateway_rendered_diff_gate_draft["diff_gate_candidates"]:
assert_equal(
f"public_gateway_rendered_diff_gate_draft.{item['diff_gate_id']}.field_count",
len(item["diff_gate_fields"]),
12,
)
assert_true(
f"public_gateway_rendered_diff_gate_draft.{item['diff_gate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"redacted_export_accepted",
"rendered_diff_candidate",
"rendered_diff_ready",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"route_smoke_authorized",
"route_smoke_executed",
"dns_tls_probe_authorized",
"certbot_renew_authorized",
"maintenance_window_accepted",
"rollback_owner_accepted",
"runtime_gate",
"action_buttons_allowed",
"production_write_authorized",
]:
assert_false(
f"public_gateway_rendered_diff_gate_draft.{item['diff_gate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"public_gateway_owner_response_acceptance.schema",
public_gateway_owner_response_acceptance["schema_version"],
"public_gateway_owner_response_acceptance_v1",
)
assert_equal(
"public_gateway_owner_response_acceptance.source_export_request_schema_version",
public_gateway_owner_response_acceptance["source_export_request_schema_version"],
"public_gateway_live_conf_export_request_v1",
)
assert_equal(
"public_gateway_owner_response_acceptance.source_intake_preflight_schema_version",
public_gateway_owner_response_acceptance["source_intake_preflight_schema_version"],
"public_gateway_redacted_export_intake_preflight_v1",
)
assert_equal(
"public_gateway_owner_response_acceptance.source_rendered_diff_gate_schema_version",
public_gateway_owner_response_acceptance["source_rendered_diff_gate_schema_version"],
"public_gateway_rendered_diff_gate_draft_v1",
)
assert_equal(
"public_gateway_owner_response_acceptance.status",
public_gateway_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
expected_public_gateway_owner_response_acceptance_summary = {
"source_export_request_count": 3,
"source_intake_candidate_count": 3,
"source_diff_gate_candidate_count": 3,
"acceptance_candidate_count": 3,
"c0_acceptance_candidate_count": 2,
"c1_acceptance_candidate_count": 1,
"acceptance_field_count": 33,
"required_owner_response_field_count": 22,
"reviewer_check_count": 22,
"outcome_lane_count": 8,
"blocked_action_count": 28,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"redacted_export_received_count": 0,
"accepted_redacted_export_count": 0,
"rendered_diff_candidate_count": 0,
"rendered_diff_ready_count": 0,
"nginx_test_authorized_count": 0,
"nginx_test_executed_count": 0,
"nginx_reload_authorized_count": 0,
"nginx_reload_executed_count": 0,
"route_smoke_authorized_count": 0,
"route_smoke_executed_count": 0,
"dns_tls_probe_authorized_count": 0,
"certbot_renew_authorized_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"change_actor_identified_count": 0,
"change_time_window_accepted_count": 0,
"cross_project_impact_accepted_count": 0,
"communication_sync_accepted_count": 0,
"change_intent_accepted_count": 0,
"pre_change_approval_accepted_count": 0,
"break_glass_reason_accepted_count": 0,
"route_health_impact_accepted_count": 0,
"rollback_validation_accepted_count": 0,
"post_change_monitoring_window_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_public_gateway_owner_response_acceptance_summary.items():
assert_equal(
f"public_gateway_owner_response_acceptance.summary.{key}",
public_gateway_owner_response_acceptance["summary"][key],
expected,
)
for key, value in public_gateway_owner_response_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"public_gateway_owner_response_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"public_gateway_owner_response_acceptance.execution_boundaries.{key}", value)
expected_public_gateway_owner_response_acceptance_ids = [
"public_gateway_owner_response_acceptance:host188_all_sites",
"public_gateway_owner_response_acceptance:host188_internal_tools_https",
"public_gateway_owner_response_acceptance:host110_ollama_proxy",
]
assert_equal(
"public_gateway_owner_response_acceptance.acceptance_candidate_ids",
[
item["acceptance_candidate_id"]
for item in public_gateway_owner_response_acceptance["acceptance_candidates"]
],
expected_public_gateway_owner_response_acceptance_ids,
)
expected_public_gateway_owner_response_reviewer_checks = [
"owner_identity_present",
"decision_reason_present",
"redacted_refs_only",
"raw_conf_absent",
"secret_value_absent",
"route_scope_matches_snapshot",
"rendered_diff_ref_not_payload",
"nginx_test_separate_approval",
"route_smoke_plan_present",
"maintenance_window_present",
"rollback_owner_present",
"change_actor_or_source_ref_present",
"change_time_window_present",
"cross_project_impact_review_present",
"communication_sync_ref_present",
"change_intent_or_ticket_ref_present",
"pre_change_approval_or_break_glass_present",
"route_health_impact_present",
"rollback_validation_present",
"post_change_monitoring_window_present",
"manual_change_not_silent",
"counts_transition_safe",
]
assert_equal(
"public_gateway_owner_response_acceptance.reviewer_check_ids",
[item["check_id"] for item in public_gateway_owner_response_acceptance["reviewer_checks"]],
expected_public_gateway_owner_response_reviewer_checks,
)
expected_public_gateway_owner_response_outcome_lanes = [
"waiting_owner_response",
"quarantine_raw_payload",
"reject_secret_or_unredacted_conf",
"request_supplement",
"ready_for_rendered_diff_review",
"owner_review_only_update",
"emergency_change_backfill_required",
"waiting_runtime_gate",
]
assert_equal(
"public_gateway_owner_response_acceptance.outcome_lane_ids",
[item["lane_id"] for item in public_gateway_owner_response_acceptance["outcome_lanes"]],
expected_public_gateway_owner_response_outcome_lanes,
)
expected_public_gateway_owner_response_blocked_actions = [
"read_live_conf_over_ssh",
"store_raw_live_conf",
"accept_unredacted_live_conf",
"collect_secret_value",
"render_diff_from_unredacted_payload",
"mark_owner_response_accepted_without_reviewer_record",
"nginx_test_without_separate_approval",
"nginx_reload_without_separate_approval",
"route_smoke_without_matrix",
"dns_probe_without_approval",
"tls_probe_without_approval",
"certbot_renew_without_approval",
"modify_nginx_conf",
"modify_dns_tls_config",
"change_public_route",
"write_production_host",
"accept_unknown_change_actor",
"accept_missing_change_time_window",
"skip_cross_project_impact_review",
"skip_incident_communication_sync",
"accept_silent_manual_nginx_change",
"treat_break_glass_as_approval",
"mark_gateway_change_resolved_without_route_health",
"skip_rollback_validation",
"skip_post_change_monitoring",
"hide_cross_project_route_impact",
"open_runtime_gate",
"add_action_button",
]
assert_equal(
"public_gateway_owner_response_acceptance.blocked_actions",
public_gateway_owner_response_acceptance["blocked_actions"],
expected_public_gateway_owner_response_blocked_actions,
)
for item in public_gateway_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"public_gateway_owner_response_acceptance.{item['acceptance_candidate_id']}.field_count",
len(item["acceptance_fields"]),
33,
)
assert_equal(
f"public_gateway_owner_response_acceptance.{item['acceptance_candidate_id']}.required_owner_response_fields",
len(item["required_owner_response_fields"]),
22,
)
assert_equal(
f"public_gateway_owner_response_acceptance.{item['acceptance_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
22,
)
assert_equal(
f"public_gateway_owner_response_acceptance.{item['acceptance_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
8,
)
assert_equal(
f"public_gateway_owner_response_acceptance.{item['acceptance_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
28,
)
assert_true(
f"public_gateway_owner_response_acceptance.{item['acceptance_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"redacted_export_received",
"accepted_redacted_export",
"rendered_diff_candidate",
"rendered_diff_ready",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"route_smoke_authorized",
"route_smoke_executed",
"dns_tls_probe_authorized",
"certbot_renew_authorized",
"maintenance_window_accepted",
"rollback_owner_accepted",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"public_gateway_owner_response_acceptance.{item['acceptance_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"public_gateway_rendered_diff_acceptance.schema",
public_gateway_rendered_diff_acceptance["schema_version"],
"public_gateway_rendered_diff_acceptance_v1",
)
assert_equal(
"public_gateway_rendered_diff_acceptance.source_rendered_diff_gate_schema_version",
public_gateway_rendered_diff_acceptance["source_rendered_diff_gate_schema_version"],
"public_gateway_rendered_diff_gate_draft_v1",
)
assert_equal(
"public_gateway_rendered_diff_acceptance.source_owner_response_acceptance_schema_version",
public_gateway_rendered_diff_acceptance["source_owner_response_acceptance_schema_version"],
"public_gateway_owner_response_acceptance_v1",
)
assert_equal(
"public_gateway_rendered_diff_acceptance.status",
public_gateway_rendered_diff_acceptance["status"],
"rendered_diff_acceptance_ledger_ready_no_runtime_action",
)
expected_public_gateway_rendered_diff_acceptance_summary = {
"source_diff_gate_candidate_count": 3,
"source_owner_response_acceptance_candidate_count": 3,
"diff_acceptance_candidate_count": 3,
"c0_diff_acceptance_candidate_count": 2,
"c1_diff_acceptance_candidate_count": 1,
"diff_acceptance_field_count": 25,
"required_evidence_field_count": 14,
"reviewer_check_count": 15,
"outcome_lane_count": 8,
"blocked_action_count": 22,
"owner_response_accepted_count": 0,
"redacted_export_accepted_count": 0,
"rendered_diff_received_count": 0,
"rendered_diff_accepted_count": 0,
"nginx_test_evidence_received_count": 0,
"nginx_test_evidence_accepted_count": 0,
"route_smoke_matrix_received_count": 0,
"route_smoke_matrix_accepted_count": 0,
"route_smoke_result_received_count": 0,
"route_smoke_result_accepted_count": 0,
"tls_acme_impact_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"nginx_test_authorized_count": 0,
"nginx_test_executed_count": 0,
"nginx_reload_authorized_count": 0,
"nginx_reload_executed_count": 0,
"route_smoke_authorized_count": 0,
"route_smoke_executed_count": 0,
"dns_tls_probe_authorized_count": 0,
"certbot_renew_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_public_gateway_rendered_diff_acceptance_summary.items():
assert_equal(
f"public_gateway_rendered_diff_acceptance.summary.{key}",
public_gateway_rendered_diff_acceptance["summary"][key],
expected,
)
for key, value in public_gateway_rendered_diff_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"public_gateway_rendered_diff_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"public_gateway_rendered_diff_acceptance.execution_boundaries.{key}", value)
expected_public_gateway_rendered_diff_acceptance_ids = [
"public_gateway_rendered_diff_acceptance:host188_all_sites",
"public_gateway_rendered_diff_acceptance:host188_internal_tools_https",
"public_gateway_rendered_diff_acceptance:host110_ollama_proxy",
]
assert_equal(
"public_gateway_rendered_diff_acceptance.diff_acceptance_ids",
[
item["diff_acceptance_id"]
for item in public_gateway_rendered_diff_acceptance["diff_acceptance_candidates"]
],
expected_public_gateway_rendered_diff_acceptance_ids,
)
expected_public_gateway_rendered_diff_acceptance_reviewer_checks = [
"owner_response_accepted_first",
"redacted_live_conf_ref_only",
"rendered_diff_ref_not_payload",
"diff_scope_matches_config_id",
"nginx_test_evidence_is_readback_only",
"nginx_test_result_has_timestamp",
"route_smoke_matrix_complete",
"tls_acme_impact_separated",
"secret_value_absent",
"maintenance_window_present",
"rollback_owner_and_ref_present",
"postcheck_plan_present",
"no_execution_request_embedded",
"counts_transition_safe",
"action_button_absent",
]
assert_equal(
"public_gateway_rendered_diff_acceptance.reviewer_check_ids",
[item["check_id"] for item in public_gateway_rendered_diff_acceptance["reviewer_checks"]],
expected_public_gateway_rendered_diff_acceptance_reviewer_checks,
)
expected_public_gateway_rendered_diff_acceptance_outcome_lanes = [
"waiting_owner_response_acceptance",
"waiting_rendered_diff_evidence",
"quarantine_raw_conf_or_payload",
"reject_secret_or_execution_request",
"request_evidence_supplement",
"ready_for_reviewer_acceptance",
"accepted_for_runtime_gate_planning",
"waiting_separate_runtime_approval",
]
assert_equal(
"public_gateway_rendered_diff_acceptance.outcome_lane_ids",
[item["lane_id"] for item in public_gateway_rendered_diff_acceptance["outcome_lanes"]],
expected_public_gateway_rendered_diff_acceptance_outcome_lanes,
)
expected_public_gateway_rendered_diff_acceptance_blocked_actions = [
"read_live_conf_over_ssh",
"store_raw_live_conf",
"store_full_rendered_diff_payload",
"accept_unredacted_live_conf",
"collect_secret_value",
"accept_execution_request_inside_evidence",
"mark_rendered_diff_accepted_without_owner_response",
"mark_rendered_diff_accepted_without_reviewer_record",
"run_nginx_test_from_diff_acceptance",
"run_route_smoke_from_diff_acceptance",
"nginx_reload_from_diff_acceptance",
"dns_probe_from_diff_acceptance",
"tls_probe_from_diff_acceptance",
"certbot_renew_from_diff_acceptance",
"modify_nginx_conf",
"modify_dns_tls_config",
"change_public_route",
"change_admin_route",
"change_websocket_route",
"write_production_host",
"open_runtime_gate",
"add_action_button",
]
assert_equal(
"public_gateway_rendered_diff_acceptance.blocked_actions",
public_gateway_rendered_diff_acceptance["blocked_actions"],
expected_public_gateway_rendered_diff_acceptance_blocked_actions,
)
for item in public_gateway_rendered_diff_acceptance["diff_acceptance_candidates"]:
assert_equal(
f"public_gateway_rendered_diff_acceptance.{item['diff_acceptance_id']}.field_count",
len(item["acceptance_fields"]),
25,
)
assert_equal(
f"public_gateway_rendered_diff_acceptance.{item['diff_acceptance_id']}.required_evidence_fields",
len(item["required_evidence_fields"]),
14,
)
assert_equal(
f"public_gateway_rendered_diff_acceptance.{item['diff_acceptance_id']}.reviewer_checks",
len(item["reviewer_checks"]),
15,
)
assert_equal(
f"public_gateway_rendered_diff_acceptance.{item['diff_acceptance_id']}.outcome_lanes",
len(item["outcome_lanes"]),
8,
)
assert_equal(
f"public_gateway_rendered_diff_acceptance.{item['diff_acceptance_id']}.blocked_actions",
len(item["blocked_actions"]),
22,
)
assert_true(
f"public_gateway_rendered_diff_acceptance.{item['diff_acceptance_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"owner_response_accepted",
"redacted_export_accepted",
"rendered_diff_received",
"rendered_diff_accepted",
"nginx_test_evidence_received",
"nginx_test_evidence_accepted",
"route_smoke_matrix_received",
"route_smoke_matrix_accepted",
"route_smoke_result_received",
"route_smoke_result_accepted",
"tls_acme_impact_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"postcheck_evidence_accepted",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"route_smoke_authorized",
"route_smoke_executed",
"dns_tls_probe_authorized",
"certbot_renew_authorized",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"public_gateway_rendered_diff_acceptance.{item['diff_acceptance_id']}.{false_key}",
item[false_key],
)
assert_equal(
"public_gateway_post_incident_readback_plan.schema",
public_gateway_post_incident_readback_plan["schema_version"],
"public_gateway_post_incident_readback_plan_v1",
)
assert_equal(
"public_gateway_post_incident_readback_plan.source_schema_version",
public_gateway_post_incident_readback_plan["source_schema_version"],
"public_gateway_rendered_diff_acceptance_v1",
)
assert_equal(
"public_gateway_post_incident_readback_plan.status",
public_gateway_post_incident_readback_plan["status"],
"post_incident_readback_plan_ready_no_runtime_action",
)
expected_public_gateway_post_incident_readback_summary = {
"source_diff_acceptance_candidate_count": 3,
"source_c0_diff_acceptance_candidate_count": 2,
"source_c1_diff_acceptance_candidate_count": 1,
"source_required_evidence_field_count": 14,
"source_reviewer_check_count": 15,
"source_blocked_action_count": 22,
"source_rendered_diff_accepted_count": 0,
"source_nginx_test_evidence_accepted_count": 0,
"source_route_smoke_result_accepted_count": 0,
"source_runtime_gate_count": 0,
"readback_candidate_count": 3,
"c0_readback_candidate_count": 2,
"c1_readback_candidate_count": 1,
"write_capable_readback_candidate_count": 3,
"route_health_review_required_candidate_count": 3,
"upstream_websocket_tls_review_required_candidate_count": 3,
"ai_monitoring_cross_project_review_required_candidate_count": 3,
"no_false_green_required_candidate_count": 3,
"readback_field_count": 36,
"required_readback_field_count": 30,
"reviewer_check_count": 28,
"outcome_lane_count": 10,
"blocked_action_count": 41,
"post_incident_readback_received_count": 0,
"post_incident_readback_accepted_count": 0,
"actor_attribution_accepted_count": 0,
"change_time_window_accepted_count": 0,
"intent_or_break_glass_accepted_count": 0,
"before_after_route_state_accepted_count": 0,
"source_live_diff_state_accepted_count": 0,
"nginx_test_readback_accepted_count": 0,
"nginx_reload_or_no_reload_accepted_count": 0,
"route_smoke_readback_accepted_count": 0,
"tls_acme_readback_accepted_count": 0,
"websocket_readback_accepted_count": 0,
"upstream_health_accepted_count": 0,
"public_admin_api_route_impact_accepted_count": 0,
"ai_provider_impact_accepted_count": 0,
"monitoring_alert_accepted_count": 0,
"operator_notification_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"rollback_validation_accepted_count": 0,
"post_change_monitoring_accepted_count": 0,
"recovery_or_still_degraded_accepted_count": 0,
"postcheck_readback_accepted_count": 0,
"recurrence_guard_accepted_count": 0,
"no_false_green_accepted_count": 0,
"host_live_conf_read_authorized_count": 0,
"nginx_test_authorized_count": 0,
"nginx_test_executed_count": 0,
"nginx_reload_authorized_count": 0,
"nginx_reload_executed_count": 0,
"public_gateway_reload_authorized_count": 0,
"route_smoke_authorized_count": 0,
"route_smoke_executed_count": 0,
"dns_tls_probe_authorized_count": 0,
"certbot_renew_authorized_count": 0,
"public_route_change_authorized_count": 0,
"admin_route_change_authorized_count": 0,
"websocket_route_change_authorized_count": 0,
"acme_challenge_change_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_after_readback_plan": 92,
}
for key, expected in expected_public_gateway_post_incident_readback_summary.items():
assert_equal(
f"public_gateway_post_incident_readback_plan.summary.{key}",
public_gateway_post_incident_readback_plan["summary"][key],
expected,
)
for key, value in public_gateway_post_incident_readback_plan["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"public_gateway_post_incident_readback_plan.execution_boundaries.{key}", value)
else:
assert_false(f"public_gateway_post_incident_readback_plan.execution_boundaries.{key}", value)
expected_public_gateway_post_incident_readback_ids = [
"public_gateway_post_incident_readback:host188_all_sites",
"public_gateway_post_incident_readback:host188_internal_tools_https",
"public_gateway_post_incident_readback:host110_ollama_proxy",
]
assert_equal(
"public_gateway_post_incident_readback_plan.readback_candidate_ids",
[
item["post_incident_readback_candidate_id"]
for item in public_gateway_post_incident_readback_plan["readback_candidates"]
],
expected_public_gateway_post_incident_readback_ids,
)
expected_public_gateway_post_incident_reviewer_checks = [
"source_diff_acceptance_current",
"incident_or_change_ref_present",
"actor_attribution_present",
"change_time_window_present",
"intent_or_break_glass_present",
"before_after_route_state_present",
"source_live_diff_state_present",
"nginx_test_readback_is_owner_provided",
"reload_or_no_reload_called_out",
"route_smoke_readback_present",
"tls_acme_readback_present",
"websocket_readback_present",
"upstream_health_present",
"public_admin_api_route_impact_present",
"ai_provider_impact_present",
"monitoring_alert_present",
"operator_notification_present",
"cross_project_sync_present",
"rollback_validation_present",
"post_change_monitoring_present",
"recovery_or_still_degraded_present",
"postcheck_independent",
"recurrence_guard_present",
"maintenance_window_present",
"no_false_green",
"raw_payload_absent",
"runtime_stays_zero",
"counts_transition_safe",
]
assert_equal(
"public_gateway_post_incident_readback_plan.reviewer_check_ids",
[item["check_id"] for item in public_gateway_post_incident_readback_plan["reviewer_checks"]],
expected_public_gateway_post_incident_reviewer_checks,
)
expected_public_gateway_post_incident_outcome_lanes = [
"waiting_post_incident_readback",
"request_actor_or_time_supplement",
"request_route_state_supplement",
"request_diff_test_supplement",
"request_dependency_supplement",
"quarantine_raw_payload",
"reject_false_green_claim",
"ready_for_gateway_post_incident_review",
"recurrence_guard_backfill_required",
"waiting_runtime_gate",
]
assert_equal(
"public_gateway_post_incident_readback_plan.outcome_lane_ids",
[item["lane_id"] for item in public_gateway_post_incident_readback_plan["outcome_lanes"]],
expected_public_gateway_post_incident_outcome_lanes,
)
expected_public_gateway_post_incident_blocked_actions = [
"ssh_read_live_nginx_conf",
"store_raw_live_conf",
"store_full_rendered_diff_payload",
"collect_secret_value",
"collect_private_key",
"collect_certificate_body",
"collect_cookie_or_token",
"run_nginx_test",
"reload_nginx",
"restart_nginx",
"change_nginx_site_enabled",
"change_public_route",
"change_admin_route",
"change_api_route",
"change_websocket_route",
"change_acme_challenge_route",
"change_upstream",
"change_dns_record",
"tls_probe",
"dns_probe",
"certbot_renew",
"certbot_reconfigure",
"route_smoke",
"websocket_smoke",
"host_write",
"firewall_change",
"docker_restart",
"systemd_restart",
"argocd_sync",
"kubectl_apply",
"accept_route_200_as_all_green",
"accept_nginx_active_as_all_green",
"accept_dashboard_up_as_security_acceptance",
"accept_cd_success_as_security_acceptance",
"skip_cross_project_sync",
"skip_operator_notification",
"skip_rollback_validation",
"skip_post_change_monitoring",
"mark_readback_accepted_without_reviewer_record",
"open_runtime_gate",
"add_action_button",
]
assert_equal(
"public_gateway_post_incident_readback_plan.blocked_actions",
public_gateway_post_incident_readback_plan["blocked_actions"],
expected_public_gateway_post_incident_blocked_actions,
)
for item in public_gateway_post_incident_readback_plan["readback_candidates"]:
assert_equal(
f"public_gateway_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.field_count",
len(item["readback_fields"]),
36,
)
assert_equal(
f"public_gateway_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.required_readback_fields",
len(item["required_readback_fields"]),
30,
)
assert_equal(
f"public_gateway_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
28,
)
assert_equal(
f"public_gateway_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
10,
)
assert_equal(
f"public_gateway_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
41,
)
assert_true(
f"public_gateway_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"post_incident_readback_received",
"post_incident_readback_accepted",
"actor_attribution_accepted",
"change_time_window_accepted",
"intent_or_break_glass_accepted",
"before_after_route_state_accepted",
"source_live_diff_state_accepted",
"nginx_test_readback_accepted",
"nginx_reload_or_no_reload_accepted",
"route_smoke_readback_accepted",
"tls_acme_readback_accepted",
"websocket_readback_accepted",
"upstream_health_accepted",
"public_admin_api_route_impact_accepted",
"ai_provider_impact_accepted",
"monitoring_alert_accepted",
"operator_notification_accepted",
"cross_project_sync_accepted",
"rollback_validation_accepted",
"post_change_monitoring_accepted",
"recovery_or_still_degraded_accepted",
"postcheck_readback_accepted",
"recurrence_guard_accepted",
"no_false_green_accepted",
"host_live_conf_read_authorized",
"nginx_test_authorized",
"nginx_test_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"public_gateway_reload_authorized",
"route_smoke_authorized",
"route_smoke_executed",
"dns_tls_probe_authorized",
"certbot_renew_authorized",
"public_route_change_authorized",
"admin_route_change_authorized",
"websocket_route_change_authorized",
"acme_challenge_change_authorized",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"public_gateway_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.{false_key}",
item[false_key],
)
for source_path in [
"docs/security/public-gateway-preflight-inventory.snapshot.json",
"docs/security/PUBLIC-GATEWAY-PREFLIGHT-INVENTORY.md",
"docs/security/public-gateway-owner-response-acceptance.snapshot.json",
"docs/security/PUBLIC-GATEWAY-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/public-gateway-rendered-diff-acceptance.snapshot.json",
"docs/security/PUBLIC-GATEWAY-RENDERED-DIFF-ACCEPTANCE.md",
"docs/security/public-gateway-post-incident-readback-plan.snapshot.json",
"docs/security/PUBLIC-GATEWAY-POST-INCIDENT-READBACK-PLAN.md",
"docs/schemas/public_gateway_preflight_inventory_v1.schema.json",
"docs/security/k8s-argocd-owner-response-acceptance.snapshot.json",
"docs/security/K8S-ARGOCD-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/k8s-argocd-change-evidence-acceptance.snapshot.json",
"docs/security/K8S-ARGOCD-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/k8s-argocd-post-incident-readback-plan.snapshot.json",
"docs/security/K8S-ARGOCD-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/host-service-config-inventory.snapshot.json",
"docs/security/HOST-SERVICE-CONFIG-INVENTORY.md",
"docs/security/host-service-post-incident-readback-plan.snapshot.json",
"docs/security/HOST-SERVICE-POST-INCIDENT-READBACK-PLAN.md",
"docs/schemas/host_service_config_inventory_v1.schema.json",
"docs/security/ssh-network-access-inventory.snapshot.json",
"docs/security/SSH-NETWORK-ACCESS-INVENTORY.md",
"docs/security/port-firewall-change-evidence-acceptance.snapshot.json",
"docs/security/PORT-FIREWALL-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/ssh-network-post-incident-readback-plan.snapshot.json",
"docs/security/SSH-NETWORK-POST-INCIDENT-READBACK-PLAN.md",
"docs/schemas/ssh_network_access_inventory_v1.schema.json",
"docs/security/backup-restore-escrow-inventory.snapshot.json",
"docs/security/BACKUP-RESTORE-ESCROW-INVENTORY.md",
"docs/security/backup-restore-owner-response-acceptance.snapshot.json",
"docs/security/BACKUP-RESTORE-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/backup-restore-post-incident-readback-plan.snapshot.json",
"docs/security/BACKUP-RESTORE-POST-INCIDENT-READBACK-PLAN.md",
"docs/schemas/backup_restore_escrow_inventory_v1.schema.json",
"docs/security/monitoring-alerting-observability-inventory.snapshot.json",
"docs/security/MONITORING-ALERTING-OBSERVABILITY-INVENTORY.md",
"docs/security/monitoring-post-incident-readback-plan.snapshot.json",
"docs/security/MONITORING-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/WAZUH-IWOOOS-INTRUSION-READBACK-PLAN.md",
"docs/security/wazuh-iwooos-intrusion-readback-plan.snapshot.json",
"scripts/security/wazuh-iwooos-intrusion-readback-plan.py",
"docs/security/EXTERNAL-HOST-INTRUSION-PREVENTION-CONTROL.md",
"docs/security/external-host-intrusion-prevention-control.snapshot.json",
"scripts/security/external-host-intrusion-prevention-control.py",
"docs/security/SOC-SIEM-KALI-WAZUH-INTEGRATION-CONTROL.md",
"docs/security/soc-siem-kali-wazuh-integration-control.snapshot.json",
"scripts/security/soc-siem-kali-wazuh-integration-control.py",
"apps/web/src/app/api/iwooos/wazuh/route.ts",
"docs/schemas/monitoring_alerting_observability_inventory_v1.schema.json",
"docs/security/public-runtime-config-change-evidence-acceptance.snapshot.json",
"docs/security/PUBLIC-RUNTIME-CONFIG-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/public-frontend-sensitive-surface-guard.snapshot.json",
]:
assert_contains(
"iwooos_projection.source_paths.config_inventory",
iwooos_projection["source_paths"],
source_path,
)
assert_true(
"iwooos_projection.summary.high_value_config_control_coverage_first_layer",
iwooos_projection["summary"]["high_value_config_control_coverage_first_layer"],
)
assert_equal(
"iwooos_projection.summary.high_value_config_control_coverage_summary_count",
iwooos_projection["summary"]["high_value_config_control_coverage_summary_count"],
4,
)
assert_equal(
"iwooos_projection.summary.high_value_config_control_coverage_item_count",
iwooos_projection["summary"]["high_value_config_control_coverage_item_count"],
5,
)
expected_high_value_config_coverage_summary = {
"high_value_config_control_coverage_category_count": 14,
"high_value_config_control_coverage_c0_category_count": 8,
"high_value_config_control_coverage_c1_category_count": 4,
"high_value_config_control_coverage_average_percent": 73,
"high_value_config_control_coverage_needs_live_evidence_count": 10,
"high_value_config_control_coverage_owner_response_required_count": 14,
"high_value_config_control_coverage_owner_response_received_count": 0,
"high_value_config_control_coverage_owner_response_accepted_count": 0,
"high_value_config_control_coverage_runtime_gate_count": 0,
"high_value_config_control_coverage_action_button_count": 0,
"high_value_config_control_coverage_lowest_category_count": 4,
"public_admin_api_runtime_config_coverage_percent": 66,
"public_frontend_sensitive_surface_guard_file_count": 226,
"public_frontend_sensitive_surface_guard_forbidden_pattern_count": 12,
"public_frontend_sensitive_surface_guard_allowlisted_match_count": 2,
"public_frontend_sensitive_surface_guard_violation_count": 0,
"public_frontend_sensitive_surface_guard_runtime_gate_count": 0,
"k8s_production_gitops_coverage_percent": 66,
"ai_provider_model_routing_coverage_percent": 64,
"docker_compose_systemd_host_config_coverage_percent": 68,
"ssh_firewall_network_access_coverage_percent": 70,
"monitoring_alerting_observability_coverage_percent": 78,
"security_evidence_tooling_coverage_percent": 88,
"external_host_intrusion_prevention_control_candidate_count": 14,
"external_host_intrusion_prevention_control_c0_candidate_count": 10,
"external_host_intrusion_prevention_control_required_owner_field_count": 36,
"external_host_intrusion_prevention_control_reviewer_check_count": 34,
"external_host_intrusion_prevention_control_blocked_action_count": 82,
"external_host_intrusion_prevention_control_runtime_gate_count": 0,
"soc_siem_kali_wazuh_integration_control_standard_framework_count": 7,
"soc_siem_kali_wazuh_integration_control_domain_count": 16,
"soc_siem_kali_wazuh_integration_control_c0_domain_count": 12,
"soc_siem_kali_wazuh_integration_control_c1_domain_count": 4,
"soc_siem_kali_wazuh_integration_control_signal_source_count": 12,
"soc_siem_kali_wazuh_integration_control_candidate_count": 20,
"soc_siem_kali_wazuh_integration_control_c0_candidate_count": 12,
"soc_siem_kali_wazuh_integration_control_c1_candidate_count": 8,
"soc_siem_kali_wazuh_integration_control_p0_candidate_count": 12,
"soc_siem_kali_wazuh_integration_control_p1_candidate_count": 8,
"soc_siem_kali_wazuh_integration_control_required_owner_field_count": 42,
"soc_siem_kali_wazuh_integration_control_reviewer_check_count": 36,
"soc_siem_kali_wazuh_integration_control_outcome_lane_count": 14,
"soc_siem_kali_wazuh_integration_control_blocked_action_count": 103,
"soc_siem_kali_wazuh_integration_control_wazuh_event_ref_received_count": 0,
"soc_siem_kali_wazuh_integration_control_kali_scope_ref_accepted_count": 0,
"soc_siem_kali_wazuh_integration_control_kali_finding_envelope_accepted_count": 0,
"soc_siem_kali_wazuh_integration_control_siem_correlation_rule_accepted_count": 0,
"soc_siem_kali_wazuh_integration_control_alert_route_accepted_count": 0,
"soc_siem_kali_wazuh_integration_control_incident_case_accepted_count": 0,
"soc_siem_kali_wazuh_integration_control_forensic_evidence_accepted_count": 0,
"soc_siem_kali_wazuh_integration_control_owner_response_received_count": 0,
"soc_siem_kali_wazuh_integration_control_owner_response_accepted_count": 0,
"soc_siem_kali_wazuh_integration_control_active_response_enabled_count": 0,
"soc_siem_kali_wazuh_integration_control_kali_active_scan_authorized_count": 0,
"soc_siem_kali_wazuh_integration_control_kali_execute_authorized_count": 0,
"soc_siem_kali_wazuh_integration_control_prometheus_reload_authorized_count": 0,
"soc_siem_kali_wazuh_integration_control_alertmanager_reload_authorized_count": 0,
"soc_siem_kali_wazuh_integration_control_telegram_send_authorized_count": 0,
"soc_siem_kali_wazuh_integration_control_soar_case_create_authorized_count": 0,
"soc_siem_kali_wazuh_integration_control_auto_block_authorized_count": 0,
"soc_siem_kali_wazuh_integration_control_runtime_gate_count": 0,
"soc_siem_kali_wazuh_integration_control_action_button_count": 0,
}
for key, expected in expected_high_value_config_coverage_summary.items():
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
expected,
)
expected_ai_provider_owner_response_projection_summary = {
"ai_provider_owner_response_acceptance_candidate_count": 8,
"ai_provider_owner_response_acceptance_write_capable_candidate_count": 5,
"ai_provider_owner_response_acceptance_paid_provider_related_candidate_count": 5,
"ai_provider_owner_response_acceptance_data_egress_candidate_count": 6,
"ai_provider_owner_response_acceptance_live_evidence_required_candidate_count": 6,
"ai_provider_owner_response_acceptance_acceptance_field_count": 37,
"ai_provider_owner_response_acceptance_required_owner_field_count": 24,
"ai_provider_owner_response_acceptance_reviewer_check_count": 24,
"ai_provider_owner_response_acceptance_outcome_lane_count": 10,
"ai_provider_owner_response_acceptance_blocked_action_count": 38,
"ai_provider_owner_response_acceptance_owner_response_received_count": 0,
"ai_provider_owner_response_acceptance_owner_response_accepted_count": 0,
"ai_provider_owner_response_acceptance_dry_run_result_accepted_count": 0,
"ai_provider_owner_response_acceptance_benchmark_result_accepted_count": 0,
"ai_provider_owner_response_acceptance_cost_review_accepted_count": 0,
"ai_provider_owner_response_acceptance_privacy_review_accepted_count": 0,
"ai_provider_owner_response_acceptance_fallback_order_accepted_count": 0,
"ai_provider_owner_response_acceptance_prompt_redaction_accepted_count": 0,
"ai_provider_owner_response_acceptance_secret_handling_accepted_count": 0,
"ai_provider_owner_response_acceptance_quality_gate_accepted_count": 0,
"ai_provider_owner_response_acceptance_rollback_owner_accepted_count": 0,
"ai_provider_owner_response_acceptance_provider_switch_authorized_count": 0,
"ai_provider_owner_response_acceptance_external_provider_call_authorized_count": 0,
"ai_provider_owner_response_acceptance_paid_provider_call_authorized_count": 0,
"ai_provider_owner_response_acceptance_prompt_send_authorized_count": 0,
"ai_provider_owner_response_acceptance_live_endpoint_probe_authorized_count": 0,
"ai_provider_owner_response_acceptance_secret_value_collection_allowed_count": 0,
"ai_provider_owner_response_acceptance_runtime_gate_count": 0,
"ai_provider_owner_response_acceptance_coverage_percent_after_acceptance": 64,
}
for key, expected in expected_ai_provider_owner_response_projection_summary.items():
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
expected,
)
expected_host_service_projection_summary = {
"host_service_config_inventory_first_layer": True,
"host_service_config_inventory_surface_count": 9,
"host_service_config_inventory_source_exists_count": 9,
"host_service_config_inventory_expected_host_scope_count": 5,
"host_service_config_inventory_docker_compose_source_count": 5,
"host_service_config_inventory_host_repair_whitelist_count": 2,
"host_service_config_inventory_systemd_restart_surface_count": 1,
"host_service_config_inventory_write_capable_surface_count": 3,
"host_service_config_inventory_owner_response_required_count": 9,
"host_service_config_inventory_owner_response_received_count": 0,
"host_service_config_inventory_owner_response_accepted_count": 0,
"host_service_config_inventory_live_evidence_required_count": 8,
"host_service_config_inventory_live_evidence_received_count": 0,
"host_service_config_inventory_restart_window_accepted_count": 0,
"host_service_config_inventory_rollback_owner_accepted_count": 0,
"host_service_config_inventory_runtime_gate_count": 0,
"host_service_config_inventory_action_button_count": 0,
"host_service_config_inventory_coverage_percent_before_inventory": 42,
"host_service_config_inventory_coverage_percent_after_inventory": 50,
"host_service_change_evidence_acceptance_candidate_count": 9,
"host_service_change_evidence_acceptance_change_evidence_field_count": 45,
"host_service_change_evidence_acceptance_required_evidence_field_count": 25,
"host_service_change_evidence_acceptance_reviewer_check_count": 26,
"host_service_change_evidence_acceptance_outcome_lane_count": 10,
"host_service_change_evidence_acceptance_blocked_action_count": 39,
"host_service_change_evidence_acceptance_received_count": 0,
"host_service_change_evidence_acceptance_accepted_count": 0,
"host_service_change_evidence_acceptance_docker_daemon_state_accepted_count": 0,
"host_service_change_evidence_acceptance_compose_stack_state_accepted_count": 0,
"host_service_change_evidence_acceptance_systemd_unit_state_accepted_count": 0,
"host_service_change_evidence_acceptance_failed_unit_review_accepted_count": 0,
"host_service_change_evidence_acceptance_port_binding_state_accepted_count": 0,
"host_service_change_evidence_acceptance_public_route_recovery_accepted_count": 0,
"host_service_change_evidence_acceptance_operator_notification_accepted_count": 0,
"host_service_change_evidence_acceptance_runtime_gate_count": 0,
"host_service_change_evidence_acceptance_coverage_percent_after_acceptance": 62,
"host_service_post_incident_readback_plan_first_layer": True,
"host_service_post_incident_readback_plan_candidate_count": 9,
"host_service_post_incident_readback_plan_write_capable_candidate_count": 3,
"host_service_post_incident_readback_plan_live_evidence_required_candidate_count": 8,
"host_service_post_incident_readback_plan_recovery_health_impact_review_required_candidate_count": 9,
"host_service_post_incident_readback_plan_cross_project_sync_required_candidate_count": 9,
"host_service_post_incident_readback_plan_no_false_green_required_candidate_count": 9,
"host_service_post_incident_readback_plan_readback_field_count": 36,
"host_service_post_incident_readback_plan_required_readback_field_count": 28,
"host_service_post_incident_readback_plan_reviewer_check_count": 28,
"host_service_post_incident_readback_plan_outcome_lane_count": 10,
"host_service_post_incident_readback_plan_blocked_action_count": 41,
"host_service_post_incident_readback_plan_post_incident_readback_received_count": 0,
"host_service_post_incident_readback_plan_post_incident_readback_accepted_count": 0,
"host_service_post_incident_readback_plan_actor_attribution_accepted_count": 0,
"host_service_post_incident_readback_plan_before_after_state_accepted_count": 0,
"host_service_post_incident_readback_plan_docker_daemon_state_accepted_count": 0,
"host_service_post_incident_readback_plan_compose_stack_state_accepted_count": 0,
"host_service_post_incident_readback_plan_systemd_unit_state_accepted_count": 0,
"host_service_post_incident_readback_plan_failed_unit_review_accepted_count": 0,
"host_service_post_incident_readback_plan_port_binding_state_accepted_count": 0,
"host_service_post_incident_readback_plan_public_route_recovery_accepted_count": 0,
"host_service_post_incident_readback_plan_admin_route_recovery_accepted_count": 0,
"host_service_post_incident_readback_plan_agent_provider_health_accepted_count": 0,
"host_service_post_incident_readback_plan_monitoring_alert_accepted_count": 0,
"host_service_post_incident_readback_plan_operator_notification_accepted_count": 0,
"host_service_post_incident_readback_plan_cross_project_sync_accepted_count": 0,
"host_service_post_incident_readback_plan_restoration_evidence_accepted_count": 0,
"host_service_post_incident_readback_plan_postcheck_readback_accepted_count": 0,
"host_service_post_incident_readback_plan_recurrence_guard_accepted_count": 0,
"host_service_post_incident_readback_plan_no_false_green_accepted_count": 0,
"host_service_post_incident_readback_plan_runtime_gate_count": 0,
"host_service_post_incident_readback_plan_action_button_count": 0,
"host_service_post_incident_readback_plan_coverage_percent_after_readback_plan": 64,
"docker_compose_systemd_host_config_coverage_percent": 68,
}
for key, expected in expected_host_service_projection_summary.items():
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
expected,
)
expected_ssh_network_projection_summary = {
"ssh_network_access_inventory_first_layer": True,
"ssh_network_access_inventory_surface_count": 16,
"ssh_network_access_inventory_source_exists_count": 16,
"ssh_network_access_inventory_expected_scope_count": 16,
"ssh_network_access_inventory_ssh_source_surface_count": 11,
"ssh_network_access_inventory_network_policy_surface_count": 2,
"ssh_network_access_inventory_nodeport_surface_count": 2,
"ssh_network_access_inventory_sudoers_surface_count": 1,
"ssh_network_access_inventory_wireguard_surface_count": 1,
"ssh_network_access_inventory_write_capable_surface_count": 6,
"ssh_network_access_inventory_owner_response_required_count": 16,
"ssh_network_access_inventory_owner_response_received_count": 0,
"ssh_network_access_inventory_owner_response_accepted_count": 0,
"ssh_network_access_inventory_live_evidence_required_count": 16,
"ssh_network_access_inventory_live_evidence_received_count": 0,
"ssh_network_access_inventory_maintenance_window_accepted_count": 0,
"ssh_network_access_inventory_rollback_owner_accepted_count": 0,
"ssh_network_access_inventory_runtime_gate_count": 0,
"ssh_network_access_inventory_action_button_count": 0,
"ssh_network_access_inventory_coverage_percent_before_inventory": 48,
"ssh_network_access_inventory_coverage_percent_after_inventory": 54,
"ssh_network_owner_response_acceptance_first_layer": True,
"ssh_network_owner_response_acceptance_candidate_count": 16,
"ssh_network_owner_response_acceptance_write_capable_candidate_count": 6,
"ssh_network_owner_response_acceptance_live_evidence_required_candidate_count": 16,
"ssh_network_owner_response_acceptance_reviewer_check_count": 15,
"ssh_network_owner_response_acceptance_outcome_lane_count": 7,
"ssh_network_owner_response_acceptance_blocked_action_count": 22,
"ssh_network_owner_response_acceptance_owner_response_received_count": 0,
"ssh_network_owner_response_acceptance_owner_response_accepted_count": 0,
"ssh_network_owner_response_acceptance_firewall_owner_accepted_count": 0,
"ssh_network_owner_response_acceptance_port_policy_accepted_count": 0,
"ssh_network_owner_response_acceptance_wireguard_cutover_accepted_count": 0,
"ssh_network_owner_response_acceptance_runtime_gate_count": 0,
"ssh_network_owner_response_acceptance_action_button_count": 0,
"ssh_network_owner_response_acceptance_coverage_percent_after_acceptance": 58,
"port_firewall_change_evidence_acceptance_first_layer": True,
"port_firewall_change_evidence_acceptance_candidate_count": 14,
"port_firewall_change_evidence_acceptance_write_capable_candidate_count": 6,
"port_firewall_change_evidence_acceptance_policy_or_exposure_candidate_count": 5,
"port_firewall_change_evidence_acceptance_required_evidence_field_count": 21,
"port_firewall_change_evidence_acceptance_reviewer_check_count": 21,
"port_firewall_change_evidence_acceptance_outcome_lane_count": 9,
"port_firewall_change_evidence_acceptance_blocked_action_count": 28,
"port_firewall_change_evidence_acceptance_received_count": 0,
"port_firewall_change_evidence_acceptance_accepted_count": 0,
"port_firewall_change_evidence_acceptance_actor_identified_count": 0,
"port_firewall_change_evidence_acceptance_cross_project_sync_accepted_count": 0,
"port_firewall_change_evidence_acceptance_service_health_impact_accepted_count": 0,
"port_firewall_change_evidence_acceptance_operator_notification_accepted_count": 0,
"port_firewall_change_evidence_acceptance_postcheck_evidence_accepted_count": 0,
"port_firewall_change_evidence_acceptance_runtime_gate_count": 0,
"port_firewall_change_evidence_acceptance_action_button_count": 0,
"port_firewall_change_evidence_acceptance_coverage_percent_after_acceptance": 62,
"ssh_network_post_incident_readback_plan_first_layer": True,
"ssh_network_post_incident_readback_plan_candidate_count": 14,
"ssh_network_post_incident_readback_plan_write_capable_candidate_count": 6,
"ssh_network_post_incident_readback_plan_policy_or_exposure_candidate_count": 5,
"ssh_network_post_incident_readback_plan_health_impact_review_required_candidate_count": 14,
"ssh_network_post_incident_readback_plan_cross_project_sync_required_candidate_count": 14,
"ssh_network_post_incident_readback_plan_recurrence_guard_required_candidate_count": 14,
"ssh_network_post_incident_readback_plan_readback_field_count": 30,
"ssh_network_post_incident_readback_plan_required_readback_field_count": 24,
"ssh_network_post_incident_readback_plan_reviewer_check_count": 24,
"ssh_network_post_incident_readback_plan_outcome_lane_count": 10,
"ssh_network_post_incident_readback_plan_blocked_action_count": 34,
"ssh_network_post_incident_readback_plan_post_incident_readback_received_count": 0,
"ssh_network_post_incident_readback_plan_post_incident_readback_accepted_count": 0,
"ssh_network_post_incident_readback_plan_actor_attribution_accepted_count": 0,
"ssh_network_post_incident_readback_plan_before_after_state_accepted_count": 0,
"ssh_network_post_incident_readback_plan_service_dependency_accepted_count": 0,
"ssh_network_post_incident_readback_plan_public_route_impact_accepted_count": 0,
"ssh_network_post_incident_readback_plan_ai_provider_impact_accepted_count": 0,
"ssh_network_post_incident_readback_plan_monitoring_alert_impact_accepted_count": 0,
"ssh_network_post_incident_readback_plan_operator_notification_accepted_count": 0,
"ssh_network_post_incident_readback_plan_cross_project_sync_accepted_count": 0,
"ssh_network_post_incident_readback_plan_restoration_evidence_accepted_count": 0,
"ssh_network_post_incident_readback_plan_postcheck_readback_accepted_count": 0,
"ssh_network_post_incident_readback_plan_recurrence_guard_accepted_count": 0,
"ssh_network_post_incident_readback_plan_no_false_green_accepted_count": 0,
"ssh_network_post_incident_readback_plan_runtime_gate_count": 0,
"ssh_network_post_incident_readback_plan_action_button_count": 0,
"ssh_network_post_incident_readback_plan_coverage_percent_after_readback_plan": 64,
"k8s_argocd_change_evidence_acceptance_first_layer": True,
"k8s_argocd_change_evidence_acceptance_candidate_count": 4,
"k8s_argocd_change_evidence_acceptance_c0_candidate_count": 3,
"k8s_argocd_change_evidence_acceptance_c1_candidate_count": 1,
"k8s_argocd_change_evidence_acceptance_write_capable_candidate_count": 4,
"k8s_argocd_change_evidence_acceptance_source_manifest_file_count": 49,
"k8s_argocd_change_evidence_acceptance_source_yaml_manifest_file_count": 45,
"k8s_argocd_change_evidence_acceptance_network_policy_object_count": 6,
"k8s_argocd_change_evidence_acceptance_secret_object_count": 6,
"k8s_argocd_change_evidence_acceptance_rbac_object_count": 5,
"k8s_argocd_change_evidence_acceptance_required_evidence_field_count": 18,
"k8s_argocd_change_evidence_acceptance_reviewer_check_count": 18,
"k8s_argocd_change_evidence_acceptance_outcome_lane_count": 8,
"k8s_argocd_change_evidence_acceptance_blocked_action_count": 28,
"k8s_argocd_change_evidence_acceptance_received_count": 0,
"k8s_argocd_change_evidence_acceptance_accepted_count": 0,
"k8s_argocd_change_evidence_acceptance_rendered_manifest_diff_accepted_count": 0,
"k8s_argocd_change_evidence_acceptance_argocd_application_readback_accepted_count": 0,
"k8s_argocd_change_evidence_acceptance_argocd_sync_revision_accepted_count": 0,
"k8s_argocd_change_evidence_acceptance_rollout_status_accepted_count": 0,
"k8s_argocd_change_evidence_acceptance_service_route_smoke_accepted_count": 0,
"k8s_argocd_change_evidence_acceptance_metrics_alert_accepted_count": 0,
"k8s_argocd_change_evidence_acceptance_runtime_approval_package_ready_count": 0,
"k8s_argocd_change_evidence_acceptance_runtime_gate_count": 0,
"k8s_argocd_change_evidence_acceptance_action_button_count": 0,
"k8s_argocd_change_evidence_acceptance_coverage_percent_after_acceptance": 64,
"k8s_argocd_post_incident_readback_plan_first_layer": True,
"k8s_argocd_post_incident_readback_plan_candidate_count": 4,
"k8s_argocd_post_incident_readback_plan_c0_candidate_count": 3,
"k8s_argocd_post_incident_readback_plan_c1_candidate_count": 1,
"k8s_argocd_post_incident_readback_plan_write_capable_candidate_count": 4,
"k8s_argocd_post_incident_readback_plan_degraded_or_pending_review_required_candidate_count": 4,
"k8s_argocd_post_incident_readback_plan_drift_or_schedule_review_required_candidate_count": 4,
"k8s_argocd_post_incident_readback_plan_route_ai_monitoring_impact_required_candidate_count": 4,
"k8s_argocd_post_incident_readback_plan_cross_project_sync_required_candidate_count": 4,
"k8s_argocd_post_incident_readback_plan_no_false_green_required_candidate_count": 4,
"k8s_argocd_post_incident_readback_plan_readback_field_count": 36,
"k8s_argocd_post_incident_readback_plan_required_readback_field_count": 31,
"k8s_argocd_post_incident_readback_plan_reviewer_check_count": 28,
"k8s_argocd_post_incident_readback_plan_outcome_lane_count": 10,
"k8s_argocd_post_incident_readback_plan_blocked_action_count": 41,
"k8s_argocd_post_incident_readback_plan_post_incident_readback_received_count": 0,
"k8s_argocd_post_incident_readback_plan_post_incident_readback_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_actor_attribution_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_argocd_app_health_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_argocd_sync_status_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_degraded_state_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_pending_workload_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_image_pull_or_scheduling_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_rollout_before_after_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_event_summary_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_metrics_alert_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_drift_scanner_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_cronjob_schedule_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_network_policy_service_impact_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_rbac_serviceaccount_impact_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_secret_metadata_parity_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_public_admin_route_impact_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_ai_provider_monitoring_impact_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_backup_restore_impact_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_operator_notification_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_cross_project_sync_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_recovery_or_still_degraded_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_postcheck_readback_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_recurrence_guard_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_no_false_green_accepted_count": 0,
"k8s_argocd_post_incident_readback_plan_argocd_api_read_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_argocd_sync_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_live_cluster_read_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_kubectl_action_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_helm_action_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_network_policy_change_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_nodeport_change_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_rbac_change_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_secret_value_collection_allowed_count": 0,
"k8s_argocd_post_incident_readback_plan_route_smoke_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_production_write_authorized_count": 0,
"k8s_argocd_post_incident_readback_plan_runtime_gate_count": 0,
"k8s_argocd_post_incident_readback_plan_action_button_count": 0,
"k8s_argocd_post_incident_readback_plan_coverage_percent_after_readback_plan": 66,
"k8s_production_gitops_coverage_percent": 66,
"cd_runner_secret_injection_change_evidence_acceptance_first_layer": True,
"cd_runner_secret_injection_change_evidence_acceptance_candidate_count": 5,
"cd_runner_secret_injection_change_evidence_acceptance_c0_candidate_count": 4,
"cd_runner_secret_injection_change_evidence_acceptance_c1_candidate_count": 1,
"cd_runner_secret_injection_change_evidence_acceptance_write_capable_candidate_count": 5,
"cd_runner_secret_injection_change_evidence_acceptance_local_workflow_file_count": 33,
"cd_runner_secret_injection_change_evidence_acceptance_gitea_workflow_file_count": 12,
"cd_runner_secret_injection_change_evidence_acceptance_github_workflow_file_count": 21,
"cd_runner_secret_injection_change_evidence_acceptance_local_referenced_secret_name_count": 42,
"cd_runner_secret_injection_change_evidence_acceptance_runner_label_count": 5,
"cd_runner_secret_injection_change_evidence_acceptance_export_request_count": 9,
"cd_runner_secret_injection_change_evidence_acceptance_export_lane_count": 5,
"cd_runner_secret_injection_change_evidence_acceptance_owner_response_template_count": 5,
"cd_runner_secret_injection_change_evidence_acceptance_required_evidence_field_count": 19,
"cd_runner_secret_injection_change_evidence_acceptance_reviewer_check_count": 19,
"cd_runner_secret_injection_change_evidence_acceptance_outcome_lane_count": 8,
"cd_runner_secret_injection_change_evidence_acceptance_blocked_action_count": 32,
"cd_runner_secret_injection_change_evidence_acceptance_received_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_accepted_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_workflow_diff_accepted_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_runner_attestation_accepted_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_secret_name_parity_accepted_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_secret_injection_route_accepted_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_deploy_marker_readback_accepted_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_guard_result_accepted_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_postcheck_evidence_accepted_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_runtime_approval_package_ready_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_runtime_gate_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_action_button_count": 0,
"cd_runner_secret_injection_change_evidence_acceptance_secret_metadata_coverage_percent_before_acceptance": 66,
"cd_runner_secret_injection_change_evidence_acceptance_secret_metadata_coverage_percent_after_acceptance": 68,
"cd_runner_secret_injection_change_evidence_acceptance_gitea_workflow_runner_coverage_percent_before_acceptance": 70,
"cd_runner_secret_injection_change_evidence_acceptance_gitea_workflow_runner_coverage_percent_after_acceptance": 72,
"cd_runner_secret_injection_post_incident_readback_plan_first_layer": True,
"cd_runner_secret_injection_post_incident_readback_plan_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_c0_candidate_count": 4,
"cd_runner_secret_injection_post_incident_readback_plan_c1_candidate_count": 1,
"cd_runner_secret_injection_post_incident_readback_plan_write_capable_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_secret_sensitive_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_runner_or_workflow_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_deploy_or_run_readback_required_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_required_readback_field_count": 33,
"cd_runner_secret_injection_post_incident_readback_plan_reviewer_check_count": 30,
"cd_runner_secret_injection_post_incident_readback_plan_outcome_lane_count": 11,
"cd_runner_secret_injection_post_incident_readback_plan_blocked_action_count": 52,
"cd_runner_secret_injection_post_incident_readback_plan_received_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_workflow_diff_state_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_attestation_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_executor_host_readback_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_workspace_cleanup_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_permission_scope_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_name_parity_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_injection_route_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_step_env_secret_guard_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_log_redaction_readback_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_deploy_marker_readback_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_gitea_action_run_readback_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_webhook_delivery_state_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_deploy_key_branch_protection_codeowners_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_notification_delivery_receipt_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_before_after_deploy_state_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_affected_route_or_service_state_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_cross_project_sync_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_rollback_validation_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_postcheck_evidence_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_post_change_monitoring_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_recurrence_guard_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_no_false_green_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_workflow_modification_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_workflow_dispatch_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_github_hosted_runner_enable_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_webhook_modification_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_deploy_key_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_branch_protection_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_codeowners_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_repo_secret_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_value_collection_allowed_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_injection_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_gitea_action_dispatch_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_cd_pipeline_run_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_k8s_secret_injection_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_argocd_sync_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_production_deploy_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runtime_gate_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_action_button_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_metadata_coverage_percent_after_readback_plan": 70,
"cd_runner_secret_injection_post_incident_readback_plan_gitea_workflow_runner_coverage_percent_after_readback_plan": 74,
"secret_metadata_coverage_percent": 70,
"gitea_workflow_runner_source_control_coverage_percent": 74,
"public_runtime_config_change_evidence_acceptance_first_layer": True,
"public_runtime_config_change_evidence_acceptance_candidate_count": 6,
"public_runtime_config_change_evidence_acceptance_c0_candidate_count": 5,
"public_runtime_config_change_evidence_acceptance_c1_candidate_count": 1,
"public_runtime_config_change_evidence_acceptance_write_capable_candidate_count": 6,
"public_runtime_config_change_evidence_acceptance_source_ref_count": 20,
"public_runtime_config_change_evidence_acceptance_required_evidence_field_count": 21,
"public_runtime_config_change_evidence_acceptance_reviewer_check_count": 21,
"public_runtime_config_change_evidence_acceptance_outcome_lane_count": 8,
"public_runtime_config_change_evidence_acceptance_blocked_action_count": 32,
"public_runtime_config_change_evidence_acceptance_received_count": 0,
"public_runtime_config_change_evidence_acceptance_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_route_scope_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_admin_auth_boundary_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_api_contract_readback_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_cors_origin_diff_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_frontend_env_diff_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_i18n_redaction_review_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_desktop_mobile_smoke_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_sensitive_string_scan_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_postcheck_evidence_accepted_count": 0,
"public_runtime_config_change_evidence_acceptance_runtime_approval_package_ready_count": 0,
"public_runtime_config_change_evidence_acceptance_runtime_gate_count": 0,
"public_runtime_config_change_evidence_acceptance_action_button_count": 0,
"public_runtime_config_change_evidence_acceptance_coverage_percent_before_acceptance": 62,
"public_runtime_config_change_evidence_acceptance_coverage_percent_after_acceptance": 64,
}
for key, expected in expected_ssh_network_projection_summary.items():
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
expected,
)
expected_backup_restore_projection_summary = {
"backup_restore_escrow_inventory_first_layer": True,
"backup_restore_escrow_inventory_surface_count": 38,
"backup_restore_escrow_inventory_source_exists_count": 38,
"backup_restore_escrow_inventory_expected_scope_count": 38,
"backup_restore_escrow_inventory_backup_script_surface_count": 15,
"backup_restore_escrow_inventory_restore_drill_surface_count": 4,
"backup_restore_escrow_inventory_offsite_escrow_surface_count": 8,
"backup_restore_escrow_inventory_velero_surface_count": 5,
"backup_restore_escrow_inventory_retention_surface_count": 3,
"backup_restore_escrow_inventory_credential_surface_count": 5,
"backup_restore_escrow_inventory_alert_surface_count": 1,
"backup_restore_escrow_inventory_dr_readiness_contract_surface_count": 3,
"backup_restore_escrow_inventory_write_capable_surface_count": 27,
"backup_restore_escrow_inventory_owner_response_required_count": 38,
"backup_restore_escrow_inventory_owner_response_received_count": 0,
"backup_restore_escrow_inventory_owner_response_accepted_count": 0,
"backup_restore_escrow_inventory_live_evidence_required_count": 38,
"backup_restore_escrow_inventory_live_evidence_received_count": 0,
"backup_restore_escrow_inventory_restore_drill_accepted_count": 0,
"backup_restore_escrow_inventory_offsite_sync_accepted_count": 0,
"backup_restore_escrow_inventory_credential_escrow_accepted_count": 0,
"backup_restore_escrow_inventory_retention_change_accepted_count": 0,
"backup_restore_escrow_inventory_maintenance_window_accepted_count": 0,
"backup_restore_escrow_inventory_rollback_owner_accepted_count": 0,
"backup_restore_escrow_inventory_runtime_gate_count": 0,
"backup_restore_escrow_inventory_action_button_count": 0,
"backup_restore_escrow_inventory_coverage_percent_before_inventory": 52,
"backup_restore_escrow_inventory_coverage_percent_after_inventory": 58,
"backup_restore_post_incident_readback_plan_first_layer": True,
"backup_restore_post_incident_readback_plan_candidate_count": 38,
"backup_restore_post_incident_readback_plan_write_capable_candidate_count": 27,
"backup_restore_post_incident_readback_plan_live_evidence_required_candidate_count": 38,
"backup_restore_post_incident_readback_plan_restore_drill_required_candidate_count": 38,
"backup_restore_post_incident_readback_plan_offsite_or_escrow_required_candidate_count": 20,
"backup_restore_post_incident_readback_plan_retention_or_remote_delete_required_candidate_count": 17,
"backup_restore_post_incident_readback_plan_required_readback_field_count": 34,
"backup_restore_post_incident_readback_plan_reviewer_check_count": 32,
"backup_restore_post_incident_readback_plan_outcome_lane_count": 11,
"backup_restore_post_incident_readback_plan_blocked_action_count": 51,
"backup_restore_post_incident_readback_plan_post_incident_readback_received_count": 0,
"backup_restore_post_incident_readback_plan_post_incident_readback_accepted_count": 0,
"backup_restore_post_incident_readback_plan_actor_attribution_accepted_count": 0,
"backup_restore_post_incident_readback_plan_before_after_freshness_accepted_count": 0,
"backup_restore_post_incident_readback_plan_backup_status_readback_accepted_count": 0,
"backup_restore_post_incident_readback_plan_restore_drill_readback_accepted_count": 0,
"backup_restore_post_incident_readback_plan_restore_target_isolation_readback_accepted_count": 0,
"backup_restore_post_incident_readback_plan_offsite_sync_readback_accepted_count": 0,
"backup_restore_post_incident_readback_plan_offsite_remote_delete_guard_accepted_count": 0,
"backup_restore_post_incident_readback_plan_credential_escrow_non_secret_readback_accepted_count": 0,
"backup_restore_post_incident_readback_plan_retention_runway_readback_accepted_count": 0,
"backup_restore_post_incident_readback_plan_backup_health_no_false_green_readback_accepted_count": 0,
"backup_restore_post_incident_readback_plan_runtime_gate_count": 0,
"backup_restore_post_incident_readback_plan_action_button_count": 0,
"backup_restore_post_incident_readback_plan_coverage_percent_after_readback_plan": 66,
"backup_restore_credential_coverage_percent": 66,
}
for key, expected in expected_backup_restore_projection_summary.items():
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
expected,
)
expected_monitoring_alerting_observability_projection_summary = {
"monitoring_alerting_observability_inventory_first_layer": True,
"monitoring_alerting_observability_inventory_surface_count": 60,
"monitoring_alerting_observability_inventory_source_exists_count": 60,
"monitoring_alerting_observability_inventory_expected_scope_count": 60,
"monitoring_alerting_observability_inventory_prometheus_config_surface_count": 8,
"monitoring_alerting_observability_inventory_alert_rule_surface_count": 13,
"monitoring_alerting_observability_inventory_alertmanager_receiver_surface_count": 1,
"monitoring_alerting_observability_inventory_grafana_surface_count": 6,
"monitoring_alerting_observability_inventory_signoz_surface_count": 3,
"monitoring_alerting_observability_inventory_sentry_surface_count": 4,
"monitoring_alerting_observability_inventory_langfuse_surface_count": 3,
"monitoring_alerting_observability_inventory_notification_policy_surface_count": 4,
"monitoring_alerting_observability_inventory_telegram_surface_count": 3,
"monitoring_alerting_observability_inventory_otel_surface_count": 1,
"monitoring_alerting_observability_inventory_deploy_or_reload_surface_count": 6,
"monitoring_alerting_observability_inventory_drift_guard_surface_count": 1,
"monitoring_alerting_observability_inventory_smoke_surface_count": 4,
"monitoring_alerting_observability_inventory_write_capable_surface_count": 11,
"monitoring_alerting_observability_inventory_surfaces_requiring_owner_response_count": 60,
"monitoring_alerting_observability_inventory_surfaces_requiring_live_evidence_count": 60,
"monitoring_alerting_observability_inventory_owner_response_received_count": 0,
"monitoring_alerting_observability_inventory_owner_response_accepted_count": 0,
"monitoring_alerting_observability_inventory_live_evidence_received_count": 0,
"monitoring_alerting_observability_inventory_reload_owner_accepted_count": 0,
"monitoring_alerting_observability_inventory_receiver_owner_accepted_count": 0,
"monitoring_alerting_observability_inventory_route_smoke_accepted_count": 0,
"monitoring_alerting_observability_inventory_maintenance_window_accepted_count": 0,
"monitoring_alerting_observability_inventory_rollback_owner_accepted_count": 0,
"monitoring_alerting_observability_inventory_runtime_gate_count": 0,
"monitoring_alerting_observability_inventory_action_button_count": 0,
"monitoring_alerting_observability_inventory_coverage_percent_before_inventory": 56,
"monitoring_alerting_observability_inventory_coverage_percent_after_inventory": 62,
"monitoring_owner_response_acceptance_candidate_count": 60,
"monitoring_owner_response_acceptance_acceptance_field_count": 38,
"monitoring_owner_response_acceptance_reviewer_check_count": 23,
"monitoring_owner_response_acceptance_outcome_lane_count": 12,
"monitoring_owner_response_acceptance_blocked_action_count": 34,
"monitoring_owner_response_acceptance_receiver_receipt_proof_accepted_count": 0,
"monitoring_owner_response_acceptance_stale_alert_review_accepted_count": 0,
"monitoring_owner_response_acceptance_silence_or_dedup_review_accepted_count": 0,
"monitoring_owner_response_acceptance_false_green_risk_review_accepted_count": 0,
"monitoring_owner_response_acceptance_post_reload_readback_plan_accepted_count": 0,
"monitoring_owner_response_acceptance_cross_project_notification_accepted_count": 0,
"monitoring_owner_response_acceptance_runtime_gate_count": 0,
"monitoring_owner_response_acceptance_coverage_percent_after_backfill": 68,
"monitoring_post_incident_readback_plan_candidate_count": 60,
"monitoring_post_incident_readback_plan_write_capable_candidate_count": 11,
"monitoring_post_incident_readback_plan_live_evidence_required_candidate_count": 60,
"monitoring_post_incident_readback_plan_alert_rule_candidate_count": 13,
"monitoring_post_incident_readback_plan_deploy_or_reload_candidate_count": 6,
"monitoring_post_incident_readback_plan_required_readback_field_count": 30,
"monitoring_post_incident_readback_plan_reviewer_check_count": 28,
"monitoring_post_incident_readback_plan_outcome_lane_count": 11,
"monitoring_post_incident_readback_plan_blocked_action_count": 53,
"monitoring_post_incident_readback_plan_post_incident_readback_received_count": 0,
"monitoring_post_incident_readback_plan_post_incident_readback_accepted_count": 0,
"monitoring_post_incident_readback_plan_receiver_receipt_readback_accepted_count": 0,
"monitoring_post_incident_readback_plan_stale_pending_resolved_review_accepted_count": 0,
"monitoring_post_incident_readback_plan_silence_mute_dedup_inhibit_review_accepted_count": 0,
"monitoring_post_incident_readback_plan_alert_chain_health_readback_accepted_count": 0,
"monitoring_post_incident_readback_plan_runtime_gate_count": 0,
"monitoring_post_incident_readback_plan_action_button_count": 0,
"monitoring_post_incident_readback_plan_coverage_percent_after_readback_plan": 70,
}
for key, expected in expected_monitoring_alerting_observability_projection_summary.items():
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
expected,
)
expected_public_gateway_preflight_projection_summary = {
"public_gateway_preflight_first_layer": True,
"public_gateway_preflight_summary_count": 4,
"public_gateway_preflight_item_count": 6,
"public_gateway_preflight_source_config_count": 3,
"public_gateway_preflight_c0_source_config_count": 2,
"public_gateway_preflight_managed_domain_count": 14,
"public_gateway_preflight_route_impact_count": 14,
"public_gateway_preflight_unique_upstream_count": 14,
"public_gateway_preflight_tls_certificate_path_count": 10,
"public_gateway_preflight_certificate_owner_confirmation_required_count": 4,
"public_gateway_preflight_admin_route_domain_count": 1,
"public_gateway_preflight_websocket_route_domain_count": 6,
"public_gateway_preflight_acme_challenge_domain_count": 7,
"public_gateway_preflight_gate_count": 12,
"public_gateway_preflight_repo_only_ready_count": 2,
"public_gateway_preflight_owner_acceptance_required_gate_count": 10,
"public_gateway_preflight_gate_accepted_count": 0,
"public_gateway_preflight_owner_response_received_count": 0,
"public_gateway_preflight_owner_response_accepted_count": 0,
"public_gateway_preflight_owner_provided_live_conf_received_count": 0,
"public_gateway_preflight_rendered_diff_ready_count": 0,
"public_gateway_preflight_nginx_test_evidence_count": 0,
"public_gateway_preflight_route_smoke_evidence_count": 0,
"public_gateway_preflight_maintenance_window_accepted_count": 0,
"public_gateway_preflight_rollback_owner_accepted_count": 0,
"public_gateway_preflight_runtime_gate_count": 0,
"public_gateway_preflight_action_button_count": 0,
"public_gateway_preflight_coverage_percent_before_preflight": 78,
"public_gateway_preflight_coverage_percent_after_preflight": 84,
}
for key, expected in expected_public_gateway_preflight_projection_summary.items():
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
expected,
)
expected_public_gateway_post_incident_projection_summary = {
"nginx_public_gateway_coverage_percent": 92,
"public_gateway_post_incident_readback_plan_candidate_count": 3,
"public_gateway_post_incident_readback_plan_c0_candidate_count": 2,
"public_gateway_post_incident_readback_plan_write_capable_candidate_count": 3,
"public_gateway_post_incident_readback_plan_required_readback_field_count": 30,
"public_gateway_post_incident_readback_plan_reviewer_check_count": 28,
"public_gateway_post_incident_readback_plan_outcome_lane_count": 10,
"public_gateway_post_incident_readback_plan_blocked_action_count": 41,
"public_gateway_post_incident_readback_plan_post_incident_readback_received_count": 0,
"public_gateway_post_incident_readback_plan_post_incident_readback_accepted_count": 0,
"public_gateway_post_incident_readback_plan_actor_attribution_accepted_count": 0,
"public_gateway_post_incident_readback_plan_before_after_route_state_accepted_count": 0,
"public_gateway_post_incident_readback_plan_source_live_diff_state_accepted_count": 0,
"public_gateway_post_incident_readback_plan_nginx_test_readback_accepted_count": 0,
"public_gateway_post_incident_readback_plan_nginx_reload_or_no_reload_accepted_count": 0,
"public_gateway_post_incident_readback_plan_route_smoke_readback_accepted_count": 0,
"public_gateway_post_incident_readback_plan_tls_acme_readback_accepted_count": 0,
"public_gateway_post_incident_readback_plan_websocket_readback_accepted_count": 0,
"public_gateway_post_incident_readback_plan_upstream_health_accepted_count": 0,
"public_gateway_post_incident_readback_plan_public_admin_api_route_impact_accepted_count": 0,
"public_gateway_post_incident_readback_plan_ai_provider_impact_accepted_count": 0,
"public_gateway_post_incident_readback_plan_monitoring_alert_accepted_count": 0,
"public_gateway_post_incident_readback_plan_operator_notification_accepted_count": 0,
"public_gateway_post_incident_readback_plan_cross_project_sync_accepted_count": 0,
"public_gateway_post_incident_readback_plan_rollback_validation_accepted_count": 0,
"public_gateway_post_incident_readback_plan_post_change_monitoring_accepted_count": 0,
"public_gateway_post_incident_readback_plan_postcheck_readback_accepted_count": 0,
"public_gateway_post_incident_readback_plan_recurrence_guard_accepted_count": 0,
"public_gateway_post_incident_readback_plan_no_false_green_accepted_count": 0,
"public_gateway_post_incident_readback_plan_host_live_conf_read_authorized_count": 0,
"public_gateway_post_incident_readback_plan_nginx_test_authorized_count": 0,
"public_gateway_post_incident_readback_plan_nginx_reload_authorized_count": 0,
"public_gateway_post_incident_readback_plan_public_gateway_reload_authorized_count": 0,
"public_gateway_post_incident_readback_plan_route_smoke_authorized_count": 0,
"public_gateway_post_incident_readback_plan_dns_tls_probe_authorized_count": 0,
"public_gateway_post_incident_readback_plan_certbot_renew_authorized_count": 0,
"public_gateway_post_incident_readback_plan_runtime_gate_count": 0,
"public_gateway_post_incident_readback_plan_action_button_count": 0,
"public_gateway_post_incident_readback_plan_coverage_percent_after_readback_plan": 92,
}
for key, expected in expected_public_gateway_post_incident_projection_summary.items():
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
expected,
)
assert_true(
"iwooos_projection.summary.high_value_config_owner_packet_first_layer",
iwooos_projection["summary"]["high_value_config_owner_packet_first_layer"],
)
assert_equal(
"iwooos_projection.summary.high_value_config_owner_packet_summary_count",
iwooos_projection["summary"]["high_value_config_owner_packet_summary_count"],
4,
)
assert_equal(
"iwooos_projection.summary.high_value_config_owner_packet_item_count",
iwooos_projection["summary"]["high_value_config_owner_packet_item_count"],
6,
)
assert_equal(
"iwooos_projection.summary.high_value_config_owner_packet_count",
iwooos_projection["summary"]["high_value_config_owner_packet_count"],
3,
)
assert_equal(
"iwooos_projection.summary.high_value_config_owner_packet_c0_packet_count",
iwooos_projection["summary"]["high_value_config_owner_packet_c0_packet_count"],
2,
)
for key in [
"high_value_config_owner_packet_c1_packet_count",
"high_value_config_owner_packet_request_sent_count",
"high_value_config_owner_packet_received_response_count",
"high_value_config_owner_packet_accepted_response_count",
"high_value_config_owner_packet_runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
0,
)
assert_true(
"iwooos_projection.summary.awooop_high_value_config_owner_packet_first_layer",
iwooos_projection["summary"]["awooop_high_value_config_owner_packet_first_layer"],
)
assert_equal(
"iwooos_projection.summary.awooop_high_value_config_owner_packet_summary_count",
iwooos_projection["summary"]["awooop_high_value_config_owner_packet_summary_count"],
4,
)
assert_equal(
"iwooos_projection.summary.awooop_high_value_config_owner_packet_ref_count",
iwooos_projection["summary"]["awooop_high_value_config_owner_packet_ref_count"],
4,
)
assert_equal(
"iwooos_projection.summary.awooop_high_value_config_owner_packet_boundary_count",
iwooos_projection["summary"]["awooop_high_value_config_owner_packet_boundary_count"],
15,
)
for key in [
"awooop_high_value_config_owner_packet_request_sent_count",
"awooop_high_value_config_owner_packet_received_response_count",
"awooop_high_value_config_owner_packet_accepted_response_count",
"awooop_high_value_config_owner_packet_runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.summary.{key}",
iwooos_projection["summary"][key],
0,
)
assert_equal(
"high_value_config_owner_packet_intake.schema_version",
high_value_config_owner_packet_intake["schema_version"],
"high_value_config_owner_packet_intake_preflight_v1",
)
assert_equal(
"high_value_config_owner_packet_intake.source_owner_packet_schema_version",
high_value_config_owner_packet_intake["source_owner_packet_schema_version"],
"high_value_config_owner_packet_v1",
)
assert_equal(
"high_value_config_owner_packet_intake.status",
high_value_config_owner_packet_intake["status"],
"request_dispatch_preflight_ready",
)
expected_high_value_config_owner_packet_intake_summary = {
"packet_count": 3,
"c0_packet_count": 2,
"c1_packet_count": 0,
"canonical_owner_field_count": 9,
"required_owner_field_total": 27,
"dispatch_preflight_check_count": 9,
"reviewer_intake_lane_count": 5,
"blocked_request_count": 16,
"request_sent_count": 0,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"reviewer_queue_write_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_high_value_config_owner_packet_intake_summary.items():
assert_equal(
f"high_value_config_owner_packet_intake.summary.{key}",
high_value_config_owner_packet_intake["summary"][key],
expected,
)
for false_key in [
"dispatch_authorized",
"request_sent",
"reviewer_queue_write",
"runtime_execution_authorized",
"secret_value_collection_allowed",
"production_write_authorized",
"host_write_authorized",
"nginx_reload_authorized",
"dns_tls_change_authorized",
"workflow_modification_authorized",
"active_scan_authorized",
"action_buttons_allowed",
]:
assert_false(
f"high_value_config_owner_packet_intake.execution_boundaries.{false_key}",
high_value_config_owner_packet_intake["execution_boundaries"][false_key],
)
assert_true(
"high_value_config_owner_packet_intake.execution_boundaries.not_authorization",
high_value_config_owner_packet_intake["execution_boundaries"]["not_authorization"],
)
expected_high_value_config_owner_packet_intake_ids = [
"high_value_config_owner_packet:dns_tls_certbot",
"high_value_config_owner_packet:nginx_public_gateway",
"high_value_config_owner_packet:security_evidence_tooling",
]
assert_equal(
"high_value_config_owner_packet_intake.packet_ids",
[item["packet_id"] for item in high_value_config_owner_packet_intake["intake_packets"]],
expected_high_value_config_owner_packet_intake_ids,
)
expected_high_value_config_owner_packet_intake_check_ids = [
"baseline_commit_synced",
"source_snapshot_current",
"packet_scope_mapped",
"canonical_fields_present",
"redacted_evidence_refs_only",
"no_sensitive_payload",
"no_execution_request",
"maintenance_and_rollback_fields_present",
"validation_plan_present",
]
assert_equal(
"high_value_config_owner_packet_intake.dispatch_preflight_check_ids",
[
item["check_id"]
for item in high_value_config_owner_packet_intake["dispatch_preflight_checks"]
],
expected_high_value_config_owner_packet_intake_check_ids,
)
expected_high_value_config_owner_packet_intake_lane_ids = [
"keep_waiting_owner_response",
"request_more_evidence",
"quarantine_sensitive_payload",
"reject_execution_request",
"ready_for_reviewer_validation",
]
assert_equal(
"high_value_config_owner_packet_intake.reviewer_intake_lane_ids",
[item["lane_id"] for item in high_value_config_owner_packet_intake["reviewer_intake_lanes"]],
expected_high_value_config_owner_packet_intake_lane_ids,
)
for packet in high_value_config_owner_packet_intake["intake_packets"]:
assert_equal(
f"high_value_config_owner_packet_intake.{packet['packet_id']}.required_owner_field_count",
len(packet["required_owner_fields"]),
9,
)
assert_true(
f"high_value_config_owner_packet_intake.{packet['packet_id']}.not_authorization",
packet["not_authorization"],
)
for false_key in [
"request_sent",
"received_response",
"accepted_response",
"rejected_response",
"reviewer_queue_write",
"runtime_gate",
"action_buttons_allowed",
"secret_value_collection_allowed",
"production_write_authorized",
]:
assert_false(
f"high_value_config_owner_packet_intake.{packet['packet_id']}.{false_key}",
packet[false_key],
)
assert_equal(
"high_value_config_owner_request_draft.schema_version",
high_value_config_owner_request_draft["schema_version"],
"high_value_config_owner_request_draft_v1",
)
assert_equal(
"high_value_config_owner_request_draft.source_intake_preflight_schema_version",
high_value_config_owner_request_draft["source_intake_preflight_schema_version"],
"high_value_config_owner_packet_intake_preflight_v1",
)
assert_equal(
"high_value_config_owner_request_draft.status",
high_value_config_owner_request_draft["status"],
"owner_request_draft_ready_not_dispatched",
)
expected_high_value_config_owner_request_draft_summary = {
"request_draft_count": 3,
"c0_request_draft_count": 2,
"c1_request_draft_count": 0,
"dispatch_preflight_check_count": 9,
"reviewer_intake_lane_count": 5,
"handoff_envelope_field_count": 11,
"required_owner_field_total": 27,
"forbidden_payload_count": 12,
"blocked_request_count": 16,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"audit_event_emitted_count": 0,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"reviewer_queue_write_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_high_value_config_owner_request_draft_summary.items():
assert_equal(
f"high_value_config_owner_request_draft.summary.{key}",
high_value_config_owner_request_draft["summary"][key],
expected,
)
for false_key in [
"dispatch_authorized",
"request_sent",
"recipient_confirmed",
"audit_event_emitted",
"reviewer_queue_write",
"runtime_execution_authorized",
"secret_value_collection_allowed",
"production_write_authorized",
"host_write_authorized",
"nginx_reload_authorized",
"dns_tls_change_authorized",
"workflow_modification_authorized",
"active_scan_authorized",
"action_buttons_allowed",
]:
assert_false(
f"high_value_config_owner_request_draft.execution_boundaries.{false_key}",
high_value_config_owner_request_draft["execution_boundaries"][false_key],
)
assert_true(
"high_value_config_owner_request_draft.execution_boundaries.not_authorization",
high_value_config_owner_request_draft["execution_boundaries"]["not_authorization"],
)
expected_high_value_config_owner_request_draft_ids = [
"high_value_config_owner_request:dns_tls_certbot",
"high_value_config_owner_request:nginx_public_gateway",
"high_value_config_owner_request:security_evidence_tooling",
]
assert_equal(
"high_value_config_owner_request_draft.request_ids",
[item["request_id"] for item in high_value_config_owner_request_draft["request_drafts"]],
expected_high_value_config_owner_request_draft_ids,
)
expected_high_value_config_owner_request_handoff_fields = [
"request_id",
"stage_id",
"packet_id",
"recipient_role_or_team",
"sender_role_or_team",
"requested_response_window",
"allowed_response_format",
"redacted_evidence_refs",
"forbidden_payloads",
"followup_owner",
"not_approval",
]
assert_equal(
"high_value_config_owner_request_draft.handoff_envelope_fields",
high_value_config_owner_request_draft["handoff_envelope_fields"],
expected_high_value_config_owner_request_handoff_fields,
)
for draft in high_value_config_owner_request_draft["request_drafts"]:
assert_equal(
f"high_value_config_owner_request_draft.{draft['request_id']}.stage_id",
draft["stage_id"],
"P0-14",
)
assert_equal(
f"high_value_config_owner_request_draft.{draft['request_id']}.status",
draft["status"],
"draft_not_dispatched",
)
assert_equal(
f"high_value_config_owner_request_draft.{draft['request_id']}.response_field_count",
len(draft["allowed_response_format"]["fields"]),
9,
)
assert_true(
f"high_value_config_owner_request_draft.{draft['request_id']}.not_approval",
draft["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"audit_event_emitted",
"received_response",
"accepted_response",
"rejected_response",
"reviewer_queue_write",
"runtime_gate",
"action_buttons_allowed",
"secret_value_collection_allowed",
"production_write_authorized",
]:
assert_false(
f"high_value_config_owner_request_draft.{draft['request_id']}.{false_key}",
draft[false_key],
)
expected_iwooos_surface_ids = [
"security_compliance",
"legacy_security",
"legacy_compliance",
"alerts",
"errors",
"authorizations",
"governance",
"alert_operation_logs",
"awooop_approvals",
"code_review",
]
assert_equal(
"iwooos_projection.summary.existing_frontend_surface_count",
iwooos_projection["summary"]["existing_frontend_surface_count"],
len(expected_iwooos_surface_ids),
)
assert_equal(
"iwooos_projection.summary.frontend_surface_reverse_bridge_status_count",
iwooos_projection["summary"]["frontend_surface_reverse_bridge_status_count"],
len(expected_iwooos_surface_ids),
)
expected_iwooos_coverage_group_ids = [
"signals_and_exposure",
"human_control_boundary",
"governance_and_audit",
"engineering_review",
]
expected_iwooos_conflict_control_ids = [
"preserve_original_route_ownership",
"no_runtime_lift_from_index",
"code_review_not_deploy_gate",
"awooop_approval_not_security_approval",
"frontend_index_does_not_call_kali",
]
expected_iwooos_journey_step_ids = [
"read_current_posture",
"open_existing_security_surface",
"triage_non_blocking_lane",
"collect_owner_evidence",
"wait_for_human_decision",
"prepare_followup_runtime_gate",
]
expected_iwooos_evidence_readiness_item_ids = [
"s4_9_gitea_owner_attestation_response",
"s4_10_github_target_owner_response",
"s4_11_refs_truth_owner_response",
"s4_12_workflow_secret_owner_response",
"s1_6_redacted_finding_ingestion",
"s1_6_kali_scan_scope_approval",
"s3_4_followup_runtime_gate",
]
expected_iwooos_host_coverage_item_ids = [
"kali_112_security_host",
"dev_168_development_host",
"dev_111_development_host",
]
expected_iwooos_kali_maintenance_readiness_item_ids = [
"kali_112_read_only_snapshot",
"kali_112_scanner_health",
"kali_112_upgradable_package_count",
"kali_112_failed_systemd_unit_count",
"kali_112_service_hardening_gap",
"kali_112_full_upgrade_reboot_gate",
]
expected_iwooos_host_action_gate_item_ids = [
"host_active_scan_gate",
"host_credentialed_scan_gate",
"kali_execute_gate",
"ssh_host_change_gate",
"kali_host_update_gate",
"runtime_blocking_control_gate",
]
expected_iwooos_host_evidence_readiness_item_ids = [
"host_scope_boundary_evidence",
"host_owner_decision_record_evidence",
"host_credential_handling_evidence",
"host_maintenance_window_evidence",
"host_rollback_plan_evidence",
"host_validation_metrics_evidence",
"host_redacted_ingestion_evidence",
]
expected_iwooos_host_evidence_collection_step_ids = [
"collect_scope_boundary_first",
"collect_owner_decision_second",
"collect_credential_handling_third",
"collect_maintenance_window_fourth",
"collect_rollback_plan_fifth",
"collect_validation_metrics_sixth",
"collect_redacted_ingestion_seventh",
]
expected_iwooos_host_evidence_intake_preflight_check_ids = [
"host_metadata_pointer_shape_check",
"host_collection_dependency_order_check",
"host_scope_boundary_before_scan_check",
"host_owner_decision_before_change_check",
"host_credential_plaintext_rejection_check",
"host_raw_payload_rejection_check",
"host_counter_transition_freeze_check",
]
expected_iwooos_host_evidence_review_outcome_lane_ids = [
"host_ready_for_human_review_lane",
"host_needs_scope_evidence_lane",
"host_needs_owner_decision_lane",
"host_quarantine_dependency_skip_lane",
"host_reject_raw_payload_lane",
"host_reject_credential_plaintext_lane",
"host_waiting_runtime_gate_lane",
]
expected_iwooos_host_evidence_review_handoff_packet_ids = [
"host_scope_summary_handoff_packet",
"host_owner_decision_handoff_packet",
"host_credential_handling_handoff_packet",
"host_maintenance_rollback_handoff_packet",
"host_validation_metrics_handoff_packet",
"host_redaction_attestation_handoff_packet",
"host_runtime_gate_pointer_handoff_packet",
]
expected_iwooos_host_evidence_reviewer_checklist_item_ids = [
"host_scope_boundary_match_check",
"host_owner_decision_scope_expiry_check",
"host_credential_handling_metadata_only_check",
"host_redaction_attestation_pass_check",
"host_maintenance_rollback_complete_check",
"host_validation_metrics_linked_check",
"host_runtime_gate_separated_check",
]
expected_iwooos_host_evidence_reviewer_outcome_lane_ids = [
"host_ready_for_owner_decision_outcome_lane",
"host_scope_mismatch_outcome_lane",
"host_owner_decision_expired_outcome_lane",
"host_credential_metadata_failed_outcome_lane",
"host_redaction_failed_outcome_lane",
"host_rollback_missing_outcome_lane",
"host_runtime_gate_required_outcome_lane",
]
expected_iwooos_host_owner_decision_candidate_packet_ids = [
"host_scope_approval_candidate_packet",
"host_scan_mode_candidate_packet",
"host_credential_handling_candidate_packet",
"host_maintenance_window_candidate_packet",
"host_rollback_owner_candidate_packet",
"host_validation_metrics_candidate_packet",
"host_runtime_gate_candidate_packet",
]
expected_iwooos_host_owner_decision_review_checklist_item_ids = [
"host_scope_boundary_readable_review_check",
"host_scan_mode_not_authorization_review_check",
"host_credential_boundary_metadata_only_review_check",
"host_maintenance_window_not_change_review_check",
"host_rollback_owner_readable_review_check",
"host_validation_metrics_predefined_review_check",
"host_runtime_gate_still_separate_review_check",
]
expected_iwooos_host_owner_decision_review_outcome_lane_ids = [
"host_ready_for_decision_record_outcome_lane",
"host_scope_refresh_required_decision_outcome_lane",
"host_scan_mode_scope_required_decision_outcome_lane",
"host_credential_boundary_failed_decision_outcome_lane",
"host_maintenance_window_required_decision_outcome_lane",
"host_rollback_owner_required_decision_outcome_lane",
"host_runtime_gate_required_decision_outcome_lane",
]
expected_iwooos_host_owner_decision_record_draft_packet_ids = [
"host_decision_record_scope_draft_packet",
"host_decision_record_scan_mode_draft_packet",
"host_decision_record_credential_boundary_draft_packet",
"host_decision_record_maintenance_constraints_draft_packet",
"host_decision_record_rollback_owner_draft_packet",
"host_decision_record_validation_metrics_draft_packet",
"host_decision_record_runtime_gate_draft_packet",
]
expected_iwooos_host_owner_decision_record_draft_review_checklist_item_ids = [
"host_decision_record_scope_statement_review_check",
"host_decision_record_scan_mode_review_check",
"host_decision_record_credential_boundary_review_check",
"host_decision_record_maintenance_constraints_review_check",
"host_decision_record_rollback_owner_review_check",
"host_decision_record_validation_metrics_review_check",
"host_decision_record_runtime_gate_review_check",
]
expected_iwooos_host_owner_decision_record_draft_review_outcome_lane_ids = [
"host_decision_record_ready_for_writeup_outcome_lane",
"host_decision_record_scope_draft_incomplete_outcome_lane",
"host_decision_record_scan_mode_ambiguous_outcome_lane",
"host_decision_record_credential_boundary_incomplete_outcome_lane",
"host_decision_record_maintenance_constraints_incomplete_outcome_lane",
"host_decision_record_rollback_owner_incomplete_outcome_lane",
"host_decision_record_runtime_gate_required_outcome_lane",
]
expected_iwooos_host_owner_decision_record_writeup_packet_ids = [
"host_decision_record_summary_writeup_packet",
"host_decision_record_scope_writeup_packet",
"host_decision_record_scan_mode_limits_writeup_packet",
"host_decision_record_credential_boundary_writeup_packet",
"host_decision_record_maintenance_rollback_writeup_packet",
"host_decision_record_validation_evidence_writeup_packet",
"host_decision_record_runtime_gate_pointer_writeup_packet",
]
expected_iwooos_host_owner_decision_record_writeup_review_checklist_item_ids = [
"host_decision_record_summary_writeup_review_check",
"host_decision_record_scope_writeup_review_check",
"host_decision_record_scan_mode_limits_writeup_review_check",
"host_decision_record_credential_boundary_writeup_review_check",
"host_decision_record_maintenance_rollback_writeup_review_check",
"host_decision_record_validation_evidence_writeup_review_check",
"host_decision_record_runtime_gate_writeup_review_check",
]
expected_iwooos_host_owner_decision_record_writeup_review_outcome_lane_ids = [
"host_decision_record_writeup_review_ready_for_formal_record_outcome_lane",
"host_decision_record_writeup_summary_needs_clarification_outcome_lane",
"host_decision_record_writeup_scope_expiry_needs_refresh_outcome_lane",
"host_decision_record_writeup_scan_mode_ambiguous_outcome_lane",
"host_decision_record_writeup_credential_boundary_failed_outcome_lane",
"host_decision_record_writeup_maintenance_rollback_incomplete_outcome_lane",
"host_decision_record_writeup_runtime_gate_required_outcome_lane",
]
expected_iwooos_host_owner_decision_record_formal_candidate_packet_ids = [
"host_decision_record_formal_candidate_identity_packet",
"host_decision_record_formal_candidate_decision_summary_packet",
"host_decision_record_formal_candidate_approved_scope_packet",
"host_decision_record_formal_candidate_scan_mode_limits_packet",
"host_decision_record_formal_candidate_credential_boundary_packet",
"host_decision_record_formal_candidate_maintenance_rollback_packet",
"host_decision_record_formal_candidate_validation_runtime_gate_packet",
]
expected_iwooos_host_owner_decision_record_formal_candidate_review_checklist_item_ids = [
"host_decision_record_formal_candidate_identity_review_check",
"host_decision_record_formal_candidate_summary_review_check",
"host_decision_record_formal_candidate_scope_review_check",
"host_decision_record_formal_candidate_scan_limits_review_check",
"host_decision_record_formal_candidate_credential_boundary_review_check",
"host_decision_record_formal_candidate_maintenance_rollback_review_check",
"host_decision_record_formal_candidate_runtime_gate_review_check",
]
expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lane_ids = [
"host_decision_record_formal_candidate_review_ready_for_record_queue_outcome_lane",
"host_decision_record_formal_candidate_review_identity_needs_trace_outcome_lane",
"host_decision_record_formal_candidate_review_summary_needs_clarification_outcome_lane",
"host_decision_record_formal_candidate_review_scope_expiry_needs_refresh_outcome_lane",
"host_decision_record_formal_candidate_review_scan_limits_ambiguous_outcome_lane",
"host_decision_record_formal_candidate_review_credential_boundary_failed_outcome_lane",
"host_decision_record_formal_candidate_review_maintenance_rollback_incomplete_outcome_lane",
"host_decision_record_formal_candidate_review_runtime_gate_required_outcome_lane",
]
expected_iwooos_host_owner_decision_record_formal_record_queue_packet_ids = [
"host_decision_record_formal_record_queue_identity_packet",
"host_decision_record_formal_record_queue_decision_summary_packet",
"host_decision_record_formal_record_queue_scope_expiry_packet",
"host_decision_record_formal_record_queue_scan_limits_packet",
"host_decision_record_formal_record_queue_credential_boundary_packet",
"host_decision_record_formal_record_queue_maintenance_rollback_packet",
"host_decision_record_formal_record_queue_validation_runtime_gate_packet",
"host_decision_record_formal_record_queue_no_execution_attestation_packet",
]
expected_iwooos_host_owner_decision_record_formal_record_queue_review_checklist_item_ids = [
"host_decision_record_formal_record_queue_review_identity_traceable_check",
"host_decision_record_formal_record_queue_review_decision_summary_readable_check",
"host_decision_record_formal_record_queue_review_scope_expiry_fresh_check",
"host_decision_record_formal_record_queue_review_scan_limits_not_authorization_check",
"host_decision_record_formal_record_queue_review_credential_boundary_metadata_only_check",
"host_decision_record_formal_record_queue_review_maintenance_rollback_linked_check",
"host_decision_record_formal_record_queue_review_validation_runtime_gate_separate_check",
"host_decision_record_formal_record_queue_review_no_execution_attestation_present_check",
]
expected_iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lane_ids = [
"host_decision_record_formal_record_queue_review_ready_for_human_record_owner_handoff_outcome_lane",
"host_decision_record_formal_record_queue_review_identity_needs_trace_refresh_outcome_lane",
"host_decision_record_formal_record_queue_review_summary_needs_clarification_outcome_lane",
"host_decision_record_formal_record_queue_review_scope_expiry_needs_refresh_outcome_lane",
"host_decision_record_formal_record_queue_review_scan_limits_ambiguous_outcome_lane",
"host_decision_record_formal_record_queue_review_credential_boundary_failed_outcome_lane",
"host_decision_record_formal_record_queue_review_maintenance_rollback_incomplete_outcome_lane",
"host_decision_record_formal_record_queue_review_runtime_gate_required_outcome_lane",
]
expected_iwooos_host_owner_decision_record_human_handoff_readiness_packet_ids = [
"host_decision_record_handoff_readiness_identity_trace_packet",
"host_decision_record_handoff_readiness_owner_boundary_packet",
"host_decision_record_handoff_readiness_decision_summary_packet",
"host_decision_record_handoff_readiness_scope_expiry_packet",
"host_decision_record_handoff_readiness_scan_limits_packet",
"host_decision_record_handoff_readiness_credential_boundary_packet",
"host_decision_record_handoff_readiness_maintenance_rollback_packet",
"host_decision_record_handoff_readiness_runtime_gate_packet",
]
expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_item_ids = [
"host_decision_record_handoff_readiness_review_identity_trace_readable_check",
"host_decision_record_handoff_readiness_review_owner_boundary_readable_check",
"host_decision_record_handoff_readiness_review_decision_summary_readable_check",
"host_decision_record_handoff_readiness_review_scope_expiry_current_check",
"host_decision_record_handoff_readiness_review_scan_limits_not_authorization_check",
"host_decision_record_handoff_readiness_review_credential_boundary_metadata_only_check",
"host_decision_record_handoff_readiness_review_maintenance_rollback_traceable_check",
"host_decision_record_handoff_readiness_review_runtime_gate_separate_check",
]
expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lane_ids = [
"host_decision_record_handoff_readiness_review_ready_for_human_record_owner_review_candidate_outcome_lane",
"host_decision_record_handoff_readiness_review_identity_trace_needs_refresh_outcome_lane",
"host_decision_record_handoff_readiness_review_owner_boundary_needs_clarification_outcome_lane",
"host_decision_record_handoff_readiness_review_decision_summary_needs_clarification_outcome_lane",
"host_decision_record_handoff_readiness_review_scope_expiry_needs_refresh_outcome_lane",
"host_decision_record_handoff_readiness_review_scan_limits_ambiguous_outcome_lane",
"host_decision_record_handoff_readiness_review_credential_boundary_failed_outcome_lane",
"host_decision_record_handoff_readiness_review_maintenance_rollback_incomplete_outcome_lane",
"host_decision_record_handoff_readiness_review_runtime_gate_required_outcome_lane",
]
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_packet_ids = [
"host_decision_record_human_record_owner_review_candidate_identity_packet",
"host_decision_record_human_record_owner_review_candidate_owner_boundary_packet",
"host_decision_record_human_record_owner_review_candidate_decision_summary_packet",
"host_decision_record_human_record_owner_review_candidate_scope_expiry_packet",
"host_decision_record_human_record_owner_review_candidate_scan_limits_packet",
"host_decision_record_human_record_owner_review_candidate_credential_boundary_packet",
"host_decision_record_human_record_owner_review_candidate_maintenance_rollback_packet",
"host_decision_record_human_record_owner_review_candidate_validation_runtime_gate_packet",
"host_decision_record_human_record_owner_review_candidate_no_execution_attestation_packet",
]
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_item_ids = [
"host_decision_record_human_record_owner_review_candidate_identity_traceable_check",
"host_decision_record_human_record_owner_review_candidate_owner_boundary_readable_check",
"host_decision_record_human_record_owner_review_candidate_decision_summary_readable_check",
"host_decision_record_human_record_owner_review_candidate_scope_expiry_current_check",
"host_decision_record_human_record_owner_review_candidate_scan_limits_not_authorization_check",
"host_decision_record_human_record_owner_review_candidate_credential_boundary_metadata_only_check",
"host_decision_record_human_record_owner_review_candidate_maintenance_rollback_traceable_check",
"host_decision_record_human_record_owner_review_candidate_validation_runtime_gate_separate_check",
"host_decision_record_human_record_owner_review_candidate_no_execution_attestation_present_check",
]
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lane_ids = [
"host_decision_record_human_record_owner_review_candidate_ready_for_human_record_owner_review_preparation_outcome_lane",
"host_decision_record_human_record_owner_review_candidate_identity_trace_needs_refresh_outcome_lane",
"host_decision_record_human_record_owner_review_candidate_owner_boundary_needs_clarification_outcome_lane",
"host_decision_record_human_record_owner_review_candidate_decision_summary_needs_clarification_outcome_lane",
"host_decision_record_human_record_owner_review_candidate_scope_expiry_needs_refresh_outcome_lane",
"host_decision_record_human_record_owner_review_candidate_scan_limits_ambiguous_outcome_lane",
"host_decision_record_human_record_owner_review_candidate_credential_boundary_failed_outcome_lane",
"host_decision_record_human_record_owner_review_candidate_maintenance_rollback_incomplete_outcome_lane",
"host_decision_record_human_record_owner_review_candidate_runtime_gate_required_outcome_lane",
]
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_packet_ids = [
"host_decision_record_human_record_owner_review_preparation_identity_trace_packet",
"host_decision_record_human_record_owner_review_preparation_owner_boundary_packet",
"host_decision_record_human_record_owner_review_preparation_decision_summary_packet",
"host_decision_record_human_record_owner_review_preparation_scope_expiry_packet",
"host_decision_record_human_record_owner_review_preparation_scan_limits_packet",
"host_decision_record_human_record_owner_review_preparation_credential_boundary_packet",
"host_decision_record_human_record_owner_review_preparation_maintenance_rollback_packet",
"host_decision_record_human_record_owner_review_preparation_validation_runtime_gate_packet",
"host_decision_record_human_record_owner_review_preparation_no_execution_attestation_packet",
]
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_item_ids = [
"host_decision_record_human_record_owner_review_preparation_identity_trace_readable_check",
"host_decision_record_human_record_owner_review_preparation_owner_boundary_readable_check",
"host_decision_record_human_record_owner_review_preparation_decision_summary_readable_check",
"host_decision_record_human_record_owner_review_preparation_scope_expiry_current_check",
"host_decision_record_human_record_owner_review_preparation_scan_limits_not_authorization_check",
"host_decision_record_human_record_owner_review_preparation_credential_boundary_metadata_only_check",
"host_decision_record_human_record_owner_review_preparation_maintenance_rollback_traceable_check",
"host_decision_record_human_record_owner_review_preparation_validation_runtime_gate_separate_check",
"host_decision_record_human_record_owner_review_preparation_no_execution_attestation_present_check",
]
assert_equal(
"iwooos_projection.summary.visual_command_dashboard_widget_count",
iwooos_projection["summary"]["visual_command_dashboard_widget_count"],
14,
)
assert_true(
"iwooos_projection.summary.visual_command_dashboard_first_layer",
iwooos_projection["summary"]["visual_command_dashboard_first_layer"],
)
assert_false(
"iwooos_projection.summary.visual_command_dashboard_default_visible",
iwooos_projection["summary"]["visual_command_dashboard_default_visible"],
)
assert_true(
"iwooos_projection.summary.professional_security_experience_first_layer",
iwooos_projection["summary"]["professional_security_experience_first_layer"],
)
assert_false(
"iwooos_projection.summary.professional_security_experience_default_visible",
iwooos_projection["summary"]["professional_security_experience_default_visible"],
)
assert_equal(
"iwooos_projection.summary.professional_security_experience_tab_count",
iwooos_projection["summary"]["professional_security_experience_tab_count"],
3,
)
assert_equal(
"iwooos_projection.summary.professional_security_experience_attack_path_node_count",
iwooos_projection["summary"]["professional_security_experience_attack_path_node_count"],
6,
)
assert_equal(
"iwooos_projection.summary.professional_security_experience_asset_heat_cell_count",
iwooos_projection["summary"]["professional_security_experience_asset_heat_cell_count"],
9,
)
assert_equal(
"iwooos_projection.summary.professional_security_experience_response_flow_step_count",
iwooos_projection["summary"]["professional_security_experience_response_flow_step_count"],
5,
)
assert_true(
"iwooos_projection.summary.concrete_work_snapshot_first_layer",
iwooos_projection["summary"]["concrete_work_snapshot_first_layer"],
)
assert_false(
"iwooos_projection.summary.concrete_work_snapshot_default_visible",
iwooos_projection["summary"]["concrete_work_snapshot_default_visible"],
)
assert_equal(
"iwooos_projection.summary.concrete_work_snapshot_workstream_count",
iwooos_projection["summary"]["concrete_work_snapshot_workstream_count"],
6,
)
assert_true(
"iwooos_projection.summary.long_form_sections_default_collapsed",
iwooos_projection["summary"]["long_form_sections_default_collapsed"],
)
assert_equal(
"iwooos_projection.summary.frontend_surface_coverage_group_count",
iwooos_projection["summary"]["frontend_surface_coverage_group_count"],
len(expected_iwooos_coverage_group_ids),
)
assert_equal(
"iwooos_projection.summary.frontend_surface_conflict_control_count",
iwooos_projection["summary"]["frontend_surface_conflict_control_count"],
len(expected_iwooos_conflict_control_ids),
)
assert_equal(
"iwooos_projection.summary.operator_journey_step_count",
iwooos_projection["summary"]["operator_journey_step_count"],
len(expected_iwooos_journey_step_ids),
)
assert_equal(
"iwooos_projection.summary.owner_evidence_readiness_item_count",
iwooos_projection["summary"]["owner_evidence_readiness_item_count"],
len(expected_iwooos_evidence_readiness_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_coverage_item_count",
iwooos_projection["summary"]["host_coverage_item_count"],
len(expected_iwooos_host_coverage_item_ids),
)
assert_equal(
"iwooos_projection.summary.kali_maintenance_readiness_item_count",
iwooos_projection["summary"]["kali_maintenance_readiness_item_count"],
len(expected_iwooos_kali_maintenance_readiness_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_action_gate_item_count",
iwooos_projection["summary"]["host_action_gate_item_count"],
len(expected_iwooos_host_action_gate_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_evidence_readiness_item_count",
iwooos_projection["summary"]["host_evidence_readiness_item_count"],
len(expected_iwooos_host_evidence_readiness_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_evidence_collection_step_count",
iwooos_projection["summary"]["host_evidence_collection_step_count"],
len(expected_iwooos_host_evidence_collection_step_ids),
)
assert_equal(
"iwooos_projection.summary.host_evidence_intake_preflight_check_count",
iwooos_projection["summary"]["host_evidence_intake_preflight_check_count"],
len(expected_iwooos_host_evidence_intake_preflight_check_ids),
)
assert_equal(
"iwooos_projection.summary.host_evidence_review_outcome_lane_count",
iwooos_projection["summary"]["host_evidence_review_outcome_lane_count"],
len(expected_iwooos_host_evidence_review_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_evidence_review_handoff_packet_count",
iwooos_projection["summary"]["host_evidence_review_handoff_packet_count"],
len(expected_iwooos_host_evidence_review_handoff_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_evidence_reviewer_checklist_item_count",
iwooos_projection["summary"]["host_evidence_reviewer_checklist_item_count"],
len(expected_iwooos_host_evidence_reviewer_checklist_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_evidence_reviewer_outcome_lane_count",
iwooos_projection["summary"]["host_evidence_reviewer_outcome_lane_count"],
len(expected_iwooos_host_evidence_reviewer_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_candidate_packet_count",
iwooos_projection["summary"]["host_owner_decision_candidate_packet_count"],
len(expected_iwooos_host_owner_decision_candidate_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_review_checklist_item_count",
iwooos_projection["summary"]["host_owner_decision_review_checklist_item_count"],
len(expected_iwooos_host_owner_decision_review_checklist_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_review_outcome_lane_count",
iwooos_projection["summary"]["host_owner_decision_review_outcome_lane_count"],
len(expected_iwooos_host_owner_decision_review_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_draft_packet_count",
iwooos_projection["summary"]["host_owner_decision_record_draft_packet_count"],
len(expected_iwooos_host_owner_decision_record_draft_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_draft_review_checklist_item_count",
iwooos_projection["summary"]["host_owner_decision_record_draft_review_checklist_item_count"],
len(expected_iwooos_host_owner_decision_record_draft_review_checklist_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_draft_review_outcome_lane_count",
iwooos_projection["summary"]["host_owner_decision_record_draft_review_outcome_lane_count"],
len(expected_iwooos_host_owner_decision_record_draft_review_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_writeup_packet_count",
iwooos_projection["summary"]["host_owner_decision_record_writeup_packet_count"],
len(expected_iwooos_host_owner_decision_record_writeup_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_writeup_review_checklist_item_count",
iwooos_projection["summary"]["host_owner_decision_record_writeup_review_checklist_item_count"],
len(expected_iwooos_host_owner_decision_record_writeup_review_checklist_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_writeup_review_outcome_lane_count",
iwooos_projection["summary"]["host_owner_decision_record_writeup_review_outcome_lane_count"],
len(expected_iwooos_host_owner_decision_record_writeup_review_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_formal_candidate_packet_count",
iwooos_projection["summary"]["host_owner_decision_record_formal_candidate_packet_count"],
len(expected_iwooos_host_owner_decision_record_formal_candidate_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_formal_candidate_review_checklist_item_count",
iwooos_projection["summary"]["host_owner_decision_record_formal_candidate_review_checklist_item_count"],
len(expected_iwooos_host_owner_decision_record_formal_candidate_review_checklist_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_formal_candidate_review_outcome_lane_count",
iwooos_projection["summary"]["host_owner_decision_record_formal_candidate_review_outcome_lane_count"],
len(expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_formal_record_queue_packet_count",
iwooos_projection["summary"]["host_owner_decision_record_formal_record_queue_packet_count"],
len(expected_iwooos_host_owner_decision_record_formal_record_queue_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_formal_record_queue_review_checklist_item_count",
iwooos_projection["summary"]["host_owner_decision_record_formal_record_queue_review_checklist_item_count"],
len(expected_iwooos_host_owner_decision_record_formal_record_queue_review_checklist_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_formal_record_queue_review_outcome_lane_count",
iwooos_projection["summary"]["host_owner_decision_record_formal_record_queue_review_outcome_lane_count"],
len(expected_iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_human_handoff_readiness_packet_count",
iwooos_projection["summary"]["host_owner_decision_record_human_handoff_readiness_packet_count"],
len(expected_iwooos_host_owner_decision_record_human_handoff_readiness_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_human_handoff_readiness_review_checklist_item_count",
iwooos_projection["summary"]["host_owner_decision_record_human_handoff_readiness_review_checklist_item_count"],
len(expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_human_handoff_readiness_review_outcome_lane_count",
iwooos_projection["summary"]["host_owner_decision_record_human_handoff_readiness_review_outcome_lane_count"],
len(expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_human_record_owner_review_candidate_packet_count",
iwooos_projection["summary"]["host_owner_decision_record_human_record_owner_review_candidate_packet_count"],
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_human_record_owner_review_candidate_checklist_item_count",
iwooos_projection["summary"][
"host_owner_decision_record_human_record_owner_review_candidate_checklist_item_count"
],
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_item_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_human_record_owner_review_candidate_outcome_lane_count",
iwooos_projection["summary"][
"host_owner_decision_record_human_record_owner_review_candidate_outcome_lane_count"
],
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lane_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_human_record_owner_review_preparation_packet_count",
iwooos_projection["summary"]["host_owner_decision_record_human_record_owner_review_preparation_packet_count"],
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_packet_ids),
)
assert_equal(
"iwooos_projection.summary.host_owner_decision_record_human_record_owner_review_preparation_checklist_item_count",
iwooos_projection["summary"][
"host_owner_decision_record_human_record_owner_review_preparation_checklist_item_count"
],
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_item_ids),
)
iwooos_progress = iwooos_projection["progress"]
assert_equal("iwooos_projection.progress.overall_percent", iwooos_progress["overall_percent"], progress["overall_percent"])
assert_equal(
"iwooos_projection.progress.framework_percent_min",
iwooos_progress["framework_percent_min"],
progress["framework_percent_min"],
)
assert_equal(
"iwooos_projection.progress.framework_percent_max",
iwooos_progress["framework_percent_max"],
progress["framework_percent_max"],
)
assert_equal(
"iwooos_projection.progress.runtime_landing_percent_min",
iwooos_progress["runtime_landing_percent_min"],
progress["runtime_landing_percent_min"],
)
assert_equal(
"iwooos_projection.progress.runtime_landing_percent_max",
iwooos_progress["runtime_landing_percent_max"],
progress["runtime_landing_percent_max"],
)
assert_equal(
"iwooos_projection.progress.headline_status",
iwooos_progress["headline_status"],
progress_display_policy["headline_status"],
)
assert_true("iwooos_projection.progress.not_authorization", iwooos_progress["not_authorization"])
expected_awooop_read_only_landing_item_ids = [
"awooop_landing_rollup_snapshot_readable",
"awooop_landing_evidence_refs_readable",
"awooop_landing_guard_checks_known",
"awooop_landing_route_groups_known",
"awooop_landing_forbidden_outputs_locked",
"awooop_landing_production_handoff_pending",
]
assert_equal(
"iwooos_projection.summary.awooop_read_only_landing_readiness_item_count",
iwooos_projection["summary"]["awooop_read_only_landing_readiness_item_count"],
len(expected_awooop_read_only_landing_item_ids),
)
awooop_read_only_landing_items = iwooos_projection["awooop_read_only_landing_readiness_items"]
assert_equal(
"iwooos_projection.awooop_read_only_landing_readiness_items.item_ids",
[item["item_id"] for item in awooop_read_only_landing_items],
expected_awooop_read_only_landing_item_ids,
)
assert_equal(
"iwooos_projection.awooop_read_only_landing_readiness_items.display_order",
[item["display_order"] for item in awooop_read_only_landing_items],
list(range(1, len(expected_awooop_read_only_landing_item_ids) + 1)),
)
assert_equal(
"iwooos_projection.awooop_read_only_landing_readiness_items.current_states",
[item["current_state"] for item in awooop_read_only_landing_items],
[
"ready_for_read_only_intake",
"ready_for_read_only_intake",
"ready_for_read_only_intake",
"ready_for_read_only_intake",
"ready_for_read_only_intake",
"production_read_only_consumption_verified",
],
)
assert_equal(
"iwooos_projection.awooop_read_only_landing_readiness_items.landing_dependencies",
[item["landing_dependency"] for item in awooop_read_only_landing_items],
[
"security_mirror_status_rollup_snapshot",
"evidence_refs",
"guard_checks",
"security_mirror_route_groups",
"forbidden_outputs",
"awooop_mainline_consumption",
],
)
for item in awooop_read_only_landing_items:
landing_completed = item["item_id"] == "awooop_landing_production_handoff_pending"
assert_equal(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.display_mode",
item["display_mode"],
"awooop_read_only_landing_readiness_only",
)
assert_equal(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.headline_percent_delta",
item["headline_percent_delta"],
3 if landing_completed else 0,
)
if landing_completed:
assert_true(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.production_landing_enabled",
item["production_landing_enabled"],
)
else:
assert_false(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.production_landing_enabled",
item["production_landing_enabled"],
)
assert_false(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.execution_router_linked",
item["execution_router_linked"],
)
if landing_completed:
assert_true(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.progress_change_applied",
item["progress_change_applied"],
)
else:
assert_false(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.progress_change_applied",
item["progress_change_applied"],
)
assert_false(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
expected_awooop_cross_session_handoff_packet_ids = [
"awooop_handoff_branch_and_pr_anchor",
"awooop_handoff_progress_semantics",
"awooop_handoff_required_guard_commands",
"awooop_handoff_forbidden_runtime_actions",
"awooop_handoff_read_only_inputs",
"awooop_handoff_next_coordination_gate",
]
assert_equal(
"iwooos_projection.summary.awooop_cross_session_handoff_packet_count",
iwooos_projection["summary"]["awooop_cross_session_handoff_packet_count"],
len(expected_awooop_cross_session_handoff_packet_ids),
)
awooop_cross_session_handoff_packets = iwooos_projection["awooop_cross_session_handoff_packets"]
assert_equal(
"iwooos_projection.awooop_cross_session_handoff_packets.packet_ids",
[item["packet_id"] for item in awooop_cross_session_handoff_packets],
expected_awooop_cross_session_handoff_packet_ids,
)
assert_equal(
"iwooos_projection.awooop_cross_session_handoff_packets.display_order",
[item["display_order"] for item in awooop_cross_session_handoff_packets],
list(range(1, len(expected_awooop_cross_session_handoff_packet_ids) + 1)),
)
assert_equal(
"iwooos_projection.awooop_cross_session_handoff_packets.handoff_axes",
[item["handoff_axis"] for item in awooop_cross_session_handoff_packets],
[
"branch_and_pr_anchor",
"progress_semantics",
"required_guard_commands",
"forbidden_runtime_actions",
"read_only_inputs",
"next_coordination_gate",
],
)
assert_equal(
"iwooos_projection.awooop_cross_session_handoff_packets.current_states",
[item["current_state"] for item in awooop_cross_session_handoff_packets],
[
"ready_for_parallel_session_sync",
"ready_for_parallel_session_sync",
"ready_for_parallel_session_sync",
"ready_for_parallel_session_sync",
"ready_for_parallel_session_sync",
"production_landing_evidence_recorded_waiting_remaining_gates",
],
)
for item in awooop_cross_session_handoff_packets:
assert_equal(
f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"awooop_cross_session_handoff_packet_only",
)
assert_equal(
f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.headline_percent_delta",
item["headline_percent_delta"],
0,
)
assert_false(
f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.production_landing_enabled",
item["production_landing_enabled"],
)
assert_false(
f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.execution_router_linked",
item["execution_router_linked"],
)
assert_false(
f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.progress_change_applied",
item["progress_change_applied"],
)
assert_false(
f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
expected_progress_hold_movement_gate_ids = [
"progress_hold_owner_response_accepted",
"progress_hold_redacted_payload_ingested",
"progress_hold_active_runtime_gate",
"progress_hold_github_primary_ready",
"progress_hold_awooop_read_only_landing",
]
assert_equal(
"iwooos_projection.summary.progress_hold_movement_gate_count",
iwooos_projection["summary"]["progress_hold_movement_gate_count"],
len(expected_progress_hold_movement_gate_ids),
)
progress_hold_movement_gates = iwooos_projection["progress_hold_movement_gates"]
assert_equal(
"iwooos_projection.progress_hold_movement_gates.gate_ids",
[item["gate_id"] for item in progress_hold_movement_gates],
expected_progress_hold_movement_gate_ids,
)
assert_equal(
"iwooos_projection.progress_hold_movement_gates.display_order",
[item["display_order"] for item in progress_hold_movement_gates],
list(range(1, len(expected_progress_hold_movement_gate_ids) + 1)),
)
assert_equal(
"iwooos_projection.progress_hold_movement_gates.movement_signals",
[item["movement_signal"] for item in progress_hold_movement_gates],
[
"owner_response_accepted",
"redacted_payload_ingested",
"active_runtime_gate",
"github_primary_ready",
"awooop_read_only_landing",
],
)
assert_equal(
"iwooos_projection.progress_hold_movement_gates.current_counter_names",
[item["current_counter_name"] for item in progress_hold_movement_gates],
[
"owner_response_validation_accepted_count",
"payloads_ingested",
"active_runtime_gate_count",
"github_primary_ready_count",
"awooop_read_only_production_landing_evidence_count",
],
)
assert_equal(
"iwooos_projection.progress_hold_movement_gates.current_counter_values",
[item["current_counter_value"] for item in progress_hold_movement_gates],
[0, False, 0, 0, 1],
)
for item in progress_hold_movement_gates:
awooop_landing_gate = item["gate_id"] == "progress_hold_awooop_read_only_landing"
assert_equal(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.display_mode",
item["display_mode"],
"progress_hold_movement_gate_only",
)
assert_equal(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.headline_percent_delta",
item["headline_percent_delta"],
3 if awooop_landing_gate else 0,
)
assert_equal(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.owner_response_received_count",
item["owner_response_received_count"],
0,
)
assert_equal(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.owner_response_accepted_count",
item["owner_response_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.payloads_ingested",
item["payloads_ingested"],
)
assert_equal(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.active_runtime_gate_count",
item["active_runtime_gate_count"],
0,
)
assert_equal(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.github_primary_ready_count",
item["github_primary_ready_count"],
0,
)
if awooop_landing_gate:
assert_true(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.production_landing_enabled",
item["production_landing_enabled"],
)
assert_true(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.progress_change_applied",
item["progress_change_applied"],
)
else:
assert_false(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.production_landing_enabled",
item["production_landing_enabled"],
)
assert_false(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.progress_change_applied",
item["progress_change_applied"],
)
assert_false(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.progress_hold_movement_gates.{item['gate_id']}.not_authorization",
item["not_authorization"],
)
assert_equal(
"iwooos_projection.summary.progress_acceleration_lane_count",
iwooos_projection["summary"]["progress_acceleration_lane_count"],
6,
)
progress_acceleration_lanes = iwooos_projection["progress_acceleration_lanes"]
expected_progress_acceleration_lane_ids = [
"progress_acceleration_owner_responses",
"progress_acceleration_redacted_ingestion",
"progress_acceleration_runtime_gate",
"progress_acceleration_github_readiness",
"progress_acceleration_awooop_landing",
"progress_acceleration_cadence_compression",
]
assert_equal(
"iwooos_projection.progress_acceleration_lanes.lane_ids",
[item["lane_id"] for item in progress_acceleration_lanes],
expected_progress_acceleration_lane_ids,
)
assert_equal(
"iwooos_projection.progress_acceleration_lanes.display_order",
[item["display_order"] for item in progress_acceleration_lanes],
list(range(1, len(expected_progress_acceleration_lane_ids) + 1)),
)
for item in progress_acceleration_lanes:
assert_equal(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"progress_acceleration_only",
)
assert_equal(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.owner_response_received_count",
item["owner_response_received_count"],
0,
)
assert_equal(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.owner_response_accepted_count",
item["owner_response_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.payloads_ingested",
item["payloads_ingested"],
)
assert_equal(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.active_runtime_gate_count",
item["active_runtime_gate_count"],
0,
)
assert_equal(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.github_primary_ready_count",
item["github_primary_ready_count"],
0,
)
if item["lane_id"] == "progress_acceleration_awooop_landing":
assert_true(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.production_landing_enabled",
item["production_landing_enabled"],
)
else:
assert_false(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.production_landing_enabled",
item["production_landing_enabled"],
)
assert_false(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.progress_acceleration_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
expected_owner_response_next_action_focus_ids = [
"owner_response_focus_s4_9_gitea_owner_attestation",
"owner_response_focus_s4_10_github_target_owner_decision",
"owner_response_focus_s4_11_refs_truth_owner_response",
"owner_response_focus_s4_12_workflow_secret_name_owner_response",
]
assert_equal(
"iwooos_projection.summary.owner_response_next_action_focus_item_count",
iwooos_projection["summary"]["owner_response_next_action_focus_item_count"],
len(expected_owner_response_next_action_focus_ids),
)
owner_response_focus_items = iwooos_projection["owner_response_next_action_focus_items"]
assert_equal(
"iwooos_projection.owner_response_next_action_focus_items.ids",
[item["focus_id"] for item in owner_response_focus_items],
expected_owner_response_next_action_focus_ids,
)
assert_equal(
"iwooos_projection.owner_response_next_action_focus_items.display_order",
[item["display_order"] for item in owner_response_focus_items],
list(range(1, len(expected_owner_response_next_action_focus_ids) + 1)),
)
assert_equal(
"iwooos_projection.owner_response_next_action_focus_items.source_rollup_lane_ids",
[item["source_rollup_lane_id"] for item in owner_response_focus_items],
[
"s4_9_gitea_inventory_owner_attestation_response",
"s4_10_github_target_owner_decision_response",
"s4_11_ref_truth_owner_response",
"s4_12_workflow_secret_name_owner_response",
],
)
assert_equal(
"iwooos_projection.owner_response_next_action_focus_items.blocked_until_previous_focus_accepted",
[item["blocked_until_previous_focus_accepted"] for item in owner_response_focus_items],
[False, True, True, True],
)
for item in owner_response_focus_items:
assert_equal(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.display_mode",
item["display_mode"],
"owner_response_next_action_focus_only",
)
assert_equal(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.owner_response_received_count",
item["owner_response_received_count"],
0,
)
assert_equal(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.owner_response_accepted_count",
item["owner_response_accepted_count"],
0,
)
assert_equal(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.owner_response_rejected_count",
item["owner_response_rejected_count"],
0,
)
assert_equal(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.audit_events_emitted_count",
item["audit_events_emitted_count"],
0,
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.auto_chase_allowed",
item["auto_chase_allowed"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.autofill_allowed",
item["autofill_allowed"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.mark_received_allowed",
item["mark_received_allowed"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.mark_accepted_allowed",
item["mark_accepted_allowed"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.approval_record_created",
item["approval_record_created"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.repo_or_refs_mutation_allowed",
item["repo_or_refs_mutation_allowed"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.owner_response_next_action_focus_items.{item['focus_id']}.not_authorization",
item["not_authorization"],
)
source_control_readiness_items = iwooos_projection["source_control_primary_readiness_items"]
assert_equal(
"iwooos_projection.source_control_primary_readiness_items.ids",
[item["item_id"] for item in source_control_readiness_items],
expected_iwooos_source_control_primary_readiness_item_ids,
)
assert_equal(
"iwooos_projection.source_control_primary_readiness_items.display_order",
[item["display_order"] for item in source_control_readiness_items],
list(range(1, len(expected_iwooos_source_control_primary_readiness_item_ids) + 1)),
)
assert_equal(
"iwooos_projection.source_control_primary_readiness_items.gate_ids",
[item["gate_id"] for item in source_control_readiness_items],
["S4.0", "S4.0", "S4.13", "S4.11", "S4.12", "S4.4"],
)
for item in source_control_readiness_items:
assert_equal(
f"iwooos_projection.source_control_primary_readiness_items.{item['item_id']}.display_mode",
item["display_mode"],
"github_primary_readiness_only",
)
assert_equal(
f"iwooos_projection.source_control_primary_readiness_items.{item['item_id']}.primary_ready_count",
item["primary_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.source_control_primary_readiness_items.{item['item_id']}.owner_response_received_count",
item["owner_response_received_count"],
0,
)
assert_equal(
f"iwooos_projection.source_control_primary_readiness_items.{item['item_id']}.owner_response_accepted_count",
item["owner_response_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.source_control_primary_readiness_items.{item['item_id']}.github_primary_switch_authorized",
item["github_primary_switch_authorized"],
)
assert_false(
f"iwooos_projection.source_control_primary_readiness_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.source_control_primary_readiness_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.source_control_primary_readiness_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
expected_s4_9_owner_response_request_template_ids = [
"response-public-only-vs-local-gitea-gap",
"response-org-user-endpoint-identity",
"response-internal-110-adjacent-scope",
"response-repo-owner-canonical-scope",
"response-legacy-or-inaccessible-disposition",
]
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_request_template_count",
iwooos_projection["summary"]["s4_9_owner_response_request_template_count"],
len(expected_s4_9_owner_response_request_template_ids),
)
assert_equal(
"s49_request_draft.schema_version",
s49_request_draft["schema_version"],
"gitea_inventory_owner_attestation_request_draft_v1",
)
assert_equal("s49_request_draft.status", s49_request_draft["status"], "request_draft_ready_not_sent")
assert_equal("s49_request_draft.stage_id", s49_request_draft["stage_id"], "S4.9")
assert_equal("s49_request_draft.mode", s49_request_draft["mode"], "owner_request_draft_only")
assert_false("s49_request_draft.runtime_execution_authorized", s49_request_draft["runtime_execution_authorized"])
assert_true(
"s49_request_draft.summary.request_draft_package_ready",
s49_request_draft["summary"]["request_draft_package_ready"],
)
assert_equal(
"s49_request_draft.summary.request_draft_template_count",
s49_request_draft["summary"]["request_draft_template_count"],
len(expected_s4_9_owner_response_request_template_ids),
)
assert_equal(
"s49_request_draft.summary.request_draft_template_ready_count",
s49_request_draft["summary"]["request_draft_template_ready_count"],
len(expected_s4_9_owner_response_request_template_ids),
)
assert_true(
"s49_request_draft.summary.frontstage_package_visible",
s49_request_draft["summary"]["frontstage_package_visible"],
)
assert_equal(
"s49_request_draft.summary.frontstage_card_count",
s49_request_draft["summary"]["frontstage_card_count"],
len(expected_s4_9_owner_response_request_template_ids),
)
assert_true(
"s49_request_draft.summary.frontstage_detail_visible",
s49_request_draft["summary"]["frontstage_detail_visible"],
)
assert_equal(
"s49_request_draft.summary.frontstage_detail_row_count",
s49_request_draft["summary"]["frontstage_detail_row_count"],
len(expected_s4_9_owner_response_request_template_ids),
)
assert_equal(
"s49_request_draft.summary.frontstage_required_field_total",
s49_request_draft["summary"]["frontstage_required_field_total"],
30,
)
assert_equal(
"s49_request_draft.summary.frontstage_forbidden_action_count",
s49_request_draft["summary"]["frontstage_forbidden_action_count"],
10,
)
assert_false("s49_request_draft.summary.request_sent", s49_request_draft["summary"]["request_sent"])
assert_equal("s49_request_draft.summary.request_sent_count", s49_request_draft["summary"]["request_sent_count"], 0)
assert_equal(
"s49_request_draft.summary.owner_response_received_count",
s49_request_draft["summary"]["owner_response_received_count"],
0,
)
assert_equal(
"s49_request_draft.summary.owner_response_accepted_count",
s49_request_draft["summary"]["owner_response_accepted_count"],
0,
)
assert_equal(
"s49_request_draft.summary.owner_response_rejected_count",
s49_request_draft["summary"]["owner_response_rejected_count"],
0,
)
assert_equal(
"s49_request_draft.summary.audit_events_emitted_count",
s49_request_draft["summary"]["audit_events_emitted_count"],
0,
)
assert_false("s49_request_draft.summary.runtime_gate_opened", s49_request_draft["summary"]["runtime_gate_opened"])
assert_false("s49_request_draft.summary.action_buttons_allowed", s49_request_draft["summary"]["action_buttons_allowed"])
assert_true("s49_request_draft.summary.not_authorization", s49_request_draft["summary"]["not_authorization"])
assert_equal(
"s49_request_draft.request_draft_templates.ids",
[item["template_id"] for item in s49_request_draft["request_draft_templates"]],
expected_s4_9_owner_response_request_template_ids,
)
assert_equal(
"s49_request_draft.request_draft_templates.display_order",
[item["display_order"] for item in s49_request_draft["request_draft_templates"]],
list(range(1, len(expected_s4_9_owner_response_request_template_ids) + 1)),
)
for item in s49_request_draft["request_draft_templates"]:
assert_equal(
f"s49_request_draft.request_draft_templates.{item['template_id']}.draft_status",
item["draft_status"],
"ready_not_sent",
)
s4_9_owner_response_request_templates = iwooos_projection["s4_9_owner_response_request_templates"]
assert_equal(
"iwooos_projection.s4_9_owner_response_request_templates.ids",
[item["template_id"] for item in s4_9_owner_response_request_templates],
expected_s4_9_owner_response_request_template_ids,
)
assert_equal(
"iwooos_projection.s4_9_owner_response_request_templates.display_order",
[item["display_order"] for item in s4_9_owner_response_request_templates],
list(range(1, len(expected_s4_9_owner_response_request_template_ids) + 1)),
)
assert_equal(
"iwooos_projection.s4_9_owner_response_request_templates.source_template_status_ids",
[item["source_template_status_id"] for item in s4_9_owner_response_request_templates],
expected_s4_9_owner_response_request_template_ids,
)
assert_equal(
"iwooos_projection.s4_9_owner_response_request_templates.attestation_item_ids",
[item["attestation_item_id"] for item in s4_9_owner_response_request_templates],
[
"public_only_vs_local_gitea_gap",
"org_user_endpoint_identity",
"internal_110_adjacent_scope",
"repo_owner_canonical_scope",
"legacy_or_inaccessible_repo_disposition",
],
)
for item in s4_9_owner_response_request_templates:
assert_equal(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.request_status",
item["request_status"],
"request_ready_not_sent",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.current_state",
item["current_state"],
"waiting_owner_response",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.display_mode",
item["display_mode"],
"s4_9_owner_response_request_template_only",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.request_sent_count",
item["request_sent_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.owner_response_received_count",
item["owner_response_received_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.owner_response_accepted_count",
item["owner_response_accepted_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.owner_response_rejected_count",
item["owner_response_rejected_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.audit_events_emitted_count",
item["audit_events_emitted_count"],
0,
)
for flag in [
"auto_chase_allowed",
"autofill_allowed",
"request_send_allowed",
"mark_received_allowed",
"mark_accepted_allowed",
"approval_record_created",
"gitea_inventory_completed",
"gitea_write_allowed",
"repo_or_refs_mutation_allowed",
"github_primary_ready",
"secret_value_collection_allowed",
"runtime_execution_authorized",
"action_buttons_allowed",
]:
assert_false(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.{flag}",
item[flag],
)
assert_true(
f"iwooos_projection.s4_9_owner_response_request_templates.{item['template_id']}.not_authorization",
item["not_authorization"],
)
expected_s4_9_owner_response_preflight_ids = [
"s4_9_preflight_known_attestation_item",
"s4_9_preflight_required_owner_fields",
"s4_9_preflight_allowed_decision",
"s4_9_preflight_redacted_evidence_only",
"s4_9_preflight_no_execution_request",
"s4_9_preflight_all_five_items_before_accepted",
]
assert_equal(
"iwooos_projection.summary.s4_9_owner_response_preflight_check_count",
iwooos_projection["summary"]["s4_9_owner_response_preflight_check_count"],
len(expected_s4_9_owner_response_preflight_ids),
)
s4_9_owner_response_preflight_checks = iwooos_projection["s4_9_owner_response_preflight_checks"]
assert_equal(
"iwooos_projection.s4_9_owner_response_preflight_checks.ids",
[item["preflight_id"] for item in s4_9_owner_response_preflight_checks],
expected_s4_9_owner_response_preflight_ids,
)
assert_equal(
"iwooos_projection.s4_9_owner_response_preflight_checks.display_order",
[item["display_order"] for item in s4_9_owner_response_preflight_checks],
list(range(1, len(expected_s4_9_owner_response_preflight_ids) + 1)),
)
assert_equal(
"iwooos_projection.s4_9_owner_response_preflight_checks.source_check_ids",
[item["source_check_id"] for item in s4_9_owner_response_preflight_checks],
[
"preflight-known-attestation-item",
"preflight-required-owner-fields",
"preflight-allowed-decision",
"preflight-redacted-evidence-only",
"preflight-no-execution-request",
"preflight-all-five-items-before-accepted",
],
)
assert_equal(
"iwooos_projection.s4_9_owner_response_preflight_checks.failure_lanes",
[item["failure_lane"] for item in s4_9_owner_response_preflight_checks],
[
"request_owner_correction",
"request_more_evidence",
"request_owner_correction",
"quarantine_sensitive_payload",
"reject_execution_request",
"keep_waiting_owner_response",
],
)
for item in s4_9_owner_response_preflight_checks:
assert_equal(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.source_packet",
item["source_packet"],
"docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.display_mode",
item["display_mode"],
"s4_9_owner_response_preflight_only",
)
assert_true(f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.required", item["required"])
assert_equal(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.request_sent_count",
item["request_sent_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.owner_response_received_count",
item["owner_response_received_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.owner_response_accepted_count",
item["owner_response_accepted_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.owner_response_rejected_count",
item["owner_response_rejected_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.preflight_passed_count",
item["preflight_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.audit_events_emitted_count",
item["audit_events_emitted_count"],
0,
)
for flag in [
"request_sent_allowed",
"owner_response_collection_allowed",
"mark_passed_allowed",
"mark_received_allowed",
"mark_accepted_allowed",
"approval_record_created",
"runtime_gate_opened",
"gitea_write_allowed",
"repo_or_refs_mutation_allowed",
"secret_value_collection_allowed",
"sensitive_payload_allowed",
"runtime_execution_authorized",
"action_buttons_allowed",
]:
assert_false(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.{flag}",
item[flag],
)
assert_true(
f"iwooos_projection.s4_9_owner_response_preflight_checks.{item['preflight_id']}.not_authorization",
item["not_authorization"],
)
assert_equal(
"iwooos_projection.posture_pillars.ids",
[item["pillar_id"] for item in iwooos_projection["posture_pillars"]],
["exposure_posture", "source_control_supply_chain", "kali_112_mesh", "approval_boundary"],
)
assert_equal(
"iwooos_projection.posture_pillars.display_order",
[item["display_order"] for item in iwooos_projection["posture_pillars"]],
[1, 2, 3, 4],
)
for item in iwooos_projection["posture_pillars"]:
assert_equal(f"iwooos_projection.posture_pillars.{item['pillar_id']}.display_mode", item["display_mode"], "posture_only")
assert_false(
f"iwooos_projection.posture_pillars.{item['pillar_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(f"iwooos_projection.posture_pillars.{item['pillar_id']}.not_authorization", item["not_authorization"])
iwooos_surfaces = iwooos_projection["existing_frontend_surfaces"]
assert_equal(
"iwooos_projection.existing_frontend_surfaces.ids",
[item["surface_id"] for item in iwooos_surfaces],
expected_iwooos_surface_ids,
)
assert_equal(
"iwooos_projection.existing_frontend_surfaces.display_order",
[item["display_order"] for item in iwooos_surfaces],
list(range(1, len(expected_iwooos_surface_ids) + 1)),
)
for item in iwooos_surfaces:
assert_equal(
f"iwooos_projection.existing_frontend_surfaces.{item['surface_id']}.display_mode",
item["display_mode"],
"link_only",
)
assert_false(
f"iwooos_projection.existing_frontend_surfaces.{item['surface_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.existing_frontend_surfaces.{item['surface_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.existing_frontend_surfaces.{item['surface_id']}.not_authorization",
item["not_authorization"],
)
iwooos_surface_bridge_statuses = iwooos_projection["frontend_surface_reverse_bridge_statuses"]
assert_equal(
"iwooos_projection.frontend_surface_reverse_bridge_statuses.ids",
[item["surface_id"] for item in iwooos_surface_bridge_statuses],
expected_iwooos_surface_ids,
)
assert_equal(
"iwooos_projection.frontend_surface_reverse_bridge_statuses.display_order",
[item["display_order"] for item in iwooos_surface_bridge_statuses],
list(range(1, len(expected_iwooos_surface_ids) + 1)),
)
expected_iwooos_surface_bridge_states = [
"embedded_bridge_visible",
"direct_bridge_visible",
"direct_bridge_visible",
"direct_bridge_visible",
"direct_bridge_visible",
"direct_bridge_visible",
"direct_bridge_visible",
"direct_bridge_visible",
"awooop_candidate_visible",
"review_handoff_candidate_visible",
]
assert_equal(
"iwooos_projection.frontend_surface_reverse_bridge_statuses.states",
[item["reverse_bridge_state"] for item in iwooos_surface_bridge_statuses],
expected_iwooos_surface_bridge_states,
)
for item in iwooos_surface_bridge_statuses:
assert_equal(
f"iwooos_projection.frontend_surface_reverse_bridge_statuses.{item['surface_id']}.display_mode",
item["display_mode"],
"reverse_bridge_status_only",
)
assert_false(
f"iwooos_projection.frontend_surface_reverse_bridge_statuses.{item['surface_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.frontend_surface_reverse_bridge_statuses.{item['surface_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.frontend_surface_reverse_bridge_statuses.{item['surface_id']}.not_authorization",
item["not_authorization"],
)
iwooos_coverage_groups = iwooos_projection["frontend_surface_coverage_groups"]
assert_equal(
"iwooos_projection.frontend_surface_coverage_groups.ids",
[item["group_id"] for item in iwooos_coverage_groups],
expected_iwooos_coverage_group_ids,
)
assert_equal(
"iwooos_projection.frontend_surface_coverage_groups.display_order",
[item["display_order"] for item in iwooos_coverage_groups],
list(range(1, len(expected_iwooos_coverage_group_ids) + 1)),
)
covered_surface_ids = sorted({surface_id for item in iwooos_coverage_groups for surface_id in item["surface_ids"]})
assert_equal("iwooos_projection.frontend_surface_coverage_groups.coverage", covered_surface_ids, sorted(expected_iwooos_surface_ids))
for item in iwooos_coverage_groups:
assert_equal(
f"iwooos_projection.frontend_surface_coverage_groups.{item['group_id']}.display_mode",
item["display_mode"],
"coverage_only",
)
assert_false(
f"iwooos_projection.frontend_surface_coverage_groups.{item['group_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.frontend_surface_coverage_groups.{item['group_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.frontend_surface_coverage_groups.{item['group_id']}.not_authorization",
item["not_authorization"],
)
iwooos_conflict_controls = iwooos_projection["frontend_surface_conflict_controls"]
assert_equal(
"iwooos_projection.frontend_surface_conflict_controls.ids",
[item["control_id"] for item in iwooos_conflict_controls],
expected_iwooos_conflict_control_ids,
)
assert_equal(
"iwooos_projection.frontend_surface_conflict_controls.display_order",
[item["display_order"] for item in iwooos_conflict_controls],
list(range(1, len(expected_iwooos_conflict_control_ids) + 1)),
)
for item in iwooos_conflict_controls:
assert_equal(
f"iwooos_projection.frontend_surface_conflict_controls.{item['control_id']}.display_mode",
item["display_mode"],
"conflict_control_only",
)
assert_false(
f"iwooos_projection.frontend_surface_conflict_controls.{item['control_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.frontend_surface_conflict_controls.{item['control_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.frontend_surface_conflict_controls.{item['control_id']}.not_authorization",
item["not_authorization"],
)
iwooos_journey_steps = iwooos_projection["operator_journey_steps"]
assert_equal(
"iwooos_projection.operator_journey_steps.ids",
[item["step_id"] for item in iwooos_journey_steps],
expected_iwooos_journey_step_ids,
)
assert_equal(
"iwooos_projection.operator_journey_steps.display_order",
[item["display_order"] for item in iwooos_journey_steps],
list(range(1, len(expected_iwooos_journey_step_ids) + 1)),
)
for item in iwooos_journey_steps:
assert_equal(
f"iwooos_projection.operator_journey_steps.{item['step_id']}.display_mode",
item["display_mode"],
"journey_only",
)
assert_false(
f"iwooos_projection.operator_journey_steps.{item['step_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.operator_journey_steps.{item['step_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.operator_journey_steps.{item['step_id']}.not_authorization",
item["not_authorization"],
)
iwooos_evidence_readiness = iwooos_projection["owner_evidence_readiness_items"]
assert_equal(
"iwooos_projection.owner_evidence_readiness_items.ids",
[item["item_id"] for item in iwooos_evidence_readiness],
expected_iwooos_evidence_readiness_item_ids,
)
assert_equal(
"iwooos_projection.owner_evidence_readiness_items.display_order",
[item["display_order"] for item in iwooos_evidence_readiness],
list(range(1, len(expected_iwooos_evidence_readiness_item_ids) + 1)),
)
for item in iwooos_evidence_readiness:
assert_equal(
f"iwooos_projection.owner_evidence_readiness_items.{item['item_id']}.display_mode",
item["display_mode"],
"readiness_only",
)
assert_equal(
f"iwooos_projection.owner_evidence_readiness_items.{item['item_id']}.received_count",
item["received_count"],
0,
)
assert_equal(
f"iwooos_projection.owner_evidence_readiness_items.{item['item_id']}.accepted_count",
item["accepted_count"],
0,
)
assert_false(
f"iwooos_projection.owner_evidence_readiness_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.owner_evidence_readiness_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.owner_evidence_readiness_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_coverage = iwooos_projection["host_coverage_items"]
assert_equal(
"iwooos_projection.host_coverage_items.ids",
[item["host_id"] for item in iwooos_host_coverage],
expected_iwooos_host_coverage_item_ids,
)
assert_equal(
"iwooos_projection.host_coverage_items.display_order",
[item["display_order"] for item in iwooos_host_coverage],
list(range(1, len(expected_iwooos_host_coverage_item_ids) + 1)),
)
for item in iwooos_host_coverage:
assert_equal(
f"iwooos_projection.host_coverage_items.{item['host_id']}.display_mode",
item["display_mode"],
"coverage_only",
)
assert_false(
f"iwooos_projection.host_coverage_items.{item['host_id']}.active_scan_authorized",
item["active_scan_authorized"],
)
assert_false(
f"iwooos_projection.host_coverage_items.{item['host_id']}.ssh_change_authorized",
item["ssh_change_authorized"],
)
assert_false(
f"iwooos_projection.host_coverage_items.{item['host_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_coverage_items.{item['host_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_coverage_items.{item['host_id']}.not_authorization",
item["not_authorization"],
)
iwooos_kali_maintenance_readiness = iwooos_projection["kali_maintenance_readiness_items"]
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.ids",
[item["item_id"] for item in iwooos_kali_maintenance_readiness],
expected_iwooos_kali_maintenance_readiness_item_ids,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.display_order",
[item["display_order"] for item in iwooos_kali_maintenance_readiness],
list(range(1, len(expected_iwooos_kali_maintenance_readiness_item_ids) + 1)),
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.upgradable_package_count",
iwooos_kali_maintenance_readiness[2]["metric_value"],
1994,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.failed_systemd_unit_count",
iwooos_kali_maintenance_readiness[3]["metric_value"],
1,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.scanner_health",
iwooos_kali_maintenance_readiness[1]["metric_value"],
"healthy",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.scanner_api_health_endpoint",
iwooos_kali_maintenance_readiness[1]["scanner_api_health_endpoint"],
"127.0.0.1:8080/health",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.scanner_service_state",
iwooos_kali_maintenance_readiness[1]["scanner_service_state"],
"active",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.scanner_service_enabled",
iwooos_kali_maintenance_readiness[1]["scanner_service_enabled"],
"enabled",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.failed_unit_name",
iwooos_kali_maintenance_readiness[3]["failed_unit_name"],
"networking.service",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.hardening_enabled_count",
iwooos_kali_maintenance_readiness[4]["enabled_count"],
0,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.hardening_expected_count",
iwooos_kali_maintenance_readiness[4]["expected_count"],
4,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.hardening_missing_controls",
iwooos_kali_maintenance_readiness[4]["missing_controls"],
["NoNewPrivileges", "PrivateTmp", "ProtectSystem", "ProtectHome"],
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.reboot_gate_queue_item",
iwooos_kali_maintenance_readiness[5]["source_queue_item_id"],
"kali-full-upgrade-reboot-approval-20260513",
)
for item in iwooos_kali_maintenance_readiness:
assert_equal(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.display_mode",
item["display_mode"],
"maintenance_readiness_only",
)
assert_false(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
if "full_upgrade_authorized" in item:
assert_false(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.full_upgrade_authorized",
item["full_upgrade_authorized"],
)
if "reboot_authorized" in item:
assert_false(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.reboot_authorized",
item["reboot_authorized"],
)
if "package_update_executed" in item:
assert_false(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.package_update_executed",
item["package_update_executed"],
)
if "host_reboot_executed" in item:
assert_false(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.host_reboot_executed",
item["host_reboot_executed"],
)
if "active_scan_executed" in item:
assert_false(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.active_scan_executed",
item["active_scan_executed"],
)
if "action_buttons_allowed" in item:
assert_false(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.kali_maintenance_readiness_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_action_gates = iwooos_projection["host_action_gate_items"]
assert_equal(
"iwooos_projection.host_action_gate_items.ids",
[item["action_id"] for item in iwooos_host_action_gates],
expected_iwooos_host_action_gate_item_ids,
)
assert_equal(
"iwooos_projection.host_action_gate_items.display_order",
[item["display_order"] for item in iwooos_host_action_gates],
list(range(1, len(expected_iwooos_host_action_gate_item_ids) + 1)),
)
for item in iwooos_host_action_gates:
assert_equal(
f"iwooos_projection.host_action_gate_items.{item['action_id']}.display_mode",
item["display_mode"],
"gate_only",
)
assert_false(
f"iwooos_projection.host_action_gate_items.{item['action_id']}.active_scan_authorized",
item["active_scan_authorized"],
)
assert_false(
f"iwooos_projection.host_action_gate_items.{item['action_id']}.credentialed_scan_authorized",
item["credentialed_scan_authorized"],
)
assert_false(
f"iwooos_projection.host_action_gate_items.{item['action_id']}.ssh_change_authorized",
item["ssh_change_authorized"],
)
assert_false(
f"iwooos_projection.host_action_gate_items.{item['action_id']}.host_update_authorized",
item["host_update_authorized"],
)
assert_false(
f"iwooos_projection.host_action_gate_items.{item['action_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_action_gate_items.{item['action_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_action_gate_items.{item['action_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_evidence_readiness = iwooos_projection["host_evidence_readiness_items"]
assert_equal(
"iwooos_projection.host_evidence_readiness_items.ids",
[item["item_id"] for item in iwooos_host_evidence_readiness],
expected_iwooos_host_evidence_readiness_item_ids,
)
assert_equal(
"iwooos_projection.host_evidence_readiness_items.display_order",
[item["display_order"] for item in iwooos_host_evidence_readiness],
list(range(1, len(expected_iwooos_host_evidence_readiness_item_ids) + 1)),
)
for item in iwooos_host_evidence_readiness:
assert_equal(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.display_mode",
item["display_mode"],
"evidence_readiness_only",
)
assert_equal(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.received_count",
item["received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.accepted_count",
item["accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.active_scan_authorized",
item["active_scan_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.credentialed_scan_authorized",
item["credentialed_scan_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.ssh_change_authorized",
item["ssh_change_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.host_update_authorized",
item["host_update_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_evidence_collection_order = iwooos_projection["host_evidence_collection_order"]
assert_equal(
"iwooos_projection.host_evidence_collection_order.ids",
[item["step_id"] for item in iwooos_host_evidence_collection_order],
expected_iwooos_host_evidence_collection_step_ids,
)
assert_equal(
"iwooos_projection.host_evidence_collection_order.display_order",
[item["display_order"] for item in iwooos_host_evidence_collection_order],
list(range(1, len(expected_iwooos_host_evidence_collection_step_ids) + 1)),
)
expected_iwooos_host_evidence_collection_source_ids = [
"host_scope_boundary_evidence",
"host_owner_decision_record_evidence",
"host_credential_handling_evidence",
"host_maintenance_window_evidence",
"host_rollback_plan_evidence",
"host_validation_metrics_evidence",
"host_redacted_ingestion_evidence",
]
assert_equal(
"iwooos_projection.host_evidence_collection_order.source_item_ids",
[item["source_item_id"] for item in iwooos_host_evidence_collection_order],
expected_iwooos_host_evidence_collection_source_ids,
)
expected_iwooos_host_evidence_collection_dependencies = [
[],
["collect_scope_boundary_first"],
["collect_owner_decision_second"],
["collect_owner_decision_second"],
["collect_maintenance_window_fourth"],
["collect_rollback_plan_fifth"],
["collect_validation_metrics_sixth"],
]
assert_equal(
"iwooos_projection.host_evidence_collection_order.depends_on_step_ids",
[item["depends_on_step_ids"] for item in iwooos_host_evidence_collection_order],
expected_iwooos_host_evidence_collection_dependencies,
)
for item in iwooos_host_evidence_collection_order:
assert_equal(
f"iwooos_projection.host_evidence_collection_order.{item['step_id']}.display_mode",
item["display_mode"],
"collection_order_only",
)
assert_equal(
f"iwooos_projection.host_evidence_collection_order.{item['step_id']}.received_count",
item["received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_evidence_collection_order.{item['step_id']}.accepted_count",
item["accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_evidence_collection_order.{item['step_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_collection_order.{item['step_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_evidence_collection_order.{item['step_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_evidence_intake_preflight = iwooos_projection["host_evidence_intake_preflight_checks"]
assert_equal(
"iwooos_projection.host_evidence_intake_preflight_checks.ids",
[item["check_id"] for item in iwooos_host_evidence_intake_preflight],
expected_iwooos_host_evidence_intake_preflight_check_ids,
)
assert_equal(
"iwooos_projection.host_evidence_intake_preflight_checks.display_order",
[item["display_order"] for item in iwooos_host_evidence_intake_preflight],
list(range(1, len(expected_iwooos_host_evidence_intake_preflight_check_ids) + 1)),
)
expected_iwooos_host_evidence_intake_preflight_rejection_lanes = [
"reject_missing_redacted_metadata_pointer",
"quarantine_dependency_skip",
"reject_scan_without_scope",
"reject_change_without_owner_decision",
"reject_plaintext_credential_or_secret_value",
"reject_raw_payload_ingestion",
"reject_frontend_counter_transition",
]
assert_equal(
"iwooos_projection.host_evidence_intake_preflight_checks.rejection_lanes",
[item["rejection_lane"] for item in iwooos_host_evidence_intake_preflight],
expected_iwooos_host_evidence_intake_preflight_rejection_lanes,
)
for item in iwooos_host_evidence_intake_preflight:
assert_equal(
f"iwooos_projection.host_evidence_intake_preflight_checks.{item['check_id']}.display_mode",
item["display_mode"],
"intake_preflight_only",
)
assert_equal(
f"iwooos_projection.host_evidence_intake_preflight_checks.{item['check_id']}.received_count",
item["received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_evidence_intake_preflight_checks.{item['check_id']}.accepted_count",
item["accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_evidence_intake_preflight_checks.{item['check_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_evidence_intake_preflight_checks.{item['check_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_evidence_intake_preflight_checks.{item['check_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_intake_preflight_checks.{item['check_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_evidence_intake_preflight_checks.{item['check_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_evidence_review_outcome_lanes = iwooos_projection["host_evidence_review_outcome_lanes"]
assert_equal(
"iwooos_projection.host_evidence_review_outcome_lanes.ids",
[item["lane_id"] for item in iwooos_host_evidence_review_outcome_lanes],
expected_iwooos_host_evidence_review_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_evidence_review_outcome_lanes.display_order",
[item["display_order"] for item in iwooos_host_evidence_review_outcome_lanes],
list(range(1, len(expected_iwooos_host_evidence_review_outcome_lane_ids) + 1)),
)
expected_iwooos_host_evidence_review_outcome_states = [
"candidate_only_not_received",
"needs_scope_evidence",
"needs_owner_decision_pointer",
"quarantine_dependency_skip",
"rejected_raw_payload",
"rejected_plaintext_credential",
"waiting_followup_runtime_gate",
]
assert_equal(
"iwooos_projection.host_evidence_review_outcome_lanes.outcome_states",
[item["outcome_state"] for item in iwooos_host_evidence_review_outcome_lanes],
expected_iwooos_host_evidence_review_outcome_states,
)
for item in iwooos_host_evidence_review_outcome_lanes:
assert_equal(
f"iwooos_projection.host_evidence_review_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"review_outcome_only",
)
assert_equal(
f"iwooos_projection.host_evidence_review_outcome_lanes.{item['lane_id']}.received_count",
item["received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_evidence_review_outcome_lanes.{item['lane_id']}.accepted_count",
item["accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_evidence_review_outcome_lanes.{item['lane_id']}.approval_record_created",
item["approval_record_created"],
)
assert_false(
f"iwooos_projection.host_evidence_review_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_review_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_evidence_review_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_evidence_review_handoff_packets = iwooos_projection["host_evidence_review_handoff_packets"]
assert_equal(
"iwooos_projection.host_evidence_review_handoff_packets.ids",
[item["packet_id"] for item in iwooos_host_evidence_review_handoff_packets],
expected_iwooos_host_evidence_review_handoff_packet_ids,
)
assert_equal(
"iwooos_projection.host_evidence_review_handoff_packets.display_order",
[item["display_order"] for item in iwooos_host_evidence_review_handoff_packets],
list(range(1, len(expected_iwooos_host_evidence_review_handoff_packet_ids) + 1)),
)
expected_iwooos_host_evidence_review_handoff_requirements = [
"redacted_scope_boundary_summary",
"owner_decision_record_pointer",
"credential_handling_metadata_only_statement",
"maintenance_window_and_rollback_pointer",
"post_review_validation_metrics_pointer",
"redaction_attestation_metadata_only",
"followup_runtime_gate_pointer_only",
]
assert_equal(
"iwooos_projection.host_evidence_review_handoff_packets.packet_requirements",
[item["packet_requirement"] for item in iwooos_host_evidence_review_handoff_packets],
expected_iwooos_host_evidence_review_handoff_requirements,
)
for item in iwooos_host_evidence_review_handoff_packets:
assert_equal(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"review_handoff_only",
)
assert_equal(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.received_count",
item["received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.accepted_count",
item["accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.approval_record_created",
item["approval_record_created"],
)
assert_false(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_evidence_review_handoff_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_evidence_reviewer_checklist = iwooos_projection["host_evidence_reviewer_checklist_items"]
assert_equal(
"iwooos_projection.host_evidence_reviewer_checklist_items.ids",
[item["check_id"] for item in iwooos_host_evidence_reviewer_checklist],
expected_iwooos_host_evidence_reviewer_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_evidence_reviewer_checklist_items.display_order",
[item["display_order"] for item in iwooos_host_evidence_reviewer_checklist],
list(range(1, len(expected_iwooos_host_evidence_reviewer_checklist_item_ids) + 1)),
)
expected_iwooos_host_evidence_reviewer_checklist_pass_conditions = [
"redacted_scope_pointer_only_no_scan_started",
"decision_pointer_only_no_approval_record_created",
"secret_value_collection_false",
"raw_payload_allowed_false",
"future_change_conditions_only_no_change_execution",
"validation_pointer_only_runtime_gate_closed",
"active_runtime_gates_zero_action_buttons_false",
]
assert_equal(
"iwooos_projection.host_evidence_reviewer_checklist_items.pass_conditions",
[item["pass_condition"] for item in iwooos_host_evidence_reviewer_checklist],
expected_iwooos_host_evidence_reviewer_checklist_pass_conditions,
)
for item in iwooos_host_evidence_reviewer_checklist:
assert_equal(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.display_mode",
item["display_mode"],
"reviewer_checklist_only",
)
assert_equal(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.received_count",
item["received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.accepted_count",
item["accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.approval_record_created",
item["approval_record_created"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_evidence_reviewer_checklist_items.{item['check_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_evidence_reviewer_outcome_lanes = iwooos_projection["host_evidence_reviewer_outcome_lanes"]
assert_equal(
"iwooos_projection.host_evidence_reviewer_outcome_lanes.ids",
[item["lane_id"] for item in iwooos_host_evidence_reviewer_outcome_lanes],
expected_iwooos_host_evidence_reviewer_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_evidence_reviewer_outcome_lanes.display_order",
[item["display_order"] for item in iwooos_host_evidence_reviewer_outcome_lanes],
list(range(1, len(expected_iwooos_host_evidence_reviewer_outcome_lane_ids) + 1)),
)
expected_iwooos_host_evidence_reviewer_outcome_states = [
"candidate_only_not_accepted",
"needs_scope_rework",
"needs_owner_decision_refresh",
"quarantine_credential_metadata_gap",
"rejected_redaction_failed",
"needs_rollback_evidence",
"waiting_separate_runtime_gate",
]
assert_equal(
"iwooos_projection.host_evidence_reviewer_outcome_lanes.outcome_states",
[item["outcome_state"] for item in iwooos_host_evidence_reviewer_outcome_lanes],
expected_iwooos_host_evidence_reviewer_outcome_states,
)
for item in iwooos_host_evidence_reviewer_outcome_lanes:
assert_equal(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"reviewer_outcome_only",
)
assert_equal(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.checklist_passed_count",
item["checklist_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.received_count",
item["received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.accepted_count",
item["accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.approval_record_created",
item["approval_record_created"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_evidence_reviewer_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_candidate_packets = iwooos_projection["host_owner_decision_candidate_packets"]
assert_equal(
"iwooos_projection.host_owner_decision_candidate_packets.ids",
[item["packet_id"] for item in iwooos_host_owner_decision_candidate_packets],
expected_iwooos_host_owner_decision_candidate_packet_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_candidate_packets.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_candidate_packets],
list(range(1, len(expected_iwooos_host_owner_decision_candidate_packet_ids) + 1)),
)
expected_iwooos_host_owner_decision_scopes = [
"scope_boundary_hosts_networks_services_exclusions",
"observe_only_future_active_or_credentialed_scan_mode",
"metadata_only_credential_handling_boundary",
"future_maintenance_window_constraints",
"rollback_owner_and_recovery_path",
"post_check_metrics_and_baseline_pointer",
"separate_runtime_gate_requirement",
]
assert_equal(
"iwooos_projection.host_owner_decision_candidate_packets.decision_scopes",
[item["decision_scope"] for item in iwooos_host_owner_decision_candidate_packets],
expected_iwooos_host_owner_decision_scopes,
)
for item in iwooos_host_owner_decision_candidate_packets:
assert_equal(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"owner_decision_candidate_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_candidate_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_review_checklist = iwooos_projection["host_owner_decision_review_checklist_items"]
assert_equal(
"iwooos_projection.host_owner_decision_review_checklist_items.ids",
[item["check_id"] for item in iwooos_host_owner_decision_review_checklist],
expected_iwooos_host_owner_decision_review_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_review_checklist_items.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_review_checklist],
list(range(1, len(expected_iwooos_host_owner_decision_review_checklist_item_ids) + 1)),
)
expected_iwooos_host_owner_decision_review_guard_conditions = [
"scope_review_only_owner_decision_received_zero",
"active_scan_and_credentialed_scan_authorized_false",
"secret_value_collection_allowed_false",
"host_update_authorized_false",
"owner_approval_record_created_false",
"runtime_gate_opened_false",
"action_buttons_allowed_false_runtime_gate_separate",
]
assert_equal(
"iwooos_projection.host_owner_decision_review_checklist_items.guard_conditions",
[item["guard_condition"] for item in iwooos_host_owner_decision_review_checklist],
expected_iwooos_host_owner_decision_review_guard_conditions,
)
for item in iwooos_host_owner_decision_review_checklist:
assert_equal(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.display_mode",
item["display_mode"],
"owner_decision_review_checklist_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_review_checklist_items.{item['check_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_review_outcome_lanes = iwooos_projection["host_owner_decision_review_outcome_lanes"]
assert_equal(
"iwooos_projection.host_owner_decision_review_outcome_lanes.ids",
[item["lane_id"] for item in iwooos_host_owner_decision_review_outcome_lanes],
expected_iwooos_host_owner_decision_review_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_review_outcome_lanes.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_review_outcome_lanes],
list(range(1, len(expected_iwooos_host_owner_decision_review_outcome_lane_ids) + 1)),
)
expected_iwooos_host_owner_decision_review_outcome_states = [
"candidate_decision_record_only",
"needs_scope_refresh",
"needs_scan_mode_scope_review",
"quarantine_credential_boundary_gap",
"needs_maintenance_window",
"needs_rollback_owner",
"waiting_separate_runtime_gate",
]
assert_equal(
"iwooos_projection.host_owner_decision_review_outcome_lanes.outcome_states",
[item["outcome_state"] for item in iwooos_host_owner_decision_review_outcome_lanes],
expected_iwooos_host_owner_decision_review_outcome_states,
)
for item in iwooos_host_owner_decision_review_outcome_lanes:
assert_equal(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"owner_decision_review_outcome_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.owner_decision_review_passed_count",
item["owner_decision_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_review_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_draft_packets = iwooos_projection[
"host_owner_decision_record_draft_packets"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_packets.ids",
[item["packet_id"] for item in iwooos_host_owner_decision_record_draft_packets],
expected_iwooos_host_owner_decision_record_draft_packet_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_packets.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_draft_packets],
list(range(1, len(expected_iwooos_host_owner_decision_record_draft_packet_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_draft_fields = [
"scope_statement",
"scan_mode_statement",
"credential_boundary_statement",
"maintenance_constraints_statement",
"rollback_owner_statement",
"validation_metrics_statement",
"runtime_gate_pointer_statement",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_packets.draft_fields",
[item["draft_field"] for item in iwooos_host_owner_decision_record_draft_packets],
expected_iwooos_host_owner_decision_record_draft_fields,
)
for item in iwooos_host_owner_decision_record_draft_packets:
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"owner_decision_record_draft_only",
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_draft_review_checklist = iwooos_projection[
"host_owner_decision_record_draft_review_checklist_items"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.ids",
[item["check_id"] for item in iwooos_host_owner_decision_record_draft_review_checklist],
expected_iwooos_host_owner_decision_record_draft_review_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_draft_review_checklist],
list(range(1, len(expected_iwooos_host_owner_decision_record_draft_review_checklist_item_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_draft_review_conditions = [
"scope_statement_metadata_complete",
"scan_mode_not_authorization_confirmed",
"credential_boundary_metadata_only_confirmed",
"maintenance_constraints_no_change_confirmed",
"rollback_owner_recovery_pointer_readable",
"validation_metrics_baseline_linked",
"runtime_gate_separate_and_closed",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.review_conditions",
[item["review_condition"] for item in iwooos_host_owner_decision_record_draft_review_checklist],
expected_iwooos_host_owner_decision_record_draft_review_conditions,
)
for item in iwooos_host_owner_decision_record_draft_review_checklist:
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.display_mode",
item["display_mode"],
"owner_decision_record_draft_review_checklist_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.decision_record_review_passed_count",
item["decision_record_review_passed_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_draft_review_outcome_lanes = iwooos_projection[
"host_owner_decision_record_draft_review_outcome_lanes"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.ids",
[item["lane_id"] for item in iwooos_host_owner_decision_record_draft_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_draft_review_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_draft_review_outcome_lanes],
list(range(1, len(expected_iwooos_host_owner_decision_record_draft_review_outcome_lane_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_draft_review_outcome_states = [
"candidate_decision_record_writeup_only",
"needs_scope_statement_refresh",
"needs_scan_mode_wording_refresh",
"needs_credential_boundary_metadata_refresh",
"needs_maintenance_constraints_refresh",
"needs_rollback_owner_refresh",
"waiting_separate_runtime_gate",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.outcome_states",
[item["outcome_state"] for item in iwooos_host_owner_decision_record_draft_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_draft_review_outcome_states,
)
for item in iwooos_host_owner_decision_record_draft_review_outcome_lanes:
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"owner_decision_record_draft_review_outcome_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.decision_record_review_passed_count",
item["decision_record_review_passed_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_draft_review_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_writeup_packets = iwooos_projection[
"host_owner_decision_record_writeup_packets"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_packets.ids",
[item["packet_id"] for item in iwooos_host_owner_decision_record_writeup_packets],
expected_iwooos_host_owner_decision_record_writeup_packet_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_packets.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_writeup_packets],
list(range(1, len(expected_iwooos_host_owner_decision_record_writeup_packet_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_writeup_fields = [
"decision_summary",
"approved_scope_statement",
"scan_mode_limits_statement",
"credential_boundary_statement",
"maintenance_and_rollback_statement",
"validation_evidence_statement",
"runtime_gate_pointer_statement",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_packets.writeup_fields",
[item["writeup_field"] for item in iwooos_host_owner_decision_record_writeup_packets],
expected_iwooos_host_owner_decision_record_writeup_fields,
)
for item in iwooos_host_owner_decision_record_writeup_packets:
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"owner_decision_record_writeup_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.decision_record_writeup_completed_count",
item["decision_record_writeup_completed_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_writeup_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_writeup_review_checklist_items = iwooos_projection[
"host_owner_decision_record_writeup_review_checklist_items"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.ids",
[item["check_id"] for item in iwooos_host_owner_decision_record_writeup_review_checklist_items],
expected_iwooos_host_owner_decision_record_writeup_review_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_writeup_review_checklist_items],
list(range(1, len(expected_iwooos_host_owner_decision_record_writeup_review_checklist_item_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_writeup_review_conditions = [
"decision_summary_risk_acceptance_and_no_execution_statement_readable",
"scope_exclusion_observation_intent_and_expiry_complete",
"scan_mode_limits_explicit_and_not_authorization",
"credential_boundary_metadata_only_and_no_secret_collection",
"maintenance_window_constraints_rollback_and_human_contact_linked",
"validation_metrics_baseline_evidence_and_acceptance_condition_linked",
"runtime_gate_pointer_separate_and_closed",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.review_conditions",
[item["review_condition"] for item in iwooos_host_owner_decision_record_writeup_review_checklist_items],
expected_iwooos_host_owner_decision_record_writeup_review_conditions,
)
for item in iwooos_host_owner_decision_record_writeup_review_checklist_items:
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.display_mode",
item["display_mode"],
"owner_decision_record_writeup_review_checklist_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.decision_record_writeup_review_passed_count",
item["decision_record_writeup_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.decision_record_writeup_completed_count",
item["decision_record_writeup_completed_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_writeup_review_checklist_items.{item['check_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_writeup_review_outcome_lanes = iwooos_projection[
"host_owner_decision_record_writeup_review_outcome_lanes"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.ids",
[item["lane_id"] for item in iwooos_host_owner_decision_record_writeup_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_writeup_review_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_writeup_review_outcome_lanes],
list(range(1, len(expected_iwooos_host_owner_decision_record_writeup_review_outcome_lane_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_writeup_review_outcome_states = [
"candidate_formal_decision_record_only",
"needs_decision_summary_clarification",
"needs_scope_and_expiry_refresh",
"needs_scan_mode_limit_wording_refresh",
"needs_credential_boundary_metadata_refresh",
"needs_maintenance_rollback_refresh",
"waiting_separate_runtime_gate",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.outcome_states",
[item["outcome_state"] for item in iwooos_host_owner_decision_record_writeup_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_writeup_review_outcome_states,
)
for item in iwooos_host_owner_decision_record_writeup_review_outcome_lanes:
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"owner_decision_record_writeup_review_outcome_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.decision_record_writeup_review_passed_count",
item["decision_record_writeup_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.decision_record_writeup_completed_count",
item["decision_record_writeup_completed_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_writeup_review_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_formal_candidate_packets = iwooos_projection[
"host_owner_decision_record_formal_candidate_packets"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_packets.ids",
[item["packet_id"] for item in iwooos_host_owner_decision_record_formal_candidate_packets],
expected_iwooos_host_owner_decision_record_formal_candidate_packet_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_packets.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_formal_candidate_packets],
list(range(1, len(expected_iwooos_host_owner_decision_record_formal_candidate_packet_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_formal_candidate_fields = [
"record_identity_and_version",
"decision_summary",
"approved_scope_statement",
"scan_mode_limits_statement",
"credential_boundary_statement",
"maintenance_and_rollback_statement",
"validation_and_runtime_gate_statement",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_packets.candidate_fields",
[item["candidate_field"] for item in iwooos_host_owner_decision_record_formal_candidate_packets],
expected_iwooos_host_owner_decision_record_formal_candidate_fields,
)
for item in iwooos_host_owner_decision_record_formal_candidate_packets:
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.source_lane_id",
item["source_lane_id"],
"host_decision_record_writeup_review_ready_for_formal_record_outcome_lane",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"owner_decision_record_formal_candidate_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.formal_record_candidate_finalized_count",
item["formal_record_candidate_finalized_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_formal_candidate_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_formal_candidate_review_checklist_items = iwooos_projection[
"host_owner_decision_record_formal_candidate_review_checklist_items"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.ids",
[item["check_id"] for item in iwooos_host_owner_decision_record_formal_candidate_review_checklist_items],
expected_iwooos_host_owner_decision_record_formal_candidate_review_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_formal_candidate_review_checklist_items],
list(range(1, len(expected_iwooos_host_owner_decision_record_formal_candidate_review_checklist_item_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_formal_candidate_review_conditions = [
"record_identity_version_owner_scope_and_trace_source_readable",
"decision_summary_risk_acceptance_and_no_execution_statement_readable",
"scope_exclusion_observation_intent_and_expiry_consistent",
"scan_limits_explicit_and_not_authorization",
"credential_boundary_metadata_only_masked_and_no_secret_collection",
"maintenance_window_constraints_rollback_and_human_contact_traceable",
"validation_evidence_linked_and_runtime_gate_separate_closed",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.review_conditions",
[
item["review_condition"]
for item in iwooos_host_owner_decision_record_formal_candidate_review_checklist_items
],
expected_iwooos_host_owner_decision_record_formal_candidate_review_conditions,
)
for item in iwooos_host_owner_decision_record_formal_candidate_review_checklist_items:
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.display_mode",
item["display_mode"],
"owner_decision_record_formal_candidate_review_checklist_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.formal_record_candidate_review_passed_count",
item["formal_record_candidate_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.formal_record_candidate_finalized_count",
item["formal_record_candidate_finalized_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes = iwooos_projection[
"host_owner_decision_record_formal_candidate_review_outcome_lanes"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.ids",
[item["lane_id"] for item in iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes],
list(range(1, len(expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lane_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_states = [
"ready_for_separate_human_record_queue",
"record_identity_trace_missing",
"decision_summary_needs_clarification",
"scope_expiry_needs_refresh",
"scan_limits_ambiguous_not_authorization",
"credential_boundary_failed",
"maintenance_rollback_incomplete",
"waiting_separate_runtime_gate",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.outcome_states",
[item["outcome_state"] for item in iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_states,
)
for item in iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes:
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"owner_decision_record_formal_candidate_review_outcome_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.formal_record_candidate_review_passed_count",
item["formal_record_candidate_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.formal_record_candidate_finalized_count",
item["formal_record_candidate_finalized_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_formal_record_queue_packets = iwooos_projection[
"host_owner_decision_record_formal_record_queue_packets"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.ids",
[item["packet_id"] for item in iwooos_host_owner_decision_record_formal_record_queue_packets],
expected_iwooos_host_owner_decision_record_formal_record_queue_packet_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_formal_record_queue_packets],
list(range(1, len(expected_iwooos_host_owner_decision_record_formal_record_queue_packet_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_formal_record_queue_fields = [
"record_identity_queue_packet",
"decision_summary_queue_packet",
"scope_expiry_queue_packet",
"scan_limits_queue_packet",
"credential_boundary_queue_packet",
"maintenance_rollback_queue_packet",
"validation_runtime_gate_queue_packet",
"no_execution_attestation_queue_packet",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.queue_fields",
[item["queue_field"] for item in iwooos_host_owner_decision_record_formal_record_queue_packets],
expected_iwooos_host_owner_decision_record_formal_record_queue_fields,
)
for item in iwooos_host_owner_decision_record_formal_record_queue_packets:
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.source_lane_id",
item["source_lane_id"],
"host_decision_record_formal_candidate_review_ready_for_record_queue_outcome_lane",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"owner_decision_record_formal_record_queue_packet_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_formal_record_queue_review_checklist_items = iwooos_projection[
"host_owner_decision_record_formal_record_queue_review_checklist_items"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.ids",
[item["item_id"] for item in iwooos_host_owner_decision_record_formal_record_queue_review_checklist_items],
expected_iwooos_host_owner_decision_record_formal_record_queue_review_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_formal_record_queue_review_checklist_items],
list(range(1, len(expected_iwooos_host_owner_decision_record_formal_record_queue_review_checklist_item_ids) + 1)),
)
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.source_packet_ids",
[item["source_packet_id"] for item in iwooos_host_owner_decision_record_formal_record_queue_review_checklist_items],
expected_iwooos_host_owner_decision_record_formal_record_queue_packet_ids,
)
expected_iwooos_host_owner_decision_record_formal_record_queue_review_conditions = [
"identity_traceable_to_candidate_source",
"decision_summary_readable_without_approval_semantics",
"scope_expiry_current_and_bounded",
"scan_limits_not_authorization",
"credential_boundary_metadata_only",
"maintenance_rollback_pointer_linked",
"validation_runtime_gate_separate",
"no_execution_attestation_present",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.review_conditions",
[item["review_condition"] for item in iwooos_host_owner_decision_record_formal_record_queue_review_checklist_items],
expected_iwooos_host_owner_decision_record_formal_record_queue_review_conditions,
)
for item in iwooos_host_owner_decision_record_formal_record_queue_review_checklist_items:
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.display_mode",
item["display_mode"],
"owner_decision_record_formal_record_queue_review_checklist_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_checklist_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lanes = iwooos_projection[
"host_owner_decision_record_formal_record_queue_review_outcome_lanes"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.ids",
[item["lane_id"] for item in iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lanes],
list(range(1, len(expected_iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lane_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_formal_record_queue_review_outcome_states = [
"ready_for_human_record_owner_handoff",
"identity_needs_trace_refresh",
"decision_summary_needs_clarification",
"scope_expiry_needs_refresh",
"scan_limits_remain_ambiguous",
"credential_boundary_failed",
"maintenance_rollback_incomplete",
"runtime_gate_still_required",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.outcome_states",
[item["outcome_state"] for item in iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_formal_record_queue_review_outcome_states,
)
for item in iwooos_host_owner_decision_record_formal_record_queue_review_outcome_lanes:
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"owner_decision_record_formal_record_queue_review_outcome_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_formal_record_queue_review_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_human_handoff_readiness_packets = iwooos_projection[
"host_owner_decision_record_human_handoff_readiness_packets"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.ids",
[item["packet_id"] for item in iwooos_host_owner_decision_record_human_handoff_readiness_packets],
expected_iwooos_host_owner_decision_record_human_handoff_readiness_packet_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_human_handoff_readiness_packets],
list(range(1, len(expected_iwooos_host_owner_decision_record_human_handoff_readiness_packet_ids) + 1)),
)
expected_iwooos_host_owner_decision_record_human_handoff_readiness_fields = [
"record_identity_and_trace",
"human_record_owner_contact_boundary",
"decision_summary_and_no_execution_statement",
"approved_scope_and_expiry_window",
"observe_only_and_future_scan_limits",
"metadata_only_credential_boundary",
"maintenance_constraints_and_rollback_owner",
"independent_runtime_gate_and_no_action_buttons",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.readiness_fields",
[item["readiness_field"] for item in iwooos_host_owner_decision_record_human_handoff_readiness_packets],
expected_iwooos_host_owner_decision_record_human_handoff_readiness_fields,
)
for item in iwooos_host_owner_decision_record_human_handoff_readiness_packets:
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"owner_decision_record_human_handoff_readiness_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.source_outcome_lane_id",
item["source_outcome_lane_id"],
"host_decision_record_formal_record_queue_review_ready_for_human_record_owner_handoff_outcome_lane",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.human_record_owner_handoff_started_count",
item["human_record_owner_handoff_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.human_record_owner_handoff_ready_count",
item["human_record_owner_handoff_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_items = iwooos_projection[
"host_owner_decision_record_human_handoff_readiness_review_checklist_items"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.ids",
[item["item_id"] for item in iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_items],
expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_items],
list(
range(
1,
len(expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_item_ids) + 1,
)
),
)
expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_conditions = [
"identity_trace_readable",
"owner_boundary_readable",
"decision_summary_readable",
"scope_expiry_current",
"scan_limits_not_authorization",
"credential_boundary_metadata_only",
"maintenance_rollback_traceable",
"runtime_gate_separate",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.review_conditions",
[
item["review_condition"]
for item in iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_items
],
expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_conditions,
)
for item in iwooos_host_owner_decision_record_human_handoff_readiness_review_checklist_items:
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.display_mode",
item["display_mode"],
"owner_decision_record_human_handoff_readiness_review_checklist_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.human_record_owner_handoff_review_passed_count",
item["human_record_owner_handoff_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.human_record_owner_handoff_started_count",
item["human_record_owner_handoff_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.human_record_owner_handoff_ready_count",
item["human_record_owner_handoff_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_checklist_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lanes = iwooos_projection[
"host_owner_decision_record_human_handoff_readiness_review_outcome_lanes"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.ids",
[item["lane_id"] for item in iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lanes],
list(
range(
1,
len(expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lane_ids) + 1,
)
),
)
expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_states = [
"ready_for_human_record_owner_review_candidate",
"identity_trace_needs_refresh",
"owner_boundary_needs_clarification",
"decision_summary_needs_clarification",
"scope_expiry_needs_refresh",
"scan_limits_remain_ambiguous",
"credential_boundary_failed",
"maintenance_rollback_incomplete",
"runtime_gate_still_required",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.outcome_states",
[item["outcome_state"] for item in iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lanes],
expected_iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_states,
)
for item in iwooos_host_owner_decision_record_human_handoff_readiness_review_outcome_lanes:
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"owner_decision_record_human_handoff_readiness_review_outcome_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.human_record_owner_handoff_review_passed_count",
item["human_record_owner_handoff_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.human_record_owner_handoff_started_count",
item["human_record_owner_handoff_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.human_record_owner_handoff_ready_count",
item["human_record_owner_handoff_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_human_handoff_readiness_review_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_human_record_owner_review_candidate_packets = iwooos_projection[
"host_owner_decision_record_human_record_owner_review_candidate_packets"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.ids",
[item["packet_id"] for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_packets],
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_packet_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.display_order",
[item["display_order"] for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_packets],
list(
range(
1,
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_packet_ids) + 1,
)
),
)
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_fields = [
"candidate_identity_and_trace",
"human_record_owner_boundary",
"decision_summary_and_no_execution_statement",
"approved_scope_and_expiry_window",
"observe_only_and_future_scan_limits",
"metadata_only_credential_boundary",
"maintenance_constraints_and_rollback_owner",
"validation_evidence_and_independent_runtime_gate",
"no_execution_no_approval_attestation",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.review_candidate_fields",
[
item["review_candidate_field"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_packets
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_fields,
)
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_packets:
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.source_outcome_lane_id",
item["source_outcome_lane_id"],
"host_decision_record_handoff_readiness_review_ready_for_human_record_owner_review_candidate_outcome_lane",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"owner_decision_record_human_record_owner_review_candidate_packet_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.human_record_owner_review_started_count",
item["human_record_owner_review_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.human_record_owner_review_ready_count",
item["human_record_owner_review_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.human_record_owner_handoff_review_passed_count",
item["human_record_owner_handoff_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.human_record_owner_handoff_started_count",
item["human_record_owner_handoff_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.human_record_owner_handoff_ready_count",
item["human_record_owner_handoff_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_items = iwooos_projection[
"host_owner_decision_record_human_record_owner_review_candidate_checklist_items"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.ids",
[
item["item_id"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_items
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.display_order",
[
item["display_order"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_items
],
list(
range(
1,
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_item_ids)
+ 1,
)
),
)
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_review_conditions = [
"candidate_identity_traceable",
"candidate_owner_boundary_readable",
"candidate_decision_summary_readable",
"candidate_scope_expiry_current",
"candidate_scan_limits_not_authorization",
"candidate_credential_boundary_metadata_only",
"candidate_maintenance_rollback_traceable",
"candidate_validation_runtime_gate_separate",
"candidate_no_execution_attestation_present",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.review_conditions",
[
item["review_condition"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_items
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_review_conditions,
)
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_checklist_items:
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.display_mode",
item["display_mode"],
"owner_decision_record_human_record_owner_review_candidate_checklist_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.human_record_owner_review_check_passed_count",
item["human_record_owner_review_check_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.human_record_owner_review_started_count",
item["human_record_owner_review_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.human_record_owner_review_ready_count",
item["human_record_owner_review_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.human_record_owner_handoff_review_passed_count",
item["human_record_owner_handoff_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.human_record_owner_handoff_started_count",
item["human_record_owner_handoff_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.human_record_owner_handoff_ready_count",
item["human_record_owner_handoff_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_checklist_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes = iwooos_projection[
"host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.ids",
[
item["lane_id"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lane_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.display_order",
[
item["display_order"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes
],
list(
range(
1,
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lane_ids)
+ 1,
)
),
)
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_states = [
"ready_for_human_record_owner_review_preparation_candidate",
"identity_trace_needs_refresh",
"owner_boundary_needs_clarification",
"decision_summary_needs_clarification",
"scope_expiry_needs_refresh",
"scan_limits_remain_ambiguous",
"credential_boundary_failed",
"maintenance_rollback_incomplete",
"runtime_gate_still_required",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.outcome_states",
[
item["outcome_state"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_states,
)
for item in iwooos_host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes:
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"owner_decision_record_human_record_owner_review_candidate_outcome_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.human_record_owner_review_check_passed_count",
item["human_record_owner_review_check_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.human_record_owner_review_started_count",
item["human_record_owner_review_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.human_record_owner_review_ready_count",
item["human_record_owner_review_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.human_record_owner_handoff_review_passed_count",
item["human_record_owner_handoff_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.human_record_owner_handoff_started_count",
item["human_record_owner_handoff_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.human_record_owner_handoff_ready_count",
item["human_record_owner_handoff_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_human_record_owner_review_preparation_packets = iwooos_projection[
"host_owner_decision_record_human_record_owner_review_preparation_packets"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.ids",
[
item["packet_id"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_packets
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_packet_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.display_order",
[
item["display_order"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_packets
],
list(
range(
1,
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_packet_ids) + 1,
)
),
)
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_fields = [
"preparation_identity_trace",
"preparation_owner_boundary",
"preparation_decision_summary",
"preparation_scope_expiry",
"preparation_scan_limits",
"preparation_credential_boundary",
"preparation_maintenance_rollback",
"preparation_validation_runtime_gate",
"preparation_no_execution_attestation",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.preparation_fields",
[
item["preparation_field"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_packets
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_fields,
)
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_packets:
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.source_outcome_lane_id",
item["source_outcome_lane_id"],
"host_decision_record_human_record_owner_review_candidate_ready_for_human_record_owner_review_preparation_outcome_lane",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.display_mode",
item["display_mode"],
"owner_decision_record_human_record_owner_review_preparation_packet_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.human_record_owner_review_prepared_count",
item["human_record_owner_review_prepared_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.human_record_owner_review_check_passed_count",
item["human_record_owner_review_check_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.human_record_owner_review_started_count",
item["human_record_owner_review_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.human_record_owner_review_ready_count",
item["human_record_owner_review_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.human_record_owner_handoff_review_passed_count",
item["human_record_owner_handoff_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.human_record_owner_handoff_started_count",
item["human_record_owner_handoff_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.human_record_owner_handoff_ready_count",
item["human_record_owner_handoff_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_packets.{item['packet_id']}.not_authorization",
item["not_authorization"],
)
iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_items = iwooos_projection[
"host_owner_decision_record_human_record_owner_review_preparation_checklist_items"
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.ids",
[
item["item_id"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_items
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_item_ids,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.display_order",
[
item["display_order"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_items
],
list(
range(
1,
len(expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_item_ids) + 1,
)
),
)
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_review_conditions = [
"preparation_identity_trace_readable",
"preparation_owner_boundary_readable",
"preparation_decision_summary_readable",
"preparation_scope_expiry_current",
"preparation_scan_limits_not_authorization",
"preparation_credential_boundary_metadata_only",
"preparation_maintenance_rollback_traceable",
"preparation_validation_runtime_gate_separate",
"preparation_no_execution_attestation_present",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.review_conditions",
[
item["review_condition"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_items
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_review_conditions,
)
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_failure_routes = [
"refresh_preparation_identity_trace",
"clarify_preparation_owner_boundary",
"clarify_preparation_decision_summary",
"refresh_preparation_scope_expiry",
"clarify_preparation_scan_limits",
"quarantine_preparation_credential_boundary",
"complete_preparation_maintenance_rollback",
"keep_runtime_gate_separate",
"keep_no_execution_attestation_visible",
]
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.failure_routes",
[
item["failure_route"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_items
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_failure_routes,
)
assert_equal(
"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.source_preparation_packet_ids",
[
item["source_preparation_packet_id"]
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_items
],
expected_iwooos_host_owner_decision_record_human_record_owner_review_preparation_packet_ids,
)
for item in iwooos_host_owner_decision_record_human_record_owner_review_preparation_checklist_items:
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.display_mode",
item["display_mode"],
"owner_decision_record_human_record_owner_review_preparation_checklist_only",
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.human_record_owner_review_prepared_count",
item["human_record_owner_review_prepared_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.human_record_owner_review_check_passed_count",
item["human_record_owner_review_check_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.human_record_owner_review_started_count",
item["human_record_owner_review_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.human_record_owner_review_ready_count",
item["human_record_owner_review_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.human_record_owner_handoff_review_passed_count",
item["human_record_owner_handoff_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.human_record_owner_handoff_started_count",
item["human_record_owner_handoff_started_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.human_record_owner_handoff_ready_count",
item["human_record_owner_handoff_ready_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.formal_record_queue_review_passed_count",
item["formal_record_queue_review_passed_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.formal_record_queue_enqueued_count",
item["formal_record_queue_enqueued_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.decision_record_created",
item["decision_record_created"],
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.owner_decision_received_count",
item["owner_decision_received_count"],
0,
)
assert_equal(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.owner_decision_accepted_count",
item["owner_decision_accepted_count"],
0,
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.owner_approval_record_created",
item["owner_approval_record_created"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.secret_value_collection_allowed",
item["secret_value_collection_allowed"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.host_owner_decision_record_human_record_owner_review_preparation_checklist_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
assert_equal(
"iwooos_projection.non_blocking_lane_ids",
iwooos_projection["non_blocking_lane_ids"],
expected_low_friction_lane_ids,
)
for evidence_ref in [
"docs/security/iwooos-posture-projection.snapshot.json",
"docs/security/security-rollout-policy.snapshot.json",
"docs/security/security-mirror-status-rollup.snapshot.json",
"docs/security/source-control-owner-response-validation-rollup.snapshot.json",
"docs/security/kali-integration-status.snapshot.json",
]:
assert_contains("iwooos_projection.evidence_refs", iwooos_projection["evidence_refs"], evidence_ref)
latest_kali_observation = kali_status["latest_read_only_observation"]
assert_equal(
"kali_status.latest_read_only_observation.observed_at_taipei",
latest_kali_observation["observed_at_taipei"],
"2026-06-04T08:55:43+08:00",
)
assert_equal(
"kali_status.latest_read_only_observation.collection_mode",
latest_kali_observation["collection_mode"],
"ssh_batch_read_only_existing_key",
)
assert_equal(
"kali_status.latest_read_only_observation.upgradable_package_count",
latest_kali_observation["upgradable_package_count"],
1994,
)
assert_equal(
"kali_status.latest_read_only_observation.failed_systemd_unit_count",
latest_kali_observation["failed_systemd_unit_count"],
1,
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_api_health_status",
latest_kali_observation["scanner_api_health_status"],
"healthy",
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_api_health_endpoint",
latest_kali_observation["scanner_api_health_endpoint"],
"127.0.0.1:8080/health",
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_service_state",
latest_kali_observation["scanner_service_state"],
"active",
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_service_enabled",
latest_kali_observation["scanner_service_enabled"],
"enabled",
)
assert_equal(
"kali_status.latest_read_only_observation.failed_systemd_unit_names",
latest_kali_observation["failed_systemd_unit_names"],
["networking.service"],
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_systemd_hardening_enabled_count",
latest_kali_observation["scanner_systemd_hardening_enabled_count"],
0,
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_systemd_hardening_expected_count",
latest_kali_observation["scanner_systemd_hardening_expected_count"],
4,
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_systemd_hardening_missing",
latest_kali_observation["scanner_systemd_hardening_missing"],
["NoNewPrivileges", "PrivateTmp", "ProtectSystem", "ProtectHome"],
)
for forbidden_runtime_flag in [
"runtime_actions_executed",
"active_scan_executed",
"package_update_executed",
"host_reboot_executed",
]:
assert_false(
f"kali_status.latest_read_only_observation.{forbidden_runtime_flag}",
latest_kali_observation[forbidden_runtime_flag],
)
for output in [
"display_security_posture",
"display_progress_estimate",
"display_visual_command_dashboard",
"display_professional_security_experience",
"display_concrete_work_snapshot",
"display_global_security_mesh_matrix",
"display_host_tool_evidence_chain",
"display_awooop_read_only_landing_readiness",
"display_awooop_cross_session_handoff_packets",
"display_progress_hold_movement_gates",
"display_progress_acceleration_lanes",
"display_owner_response_next_action_focus",
"display_s4_9_owner_response_preflight_checks",
"display_s4_9_owner_response_request_templates",
"display_non_blocking_lanes",
"display_existing_frontend_security_surfaces",
"display_frontend_surface_reverse_bridge_statuses",
"display_frontend_surface_coverage_matrix",
"display_frontend_surface_conflict_controls",
"display_operator_journey_steps",
"display_owner_evidence_readiness_board",
"display_host_coverage_view",
"display_kali_maintenance_readiness_board",
"display_host_action_gate_matrix",
"display_host_evidence_readiness_board",
"display_host_evidence_collection_order",
"display_host_evidence_intake_preflight_checks",
"display_host_evidence_review_outcome_lanes",
"display_host_evidence_review_handoff_packets",
"display_host_evidence_reviewer_checklist",
"display_host_evidence_reviewer_outcome_lanes",
"display_host_owner_decision_candidate_packets",
"display_host_owner_decision_review_checklist",
"display_host_owner_decision_review_outcome_lanes",
"display_host_owner_decision_record_draft_packets",
"display_host_owner_decision_record_draft_review_checklist",
"display_host_owner_decision_record_draft_review_outcome_lanes",
"display_host_owner_decision_record_writeup_packets",
"display_host_owner_decision_record_writeup_review_checklist",
"display_host_owner_decision_record_writeup_review_outcome_lanes",
"display_host_owner_decision_record_formal_candidate_packets",
"display_host_owner_decision_record_formal_candidate_review_checklist",
"display_host_owner_decision_record_formal_candidate_review_outcome_lanes",
"display_host_owner_decision_record_formal_record_queue_packets",
"display_host_owner_decision_record_formal_record_queue_review_checklist",
"display_host_owner_decision_record_formal_record_queue_review_outcome_lanes",
"display_host_owner_decision_record_human_handoff_readiness_packets",
"display_host_owner_decision_record_human_handoff_readiness_review_checklist",
"display_host_owner_decision_record_human_handoff_readiness_review_outcome_lanes",
"display_host_owner_decision_record_human_record_owner_review_candidate_packets",
"display_host_owner_decision_record_human_record_owner_review_candidate_checklist",
"display_host_owner_decision_record_human_record_owner_review_candidate_outcome_lanes",
"display_host_owner_decision_record_human_record_owner_review_preparation_packets",
"display_host_owner_decision_record_human_record_owner_review_preparation_checklist",
"display_evidence_refs",
"display_forbidden_actions",
"display_source_control_primary_readiness_board",
"display_vibework_security_onboarding",
"display_agent_bounty_security_onboarding",
"display_rollout_risk_read_only",
"display_wazuh_intrusion_readback",
"display_soc_siem_kali_wazuh_integration_control",
"display_external_host_intrusion_prevention_control",
"display_high_value_config_owner_packet",
"display_awooop_high_value_config_owner_packet_read_only",
]:
assert_contains("iwooos_projection.allowed_frontend_outputs", iwooos_projection["allowed_frontend_outputs"], output)
for output in [
"add_scan_button",
"add_execute_button",
"add_repair_button",
"start_kali_scan",
"call_kali_execute_endpoint",
"create_github_repo",
"sync_git_refs",
"modify_workflow_or_secret",
"reload_nginx_from_owner_packet",
"rotate_secret_from_owner_packet",
"run_agent_bounty_runtime_from_owner_packet",
"send_owner_request_from_awooop_high_value_config_packet",
"mark_owner_packet_received_from_awooop",
"mark_owner_packet_accepted_from_awooop",
"open_runtime_gate_from_awooop_high_value_config_packet",
"reload_nginx_from_awooop_owner_packet",
"run_agent_bounty_runtime_from_awooop_owner_packet",
"enable_runner",
"ssh_to_host",
"open_ssh_session",
"update_kali_host",
"auto_update_host",
"run_host_package_upgrade",
"credentialed_scan_host",
"mark_host_evidence_received",
"mark_host_evidence_accepted",
"ingest_raw_host_evidence",
"treat_reverse_bridge_status_as_authorization",
"create_runtime_gate_from_reverse_bridge_status",
"create_code_review_blocker_from_reverse_bridge_status",
"create_gitea_or_github_action_from_reverse_bridge_status",
"advance_host_collection_state",
"skip_host_evidence_dependency",
"accept_host_evidence_without_preflight",
"ingest_host_evidence_raw_payload",
"collect_host_credential_plaintext",
"advance_host_evidence_counters_from_frontend",
"create_host_approval_from_review_lane",
"treat_host_review_lane_as_runtime_gate",
"mark_host_review_outcome_accepted",
"treat_host_handoff_packet_as_approval",
"mark_host_handoff_packet_received",
"store_host_handoff_sensitive_payload",
"treat_host_reviewer_check_as_approval",
"mark_host_reviewer_check_passed_from_frontend",
"open_runtime_gate_from_reviewer_check",
"treat_host_reviewer_outcome_as_approval",
"mark_host_reviewer_outcome_passed",
"open_runtime_gate_from_reviewer_outcome",
"treat_host_owner_decision_candidate_as_approval",
"mark_host_owner_decision_approved",
"open_runtime_gate_from_owner_decision_candidate",
"treat_host_owner_decision_review_check_as_approval",
"mark_host_owner_decision_review_passed",
"open_runtime_gate_from_owner_decision_review_check",
"treat_host_owner_decision_review_outcome_as_approval",
"mark_host_owner_decision_review_outcome_passed",
"open_runtime_gate_from_owner_decision_review_outcome",
"create_host_owner_decision_record_from_draft",
"mark_host_owner_decision_record_created",
"open_runtime_gate_from_owner_decision_record_draft",
"treat_host_owner_decision_record_draft_review_as_approval",
"mark_host_owner_decision_record_draft_review_passed",
"create_host_owner_decision_record_from_draft_review",
"open_runtime_gate_from_owner_decision_record_draft_review",
"treat_host_owner_decision_record_draft_review_outcome_as_approval",
"mark_host_owner_decision_record_draft_review_outcome_passed",
"create_host_owner_decision_record_from_draft_review_outcome",
"open_runtime_gate_from_owner_decision_record_draft_review_outcome",
"create_host_owner_decision_record_from_writeup",
"mark_host_owner_decision_record_writeup_completed",
"mark_host_owner_decision_record_accepted_from_writeup",
"open_runtime_gate_from_owner_decision_record_writeup",
"treat_host_owner_decision_record_writeup_review_as_approval",
"mark_host_owner_decision_record_writeup_review_passed",
"mark_host_owner_decision_record_writeup_review_completed",
"create_host_owner_decision_record_from_writeup_review",
"open_runtime_gate_from_owner_decision_record_writeup_review",
"treat_host_owner_decision_record_writeup_review_outcome_as_approval",
"mark_host_owner_decision_record_writeup_review_outcome_passed",
"mark_host_owner_decision_record_writeup_review_outcome_completed",
"create_host_owner_decision_record_from_writeup_review_outcome",
"open_runtime_gate_from_owner_decision_record_writeup_review_outcome",
"treat_host_owner_decision_record_formal_candidate_as_approval",
"mark_host_owner_decision_record_formal_candidate_finalized",
"create_host_owner_decision_record_from_formal_candidate",
"accept_host_owner_decision_record_from_formal_candidate",
"open_runtime_gate_from_owner_decision_record_formal_candidate",
"treat_host_owner_decision_record_formal_candidate_review_as_approval",
"mark_host_owner_decision_record_formal_candidate_review_passed",
"mark_host_owner_decision_record_formal_candidate_review_finalized",
"create_host_owner_decision_record_from_formal_candidate_review",
"open_runtime_gate_from_owner_decision_record_formal_candidate_review",
"treat_host_owner_decision_record_formal_candidate_review_outcome_as_approval",
"mark_host_owner_decision_record_formal_candidate_review_outcome_passed",
"mark_host_owner_decision_record_formal_candidate_review_outcome_finalized",
"create_host_owner_decision_record_from_formal_candidate_review_outcome",
"open_runtime_gate_from_owner_decision_record_formal_candidate_review_outcome",
"treat_host_owner_decision_record_formal_record_queue_packet_as_approval",
"enqueue_host_owner_decision_record_formal_record_queue_from_frontend",
"create_host_owner_decision_record_from_formal_record_queue_packet",
"accept_host_owner_decision_record_from_formal_record_queue_packet",
"open_runtime_gate_from_owner_decision_record_formal_record_queue_packet",
"treat_host_owner_decision_record_formal_record_queue_review_as_approval",
"mark_host_owner_decision_record_formal_record_queue_review_passed",
"enqueue_host_owner_decision_record_from_formal_record_queue_review",
"create_host_owner_decision_record_from_formal_record_queue_review",
"open_runtime_gate_from_formal_record_queue_review",
"treat_host_owner_decision_record_formal_record_queue_review_outcome_as_approval",
"mark_host_owner_decision_record_formal_record_queue_review_outcome_passed",
"enqueue_host_owner_decision_record_from_formal_record_queue_review_outcome",
"create_host_owner_decision_record_from_formal_record_queue_review_outcome",
"open_runtime_gate_from_formal_record_queue_review_outcome",
"treat_host_owner_decision_record_handoff_readiness_as_approval",
"start_human_record_owner_handoff_from_readiness_packet",
"mark_human_record_owner_handoff_ready_from_frontend",
"create_host_owner_decision_record_from_handoff_readiness",
"open_runtime_gate_from_handoff_readiness",
"treat_host_owner_decision_record_handoff_readiness_review_as_approval",
"mark_human_record_owner_handoff_readiness_review_passed",
"start_human_record_owner_handoff_from_readiness_review",
"create_host_owner_decision_record_from_handoff_readiness_review",
"open_runtime_gate_from_handoff_readiness_review",
"treat_host_owner_decision_record_handoff_readiness_review_outcome_as_approval",
"mark_human_record_owner_handoff_readiness_review_outcome_passed",
"start_human_record_owner_handoff_from_readiness_review_outcome",
"create_host_owner_decision_record_from_handoff_readiness_review_outcome",
"open_runtime_gate_from_handoff_readiness_review_outcome",
"treat_host_owner_decision_record_human_record_owner_review_candidate_packet_as_approval",
"start_human_record_owner_review_from_candidate_packet",
"mark_human_record_owner_review_ready_from_candidate_packet",
"collect_owner_decision_from_human_record_owner_review_candidate_packet",
"create_host_owner_decision_record_from_human_record_owner_review_candidate_packet",
"open_runtime_gate_from_human_record_owner_review_candidate_packet",
"treat_host_owner_decision_record_human_record_owner_review_candidate_checklist_as_approval",
"mark_human_record_owner_review_candidate_checklist_passed",
"start_human_record_owner_review_from_candidate_checklist",
"mark_human_record_owner_review_ready_from_candidate_checklist",
"collect_owner_decision_from_human_record_owner_review_candidate_checklist",
"create_host_owner_decision_record_from_human_record_owner_review_candidate_checklist",
"open_runtime_gate_from_human_record_owner_review_candidate_checklist",
"treat_host_owner_decision_record_human_record_owner_review_candidate_outcome_as_approval",
"mark_human_record_owner_review_candidate_outcome_passed",
"start_human_record_owner_review_from_candidate_outcome",
"mark_human_record_owner_review_ready_from_candidate_outcome",
"collect_owner_decision_from_human_record_owner_review_candidate_outcome",
"create_host_owner_decision_record_from_human_record_owner_review_candidate_outcome",
"open_runtime_gate_from_human_record_owner_review_candidate_outcome",
"treat_host_owner_decision_record_human_record_owner_review_preparation_packet_as_approval",
"mark_human_record_owner_review_preparation_completed",
"start_human_record_owner_review_from_preparation_packet",
"mark_human_record_owner_review_ready_from_preparation_packet",
"collect_owner_decision_from_human_record_owner_review_preparation_packet",
"create_host_owner_decision_record_from_human_record_owner_review_preparation_packet",
"open_runtime_gate_from_human_record_owner_review_preparation_packet",
"treat_host_owner_decision_record_human_record_owner_review_preparation_checklist_as_approval",
"mark_human_record_owner_review_preparation_checklist_passed",
"mark_human_record_owner_review_prepared_from_preparation_checklist",
"start_human_record_owner_review_from_preparation_checklist",
"mark_human_record_owner_review_ready_from_preparation_checklist",
"collect_owner_decision_from_human_record_owner_review_preparation_checklist",
"create_host_owner_decision_record_from_human_record_owner_review_preparation_checklist",
"open_runtime_gate_from_human_record_owner_review_preparation_checklist",
"treat_awooop_landing_readiness_as_production_consumption",
"enable_awooop_execution_router_from_landing_readiness",
"mark_production_landing_enabled_from_readiness",
"create_action_button_from_awooop_landing_readiness",
"skip_guard_from_awooop_landing_readiness",
"mark_progress_changed_from_awooop_landing_readiness",
"treat_awooop_handoff_as_production_consumption",
"merge_from_awooop_handoff",
"deploy_from_awooop_handoff",
"switch_primary_from_awooop_handoff",
"modify_refs_from_awooop_handoff",
"skip_guard_from_awooop_handoff",
"mark_progress_changed_from_awooop_handoff",
"treat_progress_hold_gate_as_percent_increase",
"increase_headline_without_gate_evidence",
"mark_owner_response_received_from_hold_gate",
"mark_payload_ingested_from_hold_gate",
"open_runtime_gate_from_hold_gate",
"mark_github_primary_ready_from_hold_gate",
"enable_production_landing_from_hold_gate",
"treat_progress_acceleration_as_authorization",
"increase_headline_from_progress_acceleration_lane",
"open_runtime_gate_from_progress_acceleration_lane",
"mark_owner_response_received_from_progress_acceleration_lane",
"enable_github_primary_from_progress_acceleration_lane",
"enable_production_execution_from_progress_acceleration_lane",
"treat_owner_response_focus_as_received",
"collect_owner_response_from_iwooos_focus",
"autofill_owner_response_from_iwooos_focus",
"mark_owner_response_accepted_from_iwooos_focus",
"skip_s4_9_from_owner_response_focus",
"open_runtime_gate_from_owner_response_focus",
"switch_github_primary_from_owner_response_focus",
"create_repo_from_owner_response_focus",
"treat_s4_9_preflight_as_request_sent",
"treat_s4_9_preflight_as_received",
"mark_s4_9_preflight_passed_from_frontend",
"accept_s4_9_owner_response_from_preflight",
"emit_s4_9_audit_event_from_preflight",
"open_runtime_gate_from_s4_9_preflight",
"write_gitea_from_s4_9_preflight",
"sync_refs_from_s4_9_preflight",
"switch_primary_from_s4_9_preflight",
"send_s4_9_owner_response_request_from_iwooos",
"treat_s4_9_template_as_request_sent",
"mark_s4_9_template_received_from_iwooos",
"mark_s4_9_template_accepted_from_iwooos",
"autofill_s4_9_template_from_iwooos",
"create_gitea_inventory_from_s4_9_template",
"write_gitea_from_s4_9_template",
"sync_refs_from_s4_9_template",
"switch_primary_from_s4_9_template",
"collect_token_from_s4_9_template",
"create_github_repo_from_primary_readiness_board",
"change_repo_visibility_from_primary_readiness_board",
"sync_refs_from_primary_readiness_board",
"delete_refs_from_primary_readiness_board",
"force_push_from_primary_readiness_board",
"switch_github_primary_from_primary_readiness_board",
"collect_secret_value_from_primary_readiness_board",
"disable_gitea_from_primary_readiness_board",
"apply_runtime_blocking_control",
"switch_github_primary",
"production_deploy",
"treat_progress_as_authorization",
]:
assert_contains("iwooos_projection.forbidden_frontend_outputs", iwooos_projection["forbidden_frontend_outputs"], output)
assert_text_contains("awooop_home_page.security_mirror_panel", awooop_home_page, "SecurityMirrorPanel")
assert_text_contains("awooop_home_page.security_mirror_metrics", awooop_home_page, "securityMirrorMetrics")
assert_text_contains("awooop_home_page.security_mirror_headline_current", awooop_home_page, 'value: "64%"')
assert_text_contains("awooop_home_page.security_mirror_framework_current", awooop_home_page, 'value: "92%"')
assert_text_contains("awooop_home_page.iwooos_link", awooop_home_page, 'href="/iwooos"')
for text in [
"read_only_production_landing_evidence_count=1",
"execution_router_linked=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_home_page.security_mirror_boundary", awooop_home_page, text)
for key in ["title", "subtitle", "badge", "openIwooos", "metrics", "checkpoints"]:
assert_contains(
"web_messages.zh-TW.awooop.home.securityMirror",
list(web_messages_zh["awooop"]["home"]["securityMirror"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.home.securityMirror",
list(web_messages_en["awooop"]["home"]["securityMirror"].keys()),
key,
)
assert_text_contains(
"awooop_home_page.github_primary_panel",
awooop_home_page,
"GitHubPrimaryReadinessHomePanel",
)
assert_text_contains(
"awooop_home_page.github_primary_metrics",
awooop_home_page,
"githubPrimaryReadinessMetrics",
)
assert_text_contains("awooop_home_page.github_primary_iwooos_link", awooop_home_page, 'href="/iwooos"')
for text in [
"source_control_primary_readiness_gate_v1",
"source_control_owner_response_validation_rollup_v1",
"source_control_primary_rollback_adr_v1",
"source_control_workflow_secret_name_inventory_v1",
"repo_creation_authorized=false",
"refs_mutation_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_home_page.github_primary_boundary", awooop_home_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"metrics",
"readinessRefsTitle",
"readinessRefs",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
]:
assert_contains(
"web_messages.zh-TW.awooop.home.githubPrimaryReadiness",
list(web_messages_zh["awooop"]["home"]["githubPrimaryReadiness"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.home.githubPrimaryReadiness",
list(web_messages_en["awooop"]["home"]["githubPrimaryReadiness"].keys()),
key,
)
assert_text_contains(
"awooop_home_page.owner_response_validation_panel",
awooop_home_page,
"OwnerResponseValidationRollupPanel",
)
assert_text_contains(
"awooop_home_page.owner_response_validation_packets",
awooop_home_page,
"ownerResponseValidationPackets",
)
assert_text_contains(
"awooop_home_page.owner_response_validation_checks",
awooop_home_page,
"ownerResponseValidationChecks",
)
assert_text_contains("awooop_home_page.owner_response_validation_iwooos_link", awooop_home_page, 'href="/iwooos"')
for text in [
"source_control_owner_response_validation_rollup_v1",
"S4.9",
"S4.10",
"S4.11",
"S4.12",
"owner_response_validation_received_count=0",
"owner_response_validation_accepted_count=0",
"owner_response_validation_rejected_count=0",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_home_page.owner_response_validation_boundary", awooop_home_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"packetsTitle",
"validationTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"fields",
"metrics",
"packets",
"checks",
]:
assert_contains(
"web_messages.zh-TW.awooop.home.ownerResponseValidation",
list(web_messages_zh["awooop"]["home"]["ownerResponseValidation"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.home.ownerResponseValidation",
list(web_messages_en["awooop"]["home"]["ownerResponseValidation"].keys()),
key,
)
assert_text_contains(
"awooop_home_page.high_value_config_owner_packet_panel",
awooop_home_page,
"HighValueConfigOwnerPacketHomePanel",
)
assert_text_contains(
"awooop_home_page.high_value_config_owner_packet_metrics",
awooop_home_page,
"highValueConfigOwnerPacketMetrics",
)
assert_text_contains(
"awooop_home_page.high_value_config_owner_packet_refs",
awooop_home_page,
"highValueConfigOwnerPacketRefs",
)
assert_text_contains(
"awooop_home_page.high_value_config_owner_packet_testid",
awooop_home_page,
'data-testid="awooop-high-value-config-owner-packet-board"',
)
assert_text_contains(
"awooop_home_page.high_value_config_owner_packet_boundary_testid",
awooop_home_page,
'data-testid="awooop-high-value-config-owner-packet-boundaries"',
)
assert_text_contains("awooop_home_page.high_value_config_owner_packet_iwooos_link", awooop_home_page, 'href="/iwooos"')
for text in [
"awooop_high_value_config_owner_packet_summary_count=4",
"awooop_high_value_config_owner_packet_ref_count=4",
"high_value_config_owner_packet_count=3",
"high_value_config_owner_packet_c0_packet_count=2",
"high_value_config_owner_packet_request_sent_count=0",
"high_value_config_owner_packet_received_response_count=0",
"high_value_config_owner_packet_accepted_response_count=0",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
"send_owner_request_allowed=false",
"mark_received_allowed=false",
"mark_accepted_allowed=false",
"nginx_reload_authorized=false",
"workflow_modification_authorized=false",
"agent_bounty_runtime_authorized=false",
]:
assert_text_contains("awooop_home_page.high_value_config_owner_packet_boundary", awooop_home_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"refsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"metrics",
"refs",
]:
assert_contains(
"web_messages.zh-TW.awooop.home.highValueConfigOwnerPacket",
list(web_messages_zh["awooop"]["home"]["highValueConfigOwnerPacket"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.home.highValueConfigOwnerPacket",
list(web_messages_en["awooop"]["home"]["highValueConfigOwnerPacket"].keys()),
key,
)
for key in ["packetDrafts", "c0Packets", "responses", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.awooop.home.highValueConfigOwnerPacket.metrics",
list(web_messages_zh["awooop"]["home"]["highValueConfigOwnerPacket"]["metrics"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.home.highValueConfigOwnerPacket.metrics",
list(web_messages_en["awooop"]["home"]["highValueConfigOwnerPacket"]["metrics"].keys()),
key,
)
for key in ["packetDraft", "c0Scope", "s49Envelope", "runtimeBoundary"]:
assert_contains(
"web_messages.zh-TW.awooop.home.highValueConfigOwnerPacket.refs",
list(web_messages_zh["awooop"]["home"]["highValueConfigOwnerPacket"]["refs"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.home.highValueConfigOwnerPacket.refs",
list(web_messages_en["awooop"]["home"]["highValueConfigOwnerPacket"]["refs"].keys()),
key,
)
assert_text_contains("awooop_work_items_page.security_mirror_item", awooop_work_items_page, "iwooosSecurityMirror")
assert_text_contains("awooop_work_items_page.github_primary_item", awooop_work_items_page, "githubPrimaryReadiness")
assert_text_contains("awooop_work_items_page.owner_response_validation_item", awooop_work_items_page, "ownerResponseValidation")
assert_text_contains(
"awooop_work_items_page.telegram_source_traditional_chinese",
awooop_work_items_page,
'source: "telegram_callback / 真相鏈鏡像"',
)
assert_text_contains(
"awooop_work_items_page.security_mirror_source",
awooop_work_items_page,
"security_mirror_status_rollup_v1 / iwooos_posture_projection_v1",
)
assert_text_contains(
"awooop_work_items_page.github_primary_source",
awooop_work_items_page,
"source-control-primary-readiness-gate.snapshot.json / iwooos_posture_projection_v1",
)
assert_text_contains(
"awooop_work_items_page.owner_response_validation_source",
awooop_work_items_page,
"source-control-owner-response-validation-rollup.snapshot.json / security_mirror_status_rollup_v1",
)
assert_text_contains("awooop_work_items_page.security_mirror_href", awooop_work_items_page, 'href: "/iwooos"')
assert_text_contains("awooop_work_items_page.security_mirror_status", awooop_work_items_page, 'status: "watching"')
assert_text_contains("awooop_work_items_page.security_mirror_headline_current", awooop_work_items_page, 'headline: "64%"')
assert_text_contains("awooop_work_items_page.security_mirror_framework_current", awooop_work_items_page, 'framework: "92%"')
for key in ["iwooos"]:
assert_contains(
"web_messages.zh-TW.awooop.workItems.surfaces",
list(web_messages_zh["awooop"]["workItems"]["surfaces"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.workItems.surfaces",
list(web_messages_en["awooop"]["workItems"]["surfaces"].keys()),
key,
)
for section in ["items", "gates", "evidence"]:
assert_contains(
f"web_messages.zh-TW.awooop.workItems.{section}",
list(web_messages_zh["awooop"]["workItems"][section].keys()),
"iwooosSecurityMirror",
)
assert_contains(
f"web_messages.en.awooop.workItems.{section}",
list(web_messages_en["awooop"]["workItems"][section].keys()),
"iwooosSecurityMirror",
)
assert_contains(
f"web_messages.zh-TW.awooop.workItems.{section}",
list(web_messages_zh["awooop"]["workItems"][section].keys()),
"githubPrimaryReadiness",
)
assert_contains(
f"web_messages.en.awooop.workItems.{section}",
list(web_messages_en["awooop"]["workItems"][section].keys()),
"githubPrimaryReadiness",
)
assert_contains(
f"web_messages.zh-TW.awooop.workItems.{section}",
list(web_messages_zh["awooop"]["workItems"][section].keys()),
"ownerResponseValidation",
)
assert_contains(
f"web_messages.en.awooop.workItems.{section}",
list(web_messages_en["awooop"]["workItems"][section].keys()),
"ownerResponseValidation",
)
for key in ["iwooosSecurityMirrorOwner", "iwooosSecurityMirrorBoundary"]:
assert_contains(
"web_messages.zh-TW.awooop.workItems.evidence",
list(web_messages_zh["awooop"]["workItems"]["evidence"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.workItems.evidence",
list(web_messages_en["awooop"]["workItems"]["evidence"].keys()),
key,
)
for key in ["githubPrimaryOwnerResponses", "githubPrimaryWorkflowNames", "githubPrimaryBoundary"]:
assert_contains(
"web_messages.zh-TW.awooop.workItems.evidence",
list(web_messages_zh["awooop"]["workItems"]["evidence"].keys()),
key,
)
for key in [
"ownerResponseValidationChecks",
"ownerResponseValidationBoundary",
]:
assert_contains(
"web_messages.zh-TW.awooop.workItems.evidence",
list(web_messages_zh["awooop"]["workItems"]["evidence"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.workItems.evidence",
list(web_messages_en["awooop"]["workItems"]["evidence"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.workItems.evidence",
list(web_messages_en["awooop"]["workItems"]["evidence"].keys()),
key,
)
assert_text_contains(
"awooop_tenants_page.security_tenant_scope_panel",
awooop_tenants_page,
"SecurityTenantScopeCandidatePanel",
)
assert_text_contains("awooop_tenants_page.iwooos_link", awooop_tenants_page, 'href="/iwooos"')
for text in [
"tenantScopeBoundaryItems",
"migrationLocked",
"policyLocked",
"runtimeLocked",
"actionButtonsLocked",
"boundaryItems.runtimeLocked",
"boundaryItems.actionButtonsLocked",
]:
assert_text_contains("awooop_tenants_page.security_tenant_boundary", awooop_tenants_page, text)
for text in [
"tenant_migration_mode_changed=false",
"tenant_policy_mutation_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
"4 gates = false",
]:
assert_text_not_contains("awooop_tenants_page.security_tenant_raw_boundary_leak", awooop_tenants_page, text)
for text in [
"AWOOOI 第一租戶",
"IwoooS 資安鏡像",
"host:kali-readonly / host:dev-b / host:dev-a",
"S4.9-S4.12 負責人回覆等待中",
]:
assert_text_contains("awooop_tenants_page.security_tenant_scope_refs", awooop_tenants_page, text)
assert_text_not_contains(
"awooop_tenants_page.security_tenant_scope_refs_legacy_host_suffix",
awooop_tenants_page,
"Kali 112 / 開發主機 168 / 開發主機 111",
)
for key in [
"title",
"subtitle",
"badge",
"scopeRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"openIwooos",
"metrics",
"scopeRefs",
"boundaryItems",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.securityTenantScopeCandidate",
list(web_messages_zh["awooop"]["tenants"]["securityTenantScopeCandidate"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.securityTenantScopeCandidate",
list(web_messages_en["awooop"]["tenants"]["securityTenantScopeCandidate"].keys()),
key,
)
for key in ["migrationLocked", "policyLocked", "runtimeLocked", "actionButtonsLocked"]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.securityTenantScopeCandidate.boundaryItems",
list(web_messages_zh["awooop"]["tenants"]["securityTenantScopeCandidate"]["boundaryItems"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.securityTenantScopeCandidate.boundaryItems",
list(web_messages_en["awooop"]["tenants"]["securityTenantScopeCandidate"]["boundaryItems"].keys()),
key,
)
assert_text_contains(
"awooop_tenants_page.github_tenant_scope_panel",
awooop_tenants_page,
"GitHubTenantReadinessScopePanel",
)
assert_text_contains(
"awooop_tenants_page.github_tenant_scope_metrics",
awooop_tenants_page,
"githubTenantReadinessMetrics",
)
assert_text_contains(
"awooop_tenants_page.github_tenant_scope_iwooos_link",
awooop_tenants_page,
'href="/iwooos"',
)
for text in [
"AWOOOI 第一租戶原始碼管控範圍",
"S4.9 Gitea 清冊負責人證明",
"S4.10 GitHub 目標負責人決策",
"S4.12 工作流程 / 機密名稱負責人回覆",
"githubTenantReadinessBoundaries",
"sourceScopeWaiting",
"ownerResponseWaiting",
"repoCreationLocked",
"refsMutationLocked",
"githubPrimaryLocked",
"giteaDisableLocked",
"tenantPolicyLocked",
"runtimeLocked",
"actionButtonsLocked",
]:
assert_text_contains("awooop_tenants_page.github_tenant_scope_boundary", awooop_tenants_page, text)
for text in [
"tenant_source_control_scope_accepted=false",
"repo_owner_response_accepted=false",
"repo_creation_authorized=false",
"refs_mutation_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
"tenant_policy_mutation_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_not_contains("awooop_tenants_page.github_tenant_raw_boundary_leak", awooop_tenants_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"scopeRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"metrics",
"scopeRefs",
"boundaryItems",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.githubTenantReadinessScope",
list(web_messages_zh["awooop"]["tenants"]["githubTenantReadinessScope"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.githubTenantReadinessScope",
list(web_messages_en["awooop"]["tenants"]["githubTenantReadinessScope"].keys()),
key,
)
for key in [
"sourceScopeWaiting",
"ownerResponseWaiting",
"repoCreationLocked",
"refsMutationLocked",
"githubPrimaryLocked",
"giteaDisableLocked",
"tenantPolicyLocked",
"runtimeLocked",
"actionButtonsLocked",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.githubTenantReadinessScope.boundaryItems",
list(web_messages_zh["awooop"]["tenants"]["githubTenantReadinessScope"]["boundaryItems"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.githubTenantReadinessScope.boundaryItems",
list(web_messages_en["awooop"]["tenants"]["githubTenantReadinessScope"]["boundaryItems"].keys()),
key,
)
for text in [
"sourcePublicScopeCode(index)",
"assetPublicCode(index)",
"routePublicCode(index)",
"tenantPublicCode(index)",
"tenantPublicName(tenant, index)",
"tenantBudgetState(tenant)",
"isPublicAssetTextSafe",
"lookupPublicProductName",
"publicChineseAssetText",
"assetPublicProductName(item, index)",
"routePublicProductName(route, index)",
"sourcePublicProductName(repo, index)",
"sourceRepos.map((repo, index)",
"sourceRiskLabel(repo.risk, t)",
"sourceReadinessLabel(repo.readiness_state, t)",
"sourceActionLabel(repo.readiness_state, t)",
"redactedScope",
"nextControl",
"租戶代號",
"公開名稱",
"預算狀態",
"已提交證據參照",
"完整證據路徑保留在只讀台帳與 guard",
]:
assert_text_contains("awooop_tenants_page.source_namespace_redaction", awooop_tenants_page, text)
for text in [
"{repo.github_repo}",
"{repo.source_key}",
"{repo.source_scope_id}",
"key={`${repo.source_scope_id}",
"{repo.risk}",
"{repo.readiness_state}",
"{repo.scope_status}",
"namespace_redacted={String(repo.source_namespace_redacted)}",
"blocked_waiting_",
"observe_scope_review",
"blockers=",
'"blocked" + "_waiting_"',
'"blockers" + "="',
"INTERNAL_STATUS_FRAGMENTS",
"repo_owner_namespace_redacted=true",
"raw_repository_namespace_visible=false",
"public_api_raw_repo_namespace_allowed=false",
"{tenant.display_name || \"--\"}",
"budget?.toLocaleString",
"minimumFractionDigits",
"專案 ID",
"預算上限 (USD)",
"{item.project_id}",
"publicAssetText(item.product_name, item.project_id)",
"publicAssetText(route.product_name, route.product_id)",
"evidence_refs.map((ref)",
"{ref}",
]:
assert_text_not_contains("awooop_tenants_page.raw_source_control_status_render", awooop_tenants_page, text)
assert_text_not_contains(
"awooop_tenants_page.raw_repo_namespace_personal_owner",
awooop_tenants_page,
"owenhytsai",
)
assert_text_not_contains(
"awooop_tenants_page.raw_repo_namespace_external_org",
awooop_tenants_page,
"nexu-io",
)
for text in [
"source_scope_id",
"source_namespace_redacted",
"只讀資產台帳;不修改租戶、路由、主機或專案庫。",
"公開回應只顯示產品代號、範圍代號與繁中管控狀態",
"執行期閘門維持關閉",
]:
assert_text_contains("platform_operator_service.source_namespace_redaction", platform_operator_service, text)
for text in [
"repo_owner_namespace_redacted=true",
"raw_repository_namespace_visible=false",
"public_api_raw_repo_namespace_allowed=false",
"public_product_identity_redacted=true",
"read_only_inventory_only=true",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
"public_api_raw_project_slug_allowed=false",
]:
assert_text_not_contains("platform_operator_service.raw_boundary_key_leak", platform_operator_service, text)
for text in ["source_scope_id", "source_namespace_redacted"]:
assert_text_contains("tenants_api_contract.source_namespace_redaction", tenants_api_contract, text)
tenant_global_assets_messages_zh = json.dumps(
web_messages_zh["awooop"]["tenants"]["globalAssets"], ensure_ascii=False
)
tenant_global_assets_messages_en = json.dumps(
web_messages_en["awooop"]["tenants"]["globalAssets"], ensure_ascii=False
)
for text in [
"脫敏原始碼範圍",
"範圍代號",
"脫敏範圍代號",
"已脫敏範圍",
"下一步管控",
"待參照一致性證據",
"待目標與可見性決策",
"未接受前不得建立專案庫或改可見性",
"不揭露原始負責人或命名空間",
"不修改租戶、路由、主機或專案庫",
"不顯示完整來源字串",
]:
assert_text_contains("web_messages.zh-TW.awooop.tenants.global_assets_redaction", tenant_global_assets_messages_zh, text)
assert_text_contains("web_messages.en.awooop.tenants.global_assets_redaction", tenant_global_assets_messages_en, text)
assert_text_contains(
"awooop_tenants_page.owner_response_validation_scope_panel",
awooop_tenants_page,
"OwnerResponseValidationTenantScopePanel",
)
assert_text_contains(
"awooop_tenants_page.owner_response_validation_refs",
awooop_tenants_page,
"ownerResponseValidationTenantRefs",
)
assert_text_contains(
"awooop_tenants_page.owner_response_validation_iwooos_link",
awooop_tenants_page,
'href="/iwooos"',
)
for text in [
"ownerResponseValidationTenantBoundaries",
"responseNotReceived",
"responseNotAccepted",
"responseNotRejected",
"tenantScopeWaiting",
"tenantPolicyLocked",
"repoCreationLocked",
"refsSyncLocked",
"workflowLocked",
"secretValueBlocked",
"githubPrimaryLocked",
"runtimeLocked",
"actionButtonsLocked",
]:
assert_text_contains("awooop_tenants_page.owner_response_validation_boundary", awooop_tenants_page, text)
for text in [
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1",
"owner_response_validation_received_count=0",
"owner_response_validation_accepted_count=0",
"owner_response_validation_rejected_count=0",
"tenant_source_control_scope_accepted=false",
"tenant_policy_mutation_authorized=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_not_contains("awooop_tenants_page.owner_response_validation_raw_boundary_leak", awooop_tenants_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"scopeRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"metrics",
"scopeRefs",
"boundaryItems",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope",
list(web_messages_zh["awooop"]["tenants"]["ownerResponseValidationScope"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.ownerResponseValidationScope",
list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"].keys()),
key,
)
for key in [
"responseNotReceived",
"responseNotAccepted",
"responseNotRejected",
"tenantScopeWaiting",
"tenantPolicyLocked",
"repoCreationLocked",
"refsSyncLocked",
"workflowLocked",
"secretValueBlocked",
"githubPrimaryLocked",
"runtimeLocked",
"actionButtonsLocked",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope.boundaryItems",
list(web_messages_zh["awooop"]["tenants"]["ownerResponseValidationScope"]["boundaryItems"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.ownerResponseValidationScope.boundaryItems",
list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"]["boundaryItems"].keys()),
key,
)
for key in [
"validationRollup",
"giteaAttestation",
"githubTarget",
"refsTruth",
"workflowSecret",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope.scopeRefs",
list(web_messages_zh["awooop"]["tenants"]["ownerResponseValidationScope"]["scopeRefs"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.ownerResponseValidationScope.scopeRefs",
list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"]["scopeRefs"].keys()),
key,
)
assert_text_contains(
"awooop_runs_page.security_run_state_panel",
awooop_runs_page,
"SecurityRunStateCandidatePanel",
)
assert_text_contains("awooop_runs_page.iwooos_link", awooop_runs_page, 'href="/iwooos"')
for text in [
"security_run_created=false",
"execution_router_linked=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_runs_page.security_run_boundary", awooop_runs_page, text)
for text in [
"security_mirror_run_state_candidate",
"read_only_dry_run_only",
"S4.9-S4.12 負責人回覆等待中",
"主動執行期閘門 0",
]:
assert_text_contains("awooop_runs_page.security_run_refs", awooop_runs_page, text)
for key in [
"title",
"subtitle",
"badge",
"runRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"openIwooos",
"metrics",
"runRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.runs.securityRunStateCandidate",
list(web_messages_zh["awooop"]["runs"]["securityRunStateCandidate"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.runs.securityRunStateCandidate",
list(web_messages_en["awooop"]["runs"]["securityRunStateCandidate"].keys()),
key,
)
assert_text_contains(
"awooop_runs_page.github_run_boundary_panel",
awooop_runs_page,
"GitHubRunReadinessBoundaryPanel",
)
assert_text_contains(
"awooop_runs_page.github_run_boundary_metrics",
awooop_runs_page,
"githubRunReadinessMetrics",
)
assert_text_contains(
"awooop_runs_page.github_run_boundary_iwooos_link",
awooop_runs_page,
'href="/iwooos"',
)
for text in [
"source_control_primary_readiness_gate_v1",
"source_control_owner_response_validation_rollup_v1",
"source_control_workflow_secret_name_inventory_v1",
"source_control_primary_rollback_adr_v1",
"security_run_created=false",
"github_primary_run_created=false",
"execution_router_linked=false",
"repo_creation_authorized=false",
"refs_mutation_authorized=false",
"workflow_secret_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_runs_page.github_run_boundary", awooop_runs_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"runRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"metrics",
"runRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.runs.githubRunReadinessBoundary",
list(web_messages_zh["awooop"]["runs"]["githubRunReadinessBoundary"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.runs.githubRunReadinessBoundary",
list(web_messages_en["awooop"]["runs"]["githubRunReadinessBoundary"].keys()),
key,
)
assert_text_contains(
"awooop_runs_page.owner_response_validation_run_boundary_panel",
awooop_runs_page,
"OwnerResponseValidationRunBoundaryPanel",
)
assert_text_contains(
"awooop_runs_page.owner_response_validation_run_refs",
awooop_runs_page,
"ownerResponseValidationRunRefs",
)
assert_text_contains(
"awooop_runs_page.owner_response_validation_run_iwooos_link",
awooop_runs_page,
'href="/iwooos"',
)
for text in [
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1",
"owner_response_validation_received_count=0",
"owner_response_validation_accepted_count=0",
"owner_response_validation_rejected_count=0",
"security_run_created=false",
"owner_response_validation_run_created=false",
"platform_run_creation_authorized=false",
"execution_router_linked=false",
"approval_record_created=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_runs_page.owner_response_validation_run_boundary", awooop_runs_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"runRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"metrics",
"runRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.runs.ownerResponseValidationRunBoundary",
list(web_messages_zh["awooop"]["runs"]["ownerResponseValidationRunBoundary"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.runs.ownerResponseValidationRunBoundary",
list(web_messages_en["awooop"]["runs"]["ownerResponseValidationRunBoundary"].keys()),
key,
)
for key in [
"validationRollup",
"giteaAttestation",
"githubTarget",
"refsTruth",
"workflowSecret",
]:
assert_contains(
"web_messages.zh-TW.awooop.runs.ownerResponseValidationRunBoundary.runRefs",
list(web_messages_zh["awooop"]["runs"]["ownerResponseValidationRunBoundary"]["runRefs"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.runs.ownerResponseValidationRunBoundary.runRefs",
list(web_messages_en["awooop"]["runs"]["ownerResponseValidationRunBoundary"]["runRefs"].keys()),
key,
)
assert_text_contains(
"awooop_run_detail_page.owner_response_validation_detail_boundary_panel",
awooop_run_detail_page,
"OwnerResponseValidationDetailBoundaryPanel",
)
assert_text_contains(
"awooop_run_detail_page.owner_response_validation_detail_refs",
awooop_run_detail_page,
"ownerResponseValidationDetailRefs",
)
assert_text_contains(
"awooop_run_detail_page.owner_response_validation_detail_iwooos_link",
awooop_run_detail_page,
'href="/iwooos"',
)
for text in [
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1",
"owner_response_validation_received_count=0",
"owner_response_validation_accepted_count=0",
"owner_response_validation_rejected_count=0",
"run_detail_owner_response_linked=false",
"run_detail_approval_record_created=false",
"mcp_execution_authorized=false",
"remediation_execution_authorized=false",
"platform_run_creation_authorized=false",
"execution_router_linked=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_run_detail_page.owner_response_validation_detail_boundary", awooop_run_detail_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"detailRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"metrics",
"detailRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.runDetail.ownerResponseValidationDetailBoundary",
list(web_messages_zh["awooop"]["runDetail"]["ownerResponseValidationDetailBoundary"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.runDetail.ownerResponseValidationDetailBoundary",
list(web_messages_en["awooop"]["runDetail"]["ownerResponseValidationDetailBoundary"].keys()),
key,
)
for key in [
"validationRollup",
"giteaAttestation",
"githubTarget",
"refsTruth",
"workflowSecret",
]:
assert_contains(
"web_messages.zh-TW.awooop.runDetail.ownerResponseValidationDetailBoundary.detailRefs",
list(web_messages_zh["awooop"]["runDetail"]["ownerResponseValidationDetailBoundary"]["detailRefs"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.runDetail.ownerResponseValidationDetailBoundary.detailRefs",
list(web_messages_en["awooop"]["runDetail"]["ownerResponseValidationDetailBoundary"]["detailRefs"].keys()),
key,
)
assert_text_contains(
"awooop_approval_detail_page.owner_response_validation_decision_panel",
awooop_approval_detail_page,
"OwnerResponseValidationDecisionBoundaryPanel",
)
assert_text_contains(
"awooop_approval_detail_page.owner_response_validation_decision_refs",
awooop_approval_detail_page,
"ownerResponseValidationDecisionRefs",
)
assert_text_contains(
"awooop_approval_detail_page.owner_response_validation_decision_iwooos_link",
awooop_approval_detail_page,
'href="/iwooos"',
)
for text in [
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1",
"owner_response_validation_received_count=0",
"owner_response_validation_accepted_count=0",
"owner_response_validation_rejected_count=0",
"approval_decision_owner_response_linked=false",
"owner_response_acceptance_authorized=false",
"security_approval_record_created=false",
"platform_run_creation_authorized=false",
"execution_router_linked=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains(
"awooop_approval_detail_page.owner_response_validation_decision_boundary",
awooop_approval_detail_page,
text,
)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"decisionRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"metrics",
"decisionRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.approvalDecision.ownerResponseValidationDecisionBoundary",
list(web_messages_zh["awooop"]["approvalDecision"]["ownerResponseValidationDecisionBoundary"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.approvalDecision.ownerResponseValidationDecisionBoundary",
list(web_messages_en["awooop"]["approvalDecision"]["ownerResponseValidationDecisionBoundary"].keys()),
key,
)
for key in [
"validationRollup",
"giteaAttestation",
"githubTarget",
"refsTruth",
"workflowSecret",
]:
assert_contains(
"web_messages.zh-TW.awooop.approvalDecision.ownerResponseValidationDecisionBoundary.decisionRefs",
list(
web_messages_zh["awooop"]["approvalDecision"]["ownerResponseValidationDecisionBoundary"][
"decisionRefs"
].keys()
),
key,
)
assert_contains(
"web_messages.en.awooop.approvalDecision.ownerResponseValidationDecisionBoundary.decisionRefs",
list(
web_messages_en["awooop"]["approvalDecision"]["ownerResponseValidationDecisionBoundary"][
"decisionRefs"
].keys()
),
key,
)
assert_text_contains("awooop_approvals_page.security_owner_response_panel", awooop_approvals_page, "SecurityOwnerResponseGatePanel")
assert_text_contains("awooop_approvals_page.iwooos_link", awooop_approvals_page, 'href="/iwooos"')
assert_text_contains("awooop_approvals_page.security_owner_response_headline_current", awooop_approvals_page, 'value: "64%"')
for text in [
"approval_record_created=false",
"owner_response_accepted_count=0",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_approvals_page.security_owner_response_boundary", awooop_approvals_page, text)
for key in [
"title",
"subtitle",
"badge",
"ownerChecksTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"openIwooos",
"metrics",
"checks",
]:
assert_contains(
"web_messages.zh-TW.awooop.approvals.securityOwnerResponseGate",
list(web_messages_zh["awooop"]["approvals"]["securityOwnerResponseGate"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.approvals.securityOwnerResponseGate",
list(web_messages_en["awooop"]["approvals"]["securityOwnerResponseGate"].keys()),
key,
)
assert_text_contains(
"awooop_approvals_page.github_primary_boundary_panel",
awooop_approvals_page,
"GitHubPrimaryReadinessApprovalBoundaryPanel",
)
for text in [
"approval_record_created=false",
"github_primary_approval_granted=false",
"owner_response_accepted_count=0",
"repo_creation_authorized=false",
"refs_mutation_authorized=false",
"secret_value_collection_allowed=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_approvals_page.github_primary_boundary", awooop_approvals_page, text)
for text in [
"S4.9",
"S4.10",
"S4.11",
"S4.12",
"giteaOwnerAttestation",
"githubTargetOwner",
"refsTruthOwner",
"workflowSecretOwner",
]:
assert_text_contains("awooop_approvals_page.github_primary_response_lanes", awooop_approvals_page, text)
for key in [
"title",
"subtitle",
"badge",
"responseLanesTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"openIwooos",
"metrics",
"responseLanes",
]:
assert_contains(
"web_messages.zh-TW.awooop.approvals.githubPrimaryReadinessGate",
list(web_messages_zh["awooop"]["approvals"]["githubPrimaryReadinessGate"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.approvals.githubPrimaryReadinessGate",
list(web_messages_en["awooop"]["approvals"]["githubPrimaryReadinessGate"].keys()),
key,
)
assert_text_contains(
"awooop_approvals_page.owner_response_validation_boundary_panel",
awooop_approvals_page,
"OwnerResponseValidationApprovalBoundaryPanel",
)
assert_text_contains("awooop_approvals_page.owner_response_validation_iwooos_link", awooop_approvals_page, 'href="/iwooos"')
for text in [
"owner_response_validation_received_count=0",
"owner_response_validation_accepted_count=0",
"owner_response_validation_rejected_count=0",
"approval_record_created=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_approvals_page.owner_response_validation_boundary", awooop_approvals_page, text)
for text in [
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1",
]:
assert_text_contains("awooop_approvals_page.owner_response_validation_refs", awooop_approvals_page, text)
for key in [
"title",
"subtitle",
"badge",
"reviewRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"openIwooos",
"metrics",
"reviewRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.approvals.ownerResponseValidationBoundary",
list(web_messages_zh["awooop"]["approvals"]["ownerResponseValidationBoundary"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.approvals.ownerResponseValidationBoundary",
list(web_messages_en["awooop"]["approvals"]["ownerResponseValidationBoundary"].keys()),
key,
)
assert_text_contains("awooop_contracts_page.security_contract_candidate_panel", awooop_contracts_page, "SecurityContractCandidatePanel")
assert_text_contains("awooop_contracts_page.iwooos_link", awooop_contracts_page, 'href="/iwooos"')
assert_text_contains("awooop_contracts_page.project_header_traditional_chinese", awooop_contracts_page, "專案 ID")
assert_text_contains("awooop_contracts_page.hash_header_traditional_chinese", awooop_contracts_page, "雜湊")
assert_text_not_contains("awooop_contracts_page.project_header_english", awooop_contracts_page, "Project ID")
assert_text_not_contains("awooop_contracts_page.hash_header_english", awooop_contracts_page, ">Hash<")
for text in [
"contract_publish_authorized=false",
"contract_mutation_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_contracts_page.security_contract_boundary", awooop_contracts_page, text)
for text in [
"security_mirror_status_rollup_v1",
"iwooos_posture_projection_v1",
"source_control_owner_response_validation_rollup_v1",
"security_rollout_policy_v1",
]:
assert_text_contains("awooop_contracts_page.security_contract_refs", awooop_contracts_page, text)
for key in [
"title",
"subtitle",
"badge",
"contractRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"openIwooos",
"metrics",
"contractRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.contracts.securityContractCandidate",
list(web_messages_zh["awooop"]["contracts"]["securityContractCandidate"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.contracts.securityContractCandidate",
list(web_messages_en["awooop"]["contracts"]["securityContractCandidate"].keys()),
key,
)
assert_text_contains(
"awooop_contracts_page.github_primary_readiness_candidate_panel",
awooop_contracts_page,
"GitHubPrimaryReadinessContractCandidatePanel",
)
for text in [
"repo_creation_authorized=false",
"refs_mutation_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_contracts_page.github_primary_boundary", awooop_contracts_page, text)
for text in [
"source_control_primary_readiness_gate_v1",
"source_control_owner_response_validation_rollup_v1",
"source_control_primary_rollback_adr_v1",
"source_control_workflow_secret_name_inventory_v1",
"iwooos_posture_projection_v1",
]:
assert_text_contains("awooop_contracts_page.github_primary_refs", awooop_contracts_page, text)
for key in [
"title",
"subtitle",
"badge",
"contractRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"openIwooos",
"metrics",
"contractRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.contracts.githubPrimaryReadinessCandidate",
list(web_messages_zh["awooop"]["contracts"]["githubPrimaryReadinessCandidate"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.contracts.githubPrimaryReadinessCandidate",
list(web_messages_en["awooop"]["contracts"]["githubPrimaryReadinessCandidate"].keys()),
key,
)
assert_text_contains(
"awooop_contracts_page.owner_response_validation_candidate_panel",
awooop_contracts_page,
"OwnerResponseValidationContractCandidatePanel",
)
for text in [
"owner_response_validation_received_count=0",
"owner_response_validation_accepted_count=0",
"approval_record_created=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_contracts_page.owner_response_validation_boundary", awooop_contracts_page, text)
for text in [
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1",
]:
assert_text_contains("awooop_contracts_page.owner_response_validation_refs", awooop_contracts_page, text)
for key in [
"title",
"subtitle",
"badge",
"contractRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"openIwooos",
"metrics",
"contractRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.contracts.ownerResponseValidationCandidate",
list(web_messages_zh["awooop"]["contracts"]["ownerResponseValidationCandidate"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.contracts.ownerResponseValidationCandidate",
list(web_messages_en["awooop"]["contracts"]["ownerResponseValidationCandidate"].keys()),
key,
)
assert_text_contains("iwooos_bridge.component", iwooos_bridge, "IwoooSReadOnlyBridge")
assert_text_contains("iwooos_bridge.testid", iwooos_bridge, 'data-testid="iwooos-read-only-bridge"')
assert_text_contains("iwooos_bridge.iwooos_link", iwooos_bridge, 'href="/iwooos"')
assert_text_contains("iwooos_bridge.overall_current", iwooos_bridge, "value: '64%'")
assert_text_contains("iwooos_bridge.framework_current", iwooos_bridge, "value: '92%'")
for text in [
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains("iwooos_bridge.boundary", iwooos_bridge, text)
for source_text in [
security_panel,
compliance_panel,
standalone_security_page,
standalone_compliance_page,
]:
assert_text_contains("existing_security_pages.iwooos_bridge_import", source_text, "IwoooSReadOnlyBridge")
assert_text_contains("existing_security_pages.iwooos_bridge_render", source_text, "<IwoooSReadOnlyBridge />")
for source_text in [
alerts_page,
authorizations_page,
governance_page,
errors_panel,
]:
assert_text_contains("security_control_pages.iwooos_bridge_import", source_text, "IwoooSReadOnlyBridge")
assert_text_contains("security_control_pages.iwooos_bridge_render", source_text, "<IwoooSReadOnlyBridge />")
for source_text in [
alert_operation_logs_page,
code_review_page,
]:
assert_text_contains("audit_engineering_pages.iwooos_bridge_import", source_text, "IwoooSReadOnlyBridge")
assert_text_contains(
"audit_engineering_pages.iwooos_bridge_render",
source_text,
'<IwoooSReadOnlyBridge variant="dark" />',
)
code_review_surface_text = "\n".join(
[
code_review_page,
"\n".join(collect_string_values(web_messages_zh.get("codeReview", {}))),
]
)
for text in [
'data-testid="code-review-codex-handoff-board"',
'data-testid="code-review-codex-candidate-work"',
"codex_handoff_mode=read_only_candidate",
"codex_auto_coding_enabled=false",
"runtime_execution_authorized=false",
"production_deploy_authorized=false",
"action_buttons_allowed=false",
"CR-CX-04",
]:
assert_text_contains("code_review_page.codex_handoff_structure", code_review_page, text)
for text in [
"審查後 Coding 工作橋接",
"Codex 工作草稿",
"可交給 Codex 起草",
"需人工批准後接手",
"禁止自動轉工作",
"前端體驗、測試補洞、文件同步、低風險重構",
"Kali 更新、掃描、GitHub primary、正式部署",
"維持只讀候選與人工閘門",
]:
assert_text_contains("code_review_page.codex_handoff_read_only", code_review_surface_text, text)
assert_text_contains("iwooos_page.surface_connection_board", iwooos_projection_page, "surfaceConnectionStatuses")
assert_text_contains("iwooos_page.surface_connection_testid", iwooos_projection_page, 'data-testid="iwooos-surface-connection-board"')
assert_text_contains("iwooos_page.surface_connection_embedded", iwooos_projection_page, "embeddedBridge")
assert_text_contains("iwooos_page.surface_connection_direct", iwooos_projection_page, "directBridge")
assert_text_contains("iwooos_page.surface_connection_awooop", iwooos_projection_page, "awooopCandidate")
assert_text_contains("iwooos_page.code_review_handoff_surface_testid", iwooos_projection_page, "iwooos-code-review-handoff-surface-card")
assert_text_contains("iwooos_page.code_review_handoff_surface_state", iwooos_projection_page, "reviewHandoffCandidate")
assert_text_contains("iwooos_page.source_control_readiness_board", iwooos_projection_page, "sourceControlReadinessItems")
assert_text_contains(
"iwooos_page.source_control_readiness_testid",
iwooos_projection_page,
'data-testid="iwooos-source-control-readiness-board"',
)
assert_text_contains("iwooos_page.source_control_readiness_component", iwooos_projection_page, "SourceControlReadinessCard")
assert_text_contains("iwooos_page.awooop_coverage_board", iwooos_projection_page, "awooopCoverageStatuses")
assert_text_contains(
"iwooos_page.awooop_coverage_testid",
iwooos_projection_page,
'data-testid="iwooos-awooop-coverage-board"',
)
assert_text_contains("iwooos_page.awooop_coverage_component", iwooos_projection_page, "AwoooPCoverageStatusCard")
for text in [
"/awooop",
"/awooop/work-items",
"/awooop/contracts",
"/awooop/tenants",
"/awooop/runs",
"/awooop/runs/[run_id]",
"/awooop/approvals",
"/awooop/approvals/[run_id]",
"awooop_route_coverage_count=8",
"awooop_route_coverage_visible_count=8",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains("iwooos_page.awooop_coverage_boundary", iwooos_projection_page, text)
assert_text_contains("iwooos_page.security_convergence_steps", iwooos_projection_page, "securityConvergenceSteps")
assert_text_contains(
"iwooos_page.security_convergence_testid",
iwooos_projection_page,
'data-testid="iwooos-security-convergence-roadmap"',
)
assert_text_contains(
"iwooos_page.security_convergence_component",
iwooos_projection_page,
"SecurityConvergenceRoadmapBoard",
)
for text in [
"phase_tightening_mode=gradual",
"initial_enforcement_level=observe_warn_only",
"blocking_controls_enabled=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"owner_response_required_before_blocking=true",
"not_authorization=true",
"kali_execute_authorized=false",
"host_update_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains("iwooos_page.security_convergence_boundary", iwooos_projection_page, text)
assert_text_contains(
"iwooos_page.owner_response_collection_packets",
iwooos_projection_page,
"ownerResponseCollectionPackets",
)
assert_text_contains(
"iwooos_page.owner_response_collection_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-collection-board"',
)
assert_text_contains(
"iwooos_page.owner_response_collection_component",
iwooos_projection_page,
"OwnerResponseCollectionBoard",
)
for text in [
"owner_response_collection_packet_count=4",
"owner_response_required_template_count=24",
"owner_response_received_count=0",
"owner_response_accepted_count=0",
"owner_response_rejected_count=0",
"owner_response_collection_mode=human_intake_only",
"request_packet_visible=true",
"response_packet_created=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
]:
assert_text_contains("iwooos_page.owner_response_collection_boundary", iwooos_projection_page, text)
assert_text_contains(
"iwooos_page.owner_response_intake_safety_rules",
iwooos_projection_page,
"ownerResponseIntakeSafetyRules",
)
assert_text_contains(
"iwooos_page.owner_response_intake_safety_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-intake-safety-board"',
)
assert_text_contains(
"iwooos_page.owner_response_intake_safety_component",
iwooos_projection_page,
"OwnerResponseIntakeSafetyBoard",
)
for text in [
"owner_response_intake_safety_rule_count=6",
"owner_response_payload_ingested_count=0",
"owner_response_quarantine_count=0",
"owner_response_rejection_count=0",
"owner_response_auto_accept_allowed=false",
"owner_response_secret_value_quarantine_required=true",
"owner_response_mutation_request_allowed=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"kali_execute_authorized=false",
]:
assert_text_contains("iwooos_page.owner_response_intake_safety_boundary", iwooos_projection_page, text)
assert_text_contains(
"iwooos_page.owner_response_review_outcome_lanes",
iwooos_projection_page,
"ownerResponseReviewOutcomeLanes",
)
assert_text_contains(
"iwooos_page.owner_response_review_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-review-outcome-board"',
)
assert_text_contains(
"iwooos_page.owner_response_review_outcome_component",
iwooos_projection_page,
"OwnerResponseReviewOutcomeBoard",
)
for text in [
"owner_response_review_outcome_lane_count=7",
"owner_response_review_ready_count=0",
"owner_response_review_accepted_count=0",
"owner_response_review_escalated_count=0",
"owner_response_review_runtime_gate_count=0",
"owner_response_review_auto_decision_allowed=false",
"owner_response_review_human_decision_required=true",
"owner_response_review_only_updates_readonly_state=true",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
]:
assert_text_contains("iwooos_page.owner_response_review_outcome_boundary", iwooos_projection_page, text)
assert_text_contains(
"iwooos_page.owner_response_human_decision_queue_items",
iwooos_projection_page,
"ownerResponseHumanDecisionQueueItems",
)
assert_text_contains(
"iwooos_page.owner_response_human_decision_queue_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-human-decision-queue-board"',
)
assert_text_contains(
"iwooos_page.owner_response_human_decision_queue_component",
iwooos_projection_page,
"OwnerResponseHumanDecisionQueueBoard",
)
for text in [
"owner_response_human_decision_queue_item_count=6",
"owner_response_human_decision_ready_count=0",
"owner_response_human_decision_approved_count=0",
"owner_response_human_decision_runtime_gate_count=0",
"owner_response_human_decision_record_created=false",
"owner_response_human_decision_auto_approval_allowed=false",
"owner_response_human_decision_requires_reviewer=true",
"owner_response_human_decision_only_prepares_packet=true",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains("iwooos_page.owner_response_human_decision_queue_boundary", iwooos_projection_page, text)
assert_text_contains(
"iwooos_page.owner_response_decision_record_draft_guard_items",
iwooos_projection_page,
"ownerResponseDecisionRecordDraftGuardItems",
)
assert_text_contains(
"iwooos_page.owner_response_decision_record_draft_guard_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-decision-record-draft-guard-board"',
)
assert_text_contains(
"iwooos_page.owner_response_decision_record_draft_guard_component",
iwooos_projection_page,
"OwnerResponseDecisionRecordDraftGuardBoard",
)
for text in [
"owner_response_decision_record_draft_guard_count=6",
"owner_response_decision_record_draft_created_count=0",
"owner_response_decision_record_formal_count=0",
"owner_response_decision_record_approved_count=0",
"owner_response_decision_record_runtime_gate_count=0",
"owner_response_decision_record_draft_only=true",
"owner_response_decision_record_write_authorized=false",
"owner_response_decision_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_decision_record_draft_guard_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_candidate_preflight_items",
iwooos_projection_page,
"ownerResponseFormalRecordCandidatePreflightItems",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_candidate_preflight_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-candidate-preflight-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_candidate_preflight_component",
iwooos_projection_page,
"OwnerResponseFormalRecordCandidatePreflightBoard",
)
for text in [
"owner_response_formal_record_candidate_preflight_count=7",
"owner_response_formal_record_candidate_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_candidate_only=true",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_candidate_preflight_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_candidate_outcome_lanes",
iwooos_projection_page,
"ownerResponseFormalRecordCandidateOutcomeLanes",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_candidate_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-candidate-outcome-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_candidate_outcome_component",
iwooos_projection_page,
"OwnerResponseFormalRecordCandidateOutcomeBoard",
)
for text in [
"owner_response_formal_record_candidate_outcome_lane_count=8",
"owner_response_formal_record_candidate_ready_count=0",
"owner_response_formal_record_candidate_returned_count=0",
"owner_response_formal_record_candidate_quarantine_count=0",
"owner_response_formal_record_candidate_rejected_count=0",
"owner_response_formal_record_candidate_promoted_count=0",
"owner_response_formal_record_candidate_review_only=true",
"owner_response_formal_record_auto_promotion_allowed=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_candidate_outcome_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_packets",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerHandoffPackets",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-handoff-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerHandoffBoard",
)
for text in [
"owner_response_formal_record_owner_handoff_packet_count=7",
"owner_response_formal_record_owner_handoff_ready_count=0",
"owner_response_formal_record_owner_assigned_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_owner_handoff_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_review_items",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerHandoffReviewItems",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_review_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-handoff-review-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_review_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerHandoffReviewBoard",
)
for text in [
"owner_response_formal_record_owner_handoff_review_check_count=7",
"owner_response_formal_record_owner_handoff_review_passed_count=0",
"owner_response_formal_record_owner_assigned_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_owner_handoff_review_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_review_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_review_outcome_lanes",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerHandoffReviewOutcomeLanes",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_review_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-handoff-review-outcome-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_review_outcome_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerHandoffReviewOutcomeBoard",
)
for text in [
"owner_response_formal_record_owner_handoff_review_outcome_lane_count=8",
"owner_response_formal_record_owner_handoff_review_ready_count=0",
"owner_response_formal_record_owner_handoff_review_returned_count=0",
"owner_response_formal_record_owner_handoff_review_quarantine_count=0",
"owner_response_formal_record_owner_handoff_review_rejected_count=0",
"owner_response_formal_record_owner_handoff_review_promoted_count=0",
"owner_response_formal_record_owner_handoff_review_outcome_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_handoff_review_outcome_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_preparation_packets",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerReviewPreparationPackets",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_preparation_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-review-preparation-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_preparation_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerReviewPreparationBoard",
)
for text in [
"owner_response_formal_record_owner_review_preparation_packet_count=8",
"owner_response_formal_record_owner_review_preparation_ready_count=0",
"owner_response_formal_record_owner_assigned_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_owner_review_preparation_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_preparation_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_checklist_items",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerReviewChecklistItems",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_checklist_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-review-checklist-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_checklist_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerReviewChecklistBoard",
)
for text in [
"owner_response_formal_record_owner_review_check_count=8",
"owner_response_formal_record_owner_review_passed_count=0",
"owner_response_formal_record_owner_assigned_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_owner_review_checklist_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_checklist_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_outcome_lanes",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerReviewOutcomeLanes",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-review-outcome-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_outcome_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerReviewOutcomeBoard",
)
for text in [
"owner_response_formal_record_owner_review_outcome_lane_count=8",
"owner_response_formal_record_owner_review_outcome_ready_count=0",
"owner_response_formal_record_owner_review_outcome_returned_count=0",
"owner_response_formal_record_owner_review_outcome_quarantine_count=0",
"owner_response_formal_record_owner_review_outcome_rejected_count=0",
"owner_response_formal_record_owner_review_outcome_promoted_count=0",
"owner_response_formal_record_owner_review_outcome_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_review_outcome_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_preparation_packets",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerAssignmentPreparationPackets",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_preparation_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-assignment-preparation-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_preparation_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerAssignmentPreparationBoard",
)
for text in [
"owner_response_formal_record_owner_assignment_preparation_packet_count=8",
"owner_response_formal_record_owner_assignment_preparation_ready_count=0",
"owner_response_formal_record_owner_assigned_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_owner_assignment_preparation_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_preparation_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_checklist_items",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerAssignmentChecklistItems",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_checklist_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-assignment-checklist-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_checklist_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerAssignmentChecklistBoard",
)
for text in [
"owner_response_formal_record_owner_assignment_check_count=8",
"owner_response_formal_record_owner_assignment_check_passed_count=0",
"owner_response_formal_record_owner_assigned_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_owner_assignment_checklist_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_checklist_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_outcome_lanes",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerAssignmentOutcomeLanes",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-assignment-outcome-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_outcome_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerAssignmentOutcomeBoard",
)
for text in [
"owner_response_formal_record_owner_assignment_outcome_lane_count=8",
"owner_response_formal_record_owner_assignment_outcome_ready_count=0",
"owner_response_formal_record_owner_assignment_outcome_returned_count=0",
"owner_response_formal_record_owner_assignment_outcome_quarantine_count=0",
"owner_response_formal_record_owner_assignment_outcome_rejected_count=0",
"owner_response_formal_record_owner_assignment_outcome_promoted_count=0",
"owner_response_formal_record_owner_assignment_outcome_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_outcome_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_decision_preparation_packets",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerAssignmentDecisionPreparationPackets",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_decision_preparation_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-assignment-decision-preparation-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_decision_preparation_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard",
)
for text in [
"owner_response_formal_record_owner_assignment_decision_preparation_packet_count=8",
"owner_response_formal_record_owner_assignment_decision_preparation_ready_count=0",
"owner_response_formal_record_owner_assignment_decision_created_count=0",
"owner_response_formal_record_owner_assigned_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_owner_assignment_decision_preparation_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_decision_preparation_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_decision_checklist_items",
iwooos_projection_page,
"ownerResponseFormalRecordOwnerAssignmentDecisionChecklistItems",
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_decision_checklist_testid",
iwooos_projection_page,
'data-testid="iwooos-owner-response-formal-record-owner-assignment-decision-checklist-board"',
)
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_decision_checklist_component",
iwooos_projection_page,
"OwnerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard",
)
for text in [
"owner_response_formal_record_owner_assignment_decision_check_count=8",
"owner_response_formal_record_owner_assignment_decision_check_passed_count=0",
"owner_response_formal_record_owner_assignment_decision_created_count=0",
"owner_response_formal_record_owner_assigned_count=0",
"owner_response_formal_record_created_count=0",
"owner_response_formal_record_approved_count=0",
"owner_response_formal_record_runtime_gate_count=0",
"owner_response_formal_record_owner_assignment_decision_checklist_only=true",
"owner_response_formal_record_owner_assignment_authorized=false",
"owner_response_formal_record_write_authorized=false",
"owner_response_formal_record_approval_authorized=false",
"owner_response_formal_record_execution_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.owner_response_formal_record_owner_assignment_decision_checklist_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.headline_movement_acceptance_gate_items",
iwooos_projection_page,
"headlineMovementAcceptanceGates",
)
assert_text_contains(
"iwooos_page.headline_movement_acceptance_gate_testid",
iwooos_projection_page,
'data-testid="iwooos-headline-movement-acceptance-gate-board"',
)
assert_text_contains(
"iwooos_page.headline_movement_acceptance_gate_component",
iwooos_projection_page,
"HeadlineMovementAcceptanceGateBoard",
)
assert_text_contains(
"iwooos_page.operator_next_tasks_items",
iwooos_projection_page,
"operatorNextTasks",
)
assert_text_contains(
"iwooos_page.operator_next_tasks_board",
iwooos_projection_page,
"IwoooSOperatorNextTasksBoard",
)
assert_text_contains(
"iwooos_page.operator_next_tasks_testid",
iwooos_projection_page,
'data-testid="iwooos-operator-next-tasks-board"',
)
assert_text_contains(
"iwooos_page.stage_completion_report_items",
iwooos_projection_page,
"stageCompletionReportItems",
)
assert_text_contains(
"iwooos_page.stage_completion_report_board",
iwooos_projection_page,
"IwoooSStageCompletionReportBoard",
)
assert_text_contains(
"iwooos_page.stage_completion_report_testid",
iwooos_projection_page,
'data-testid="iwooos-stage-completion-report-board"',
)
assert_text_not_contains(
"iwooos_page.stage_completion_report_stale_cd_run",
iwooos_projection_page,
"CD 3261",
)
stage_report_messages_zh = json.dumps(
web_messages_zh["iwooos"]["stageCompletionReport"],
ensure_ascii=False,
sort_keys=True,
)
stage_report_messages_en = json.dumps(
web_messages_en["iwooos"]["stageCompletionReport"],
ensure_ascii=False,
sort_keys=True,
)
assert_text_not_contains(
"iwooos_messages.stage_completion_report_stale_cd_run_zh",
stage_report_messages_zh,
"CD 3261",
)
assert_text_not_contains(
"iwooos_messages.stage_completion_report_stale_cd_run_en",
stage_report_messages_en,
"CD 3261",
)
assert_text_contains(
"iwooos_messages.stage_completion_report_deploy_marker_zh",
stage_report_messages_zh,
"deploy marker",
)
assert_text_contains(
"iwooos_messages.stage_completion_report_deploy_marker_en",
stage_report_messages_en,
"deploy marker",
)
for text in [
"headline_percent_after_this_stage=64",
"headline_movement_signal_count=2",
"awooop_read_only_production_landing_evidence_count=1",
"security_observer_read_only_production_evidence_count=1",
"owner_response_received_count=0",
"owner_response_accepted_count=0",
"owner_response_acceptance_gate_open=false",
"redacted_payload_ingested=false",
"active_runtime_gate_count=0",
"github_primary_ready_count=0",
"production_landing_enabled=true",
"execution_router_linked=false",
"progress_review_authorized=true",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.headline_movement_acceptance_gate_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.headlineMovementAcceptanceGate",
list(web_messages_zh["iwooos"].keys()),
"headlineMovementAcceptanceGate",
)
assert_contains(
"web_messages.en.iwooos.headlineMovementAcceptanceGate",
list(web_messages_en["iwooos"].keys()),
"headlineMovementAcceptanceGate",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle"]:
assert_contains(
"web_messages.zh-TW.iwooos.headlineMovementAcceptanceGate.keys",
list(web_messages_zh["iwooos"]["headlineMovementAcceptanceGate"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.headlineMovementAcceptanceGate.keys",
list(web_messages_en["iwooos"]["headlineMovementAcceptanceGate"].keys()),
key,
)
for key in [
"s49OwnerResponseAccepted",
"redactedPayloadAccepted",
"runtimeGateApproved",
"githubPrimaryEvidenceReady",
"awooopProductionLandingProof",
"kali112ReadOnlyProof",
"nextHeadlineReviewRecord",
]:
assert_contains(
"web_messages.zh-TW.iwooos.headlineMovementAcceptanceGate.items",
list(web_messages_zh["iwooos"]["headlineMovementAcceptanceGate"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.headlineMovementAcceptanceGate.items",
list(web_messages_en["iwooos"]["headlineMovementAcceptanceGate"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.s49_owner_response_work_order_items",
iwooos_projection_page,
"s49OwnerResponseWorkOrderItems",
)
assert_text_contains(
"iwooos_page.s49_owner_response_work_order_testid",
iwooos_projection_page,
'data-testid="iwooos-s49-owner-response-work-order-board"',
)
assert_text_contains(
"iwooos_page.s49_owner_response_work_order_component",
iwooos_projection_page,
"S49OwnerResponseWorkOrderBoard",
)
for text in [
"s4_9_owner_response_work_order_item_count=5",
"s4_9_owner_response_required_field_count=6",
"s4_9_owner_response_received_count=0",
"s4_9_owner_response_accepted_count=0",
"s4_9_owner_response_rejected_count=0",
"s4_9_owner_response_request_sent=false",
"s4_9_owner_response_intake_open=false",
"owner_response_acceptance_gate_open=false",
"audit_events_emitted=0",
"progress_review_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_work_order_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseWorkOrder",
list(web_messages_zh["iwooos"].keys()),
"s49OwnerResponseWorkOrder",
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseWorkOrder",
list(web_messages_en["iwooos"].keys()),
"s49OwnerResponseWorkOrder",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle"]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseWorkOrder.keys",
list(web_messages_zh["iwooos"]["s49OwnerResponseWorkOrder"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseWorkOrder.keys",
list(web_messages_en["iwooos"]["s49OwnerResponseWorkOrder"].keys()),
key,
)
for key in [
"scopeGapResponse",
"endpointIdentityResponse",
"adjacentSourceResponse",
"canonicalOwnerResponse",
"legacyDispositionResponse",
]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseWorkOrder.items",
list(web_messages_zh["iwooos"]["s49OwnerResponseWorkOrder"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseWorkOrder.items",
list(web_messages_en["iwooos"]["s49OwnerResponseWorkOrder"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_fields",
iwooos_projection_page,
"s49OwnerResponseEnvelopeFields",
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_testid",
iwooos_projection_page,
'data-testid="iwooos-s49-owner-response-envelope-board"',
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_component",
iwooos_projection_page,
"S49OwnerResponseEnvelopeBoard",
)
for text in [
"s4_9_owner_response_envelope_field_count=6",
"s4_9_owner_response_envelope_filled_count=0",
"s4_9_owner_response_envelope_submitted_count=0",
"s4_9_owner_response_envelope_accepted_count=0",
"s4_9_owner_response_envelope_rejected_count=0",
"s4_9_owner_response_request_sent=false",
"s4_9_owner_response_received_count=0",
"s4_9_owner_response_accepted_count=0",
"owner_response_acceptance_gate_open=false",
"audit_events_emitted=0",
"progress_review_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelope",
list(web_messages_zh["iwooos"].keys()),
"s49OwnerResponseEnvelope",
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelope",
list(web_messages_en["iwooos"].keys()),
"s49OwnerResponseEnvelope",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle"]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelope.keys",
list(web_messages_zh["iwooos"]["s49OwnerResponseEnvelope"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelope.keys",
list(web_messages_en["iwooos"]["s49OwnerResponseEnvelope"].keys()),
key,
)
for key in [
"ownerRoleTeam",
"decision",
"decisionReason",
"affectedScope",
"redactedEvidenceRefs",
"followupOwner",
]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelope.items",
list(web_messages_zh["iwooos"]["s49OwnerResponseEnvelope"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelope.items",
list(web_messages_en["iwooos"]["s49OwnerResponseEnvelope"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_preflight_checks",
iwooos_projection_page,
"s49OwnerResponseEnvelopePreflightChecks",
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_preflight_testid",
iwooos_projection_page,
'data-testid="iwooos-s49-owner-response-envelope-preflight-board"',
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_preflight_component",
iwooos_projection_page,
"S49OwnerResponseEnvelopePreflightBoard",
)
for text in [
"s4_9_owner_response_envelope_preflight_check_count=6",
"s4_9_owner_response_envelope_preflight_passed_count=0",
"s4_9_owner_response_envelope_ready_to_submit_count=0",
"s4_9_owner_response_envelope_submitted_count=0",
"s4_9_owner_response_envelope_accepted_count=0",
"s4_9_owner_response_request_sent=false",
"s4_9_owner_response_received_count=0",
"s4_9_owner_response_accepted_count=0",
"owner_response_acceptance_gate_open=false",
"audit_events_emitted=0",
"progress_review_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_preflight_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelopePreflight",
list(web_messages_zh["iwooos"].keys()),
"s49OwnerResponseEnvelopePreflight",
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelopePreflight",
list(web_messages_en["iwooos"].keys()),
"s49OwnerResponseEnvelopePreflight",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle"]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelopePreflight.keys",
list(web_messages_zh["iwooos"]["s49OwnerResponseEnvelopePreflight"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelopePreflight.keys",
list(web_messages_en["iwooos"]["s49OwnerResponseEnvelopePreflight"].keys()),
key,
)
for key in [
"fieldCompleteness",
"allowedDisposition",
"redactedEvidence",
"scopeTraceability",
"mutationRequestRejected",
"followupOwnerTrace",
]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelopePreflight.items",
list(web_messages_zh["iwooos"]["s49OwnerResponseEnvelopePreflight"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelopePreflight.items",
list(web_messages_en["iwooos"]["s49OwnerResponseEnvelopePreflight"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_preflight_outcome_lanes",
iwooos_projection_page,
"s49OwnerResponseEnvelopePreflightOutcomeLanes",
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_preflight_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-s49-owner-response-envelope-preflight-outcome-board"',
)
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_preflight_outcome_component",
iwooos_projection_page,
"S49OwnerResponseEnvelopePreflightOutcomeBoard",
)
for text in [
"s4_9_owner_response_envelope_preflight_outcome_lane_count=7",
"s4_9_owner_response_envelope_preflight_ready_for_intake_count=0",
"s4_9_owner_response_envelope_preflight_quarantined_count=0",
"s4_9_owner_response_envelope_preflight_rejected_count=0",
"s4_9_owner_response_envelope_submitted_count=0",
"s4_9_owner_response_envelope_accepted_count=0",
"s4_9_owner_response_request_sent=false",
"s4_9_owner_response_received_count=0",
"s4_9_owner_response_accepted_count=0",
"owner_response_acceptance_gate_open=false",
"audit_events_emitted=0",
"progress_review_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_envelope_preflight_outcome_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelopePreflightOutcome",
list(web_messages_zh["iwooos"].keys()),
"s49OwnerResponseEnvelopePreflightOutcome",
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelopePreflightOutcome",
list(web_messages_en["iwooos"].keys()),
"s49OwnerResponseEnvelopePreflightOutcome",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle"]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelopePreflightOutcome.keys",
list(web_messages_zh["iwooos"]["s49OwnerResponseEnvelopePreflightOutcome"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelopePreflightOutcome.keys",
list(web_messages_en["iwooos"]["s49OwnerResponseEnvelopePreflightOutcome"].keys()),
key,
)
for key in [
"keepEnvelopeWaiting",
"requestFieldCompletion",
"requestDispositionCorrection",
"quarantineSensitiveEvidence",
"requestScopeCorrection",
"rejectMutationRequest",
"keepFollowupOwnerWaiting",
]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseEnvelopePreflightOutcome.items",
list(web_messages_zh["iwooos"]["s49OwnerResponseEnvelopePreflightOutcome"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseEnvelopePreflightOutcome.items",
list(web_messages_en["iwooos"]["s49OwnerResponseEnvelopePreflightOutcome"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.s49_owner_response_request_draft_items",
iwooos_projection_page,
"s49OwnerResponseRequestDraftItems",
)
assert_text_contains(
"iwooos_page.s49_owner_response_request_draft_testid",
iwooos_projection_page,
'data-testid="iwooos-s49-owner-response-request-draft-board"',
)
assert_text_contains(
"iwooos_page.s49_owner_response_request_draft_component",
iwooos_projection_page,
"S49OwnerResponseRequestDraftBoard",
)
for text in [
"s4_9_owner_response_request_draft_item_count=6",
"s4_9_owner_response_request_draft_ready_count=0",
"s4_9_owner_response_request_dispatch_authorized=false",
"s4_9_owner_response_request_sent=false",
"s4_9_owner_response_request_sent_count=0",
"s4_9_owner_response_request_recipients_confirmed_count=0",
"s4_9_owner_response_request_audit_event_draft_count=1",
"s4_9_owner_response_request_audit_events_emitted=0",
"s4_9_owner_response_received_count=0",
"s4_9_owner_response_accepted_count=0",
"owner_response_acceptance_gate_open=false",
"audit_events_emitted=0",
"progress_review_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_request_draft_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseRequestDraft",
list(web_messages_zh["iwooos"].keys()),
"s49OwnerResponseRequestDraft",
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseRequestDraft",
list(web_messages_en["iwooos"].keys()),
"s49OwnerResponseRequestDraft",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle"]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseRequestDraft.keys",
list(web_messages_zh["iwooos"]["s49OwnerResponseRequestDraft"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseRequestDraft.keys",
list(web_messages_en["iwooos"]["s49OwnerResponseRequestDraft"].keys()),
key,
)
for key in [
"scopeMappingDraft",
"ownerRecipientDraft",
"redactedEvidenceDraft",
"noMutationClauseDraft",
"auditTemplateDraft",
"manualDispatchGateDraft",
]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseRequestDraft.items",
list(web_messages_zh["iwooos"]["s49OwnerResponseRequestDraft"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseRequestDraft.items",
list(web_messages_en["iwooos"]["s49OwnerResponseRequestDraft"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.s49_owner_response_dispatch_flow_steps",
iwooos_projection_page,
"s49OwnerResponseDispatchFlowSteps",
)
assert_text_contains(
"iwooos_page.s49_owner_response_dispatch_flow_testid",
iwooos_projection_page,
'data-testid="iwooos-s49-owner-response-dispatch-flow-board"',
)
assert_text_contains(
"iwooos_page.s49_owner_response_dispatch_flow_component",
iwooos_projection_page,
"S49OwnerResponseDispatchFlowBoard",
)
for text in [
"s4_9_owner_response_dispatch_flow_step_count=6",
"s4_9_owner_response_dispatch_flow_current_step=request_draft",
"s4_9_owner_response_dispatch_flow_completed_count=0",
"s4_9_owner_response_dispatch_flow_blocked_count=0",
"s4_9_owner_response_request_sent=false",
"s4_9_owner_response_request_sent_count=0",
"s4_9_owner_response_received_count=0",
"s4_9_owner_response_accepted_count=0",
"s4_9_owner_response_request_dispatch_authorized=false",
"owner_response_acceptance_gate_open=false",
"audit_events_emitted=0",
"progress_review_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_dispatch_flow_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseDispatchFlow",
list(web_messages_zh["iwooos"].keys()),
"s49OwnerResponseDispatchFlow",
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseDispatchFlow",
list(web_messages_en["iwooos"].keys()),
"s49OwnerResponseDispatchFlow",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseDispatchFlow.keys",
list(web_messages_zh["iwooos"]["s49OwnerResponseDispatchFlow"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseDispatchFlow.keys",
list(web_messages_en["iwooos"]["s49OwnerResponseDispatchFlow"].keys()),
key,
)
for key in [
"workOrder",
"envelope",
"preflight",
"outcome",
"requestDraft",
"manualDispatchGate",
]:
assert_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseDispatchFlow.items",
list(web_messages_zh["iwooos"]["s49OwnerResponseDispatchFlow"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.s49OwnerResponseDispatchFlow.items",
list(web_messages_en["iwooos"]["s49OwnerResponseDispatchFlow"]["items"].keys()),
key,
)
assert_text_contains(
"security_compliance_page.frontstage_bridge_testid",
security_compliance_page,
'data-testid="security-compliance-iwooos-frontstage-bridge"',
)
assert_text_contains(
"security_compliance_page.authoritative_iwooos_strip_testid",
security_compliance_page,
'data-testid="security-compliance-authoritative-iwooos-strip"',
)
assert_text_contains(
"security_compliance_page.frontstage_component",
security_compliance_page,
"SecurityComplianceFrontStage",
)
assert_text_contains(
"security_compliance_page.authority_progress_current",
security_compliance_page,
'value: "64%"',
)
assert_text_contains(
"security_compliance_page.frontstage_route_role_map_testid",
security_compliance_page,
'data-testid="security-compliance-frontstage-route-role-map"',
)
assert_text_contains(
"security_compliance_page.low_friction_rollout_ladder_testid",
security_compliance_page,
'data-testid="security-compliance-low-friction-rollout-ladder"',
)
assert_text_contains(
"security_compliance_page.frontstage_boundary_codes_testid",
security_compliance_page,
'data-testid="security-compliance-frontstage-boundary-codes"',
)
assert_text_contains(
"iwooos_page.security_compliance_frontstage_testid",
iwooos_projection_page,
'data-testid="iwooos-security-compliance-frontstage-board"',
)
assert_text_contains(
"iwooos_page.security_compliance_frontstage_component",
iwooos_projection_page,
"SecurityComplianceFrontStageBoard",
)
for text in [
"security_compliance_route_preserved=true",
"security_compliance_removed=false",
"security_compliance_integration_mode=iwooos_frontstage_bridge",
"iwooos_authoritative_security_entry=true",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"security_compliance_page.frontstage_boundary",
security_compliance_page,
text,
)
assert_text_contains(
"iwooos_page.security_compliance_frontstage_boundary",
iwooos_projection_page,
text,
)
for text in [
"security_compliance_frontstage_route_role_count=5",
"security_compliance_frontstage_primary_source=iwooos",
"security_compliance_frontstage_execution_entry_count=0",
"security_compliance_frontstage_links_read_only=true",
"security_compliance_authoritative_entry=iwooos",
"security_compliance_frontstage_summary_mode=compact_first",
"security_compliance_frontstage_default_detail_collapsed=true",
]:
assert_text_contains(
"security_compliance_page.frontstage_route_role_boundary",
security_compliance_page,
text,
)
for text in [
"security_compliance_rollout_phase_count=5",
"security_compliance_rollout_current_phase=observe_first",
"security_compliance_rollout_runtime_phase_enabled=false",
"security_compliance_rollout_enforcement_enabled=false",
"security_compliance_rollout_action_buttons_allowed=false",
]:
assert_text_contains(
"security_compliance_page.low_friction_rollout_boundary",
security_compliance_page,
text,
)
for text in [
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.security_compliance_frontstage_hard_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.securityCompliance",
list(web_messages_zh.keys()),
"securityCompliance",
)
assert_contains(
"web_messages.en.securityCompliance",
list(web_messages_en.keys()),
"securityCompliance",
)
for key in [
"eyebrow",
"title",
"subtitle",
"openIwooos",
"boundaryTitle",
"boundaryIntro",
"routeRoleTitle",
"routeRoleSubtitle",
"routeLabel",
"rolloutTitle",
"rolloutSubtitle",
"phaseLabel",
"boundaryCodesSummary",
"authority",
"items",
"routeRoles",
"rolloutPhases",
]:
assert_contains(
"web_messages.zh-TW.securityCompliance.frontStage.keys",
list(web_messages_zh["securityCompliance"]["frontStage"].keys()),
key,
)
assert_contains(
"web_messages.en.securityCompliance.frontStage.keys",
list(web_messages_en["securityCompliance"]["frontStage"].keys()),
key,
)
for key in ["eyebrow", "title", "body", "open", "signals"]:
assert_contains(
"web_messages.zh-TW.securityCompliance.frontStage.authority.keys",
list(web_messages_zh["securityCompliance"]["frontStage"]["authority"].keys()),
key,
)
assert_contains(
"web_messages.en.securityCompliance.frontStage.authority.keys",
list(web_messages_en["securityCompliance"]["frontStage"]["authority"].keys()),
key,
)
for key in ["source", "progress", "gate", "mode"]:
assert_contains(
"web_messages.zh-TW.securityCompliance.frontStage.authority.signals",
list(web_messages_zh["securityCompliance"]["frontStage"]["authority"]["signals"].keys()),
key,
)
assert_contains(
"web_messages.en.securityCompliance.frontStage.authority.signals",
list(web_messages_en["securityCompliance"]["frontStage"]["authority"]["signals"].keys()),
key,
)
for key in ["routePreserved", "iwooosBridge", "dedupeNarrative", "noRuntimeControl"]:
assert_contains(
"web_messages.zh-TW.securityCompliance.frontStage.items",
list(web_messages_zh["securityCompliance"]["frontStage"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.securityCompliance.frontStage.items",
list(web_messages_en["securityCompliance"]["frontStage"]["items"].keys()),
key,
)
for key in [
"iwooosOverview",
"securityComplianceHub",
"securityMonitor",
"complianceStats",
"awooopApprovals",
]:
assert_contains(
"web_messages.zh-TW.securityCompliance.frontStage.routeRoles",
list(web_messages_zh["securityCompliance"]["frontStage"]["routeRoles"].keys()),
key,
)
assert_contains(
"web_messages.en.securityCompliance.frontStage.routeRoles",
list(web_messages_en["securityCompliance"]["frontStage"]["routeRoles"].keys()),
key,
)
for key in [
"observe",
"evidence",
"humanReview",
"runtimeGate",
"tightening",
]:
assert_contains(
"web_messages.zh-TW.securityCompliance.frontStage.rolloutPhases",
list(web_messages_zh["securityCompliance"]["frontStage"]["rolloutPhases"].keys()),
key,
)
assert_contains(
"web_messages.en.securityCompliance.frontStage.rolloutPhases",
list(web_messages_en["securityCompliance"]["frontStage"]["rolloutPhases"].keys()),
key,
)
assert_contains(
"web_messages.zh-TW.iwooos.securityComplianceFrontStage",
list(web_messages_zh["iwooos"].keys()),
"securityComplianceFrontStage",
)
assert_contains(
"web_messages.en.iwooos.securityComplianceFrontStage",
list(web_messages_en["iwooos"].keys()),
"securityComplianceFrontStage",
)
for key in ["title", "subtitle", "summary", "items", "decisionLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.securityComplianceFrontStage.keys",
list(web_messages_zh["iwooos"]["securityComplianceFrontStage"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityComplianceFrontStage.keys",
list(web_messages_en["iwooos"]["securityComplianceFrontStage"].keys()),
key,
)
for key in ["route", "decision", "removed", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.securityComplianceFrontStage.summary",
list(web_messages_zh["iwooos"]["securityComplianceFrontStage"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityComplianceFrontStage.summary",
list(web_messages_en["iwooos"]["securityComplianceFrontStage"]["summary"].keys()),
key,
)
for key in ["routePreserved", "frontStageBridge", "singleSecurityNarrative", "runtimeControls"]:
assert_contains(
"web_messages.zh-TW.iwooos.securityComplianceFrontStage.items",
list(web_messages_zh["iwooos"]["securityComplianceFrontStage"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityComplianceFrontStage.items",
list(web_messages_en["iwooos"]["securityComplianceFrontStage"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.frontstage_security_entry_roles_testid",
iwooos_projection_page,
'data-testid="iwooos-frontstage-security-entry-roles-board"',
)
assert_text_contains(
"iwooos_page.frontstage_security_entry_roles_component",
iwooos_projection_page,
"FrontstageSecurityEntryRolesBoard",
)
for text in [
"frontstage_security_entry_role_count=5",
"frontstage_security_primary_entry=iwooos",
"frontstage_security_familiar_entry=security_compliance",
"frontstage_security_execution_entry_count=0",
"frontstage_security_links_read_only=true",
"frontstage_security_operator_confusion_reduction=true",
"frontstage_security_action_buttons_allowed=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.frontstage_security_entry_roles_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.frontstageEntryRoles",
list(web_messages_zh["iwooos"].keys()),
"frontstageEntryRoles",
)
assert_contains(
"web_messages.en.iwooos.frontstageEntryRoles",
list(web_messages_en["iwooos"].keys()),
"frontstageEntryRoles",
)
for key in ["title", "subtitle", "summary", "items", "routeLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.frontstageEntryRoles.keys",
list(web_messages_zh["iwooos"]["frontstageEntryRoles"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.frontstageEntryRoles.keys",
list(web_messages_en["iwooos"]["frontstageEntryRoles"].keys()),
key,
)
for key in ["entries", "primary", "familiar", "execution"]:
assert_contains(
"web_messages.zh-TW.iwooos.frontstageEntryRoles.summary",
list(web_messages_zh["iwooos"]["frontstageEntryRoles"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.frontstageEntryRoles.summary",
list(web_messages_en["iwooos"]["frontstageEntryRoles"]["summary"].keys()),
key,
)
for key in [
"iwooosOverview",
"securityComplianceHub",
"securityMonitor",
"complianceStats",
"awooopApprovals",
]:
assert_contains(
"web_messages.zh-TW.iwooos.frontstageEntryRoles.items",
list(web_messages_zh["iwooos"]["frontstageEntryRoles"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.frontstageEntryRoles.items",
list(web_messages_en["iwooos"]["frontstageEntryRoles"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.low_friction_rollout_testid",
iwooos_projection_page,
'data-testid="iwooos-low-friction-rollout-ladder-board"',
)
assert_text_contains(
"iwooos_page.low_friction_rollout_component",
iwooos_projection_page,
"IwoooSLowFrictionRolloutLadderBoard",
)
for text in [
"iwooos_rollout_phase_count=5",
"iwooos_rollout_current_phase=observe_first",
"iwooos_rollout_frontstage_source=security_compliance_integrated_entry",
"iwooos_rollout_runtime_phase_enabled=false",
"iwooos_rollout_enforcement_enabled=false",
"iwooos_rollout_action_buttons_allowed=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.low_friction_rollout_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.lowFrictionRollout",
list(web_messages_zh["iwooos"].keys()),
"lowFrictionRollout",
)
assert_contains(
"web_messages.en.iwooos.lowFrictionRollout",
list(web_messages_en["iwooos"].keys()),
"lowFrictionRollout",
)
for key in ["title", "subtitle", "summary", "items", "phaseLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.lowFrictionRollout.keys",
list(web_messages_zh["iwooos"]["lowFrictionRollout"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.lowFrictionRollout.keys",
list(web_messages_en["iwooos"]["lowFrictionRollout"].keys()),
key,
)
for key in ["phases", "current", "runtime", "enforcement"]:
assert_contains(
"web_messages.zh-TW.iwooos.lowFrictionRollout.summary",
list(web_messages_zh["iwooos"]["lowFrictionRollout"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.lowFrictionRollout.summary",
list(web_messages_en["iwooos"]["lowFrictionRollout"]["summary"].keys()),
key,
)
for key in ["observe", "evidence", "humanReview", "runtimeGate", "tightening"]:
assert_contains(
"web_messages.zh-TW.iwooos.lowFrictionRollout.items",
list(web_messages_zh["iwooos"]["lowFrictionRollout"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.lowFrictionRollout.items",
list(web_messages_en["iwooos"]["lowFrictionRollout"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.low_friction_next_actions_testid",
iwooos_projection_page,
'data-testid="iwooos-low-friction-next-actions-board"',
)
assert_text_contains(
"iwooos_page.low_friction_next_actions_component",
iwooos_projection_page,
"IwoooSLowFrictionNextActionsBoard",
)
for text in [
"iwooos_next_action_item_count=4",
"iwooos_next_action_allowed_mode=observe_and_evidence_only",
"iwooos_next_action_runtime_gate_required=true",
"iwooos_next_action_scan_authorized=false",
"iwooos_next_action_host_change_authorized=false",
"iwooos_next_action_deploy_authorized=false",
"iwooos_next_action_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.low_friction_next_actions_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.lowFrictionNextActions",
list(web_messages_zh["iwooos"].keys()),
"lowFrictionNextActions",
)
assert_contains(
"web_messages.en.iwooos.lowFrictionNextActions",
list(web_messages_en["iwooos"].keys()),
"lowFrictionNextActions",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.lowFrictionNextActions.keys",
list(web_messages_zh["iwooos"]["lowFrictionNextActions"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.lowFrictionNextActions.keys",
list(web_messages_en["iwooos"]["lowFrictionNextActions"].keys()),
key,
)
for key in ["allowed", "prep", "blocked", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.lowFrictionNextActions.summary",
list(web_messages_zh["iwooos"]["lowFrictionNextActions"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.lowFrictionNextActions.summary",
list(web_messages_en["iwooos"]["lowFrictionNextActions"]["summary"].keys()),
key,
)
for key in ["observeInventory", "evidencePacket", "humanReviewPrep", "runtimeClosed"]:
assert_contains(
"web_messages.zh-TW.iwooos.lowFrictionNextActions.items",
list(web_messages_zh["iwooos"]["lowFrictionNextActions"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.lowFrictionNextActions.items",
list(web_messages_en["iwooos"]["lowFrictionNextActions"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.progress_movement_signals_testid",
iwooos_projection_page,
'data-testid="iwooos-progress-movement-signals-board"',
)
assert_text_contains(
"iwooos_page.progress_movement_signals_component",
iwooos_projection_page,
"IwoooSProgressMovementSignalsBoard",
)
for text in [
"{ key: 'headline', value: '64%', tone: 'warn' as const }",
"{ key: 'signals', value: '6', tone: 'warn' as const }",
"{ key: 'passed', value: '2', tone: 'steady' as const }",
"{ key: 'runtime', value: '0', tone: 'locked' as const }",
]:
assert_text_contains("iwooos_page.progress_movement_signals_summary", iwooos_projection_page, text)
for text in [
"iwooos_progress_movement_signal_count=6",
"iwooos_progress_current_headline_percent=64",
"iwooos_progress_owner_response_accepted_count=0",
"iwooos_progress_redacted_payload_ingested=false",
"iwooos_progress_active_runtime_gate_count=0",
"iwooos_progress_github_primary_ready_count=0",
"iwooos_progress_awooop_landing_evidence_count=1",
"iwooos_progress_security_observer_read_only_evidence_count=1",
"iwooos_progress_review_authorized=true",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.progress_movement_signals_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.progressMovementSignals",
list(web_messages_zh["iwooos"].keys()),
"progressMovementSignals",
)
assert_contains(
"web_messages.en.iwooos.progressMovementSignals",
list(web_messages_en["iwooos"].keys()),
"progressMovementSignals",
)
for key in ["title", "subtitle", "summary", "items", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.progressMovementSignals.keys",
list(web_messages_zh["iwooos"]["progressMovementSignals"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.progressMovementSignals.keys",
list(web_messages_en["iwooos"]["progressMovementSignals"].keys()),
key,
)
for key in ["headline", "signals", "passed", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.progressMovementSignals.summary",
list(web_messages_zh["iwooos"]["progressMovementSignals"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.progressMovementSignals.summary",
list(web_messages_en["iwooos"]["progressMovementSignals"]["summary"].keys()),
key,
)
for key in ["ownerResponse", "redactedEvidence", "runtimeGate", "sourceControl", "awooopLanding"]:
assert_contains(
"web_messages.zh-TW.iwooos.progressMovementSignals.items",
list(web_messages_zh["iwooos"]["progressMovementSignals"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.progressMovementSignals.items",
list(web_messages_en["iwooos"]["progressMovementSignals"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.concrete_security_work_map_testid",
iwooos_projection_page,
'data-testid="iwooos-concrete-security-work-map-board"',
)
assert_text_contains(
"iwooos_page.concrete_security_work_map_component",
iwooos_projection_page,
"IwoooSConcreteSecurityWorkMapBoard",
)
for text in [
"iwooos_concrete_security_workstream_count=6",
"iwooos_concrete_security_visible_workstream_count=6",
"iwooos_concrete_security_framework_only_stream_count=6",
"iwooos_concrete_security_runtime_workstream_count=0",
"iwooos_concrete_security_next_real_gate=s4_9_owner_response_accepted",
"iwooos_concrete_security_owner_response_received_count=0",
"iwooos_concrete_security_owner_response_accepted_count=0",
"iwooos_concrete_security_redacted_payload_ingested=false",
"iwooos_concrete_security_active_runtime_gate_count=0",
"iwooos_concrete_security_github_primary_ready_count=0",
"iwooos_concrete_security_kali_scan_authorized=false",
"iwooos_concrete_security_host_change_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.concrete_security_work_map_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityWorkMap",
list(web_messages_zh["iwooos"].keys()),
"concreteSecurityWorkMap",
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityWorkMap",
list(web_messages_en["iwooos"].keys()),
"concreteSecurityWorkMap",
)
for key in ["title", "subtitle", "summary", "items", "workLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityWorkMap.keys",
list(web_messages_zh["iwooos"]["concreteSecurityWorkMap"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityWorkMap.keys",
list(web_messages_en["iwooos"]["concreteSecurityWorkMap"].keys()),
key,
)
for key in ["streams", "visible", "realGate", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityWorkMap.summary",
list(web_messages_zh["iwooos"]["concreteSecurityWorkMap"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityWorkMap.summary",
list(web_messages_en["iwooos"]["concreteSecurityWorkMap"]["summary"].keys()),
key,
)
for key in [
"frontstageVisibility",
"hostScopeInventory",
"sourceControlMigration",
"ownerEvidenceIntake",
"reviewerHumanFlow",
"runtimeExecutionGate",
]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityWorkMap.items",
list(web_messages_zh["iwooos"]["concreteSecurityWorkMap"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityWorkMap.items",
list(web_messages_en["iwooos"]["concreteSecurityWorkMap"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.concrete_security_delivery_checklist_testid",
iwooos_projection_page,
'data-testid="iwooos-concrete-security-delivery-checklist-board"',
)
assert_text_contains(
"iwooos_page.concrete_security_delivery_checklist_component",
iwooos_projection_page,
"IwoooSConcreteSecurityDeliveryChecklistBoard",
)
for text in [
"iwooos_concrete_security_delivery_item_count=6",
"iwooos_concrete_security_delivery_visible_item_count=6",
"iwooos_concrete_security_delivery_framework_only_count=6",
"iwooos_concrete_security_delivery_runtime_item_count=0",
"iwooos_concrete_security_delivery_next_owner_evidence=s4_9_owner_response",
"iwooos_concrete_security_delivery_ready_for_runtime_count=0",
"iwooos_concrete_security_delivery_evidence_received_count=0",
"iwooos_concrete_security_delivery_evidence_accepted_count=0",
"iwooos_concrete_security_delivery_reviewer_queue_open=false",
"iwooos_concrete_security_delivery_git_primary_ready=false",
"iwooos_concrete_security_delivery_kali_execution_ready=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.concrete_security_delivery_checklist_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityDeliveryChecklist",
list(web_messages_zh["iwooos"].keys()),
"concreteSecurityDeliveryChecklist",
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityDeliveryChecklist",
list(web_messages_en["iwooos"].keys()),
"concreteSecurityDeliveryChecklist",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"deliverableLabel",
"deliveredLabel",
"nextLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityDeliveryChecklist.keys",
list(web_messages_zh["iwooos"]["concreteSecurityDeliveryChecklist"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityDeliveryChecklist.keys",
list(web_messages_en["iwooos"]["concreteSecurityDeliveryChecklist"].keys()),
key,
)
for key in ["items", "framework", "blocked", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityDeliveryChecklist.summary",
list(web_messages_zh["iwooos"]["concreteSecurityDeliveryChecklist"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityDeliveryChecklist.summary",
list(web_messages_en["iwooos"]["concreteSecurityDeliveryChecklist"]["summary"].keys()),
key,
)
for key in [
"visibilitySurface",
"hostScopeEvidence",
"sourceControlEvidence",
"s49OwnerPacket",
"reviewerPreparation",
"runtimeGate",
]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityDeliveryChecklist.items",
list(web_messages_zh["iwooos"]["concreteSecurityDeliveryChecklist"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityDeliveryChecklist.items",
list(web_messages_en["iwooos"]["concreteSecurityDeliveryChecklist"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.concrete_security_blocker_resolution_testid",
iwooos_projection_page,
'data-testid="iwooos-concrete-security-blocker-resolution-board"',
)
assert_text_contains(
"iwooos_page.concrete_security_blocker_resolution_component",
iwooos_projection_page,
"IwoooSConcreteSecurityBlockerResolutionBoard",
)
for text in [
"iwooos_concrete_security_blocker_count=6",
"iwooos_concrete_security_visible_blocker_count=6",
"iwooos_concrete_security_headline_blocker_count=6",
"iwooos_concrete_security_blocker_resolved_count=0",
"iwooos_concrete_security_first_resolvable_blocker=s4_9_owner_response_missing",
"iwooos_concrete_security_owner_response_required=true",
"iwooos_concrete_security_redacted_evidence_required=true",
"iwooos_concrete_security_reviewer_queue_open=false",
"iwooos_concrete_security_github_primary_ready=false",
"iwooos_concrete_security_kali_execution_ready=false",
"iwooos_concrete_security_runtime_gate_open=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.concrete_security_blocker_resolution_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityBlockerResolution",
list(web_messages_zh["iwooos"].keys()),
"concreteSecurityBlockerResolution",
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityBlockerResolution",
list(web_messages_en["iwooos"].keys()),
"concreteSecurityBlockerResolution",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"blockerLabel",
"whyLabel",
"unlockLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityBlockerResolution.keys",
list(web_messages_zh["iwooos"]["concreteSecurityBlockerResolution"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityBlockerResolution.keys",
list(web_messages_en["iwooos"]["concreteSecurityBlockerResolution"].keys()),
key,
)
for key in ["blockers", "resolved", "first", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityBlockerResolution.summary",
list(web_messages_zh["iwooos"]["concreteSecurityBlockerResolution"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityBlockerResolution.summary",
list(web_messages_en["iwooos"]["concreteSecurityBlockerResolution"]["summary"].keys()),
key,
)
for key in [
"ownerResponseMissing",
"redactedEvidenceMissing",
"reviewerQueueClosed",
"sourceControlNotReady",
"hostEvidencePending",
"runtimeGateClosed",
]:
assert_contains(
"web_messages.zh-TW.iwooos.concreteSecurityBlockerResolution.items",
list(web_messages_zh["iwooos"]["concreteSecurityBlockerResolution"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.concreteSecurityBlockerResolution.items",
list(web_messages_en["iwooos"]["concreteSecurityBlockerResolution"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.all_product_coverage_snapshot_testid",
iwooos_projection_page,
'data-testid="iwooos-all-product-coverage-snapshot-board"',
)
assert_text_contains(
"iwooos_page.all_product_coverage_snapshot_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-all-product-coverage-snapshot-boundaries"',
)
assert_text_contains(
"iwooos_page.all_product_coverage_snapshot_component",
iwooos_projection_page,
"IwoooSAllProductCoverageSnapshotBoard",
)
for text in [
"iwooos_all_product_coverage_snapshot_scope_count=8",
"iwooos_all_product_coverage_snapshot_read_only_count=8",
"iwooos_all_product_coverage_snapshot_runtime_ready_count=0",
"iwooos_all_product_coverage_snapshot_default_summary_mode=compact_first",
"iwooos_all_product_coverage_snapshot_detail_ledger_collapsed=true",
"iwooos_all_product_coverage_snapshot_next_gate=s4_9_owner_response_accepted",
"vibework_project_read_only_in_scope=true",
"vibework_runtime_ready=false",
"agent_bounty_project_read_only_in_scope=true",
"agent_bounty_runtime_ready=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.all_product_coverage_snapshot_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.allProductCoverageSnapshot",
list(web_messages_zh["iwooos"].keys()),
"allProductCoverageSnapshot",
)
assert_contains(
"web_messages.en.iwooos.allProductCoverageSnapshot",
list(web_messages_en["iwooos"].keys()),
"allProductCoverageSnapshot",
)
for key in [
"title",
"subtitle",
"summary",
"states",
"items",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.allProductCoverageSnapshot.keys",
list(web_messages_zh["iwooos"]["allProductCoverageSnapshot"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.allProductCoverageSnapshot.keys",
list(web_messages_en["iwooos"]["allProductCoverageSnapshot"].keys()),
key,
)
for key in ["scopeCount", "readOnlyScopes", "runtimeReady", "nextGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.allProductCoverageSnapshot.summary",
list(web_messages_zh["iwooos"]["allProductCoverageSnapshot"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.allProductCoverageSnapshot.summary",
list(web_messages_en["iwooos"]["allProductCoverageSnapshot"]["summary"].keys()),
key,
)
for key in [
"connected",
"visible",
"waitingEvidence",
"approvalRequired",
"readOnlyFirst",
"newProjectReadOnly",
"templateReady",
]:
assert_contains(
"web_messages.zh-TW.iwooos.allProductCoverageSnapshot.states",
list(web_messages_zh["iwooos"]["allProductCoverageSnapshot"]["states"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.allProductCoverageSnapshot.states",
list(web_messages_en["iwooos"]["allProductCoverageSnapshot"]["states"].keys()),
key,
)
for key in [
"awoooiCore",
"websites",
"sourceControl",
"hosts",
"toolsMonitoring",
"vibeWork",
"agentBountyProtocol",
"futureProducts",
]:
assert_contains(
"web_messages.zh-TW.iwooos.allProductCoverageSnapshot.items",
list(web_messages_zh["iwooos"]["allProductCoverageSnapshot"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.allProductCoverageSnapshot.items",
list(web_messages_en["iwooos"]["allProductCoverageSnapshot"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.global_security_mesh_matrix_testid",
iwooos_projection_page,
'data-testid="iwooos-global-security-mesh-matrix-board"',
)
assert_text_contains(
"iwooos_page.global_security_mesh_matrix_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-global-security-mesh-matrix-boundaries"',
)
assert_text_contains(
"iwooos_page.global_security_mesh_matrix_component",
iwooos_projection_page,
"IwoooSGlobalSecurityMeshMatrixBoard",
)
for text in [
"iwooos_global_security_mesh_first_layer=true",
"iwooos_global_security_mesh_asset_count=9",
"iwooos_global_security_mesh_read_only_count=9",
"iwooos_global_security_mesh_runtime_gate_count=0",
"iwooos_global_security_mesh_source_control_mutation_authorized=false",
"iwooos_global_security_mesh_kali_execution_authorized=false",
"iwooos_global_security_mesh_host_change_authorized=false",
"iwooos_global_security_mesh_scan_authorized=false",
"iwooos_global_security_mesh_production_deploy_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.global_security_mesh_matrix_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.globalSecurityMeshMatrix",
list(web_messages_zh["iwooos"].keys()),
"globalSecurityMeshMatrix",
)
assert_contains(
"web_messages.en.iwooos.globalSecurityMeshMatrix",
list(web_messages_en["iwooos"].keys()),
"globalSecurityMeshMatrix",
)
for key in [
"eyebrow",
"title",
"subtitle",
"coverageLabel",
"evidenceLabel",
"runtimeLabel",
"nextLabel",
"boundaryTitle",
"boundaryIntro",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.globalSecurityMeshMatrix.keys",
list(web_messages_zh["iwooos"]["globalSecurityMeshMatrix"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.globalSecurityMeshMatrix.keys",
list(web_messages_en["iwooos"]["globalSecurityMeshMatrix"].keys()),
key,
)
for key in ["assets", "readOnly", "runtime", "nextGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.globalSecurityMeshMatrix.summary",
list(web_messages_zh["iwooos"]["globalSecurityMeshMatrix"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.globalSecurityMeshMatrix.summary",
list(web_messages_en["iwooos"]["globalSecurityMeshMatrix"]["summary"].keys()),
key,
)
for key in ["awoooi", "awooop", "iwooos", "publicSites", "vibeWork", "agentBountyProtocol", "kali112", "devHosts", "sourceControl"]:
assert_contains(
"web_messages.zh-TW.iwooos.globalSecurityMeshMatrix.items",
list(web_messages_zh["iwooos"]["globalSecurityMeshMatrix"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.globalSecurityMeshMatrix.items",
list(web_messages_en["iwooos"]["globalSecurityMeshMatrix"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.host_tool_evidence_chain_testid",
iwooos_projection_page,
'data-testid="iwooos-host-tool-evidence-chain-board"',
)
assert_text_contains(
"iwooos_page.host_tool_evidence_chain_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-host-tool-evidence-chain-boundaries"',
)
assert_text_contains(
"iwooos_page.host_tool_evidence_chain_component",
iwooos_projection_page,
"IwoooSHostToolEvidenceChainBoard",
)
for text in [
"iwooos_host_tool_evidence_chain_first_layer=true",
"iwooos_host_tool_evidence_chain_host_count=3",
"iwooos_host_tool_evidence_chain_tool_lane_count=6",
"iwooos_host_tool_evidence_chain_step_count=5",
"security_observer_integrated_as_read_only=true",
"dev_host_group_integrated_as_read_only=true",
"monitoring_tools_evidence_chain_linked=true",
"security_observer_execute_authorized=false",
"host_update_authorized=false",
"active_scan_authorized=false",
"ssh_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.host_tool_evidence_chain_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.hostToolEvidenceChain",
list(web_messages_zh["iwooos"].keys()),
"hostToolEvidenceChain",
)
assert_contains(
"web_messages.en.iwooos.hostToolEvidenceChain",
list(web_messages_en["iwooos"].keys()),
"hostToolEvidenceChain",
)
for key in [
"eyebrow",
"title",
"subtitle",
"flowTitle",
"evidenceLabel",
"nextLabel",
"boundaryTitle",
"boundaryIntro",
"summary",
"steps",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.hostToolEvidenceChain.keys",
list(web_messages_zh["iwooos"]["hostToolEvidenceChain"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.hostToolEvidenceChain.keys",
list(web_messages_en["iwooos"]["hostToolEvidenceChain"].keys()),
key,
)
for key in ["hosts", "toolLanes", "linkedEvidence", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.hostToolEvidenceChain.summary",
list(web_messages_zh["iwooos"]["hostToolEvidenceChain"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.hostToolEvidenceChain.summary",
list(web_messages_en["iwooos"]["hostToolEvidenceChain"]["summary"].keys()),
key,
)
for key in ["observe", "evidence", "review", "ownerGate", "runtimeHold"]:
assert_contains(
"web_messages.zh-TW.iwooos.hostToolEvidenceChain.steps",
list(web_messages_zh["iwooos"]["hostToolEvidenceChain"]["steps"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.hostToolEvidenceChain.steps",
list(web_messages_en["iwooos"]["hostToolEvidenceChain"]["steps"].keys()),
key,
)
for key in ["kali112", "dev111", "dev168", "monitoringTools", "automationTools", "sourceControl"]:
assert_contains(
"web_messages.zh-TW.iwooos.hostToolEvidenceChain.items",
list(web_messages_zh["iwooos"]["hostToolEvidenceChain"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.hostToolEvidenceChain.items",
list(web_messages_en["iwooos"]["hostToolEvidenceChain"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.vibework_security_onboarding_testid",
iwooos_projection_page,
'data-testid="iwooos-vibework-security-onboarding-board"',
)
assert_text_contains(
"iwooos_page.vibework_security_onboarding_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-vibework-security-onboarding-boundaries"',
)
assert_text_contains(
"iwooos_page.vibework_security_onboarding_component",
iwooos_projection_page,
"IwoooSMissionProductSecurityOnboardingBoard",
)
for text in [
"vibework_security_onboarding_item_count=6",
"vibework_security_onboarding_read_only=true",
"vibework_owner_evidence_received=false",
"vibework_data_classification_received=false",
"vibework_source_control_evidence_received=false",
"vibework_deployment_boundary_received=false",
"vibework_runtime_gate_open=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"production_deploy_authorized=false",
]:
assert_text_contains(
"iwooos_page.vibework_security_onboarding_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.vibeWorkSecurityOnboarding",
list(web_messages_zh["iwooos"].keys()),
"vibeWorkSecurityOnboarding",
)
assert_contains(
"web_messages.en.iwooos.vibeWorkSecurityOnboarding",
list(web_messages_en["iwooos"].keys()),
"vibeWorkSecurityOnboarding",
)
for key in [
"eyebrow",
"title",
"subtitle",
"summary",
"items",
"checkLabel",
"stateLabel",
"missingLabel",
"nextLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.vibeWorkSecurityOnboarding.keys",
list(web_messages_zh["iwooos"]["vibeWorkSecurityOnboarding"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.vibeWorkSecurityOnboarding.keys",
list(web_messages_en["iwooos"]["vibeWorkSecurityOnboarding"].keys()),
key,
)
for key in ["readOnly", "missingEvidence", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.vibeWorkSecurityOnboarding.summary",
list(web_messages_zh["iwooos"]["vibeWorkSecurityOnboarding"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.vibeWorkSecurityOnboarding.summary",
list(web_messages_en["iwooos"]["vibeWorkSecurityOnboarding"]["summary"].keys()),
key,
)
for key in ["owner", "dataClass", "sourceRepo", "deployBoundary", "evidencePointer", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.vibeWorkSecurityOnboarding.items",
list(web_messages_zh["iwooos"]["vibeWorkSecurityOnboarding"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.vibeWorkSecurityOnboarding.items",
list(web_messages_en["iwooos"]["vibeWorkSecurityOnboarding"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.agent_bounty_security_onboarding_testid",
iwooos_projection_page,
'data-testid="iwooos-agent-bounty-security-onboarding-board"',
)
assert_text_contains(
"iwooos_page.agent_bounty_security_onboarding_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-agent-bounty-security-onboarding-boundaries"',
)
assert_text_contains(
"iwooos_page.agent_bounty_security_onboarding_component",
iwooos_projection_page,
"IwoooSAgentBountySecurityOnboardingBoard",
)
for text in [
"agent_bounty_security_onboarding_item_count=7",
"agent_bounty_security_onboarding_read_only=true",
"agent_bounty_owner_evidence_received=false",
"agent_bounty_data_classification_received=false",
"agent_bounty_source_control_evidence_received=false",
"agent_bounty_deployment_boundary_received=false",
"agent_bounty_external_agent_boundary_received=false",
"agent_bounty_treasury_boundary_received=false",
"agent_bounty_auto_claim_submit_authorized=false",
"agent_bounty_bounty_payout_authorized=false",
"agent_bounty_runtime_gate_open=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"production_deploy_authorized=false",
]:
assert_text_contains(
"iwooos_page.agent_bounty_security_onboarding_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.agentBountySecurityOnboarding",
list(web_messages_zh["iwooos"].keys()),
"agentBountySecurityOnboarding",
)
assert_contains(
"web_messages.en.iwooos.agentBountySecurityOnboarding",
list(web_messages_en["iwooos"].keys()),
"agentBountySecurityOnboarding",
)
for key in [
"eyebrow",
"title",
"subtitle",
"summary",
"items",
"checkLabel",
"stateLabel",
"missingLabel",
"nextLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.agentBountySecurityOnboarding.keys",
list(web_messages_zh["iwooos"]["agentBountySecurityOnboarding"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.agentBountySecurityOnboarding.keys",
list(web_messages_en["iwooos"]["agentBountySecurityOnboarding"].keys()),
key,
)
for key in ["readOnly", "missingEvidence", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.agentBountySecurityOnboarding.summary",
list(web_messages_zh["iwooos"]["agentBountySecurityOnboarding"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.agentBountySecurityOnboarding.summary",
list(web_messages_en["iwooos"]["agentBountySecurityOnboarding"]["summary"].keys()),
key,
)
for key in ["owner", "dataClass", "sourceRepo", "deployBoundary", "externalAgent", "treasuryBoundary", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.agentBountySecurityOnboarding.items",
list(web_messages_zh["iwooos"]["agentBountySecurityOnboarding"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.agentBountySecurityOnboarding.items",
list(web_messages_en["iwooos"]["agentBountySecurityOnboarding"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.rollout_risk_read_only_testid",
iwooos_projection_page,
'data-testid="iwooos-rollout-risk-read-only-board"',
)
assert_text_contains(
"iwooos_page.rollout_risk_read_only_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-rollout-risk-read-only-boundaries"',
)
assert_text_contains(
"iwooos_page.rollout_risk_read_only_component",
iwooos_projection_page,
"IwoooSRolloutRiskReadOnlyBoard",
)
for text in [
"rollout_risk_read_only_card_count=4",
"rollout_risk_source_deploy_marker=16756d24",
"rollout_risk_awoooi_rollout_risk=1",
"rollout_risk_argocd_health=Degraded",
"rollout_risk_resource_sync=OutOfSync",
"rollout_risk_api_health_passed=true",
"rollout_risk_playwright_smoke_passed=true",
"rollout_risk_requires_read_only_triage=true",
"rollout_risk_runtime_gate_count=0",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"argocd_sync_authorized=false",
"kubectl_action_authorized=false",
"host_restart_authorized=false",
]:
assert_text_contains(
"iwooos_page.rollout_risk_read_only_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.rolloutRiskReadOnly",
list(web_messages_zh["iwooos"].keys()),
"rolloutRiskReadOnly",
)
assert_contains(
"web_messages.en.iwooos.rolloutRiskReadOnly",
list(web_messages_en["iwooos"].keys()),
"rolloutRiskReadOnly",
)
for key in [
"eyebrow",
"title",
"subtitle",
"signalLabel",
"stateLabel",
"boundaryTitle",
"boundaryIntro",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.rolloutRiskReadOnly.keys",
list(web_messages_zh["iwooos"]["rolloutRiskReadOnly"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.rolloutRiskReadOnly.keys",
list(web_messages_en["iwooos"]["rolloutRiskReadOnly"].keys()),
key,
)
for key in ["sourceDeployMarker", "rolloutRisk", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.rolloutRiskReadOnly.summary",
list(web_messages_zh["iwooos"]["rolloutRiskReadOnly"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.rolloutRiskReadOnly.summary",
list(web_messages_en["iwooos"]["rolloutRiskReadOnly"]["summary"].keys()),
key,
)
for key in ["argocdHealth", "resourceSync", "smokePassed", "riskBoundary"]:
assert_contains(
"web_messages.zh-TW.iwooos.rolloutRiskReadOnly.items",
list(web_messages_zh["iwooos"]["rolloutRiskReadOnly"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.rolloutRiskReadOnly.items",
list(web_messages_en["iwooos"]["rolloutRiskReadOnly"]["items"].keys()),
key,
)
for key in ["eyebrow", "title", "subtitle", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.wazuhIntrusionReadback.keys",
list(web_messages_zh["iwooos"]["wazuhIntrusionReadback"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.wazuhIntrusionReadback.keys",
list(web_messages_en["iwooos"]["wazuhIntrusionReadback"].keys()),
key,
)
for key in ["platform", "hosts", "candidates", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.wazuhIntrusionReadback.summary",
list(web_messages_zh["iwooos"]["wazuhIntrusionReadback"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.wazuhIntrusionReadback.summary",
list(web_messages_en["iwooos"]["wazuhIntrusionReadback"]["summary"].keys()),
key,
)
for key in ["controlPlane", "hostSignals", "forensics", "agentClaims", "containment", "activeResponse"]:
assert_contains(
"web_messages.zh-TW.iwooos.wazuhIntrusionReadback.items",
list(web_messages_zh["iwooos"]["wazuhIntrusionReadback"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.wazuhIntrusionReadback.items",
list(web_messages_en["iwooos"]["wazuhIntrusionReadback"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.wazuh_intrusion_readback_testid",
iwooos_projection_page,
'data-testid="iwooos-wazuh-intrusion-readback-board"',
)
assert_text_contains(
"iwooos_page.wazuh_intrusion_readback_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-wazuh-intrusion-readback-boundaries"',
)
assert_text_before(
"iwooos_page.wazuh_intrusion_before_config_priority",
iwooos_projection_page,
"<IwoooSWazuhIntrusionReadbackBoard />",
"<IwoooSCriticalConfigPriorityBoard />",
)
for text in [
"wazuh_intrusion_readback_plan_visible=true",
"wazuh_intrusion_readback_plan_candidate_count=6",
"wazuh_intrusion_readback_plan_c0_candidate_count=6",
"wazuh_intrusion_readback_plan_affected_host_alias_count=2",
"wazuh_intrusion_readback_plan_wazuh_platform_reported_count=1",
"wazuh_intrusion_readback_plan_wazuh_event_required_candidate_count=5",
"wazuh_intrusion_readback_plan_host_forensics_required_candidate_count=5",
"wazuh_intrusion_readback_plan_cross_project_sync_required_candidate_count=6",
"wazuh_intrusion_readback_plan_required_readback_field_count=30",
"wazuh_intrusion_readback_plan_reviewer_check_count=24",
"wazuh_intrusion_readback_plan_outcome_lane_count=12",
"wazuh_intrusion_readback_plan_blocked_action_count=49",
"wazuh_intrusion_readback_plan_wazuh_manager_health_ref_received_count=0",
"wazuh_intrusion_readback_plan_wazuh_agent_status_ref_received_count=0",
"wazuh_intrusion_readback_plan_wazuh_event_ref_received_count=0",
"wazuh_intrusion_readback_plan_host_forensics_ref_received_count=0",
"wazuh_intrusion_readback_plan_containment_decision_received_count=0",
"wazuh_intrusion_readback_plan_recovery_proof_received_count=0",
"wazuh_intrusion_readback_plan_owner_response_received_count=0",
"wazuh_intrusion_readback_plan_owner_response_accepted_count=0",
"wazuh_intrusion_readback_plan_wazuh_event_accepted_count=0",
"wazuh_intrusion_readback_plan_host_forensics_accepted_count=0",
"wazuh_intrusion_readback_plan_containment_decision_accepted_count=0",
"wazuh_intrusion_readback_plan_recovery_proof_accepted_count=0",
"wazuh_intrusion_readback_plan_readonly_api_code_path_present_count=1",
"wazuh_intrusion_readback_plan_readonly_api_enabled_count=0",
"wazuh_intrusion_readback_plan_active_response_authorized_count=0",
"wazuh_intrusion_readback_plan_host_write_authorized_count=0",
"wazuh_intrusion_readback_plan_secret_value_collection_allowed_count=0",
"wazuh_intrusion_readback_plan_runtime_gate_count=0",
"wazuh_intrusion_readback_plan_action_button_count=0",
"wazuh_api_live_query_authorized=false",
"wazuh_active_response_authorized=false",
"raw_wazuh_payload_storage_allowed=false",
"frontend_raw_transcript_display_allowed=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
]:
assert_text_contains(
"iwooos_page.wazuh_intrusion_readback_boundary",
iwooos_projection_page,
text,
)
for key in ["eyebrow", "title", "subtitle", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.socSiemKaliWazuhIntegration.keys",
list(web_messages_zh["iwooos"]["socSiemKaliWazuhIntegration"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.socSiemKaliWazuhIntegration.keys",
list(web_messages_en["iwooos"]["socSiemKaliWazuhIntegration"].keys()),
key,
)
for key in ["frameworks", "domains", "signals", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.socSiemKaliWazuhIntegration.summary",
list(web_messages_zh["iwooos"]["socSiemKaliWazuhIntegration"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.socSiemKaliWazuhIntegration.summary",
list(web_messages_en["iwooos"]["socSiemKaliWazuhIntegration"]["summary"].keys()),
key,
)
for key in [
"frameworkMap",
"wazuhSiem",
"kali112",
"alertChain",
"forensics",
"supplyChain",
"soarBoundary",
"runtimeBoundary",
]:
assert_contains(
"web_messages.zh-TW.iwooos.socSiemKaliWazuhIntegration.items",
list(web_messages_zh["iwooos"]["socSiemKaliWazuhIntegration"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.socSiemKaliWazuhIntegration.items",
list(web_messages_en["iwooos"]["socSiemKaliWazuhIntegration"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.soc_siem_kali_wazuh_integration_testid",
iwooos_projection_page,
'data-testid="iwooos-soc-siem-kali-wazuh-integration-board"',
)
assert_text_contains(
"iwooos_page.soc_siem_kali_wazuh_integration_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-soc-siem-kali-wazuh-integration-boundaries"',
)
assert_text_before(
"iwooos_page.soc_siem_after_wazuh",
iwooos_projection_page,
"<IwoooSWazuhIntrusionReadbackBoard />",
"<IwoooSSocSiemKaliWazuhIntegrationBoard />",
)
assert_text_before(
"iwooos_page.soc_siem_before_external_host_intrusion",
iwooos_projection_page,
"<IwoooSSocSiemKaliWazuhIntegrationBoard />",
"<IwoooSExternalHostIntrusionPreventionControlBoard />",
)
for text in [
"soc_siem_kali_wazuh_integration_control_visible=true",
"soc_siem_kali_wazuh_integration_control_standard_framework_count=7",
"soc_siem_kali_wazuh_integration_control_domain_count=16",
"soc_siem_kali_wazuh_integration_control_c0_domain_count=12",
"soc_siem_kali_wazuh_integration_control_c1_domain_count=4",
"soc_siem_kali_wazuh_integration_control_signal_source_count=12",
"soc_siem_kali_wazuh_integration_control_candidate_count=20",
"soc_siem_kali_wazuh_integration_control_c0_candidate_count=12",
"soc_siem_kali_wazuh_integration_control_c1_candidate_count=8",
"soc_siem_kali_wazuh_integration_control_p0_candidate_count=12",
"soc_siem_kali_wazuh_integration_control_p1_candidate_count=8",
"soc_siem_kali_wazuh_integration_control_required_owner_field_count=42",
"soc_siem_kali_wazuh_integration_control_reviewer_check_count=36",
"soc_siem_kali_wazuh_integration_control_outcome_lane_count=14",
"soc_siem_kali_wazuh_integration_control_blocked_action_count=103",
"soc_siem_kali_wazuh_integration_control_wazuh_event_ref_received_count=0",
"soc_siem_kali_wazuh_integration_control_kali_scope_ref_accepted_count=0",
"soc_siem_kali_wazuh_integration_control_kali_finding_envelope_accepted_count=0",
"soc_siem_kali_wazuh_integration_control_siem_correlation_rule_accepted_count=0",
"soc_siem_kali_wazuh_integration_control_alert_route_accepted_count=0",
"soc_siem_kali_wazuh_integration_control_incident_case_accepted_count=0",
"soc_siem_kali_wazuh_integration_control_forensic_evidence_accepted_count=0",
"soc_siem_kali_wazuh_integration_control_owner_response_received_count=0",
"soc_siem_kali_wazuh_integration_control_owner_response_accepted_count=0",
"soc_siem_kali_wazuh_integration_control_active_response_enabled_count=0",
"soc_siem_kali_wazuh_integration_control_kali_active_scan_authorized_count=0",
"soc_siem_kali_wazuh_integration_control_kali_execute_authorized_count=0",
"soc_siem_kali_wazuh_integration_control_prometheus_reload_authorized_count=0",
"soc_siem_kali_wazuh_integration_control_alertmanager_reload_authorized_count=0",
"soc_siem_kali_wazuh_integration_control_telegram_send_authorized_count=0",
"soc_siem_kali_wazuh_integration_control_soar_case_create_authorized_count=0",
"soc_siem_kali_wazuh_integration_control_auto_block_authorized_count=0",
"soc_siem_kali_wazuh_integration_control_runtime_gate_count=0",
"soc_siem_kali_wazuh_integration_control_action_button_count=0",
"monitoring_alerting_observability_coverage_percent=78",
"security_evidence_tooling_coverage_percent=88",
"wazuh_api_live_query_authorized=false",
"wazuh_active_response_authorized=false",
"kali_scan_authorized=false",
"kali_execute_authorized=false",
"active_scan_authorized=false",
"credentialed_scan_authorized=false",
"prometheus_reload_authorized=false",
"alertmanager_reload_authorized=false",
"telegram_send_authorized=false",
"soar_case_create_authorized=false",
"auto_block_authorized=false",
"raw_payload_storage_allowed=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.soc_siem_kali_wazuh_integration_boundary",
iwooos_projection_page,
text,
)
for key in ["eyebrow", "title", "subtitle", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.securityAssetControlLedger.keys",
list(web_messages_zh["iwooos"]["securityAssetControlLedger"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityAssetControlLedger.keys",
list(web_messages_en["iwooos"]["securityAssetControlLedger"].keys()),
key,
)
for key in ["assetGroups", "p0Groups", "evidenceRefs", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.securityAssetControlLedger.summary",
list(web_messages_zh["iwooos"]["securityAssetControlLedger"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityAssetControlLedger.summary",
list(web_messages_en["iwooos"]["securityAssetControlLedger"]["summary"].keys()),
key,
)
for key in [
"gatewayTls",
"hostNetwork",
"k8sWorkflow",
"wazuhKali",
"alertBackup",
"supplyChain",
"aiProduct",
"runtimeBoundary",
]:
assert_contains(
"web_messages.zh-TW.iwooos.securityAssetControlLedger.items",
list(web_messages_zh["iwooos"]["securityAssetControlLedger"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityAssetControlLedger.items",
list(web_messages_en["iwooos"]["securityAssetControlLedger"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.security_asset_control_ledger_testid",
iwooos_projection_page,
'data-testid="iwooos-security-asset-control-ledger-board"',
)
assert_text_contains(
"iwooos_page.security_asset_control_ledger_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-security-asset-control-ledger-boundaries"',
)
assert_text_before(
"iwooos_page.security_asset_control_after_soc",
iwooos_projection_page,
"<IwoooSSocSiemKaliWazuhIntegrationBoard />",
"<IwoooSSecurityAssetControlLedgerBoard />",
)
assert_text_before(
"iwooos_page.security_asset_control_before_external_host",
iwooos_projection_page,
"<IwoooSSecurityAssetControlLedgerBoard />",
"<IwoooSExternalHostIntrusionPreventionControlBoard />",
)
for text in [
"security_asset_control_ledger_visible=true",
"security_asset_control_ledger_asset_group_count=16",
"security_asset_control_ledger_p0_asset_group_count=14",
"security_asset_control_ledger_p1_asset_group_count=2",
"security_asset_control_ledger_c0_asset_group_count=14",
"security_asset_control_ledger_c1_asset_group_count=2",
"security_asset_control_ledger_evidence_ref_count=64",
"security_asset_control_ledger_existing_evidence_ref_count=64",
"security_asset_control_ledger_missing_evidence_ref_count=0",
"security_asset_control_ledger_required_owner_field_count=24",
"security_asset_control_ledger_reviewer_check_count=24",
"security_asset_control_ledger_outcome_lane_count=10",
"security_asset_control_ledger_blocked_action_count=44",
"security_asset_control_ledger_owner_packet_required_count=16",
"security_asset_control_ledger_owner_response_received_count=0",
"security_asset_control_ledger_owner_response_accepted_count=0",
"security_asset_control_ledger_live_evidence_accepted_count=0",
"security_asset_control_ledger_runtime_gate_count=0",
"security_asset_control_ledger_action_button_count=0",
"security_asset_control_ledger_host_write_authorized_count=0",
"security_asset_control_ledger_active_scan_authorized_count=0",
"security_asset_control_ledger_wazuh_active_response_authorized_count=0",
"security_asset_control_ledger_kali_execute_authorized_count=0",
"security_asset_control_ledger_soar_action_authorized_count=0",
"security_asset_control_ledger_auto_block_authorized_count=0",
"security_asset_control_ledger_secret_value_collected_count=0",
"security_asset_control_ledger_raw_payload_stored_count=0",
"security_asset_control_ledger_completion_percent=100",
"iwooos_headline_progress_percent=64",
"runtime_execution_authorized=false",
"host_write_authorized=false",
"ssh_read_authorized=false",
"nginx_reload_authorized=false",
"firewall_change_authorized=false",
"argocd_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"wazuh_active_response_authorized=false",
"kali_active_scan_authorized=false",
"kali_execute_authorized=false",
"telegram_send_authorized=false",
"soar_action_authorized=false",
"auto_block_authorized=false",
"production_write_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.security_asset_control_ledger_boundary",
iwooos_projection_page,
text,
)
for key in ["eyebrow", "title", "subtitle", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.externalHostIntrusionPreventionControl.keys",
list(web_messages_zh["iwooos"]["externalHostIntrusionPreventionControl"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.externalHostIntrusionPreventionControl.keys",
list(web_messages_en["iwooos"]["externalHostIntrusionPreventionControl"].keys()),
key,
)
for key in ["domains", "candidates", "hosts", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.externalHostIntrusionPreventionControl.summary",
list(web_messages_zh["iwooos"]["externalHostIntrusionPreventionControl"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.externalHostIntrusionPreventionControl.summary",
list(web_messages_en["iwooos"]["externalHostIntrusionPreventionControl"]["summary"].keys()),
key,
)
for key in [
"gateway",
"sshFirewall",
"hostRuntime",
"runnerSecret",
"wazuhResponse",
"backupRestore",
"packagePatch",
"sync",
]:
assert_contains(
"web_messages.zh-TW.iwooos.externalHostIntrusionPreventionControl.items",
list(web_messages_zh["iwooos"]["externalHostIntrusionPreventionControl"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.externalHostIntrusionPreventionControl.items",
list(web_messages_en["iwooos"]["externalHostIntrusionPreventionControl"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.external_host_intrusion_prevention_control_testid",
iwooos_projection_page,
'data-testid="iwooos-external-host-intrusion-prevention-control-board"',
)
assert_text_contains(
"iwooos_page.external_host_intrusion_prevention_control_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-external-host-intrusion-prevention-control-boundaries"',
)
assert_text_before(
"iwooos_page.external_host_intrusion_after_wazuh",
iwooos_projection_page,
"<IwoooSWazuhIntrusionReadbackBoard />",
"<IwoooSExternalHostIntrusionPreventionControlBoard />",
)
assert_text_before(
"iwooos_page.external_host_intrusion_before_config_priority",
iwooos_projection_page,
"<IwoooSExternalHostIntrusionPreventionControlBoard />",
"<IwoooSCriticalConfigPriorityBoard />",
)
for text in [
"external_host_intrusion_prevention_control_visible=true",
"external_host_intrusion_prevention_control_domain_count=12",
"external_host_intrusion_prevention_control_candidate_count=14",
"external_host_intrusion_prevention_control_c0_candidate_count=10",
"external_host_intrusion_prevention_control_c1_candidate_count=4",
"external_host_intrusion_prevention_control_p0_candidate_count=14",
"external_host_intrusion_prevention_control_host_alias_count=4",
"external_host_intrusion_prevention_control_sensor_alias_count=1",
"external_host_intrusion_prevention_control_required_owner_field_count=36",
"external_host_intrusion_prevention_control_reviewer_check_count=34",
"external_host_intrusion_prevention_control_outcome_lane_count=12",
"external_host_intrusion_prevention_control_blocked_action_count=82",
"external_host_intrusion_prevention_control_wazuh_event_required_candidate_count=7",
"external_host_intrusion_prevention_control_host_forensics_required_candidate_count=6",
"external_host_intrusion_prevention_control_config_diff_required_candidate_count=8",
"external_host_intrusion_prevention_control_owner_response_received_count=0",
"external_host_intrusion_prevention_control_owner_response_accepted_count=0",
"external_host_intrusion_prevention_control_evidence_ref_received_count=0",
"external_host_intrusion_prevention_control_evidence_ref_accepted_count=0",
"external_host_intrusion_prevention_control_prevention_control_accepted_count=0",
"external_host_intrusion_prevention_control_wazuh_active_response_enabled_count=0",
"external_host_intrusion_prevention_control_host_write_authorized_count=0",
"external_host_intrusion_prevention_control_firewall_change_authorized_count=0",
"external_host_intrusion_prevention_control_nginx_reload_authorized_count=0",
"external_host_intrusion_prevention_control_package_upgrade_authorized_count=0",
"external_host_intrusion_prevention_control_active_scan_authorized_count=0",
"external_host_intrusion_prevention_control_runtime_gate_count=0",
"external_host_intrusion_prevention_control_action_button_count=0",
"docker_compose_systemd_host_config_coverage_percent=68",
"ssh_firewall_network_access_coverage_percent=70",
"monitoring_alerting_observability_coverage_percent=78",
"host_write_authorized=false",
"ssh_write_authorized=false",
"firewall_change_authorized=false",
"nginx_reload_authorized=false",
"wazuh_active_response_authorized=false",
"package_upgrade_authorized=false",
"active_scan_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.external_host_intrusion_prevention_control_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.high_value_config_control_coverage_testid",
iwooos_projection_page,
'data-testid="iwooos-high-value-config-control-coverage-board"',
)
assert_text_contains(
"iwooos_page.high_value_config_control_coverage_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-high-value-config-control-coverage-boundaries"',
)
assert_text_contains(
"iwooos_page.high_value_config_control_coverage_component",
iwooos_projection_page,
"IwoooSHighValueConfigControlCoverageBoard",
)
assert_text_contains(
"iwooos_page.high_value_config_control_coverage_docker_systemd_percent",
iwooos_projection_page,
"{ key: 'dockerSystemd', rank: 'P1-1', value: '68%'",
)
assert_text_contains(
"iwooos_page.high_value_config_control_coverage_ssh_network_percent",
iwooos_projection_page,
"{ key: 'sshNetwork', rank: 'P1-2', value: '70%'",
)
assert_text_contains(
"iwooos_page.high_value_config_control_coverage_ai_provider_percent",
iwooos_projection_page,
"{ key: 'aiProvider', rank: 'P1-3', value: '64%'",
)
assert_text_contains(
"iwooos_page.high_value_config_control_coverage_k8s_gitops_percent",
iwooos_projection_page,
"{ key: 'k8sGitops', rank: 'P1-4', value: '66%'",
)
assert_text_before(
"iwooos_page.high_value_config_control_coverage_before_owner_packet",
iwooos_projection_page,
"<IwoooSHighValueConfigControlCoverageBoard />",
"<IwoooSHighValueConfigOwnerPacketBoard />",
)
for text in [
"high_value_config_control_coverage_frontstage_summary_count=4",
"high_value_config_control_coverage_frontstage_item_count=5",
"high_value_config_control_coverage_category_count=14",
"high_value_config_control_coverage_c0_category_count=8",
"high_value_config_control_coverage_c1_category_count=4",
"high_value_config_control_coverage_average_percent=73",
"high_value_config_control_coverage_needs_live_evidence_count=10",
"high_value_config_control_coverage_owner_response_required_count=14",
"high_value_config_control_coverage_owner_response_received_count=0",
"high_value_config_control_coverage_owner_response_accepted_count=0",
"high_value_config_control_coverage_runtime_gate_count=0",
"high_value_config_control_coverage_action_button_count=0",
"nginx_public_gateway_coverage_percent=92",
"public_gateway_owner_response_acceptance_required_owner_response_field_count=22",
"public_gateway_owner_response_acceptance_reviewer_check_count=22",
"public_gateway_owner_response_acceptance_outcome_lane_count=8",
"public_gateway_owner_response_acceptance_blocked_action_count=28",
"k8s_production_gitops_coverage_percent=66",
"secret_metadata_coverage_percent=70",
"gitea_workflow_runner_source_control_coverage_percent=74",
"public_admin_api_runtime_config_coverage_percent=66",
"docker_compose_systemd_host_config_coverage_percent=68",
"ssh_firewall_network_access_coverage_percent=70",
"monitoring_alerting_observability_coverage_percent=78",
"security_evidence_tooling_coverage_percent=88",
"ai_provider_model_routing_coverage_percent=64",
"ai_provider_owner_response_acceptance_candidate_count=8",
"ai_provider_owner_response_acceptance_write_capable_candidate_count=5",
"ai_provider_owner_response_acceptance_required_owner_field_count=24",
"ai_provider_owner_response_acceptance_reviewer_check_count=24",
"ai_provider_owner_response_acceptance_outcome_lane_count=10",
"ai_provider_owner_response_acceptance_blocked_action_count=38",
"ai_provider_owner_response_acceptance_owner_response_received_count=0",
"ai_provider_owner_response_acceptance_owner_response_accepted_count=0",
"ai_provider_owner_response_acceptance_dry_run_result_accepted_count=0",
"ai_provider_owner_response_acceptance_benchmark_result_accepted_count=0",
"ai_provider_owner_response_acceptance_cost_review_accepted_count=0",
"ai_provider_owner_response_acceptance_privacy_review_accepted_count=0",
"ai_provider_owner_response_acceptance_provider_switch_authorized_count=0",
"ai_provider_owner_response_acceptance_external_provider_call_authorized_count=0",
"ai_provider_owner_response_acceptance_paid_provider_call_authorized_count=0",
"ai_provider_owner_response_acceptance_prompt_send_authorized_count=0",
"ai_provider_owner_response_acceptance_runtime_gate_count=0",
"public_frontend_sensitive_surface_guard_file_count=226",
"public_frontend_sensitive_surface_guard_forbidden_pattern_count=12",
"public_frontend_sensitive_surface_guard_violation_count=0",
"public_frontend_sensitive_surface_guard_runtime_gate_count=0",
"public_runtime_config_change_evidence_acceptance_candidate_count=6",
"public_runtime_config_change_evidence_acceptance_c0_candidate_count=5",
"public_runtime_config_change_evidence_acceptance_c1_candidate_count=1",
"public_runtime_config_change_evidence_acceptance_write_capable_candidate_count=6",
"public_runtime_config_change_evidence_acceptance_source_ref_count=20",
"public_runtime_config_change_evidence_acceptance_required_evidence_field_count=21",
"public_runtime_config_change_evidence_acceptance_reviewer_check_count=21",
"public_runtime_config_change_evidence_acceptance_outcome_lane_count=8",
"public_runtime_config_change_evidence_acceptance_blocked_action_count=32",
"public_runtime_config_change_evidence_acceptance_received_count=0",
"public_runtime_config_change_evidence_acceptance_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_route_scope_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_admin_auth_boundary_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_api_contract_readback_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_cors_origin_diff_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_frontend_env_diff_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_i18n_redaction_review_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_desktop_mobile_smoke_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_sensitive_string_scan_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_postcheck_evidence_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_runtime_approval_package_ready_count=0",
"public_runtime_config_change_evidence_acceptance_runtime_gate_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_candidate_count=5",
"cd_runner_secret_injection_change_evidence_acceptance_c0_candidate_count=4",
"cd_runner_secret_injection_change_evidence_acceptance_c1_candidate_count=1",
"cd_runner_secret_injection_change_evidence_acceptance_write_capable_candidate_count=5",
"cd_runner_secret_injection_change_evidence_acceptance_local_workflow_file_count=33",
"cd_runner_secret_injection_change_evidence_acceptance_gitea_workflow_file_count=12",
"cd_runner_secret_injection_change_evidence_acceptance_github_workflow_file_count=21",
"cd_runner_secret_injection_change_evidence_acceptance_local_referenced_secret_name_count=42",
"cd_runner_secret_injection_change_evidence_acceptance_runner_label_count=5",
"cd_runner_secret_injection_change_evidence_acceptance_required_evidence_field_count=19",
"cd_runner_secret_injection_change_evidence_acceptance_reviewer_check_count=19",
"cd_runner_secret_injection_change_evidence_acceptance_outcome_lane_count=8",
"cd_runner_secret_injection_change_evidence_acceptance_blocked_action_count=32",
"cd_runner_secret_injection_change_evidence_acceptance_received_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_workflow_diff_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runner_attestation_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_secret_name_parity_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_secret_injection_route_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_deploy_marker_readback_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_guard_result_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_postcheck_evidence_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runtime_approval_package_ready_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runtime_gate_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_candidate_count=5",
"cd_runner_secret_injection_post_incident_readback_plan_c0_candidate_count=4",
"cd_runner_secret_injection_post_incident_readback_plan_write_capable_candidate_count=5",
"cd_runner_secret_injection_post_incident_readback_plan_required_readback_field_count=33",
"cd_runner_secret_injection_post_incident_readback_plan_reviewer_check_count=30",
"cd_runner_secret_injection_post_incident_readback_plan_outcome_lane_count=11",
"cd_runner_secret_injection_post_incident_readback_plan_blocked_action_count=52",
"cd_runner_secret_injection_post_incident_readback_plan_received_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_workflow_diff_state_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_runner_attestation_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_secret_name_parity_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_secret_injection_route_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_deploy_marker_readback_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_gitea_action_run_readback_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_log_redaction_readback_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_runtime_gate_count=0",
"k8s_argocd_change_evidence_acceptance_candidate_count=4",
"k8s_argocd_change_evidence_acceptance_c0_candidate_count=3",
"k8s_argocd_change_evidence_acceptance_write_capable_candidate_count=4",
"k8s_argocd_change_evidence_acceptance_required_evidence_field_count=18",
"k8s_argocd_change_evidence_acceptance_reviewer_check_count=18",
"k8s_argocd_change_evidence_acceptance_outcome_lane_count=8",
"k8s_argocd_change_evidence_acceptance_blocked_action_count=28",
"k8s_argocd_change_evidence_acceptance_received_count=0",
"k8s_argocd_change_evidence_acceptance_accepted_count=0",
"k8s_argocd_change_evidence_acceptance_runtime_approval_package_ready_count=0",
"k8s_argocd_change_evidence_acceptance_runtime_gate_count=0",
"k8s_argocd_post_incident_readback_plan_candidate_count=4",
"k8s_argocd_post_incident_readback_plan_c0_candidate_count=3",
"k8s_argocd_post_incident_readback_plan_write_capable_candidate_count=4",
"k8s_argocd_post_incident_readback_plan_required_readback_field_count=31",
"k8s_argocd_post_incident_readback_plan_reviewer_check_count=28",
"k8s_argocd_post_incident_readback_plan_outcome_lane_count=10",
"k8s_argocd_post_incident_readback_plan_blocked_action_count=41",
"k8s_argocd_post_incident_readback_plan_post_incident_readback_received_count=0",
"k8s_argocd_post_incident_readback_plan_post_incident_readback_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_argocd_app_health_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_argocd_sync_status_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_degraded_state_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_pending_workload_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_image_pull_or_scheduling_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_metrics_alert_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_cross_project_sync_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_no_false_green_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_argocd_api_read_authorized_count=0",
"k8s_argocd_post_incident_readback_plan_argocd_sync_authorized_count=0",
"k8s_argocd_post_incident_readback_plan_kubectl_action_authorized_count=0",
"k8s_argocd_post_incident_readback_plan_runtime_gate_count=0",
"k8s_argocd_post_incident_readback_plan_action_button_count=0",
"public_gateway_rendered_diff_acceptance_candidate_count=3",
"public_gateway_rendered_diff_acceptance_reviewer_check_count=15",
"public_gateway_rendered_diff_acceptance_runtime_gate_count=0",
"public_gateway_post_incident_readback_plan_candidate_count=3",
"public_gateway_post_incident_readback_plan_c0_candidate_count=2",
"public_gateway_post_incident_readback_plan_required_readback_field_count=30",
"public_gateway_post_incident_readback_plan_reviewer_check_count=28",
"public_gateway_post_incident_readback_plan_outcome_lane_count=10",
"public_gateway_post_incident_readback_plan_blocked_action_count=41",
"public_gateway_post_incident_readback_plan_post_incident_readback_received_count=0",
"public_gateway_post_incident_readback_plan_post_incident_readback_accepted_count=0",
"public_gateway_post_incident_readback_plan_nginx_test_authorized_count=0",
"public_gateway_post_incident_readback_plan_nginx_reload_authorized_count=0",
"public_gateway_post_incident_readback_plan_route_smoke_authorized_count=0",
"public_gateway_post_incident_readback_plan_runtime_gate_count=0",
"public_gateway_preflight_inventory_source_config_count=3",
"public_gateway_preflight_inventory_route_impact_count=14",
"public_gateway_preflight_inventory_preflight_gate_count=12",
"public_gateway_preflight_inventory_runtime_gate_count=0",
"host_service_config_inventory_surface_count=9",
"host_service_config_inventory_write_capable_surface_count=3",
"host_service_config_inventory_runtime_gate_count=0",
"host_service_owner_response_acceptance_candidate_count=9",
"host_service_owner_response_acceptance_write_capable_candidate_count=3",
"host_service_owner_response_acceptance_required_owner_field_count=18",
"host_service_owner_response_acceptance_reviewer_check_count=21",
"host_service_owner_response_acceptance_outcome_lane_count=8",
"host_service_owner_response_acceptance_blocked_action_count=27",
"host_service_owner_response_acceptance_runtime_gate_count=0",
"host_service_change_evidence_acceptance_candidate_count=9",
"host_service_change_evidence_acceptance_required_evidence_field_count=25",
"host_service_change_evidence_acceptance_reviewer_check_count=26",
"host_service_change_evidence_acceptance_outcome_lane_count=10",
"host_service_change_evidence_acceptance_blocked_action_count=39",
"host_service_change_evidence_acceptance_received_count=0",
"host_service_change_evidence_acceptance_accepted_count=0",
"host_service_change_evidence_acceptance_docker_daemon_state_accepted_count=0",
"host_service_change_evidence_acceptance_compose_stack_state_accepted_count=0",
"host_service_change_evidence_acceptance_systemd_unit_state_accepted_count=0",
"host_service_change_evidence_acceptance_failed_unit_review_accepted_count=0",
"host_service_change_evidence_acceptance_port_binding_state_accepted_count=0",
"host_service_change_evidence_acceptance_public_route_recovery_accepted_count=0",
"host_service_change_evidence_acceptance_operator_notification_accepted_count=0",
"host_service_change_evidence_acceptance_runtime_gate_count=0",
"host_service_post_incident_readback_plan_candidate_count=9",
"host_service_post_incident_readback_plan_write_capable_candidate_count=3",
"host_service_post_incident_readback_plan_live_evidence_required_candidate_count=8",
"host_service_post_incident_readback_plan_required_readback_field_count=28",
"host_service_post_incident_readback_plan_reviewer_check_count=28",
"host_service_post_incident_readback_plan_outcome_lane_count=10",
"host_service_post_incident_readback_plan_blocked_action_count=41",
"host_service_post_incident_readback_plan_post_incident_readback_received_count=0",
"host_service_post_incident_readback_plan_post_incident_readback_accepted_count=0",
"host_service_post_incident_readback_plan_docker_daemon_state_accepted_count=0",
"host_service_post_incident_readback_plan_compose_stack_state_accepted_count=0",
"host_service_post_incident_readback_plan_systemd_unit_state_accepted_count=0",
"host_service_post_incident_readback_plan_failed_unit_review_accepted_count=0",
"host_service_post_incident_readback_plan_port_binding_state_accepted_count=0",
"host_service_post_incident_readback_plan_public_route_recovery_accepted_count=0",
"host_service_post_incident_readback_plan_admin_route_recovery_accepted_count=0",
"host_service_post_incident_readback_plan_agent_provider_health_accepted_count=0",
"host_service_post_incident_readback_plan_monitoring_alert_accepted_count=0",
"host_service_post_incident_readback_plan_operator_notification_accepted_count=0",
"host_service_post_incident_readback_plan_cross_project_sync_accepted_count=0",
"host_service_post_incident_readback_plan_no_false_green_accepted_count=0",
"host_service_post_incident_readback_plan_runtime_gate_count=0",
"ssh_network_access_inventory_surface_count=16",
"ssh_network_access_inventory_write_capable_surface_count=6",
"ssh_network_access_inventory_runtime_gate_count=0",
"ssh_network_owner_response_acceptance_candidate_count=16",
"ssh_network_owner_response_acceptance_write_capable_candidate_count=6",
"ssh_network_owner_response_acceptance_reviewer_check_count=15",
"ssh_network_owner_response_acceptance_runtime_gate_count=0",
"ssh_network_owner_response_acceptance_firewall_owner_accepted_count=0",
"ssh_network_owner_response_acceptance_port_policy_accepted_count=0",
"ssh_network_owner_response_acceptance_wireguard_cutover_accepted_count=0",
"port_firewall_change_evidence_acceptance_candidate_count=14",
"port_firewall_change_evidence_acceptance_write_capable_candidate_count=6",
"port_firewall_change_evidence_acceptance_policy_or_exposure_candidate_count=5",
"port_firewall_change_evidence_acceptance_required_evidence_field_count=21",
"port_firewall_change_evidence_acceptance_reviewer_check_count=21",
"port_firewall_change_evidence_acceptance_outcome_lane_count=9",
"port_firewall_change_evidence_acceptance_blocked_action_count=28",
"port_firewall_change_evidence_acceptance_received_count=0",
"port_firewall_change_evidence_acceptance_accepted_count=0",
"port_firewall_change_evidence_acceptance_actor_identified_count=0",
"port_firewall_change_evidence_acceptance_cross_project_sync_accepted_count=0",
"port_firewall_change_evidence_acceptance_postcheck_evidence_accepted_count=0",
"port_firewall_change_evidence_acceptance_runtime_gate_count=0",
"ssh_network_post_incident_readback_plan_candidate_count=14",
"ssh_network_post_incident_readback_plan_write_capable_candidate_count=6",
"ssh_network_post_incident_readback_plan_policy_or_exposure_candidate_count=5",
"ssh_network_post_incident_readback_plan_required_readback_field_count=24",
"ssh_network_post_incident_readback_plan_reviewer_check_count=24",
"ssh_network_post_incident_readback_plan_outcome_lane_count=10",
"ssh_network_post_incident_readback_plan_blocked_action_count=34",
"ssh_network_post_incident_readback_plan_post_incident_readback_received_count=0",
"ssh_network_post_incident_readback_plan_post_incident_readback_accepted_count=0",
"ssh_network_post_incident_readback_plan_actor_attribution_accepted_count=0",
"ssh_network_post_incident_readback_plan_before_after_state_accepted_count=0",
"ssh_network_post_incident_readback_plan_public_route_impact_accepted_count=0",
"ssh_network_post_incident_readback_plan_ai_provider_impact_accepted_count=0",
"ssh_network_post_incident_readback_plan_monitoring_alert_impact_accepted_count=0",
"ssh_network_post_incident_readback_plan_cross_project_sync_accepted_count=0",
"ssh_network_post_incident_readback_plan_recurrence_guard_accepted_count=0",
"ssh_network_post_incident_readback_plan_no_false_green_accepted_count=0",
"ssh_network_post_incident_readback_plan_runtime_gate_count=0",
"backup_restore_escrow_inventory_surface_count=38",
"backup_restore_escrow_inventory_write_capable_surface_count=27",
"backup_restore_escrow_inventory_runtime_gate_count=0",
"backup_restore_escrow_inventory_restore_drill_accepted_count=0",
"backup_restore_escrow_inventory_offsite_sync_accepted_count=0",
"backup_restore_escrow_inventory_credential_escrow_accepted_count=0",
"backup_restore_escrow_inventory_retention_change_accepted_count=0",
"backup_restore_owner_response_acceptance_required_owner_field_count=23",
"backup_restore_owner_response_acceptance_reviewer_check_count=22",
"backup_restore_owner_response_acceptance_outcome_lane_count=9",
"backup_restore_owner_response_acceptance_blocked_action_count=31",
"backup_restore_owner_response_acceptance_freshness_slo_accepted_count=0",
"backup_restore_owner_response_acceptance_restore_target_isolation_accepted_count=0",
"backup_restore_owner_response_acceptance_remote_delete_guard_accepted_count=0",
"backup_restore_owner_response_acceptance_backup_health_no_false_green_accepted_count=0",
"backup_restore_post_incident_readback_plan_candidate_count=38",
"backup_restore_post_incident_readback_plan_write_capable_candidate_count=27",
"backup_restore_post_incident_readback_plan_live_evidence_required_candidate_count=38",
"backup_restore_post_incident_readback_plan_required_readback_field_count=34",
"backup_restore_post_incident_readback_plan_reviewer_check_count=32",
"backup_restore_post_incident_readback_plan_outcome_lane_count=11",
"backup_restore_post_incident_readback_plan_blocked_action_count=51",
"backup_restore_post_incident_readback_plan_post_incident_readback_received_count=0",
"backup_restore_post_incident_readback_plan_post_incident_readback_accepted_count=0",
"backup_restore_post_incident_readback_plan_backup_status_readback_accepted_count=0",
"backup_restore_post_incident_readback_plan_restore_drill_readback_accepted_count=0",
"backup_restore_post_incident_readback_plan_offsite_sync_readback_accepted_count=0",
"backup_restore_post_incident_readback_plan_credential_escrow_non_secret_readback_accepted_count=0",
"backup_restore_post_incident_readback_plan_retention_runway_readback_accepted_count=0",
"backup_restore_post_incident_readback_plan_backup_health_no_false_green_readback_accepted_count=0",
"backup_restore_post_incident_readback_plan_runtime_gate_count=0",
"backup_restore_credential_coverage_percent=66",
"monitoring_alerting_observability_inventory_surface_count=60",
"monitoring_alerting_observability_inventory_alert_rule_surface_count=13",
"monitoring_alerting_observability_inventory_deploy_or_reload_surface_count=6",
"monitoring_alerting_observability_inventory_write_capable_surface_count=11",
"monitoring_alerting_observability_inventory_runtime_gate_count=0",
"monitoring_alerting_observability_inventory_reload_owner_accepted_count=0",
"monitoring_alerting_observability_inventory_receiver_owner_accepted_count=0",
"monitoring_alerting_observability_inventory_route_smoke_accepted_count=0",
"monitoring_alerting_observability_coverage_percent=78",
"monitoring_owner_response_acceptance_reviewer_check_count=23",
"monitoring_owner_response_acceptance_outcome_lane_count=12",
"monitoring_owner_response_acceptance_blocked_action_count=34",
"monitoring_owner_response_acceptance_false_green_risk_review_accepted_count=0",
"monitoring_owner_response_acceptance_receiver_receipt_proof_accepted_count=0",
"monitoring_owner_response_acceptance_stale_alert_review_accepted_count=0",
"monitoring_owner_response_acceptance_silence_or_dedup_review_accepted_count=0",
"monitoring_owner_response_acceptance_post_reload_readback_plan_accepted_count=0",
"monitoring_owner_response_acceptance_runtime_gate_count=0",
"monitoring_post_incident_readback_plan_candidate_count=60",
"monitoring_post_incident_readback_plan_write_capable_candidate_count=11",
"monitoring_post_incident_readback_plan_live_evidence_required_candidate_count=60",
"monitoring_post_incident_readback_plan_alert_rule_candidate_count=13",
"monitoring_post_incident_readback_plan_deploy_or_reload_candidate_count=6",
"monitoring_post_incident_readback_plan_required_readback_field_count=30",
"monitoring_post_incident_readback_plan_reviewer_check_count=28",
"monitoring_post_incident_readback_plan_outcome_lane_count=11",
"monitoring_post_incident_readback_plan_blocked_action_count=53",
"monitoring_post_incident_readback_plan_post_incident_readback_received_count=0",
"monitoring_post_incident_readback_plan_post_incident_readback_accepted_count=0",
"monitoring_post_incident_readback_plan_receiver_receipt_readback_accepted_count=0",
"monitoring_post_incident_readback_plan_stale_pending_resolved_review_accepted_count=0",
"monitoring_post_incident_readback_plan_silence_mute_dedup_inhibit_review_accepted_count=0",
"monitoring_post_incident_readback_plan_alert_chain_health_readback_accepted_count=0",
"monitoring_post_incident_readback_plan_runtime_gate_count=0",
"docker_compose_action_authorized=false",
"systemctl_action_authorized=false",
"repair_bot_execution_authorized=false",
"ansible_apply_authorized=false",
"ssh_read_authorized=false",
"ssh_write_authorized=false",
"sudo_action_authorized=false",
"firewall_change_authorized=false",
"port_change_authorized=false",
"port_close_authorized=false",
"port_open_authorized=false",
"network_policy_apply_authorized=false",
"nodeport_change_authorized=false",
"wireguard_change_authorized=false",
"known_hosts_patch_authorized=false",
"host_keyscan_authorized=false",
"runtime_execution_authorized=false",
"host_write_authorized=false",
"host_live_conf_read_authorized=false",
"nginx_test_authorized=false",
"public_gateway_reload_authorized=false",
"public_route_change_authorized=false",
"admin_route_change_authorized=false",
"websocket_route_change_authorized=false",
"acme_challenge_change_authorized=false",
"route_smoke_authorized=false",
"rollback_executed=false",
"nginx_reload_authorized=false",
"dns_tls_change_authorized=false",
"certbot_renew_authorized=false",
"argocd_api_read_authorized=false",
"helm_upgrade_authorized=false",
"rbac_change_authorized=false",
"backup_run_authorized=false",
"restore_run_authorized=false",
"restore_drill_authorized=false",
"offsite_sync_authorized=false",
"offsite_remote_delete_authorized=false",
"credential_escrow_marker_write_authorized=false",
"retention_change_authorized=false",
"restic_prune_authorized=false",
"rclone_config_authorized=false",
"velero_restore_authorized=false",
"prometheus_reload_authorized=false",
"alertmanager_reload_authorized=false",
"grafana_dashboard_apply_authorized=false",
"signoz_rule_apply_authorized=false",
"sentry_deploy_authorized=false",
"langfuse_config_change_authorized=false",
"otel_collector_reload_authorized=false",
"receiver_route_change_authorized=false",
"silence_policy_change_authorized=false",
"telegram_send_authorized=false",
"notification_route_change_authorized=false",
"webhook_receiver_change_authorized=false",
"remote_write_change_authorized=false",
"exporter_deploy_authorized=false",
"live_alert_fire_authorized=false",
"alert_chain_smoke_authorized=false",
"workflow_modification_authorized=false",
"webhook_modification_authorized=false",
"runner_change_authorized=false",
"deploy_key_change_authorized=false",
"branch_protection_change_authorized=false",
"codeowners_change_authorized=false",
"repo_secret_change_authorized=false",
"secret_hash_collection_allowed=false",
"partial_token_collection_allowed=false",
"secret_rotation_authorized=false",
"secret_store_read_authorized=false",
"secret_injection_change_authorized=false",
"runtime_config_change_authorized=false",
"api_route_change_authorized=false",
"cors_change_authorized=false",
"frontend_env_change_authorized=false",
"middleware_auth_change_authorized=false",
"callback_url_change_authorized=false",
"webhook_secret_change_authorized=false",
"security_header_change_authorized=false",
"cookie_policy_change_authorized=false",
"csrf_disable_authorized=false",
"rate_limit_disable_authorized=false",
"api_contract_change_authorized=false",
"i18n_public_text_internal_identity_allowed=false",
"internal_ip_exposure_allowed=false",
"repo_namespace_exposure_allowed=false",
"owner_namespace_exposure_allowed=false",
"internal_status_code_exposure_allowed=false",
"internal_transcript_exposure_allowed=false",
"raw_payload_storage_allowed=false",
"desktop_mobile_smoke_authorized=false",
"database_migration_authorized=false",
"github_hosted_runner_enable_authorized=false",
"gitea_action_dispatch_authorized=false",
"cd_pipeline_run_authorized=false",
"deploy_marker_write_authorized=false",
"k8s_secret_injection_authorized=false",
"production_deploy_authorized=false",
"refs_sync_authorized=false",
"force_push_authorized=false",
"github_primary_switch_authorized=false",
"disable_gitea_authorized=false",
"active_scan_authorized=false",
"agent_bounty_runtime_authorized=false",
]:
assert_text_contains(
"iwooos_page.high_value_config_control_coverage_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.critical_config_priority_testid",
iwooos_projection_page,
'data-testid="iwooos-critical-config-priority-board"',
)
assert_text_contains(
"iwooos_page.critical_config_priority_nginx_percent",
iwooos_projection_page,
"{ key: 'nginxGateway', rank: 'P0-1', state: '92% / readback 0'",
)
assert_text_contains(
"iwooos_page.critical_config_priority_dns_percent",
iwooos_projection_page,
"{ key: 'dnsTls', rank: 'P0-2', state: '78% / probe 0'",
)
assert_text_contains(
"iwooos_page.critical_config_priority_k8s_percent",
iwooos_projection_page,
"{ key: 'k8sArgocd', rank: 'P0-3', state: '66% / readback 0'",
)
assert_text_contains(
"iwooos_page.critical_config_priority_workflow_secret_percent",
iwooos_projection_page,
"{ key: 'workflowSecret', rank: 'P0-4', state: '70% / 74%'",
)
assert_text_contains(
"iwooos_page.critical_config_priority_public_runtime_percent",
iwooos_projection_page,
"{ key: 'publicRuntime', rank: 'P0-5', state: '64% / route 0'",
)
for text in [
"critical_config_priority_frontstage_summary_count=4",
"critical_config_priority_item_count=6",
"critical_config_priority_p0_category_count=6",
"critical_config_priority_owner_response_received_count=0",
"critical_config_priority_owner_response_accepted_count=0",
"critical_config_priority_live_evidence_received_count=0",
"critical_config_priority_runtime_gate_count=0",
"critical_config_priority_action_button_count=0",
"nginx_public_gateway_owner_response_received=false",
"nginx_public_gateway_live_conf_evidence_received=false",
"nginx_public_gateway_rendered_diff_accepted=false",
"nginx_public_gateway_rendered_diff_acceptance_candidate_count=3",
"nginx_public_gateway_post_incident_readback_plan_candidate_count=3",
"nginx_public_gateway_post_incident_readback_plan_blocked_action_count=41",
"nginx_public_gateway_post_incident_readback_plan_runtime_gate_count=0",
"nginx_public_gateway_nginx_test_evidence_count=0",
"secret_metadata_coverage_percent=70",
"gitea_workflow_runner_source_control_coverage_percent=74",
"public_admin_api_runtime_config_coverage_percent=66",
"public_frontend_sensitive_surface_guard_file_count=226",
"public_frontend_sensitive_surface_guard_forbidden_pattern_count=12",
"public_frontend_sensitive_surface_guard_violation_count=0",
"public_runtime_config_change_evidence_acceptance_candidate_count=6",
"public_runtime_config_change_evidence_acceptance_c0_candidate_count=5",
"public_runtime_config_change_evidence_acceptance_write_capable_candidate_count=6",
"public_runtime_config_change_evidence_acceptance_required_evidence_field_count=21",
"public_runtime_config_change_evidence_acceptance_reviewer_check_count=21",
"public_runtime_config_change_evidence_acceptance_outcome_lane_count=8",
"public_runtime_config_change_evidence_acceptance_blocked_action_count=32",
"public_runtime_config_change_evidence_acceptance_received_count=0",
"public_runtime_config_change_evidence_acceptance_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_route_scope_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_admin_auth_boundary_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_api_contract_readback_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_cors_origin_diff_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_frontend_env_diff_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_i18n_redaction_review_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_desktop_mobile_smoke_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_sensitive_string_scan_accepted_count=0",
"public_runtime_config_change_evidence_acceptance_runtime_approval_package_ready_count=0",
"public_runtime_config_change_evidence_acceptance_runtime_gate_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_candidate_count=5",
"cd_runner_secret_injection_change_evidence_acceptance_c0_candidate_count=4",
"cd_runner_secret_injection_change_evidence_acceptance_write_capable_candidate_count=5",
"cd_runner_secret_injection_change_evidence_acceptance_required_evidence_field_count=19",
"cd_runner_secret_injection_change_evidence_acceptance_reviewer_check_count=19",
"cd_runner_secret_injection_change_evidence_acceptance_outcome_lane_count=8",
"cd_runner_secret_injection_change_evidence_acceptance_blocked_action_count=32",
"cd_runner_secret_injection_change_evidence_acceptance_received_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_workflow_diff_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runner_attestation_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_secret_name_parity_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_secret_injection_route_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runtime_approval_package_ready_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runtime_gate_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_candidate_count=5",
"cd_runner_secret_injection_post_incident_readback_plan_c0_candidate_count=4",
"cd_runner_secret_injection_post_incident_readback_plan_write_capable_candidate_count=5",
"cd_runner_secret_injection_post_incident_readback_plan_required_readback_field_count=33",
"cd_runner_secret_injection_post_incident_readback_plan_reviewer_check_count=30",
"cd_runner_secret_injection_post_incident_readback_plan_outcome_lane_count=11",
"cd_runner_secret_injection_post_incident_readback_plan_blocked_action_count=52",
"cd_runner_secret_injection_post_incident_readback_plan_received_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_workflow_diff_state_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_runner_attestation_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_secret_name_parity_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_secret_injection_route_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_runtime_gate_count=0",
"k8s_argocd_change_evidence_acceptance_candidate_count=4",
"k8s_argocd_change_evidence_acceptance_c0_candidate_count=3",
"k8s_argocd_change_evidence_acceptance_write_capable_candidate_count=4",
"k8s_argocd_change_evidence_acceptance_required_evidence_field_count=18",
"k8s_argocd_change_evidence_acceptance_reviewer_check_count=18",
"k8s_argocd_change_evidence_acceptance_outcome_lane_count=8",
"k8s_argocd_change_evidence_acceptance_blocked_action_count=28",
"k8s_argocd_change_evidence_acceptance_received_count=0",
"k8s_argocd_change_evidence_acceptance_accepted_count=0",
"k8s_argocd_change_evidence_acceptance_runtime_approval_package_ready_count=0",
"k8s_argocd_change_evidence_acceptance_runtime_gate_count=0",
"k8s_argocd_post_incident_readback_plan_candidate_count=4",
"k8s_argocd_post_incident_readback_plan_c0_candidate_count=3",
"k8s_argocd_post_incident_readback_plan_write_capable_candidate_count=4",
"k8s_argocd_post_incident_readback_plan_required_readback_field_count=31",
"k8s_argocd_post_incident_readback_plan_reviewer_check_count=28",
"k8s_argocd_post_incident_readback_plan_outcome_lane_count=10",
"k8s_argocd_post_incident_readback_plan_blocked_action_count=41",
"k8s_argocd_post_incident_readback_plan_post_incident_readback_received_count=0",
"k8s_argocd_post_incident_readback_plan_post_incident_readback_accepted_count=0",
"k8s_argocd_post_incident_readback_plan_runtime_gate_count=0",
"argocd_api_read_authorized=false",
"argocd_sync_authorized=false",
"kubectl_action_authorized=false",
"helm_upgrade_authorized=false",
"network_policy_apply_authorized=false",
"nodeport_change_authorized=false",
"rbac_change_authorized=false",
"runner_change_authorized=false",
"repo_secret_change_authorized=false",
"secret_injection_change_authorized=false",
"runtime_config_change_authorized=false",
"api_route_change_authorized=false",
"cors_change_authorized=false",
"frontend_env_change_authorized=false",
"middleware_auth_change_authorized=false",
"callback_url_change_authorized=false",
"webhook_secret_change_authorized=false",
"security_header_change_authorized=false",
"cookie_policy_change_authorized=false",
"csrf_disable_authorized=false",
"rate_limit_disable_authorized=false",
"api_contract_change_authorized=false",
"i18n_public_text_internal_identity_allowed=false",
"internal_ip_exposure_allowed=false",
"repo_namespace_exposure_allowed=false",
"owner_namespace_exposure_allowed=false",
"internal_status_code_exposure_allowed=false",
"internal_transcript_exposure_allowed=false",
"raw_payload_storage_allowed=false",
"gitea_action_dispatch_authorized=false",
"cd_pipeline_run_authorized=false",
"production_deploy_authorized=false",
"force_push_authorized=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.critical_config_priority_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.criticalConfigPriority",
list(web_messages_zh["iwooos"].keys()),
"criticalConfigPriority",
)
assert_contains(
"web_messages.en.iwooos.criticalConfigPriority",
list(web_messages_en["iwooos"].keys()),
"criticalConfigPriority",
)
assert_text_contains(
"web_messages.zh-TW.iwooos.criticalConfigPriority.items.k8sArgocd.body",
web_messages_zh["iwooos"]["criticalConfigPriority"]["items"]["k8sArgocd"]["body"],
"GitOps 變更證據驗收",
)
assert_text_contains(
"web_messages.en.iwooos.criticalConfigPriority.items.k8sArgocd.body",
web_messages_en["iwooos"]["criticalConfigPriority"]["items"]["k8sArgocd"]["body"],
"GitOps 變更證據驗收",
)
for locale, messages in [
("zh-TW", web_messages_zh),
("en", web_messages_en),
]:
public_runtime_body = messages["iwooos"]["criticalConfigPriority"]["items"]["publicRuntime"]["body"]
assert_text_contains(
f"web_messages.{locale}.iwooos.criticalConfigPriority.items.publicRuntime.body.acceptance",
public_runtime_body,
"變更證據驗收",
)
assert_text_contains(
f"web_messages.{locale}.iwooos.criticalConfigPriority.items.publicRuntime.body.redaction",
public_runtime_body,
"不得暴露原始命名空間",
)
assert_contains(
"web_messages.zh-TW.iwooos.highValueConfigControlCoverage",
list(web_messages_zh["iwooos"].keys()),
"highValueConfigControlCoverage",
)
assert_contains(
"web_messages.en.iwooos.highValueConfigControlCoverage",
list(web_messages_en["iwooos"].keys()),
"highValueConfigControlCoverage",
)
assert_text_contains(
"iwooos_page.public_gateway_preflight_testid",
iwooos_projection_page,
'data-testid="iwooos-public-gateway-preflight-board"',
)
assert_text_contains(
"iwooos_page.public_gateway_preflight_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-public-gateway-preflight-boundaries"',
)
assert_text_contains(
"iwooos_page.public_gateway_preflight_component",
iwooos_projection_page,
"IwoooSPublicGatewayPreflightBoard",
)
assert_text_before(
"iwooos_page.public_gateway_preflight_before_owner_packet",
iwooos_projection_page,
"<IwoooSPublicGatewayPreflightBoard />",
"<IwoooSHighValueConfigOwnerPacketBoard />",
)
for text in [
"public_gateway_preflight_frontstage_summary_count=4",
"public_gateway_preflight_frontstage_item_count=6",
"public_gateway_preflight_source_config_count=3",
"public_gateway_preflight_c0_source_config_count=2",
"public_gateway_preflight_managed_domain_count=14",
"public_gateway_preflight_route_impact_count=14",
"public_gateway_preflight_unique_upstream_count=14",
"public_gateway_preflight_tls_certificate_path_count=10",
"public_gateway_preflight_certificate_owner_confirmation_required_count=4",
"public_gateway_preflight_admin_route_domain_count=1",
"public_gateway_preflight_websocket_route_domain_count=6",
"public_gateway_preflight_acme_challenge_domain_count=7",
"public_gateway_preflight_gate_count=12",
"public_gateway_preflight_repo_only_ready_count=2",
"public_gateway_preflight_owner_acceptance_required_gate_count=10",
"public_gateway_preflight_gate_accepted_count=0",
"public_gateway_preflight_owner_response_received_count=0",
"public_gateway_preflight_owner_response_accepted_count=0",
"public_gateway_preflight_owner_provided_live_conf_received_count=0",
"public_gateway_preflight_rendered_diff_ready_count=0",
"public_gateway_preflight_nginx_test_evidence_count=0",
"public_gateway_preflight_route_smoke_evidence_count=0",
"public_gateway_preflight_maintenance_window_accepted_count=0",
"public_gateway_preflight_rollback_owner_accepted_count=0",
"public_gateway_preflight_runtime_gate_count=0",
"public_gateway_preflight_action_button_count=0",
"public_gateway_preflight_coverage_percent_before_preflight=78",
"public_gateway_preflight_coverage_percent_after_preflight=84",
"host_live_conf_read_authorized=false",
"nginx_test_authorized=false",
"nginx_reload_authorized=false",
"public_gateway_reload_authorized=false",
"public_route_change_authorized=false",
"admin_route_change_authorized=false",
"websocket_route_change_authorized=false",
"acme_challenge_change_authorized=false",
"route_smoke_authorized=false",
"rollback_executed=false",
"secret_value_collection_allowed=false",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.public_gateway_preflight_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.publicGatewayPreflight",
list(web_messages_zh["iwooos"].keys()),
"publicGatewayPreflight",
)
assert_contains(
"web_messages.en.iwooos.publicGatewayPreflight",
list(web_messages_en["iwooos"].keys()),
"publicGatewayPreflight",
)
for key in [
"eyebrow",
"title",
"subtitle",
"stateLabel",
"boundaryTitle",
"boundaryIntro",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.publicGatewayPreflight.keys",
list(web_messages_zh["iwooos"]["publicGatewayPreflight"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.publicGatewayPreflight.keys",
list(web_messages_en["iwooos"]["publicGatewayPreflight"].keys()),
key,
)
for key in ["sourceConfigs", "routeImpacts", "preflightGates", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.publicGatewayPreflight.summary",
list(web_messages_zh["iwooos"]["publicGatewayPreflight"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.publicGatewayPreflight.summary",
list(web_messages_en["iwooos"]["publicGatewayPreflight"]["summary"].keys()),
key,
)
for key in ["sourceHash", "affectedRoutes", "ownerLiveDiff", "nginxTest", "routeSmoke", "reloadBoundary"]:
assert_contains(
"web_messages.zh-TW.iwooos.publicGatewayPreflight.items",
list(web_messages_zh["iwooos"]["publicGatewayPreflight"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.publicGatewayPreflight.items",
list(web_messages_en["iwooos"]["publicGatewayPreflight"]["items"].keys()),
key,
)
for key in ["categories", "c0", "coverage", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.highValueConfigControlCoverage.summary",
list(web_messages_zh["iwooos"]["highValueConfigControlCoverage"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.highValueConfigControlCoverage.summary",
list(web_messages_en["iwooos"]["highValueConfigControlCoverage"]["summary"].keys()),
key,
)
for key in ["dockerSystemd", "sshNetwork", "aiProvider", "k8sGitops"]:
assert_contains(
"web_messages.zh-TW.iwooos.highValueConfigControlCoverage.items",
list(web_messages_zh["iwooos"]["highValueConfigControlCoverage"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.highValueConfigControlCoverage.items",
list(web_messages_en["iwooos"]["highValueConfigControlCoverage"]["items"].keys()),
key,
)
assert_text_contains(
"web_messages.zh-TW.iwooos.highValueConfigControlCoverage.items.aiProvider.body",
web_messages_zh["iwooos"]["highValueConfigControlCoverage"]["items"]["aiProvider"]["body"],
"8 個候選、24 個審查檢查項、10 條結果分流、38 類禁止動作",
)
assert_text_contains(
"web_messages.en.iwooos.highValueConfigControlCoverage.items.aiProvider.body",
web_messages_en["iwooos"]["highValueConfigControlCoverage"]["items"]["aiProvider"]["body"],
"8 個候選、24 個審查檢查項、10 條結果分流、38 類禁止動作",
)
assert_text_contains(
"web_messages.zh-TW.iwooos.highValueConfigControlCoverage.items.sshNetwork.body",
web_messages_zh["iwooos"]["highValueConfigControlCoverage"]["items"]["sshNetwork"]["body"],
"目前成熟度 70%",
)
assert_text_contains(
"web_messages.en.iwooos.highValueConfigControlCoverage.items.sshNetwork.body",
web_messages_en["iwooos"]["highValueConfigControlCoverage"]["items"]["sshNetwork"]["body"],
"目前成熟度 70%",
)
assert_text_contains(
"web_messages.zh-TW.iwooos.highValueConfigControlCoverage.items.backupRestore.body",
web_messages_zh["iwooos"]["highValueConfigControlCoverage"]["items"]["backupRestore"]["body"],
"restore recovery、freshness SLO、隔離還原目標",
)
assert_text_contains(
"web_messages.en.iwooos.highValueConfigControlCoverage.items.backupRestore.body",
web_messages_en["iwooos"]["highValueConfigControlCoverage"]["items"]["backupRestore"]["body"],
"restore recovery、freshness SLO、隔離還原目標",
)
assert_text_contains(
"iwooos_page.high_value_config_owner_packet_testid",
iwooos_projection_page,
'data-testid="iwooos-high-value-config-owner-packet-board"',
)
assert_text_contains(
"iwooos_page.high_value_config_owner_packet_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-high-value-config-owner-packet-boundaries"',
)
assert_text_contains(
"iwooos_page.high_value_config_owner_packet_component",
iwooos_projection_page,
"IwoooSHighValueConfigOwnerPacketBoard",
)
for text in [
"high_value_config_owner_packet_frontstage_summary_count=4",
"high_value_config_owner_packet_frontstage_item_count=6",
"high_value_config_owner_packet_count=3",
"high_value_config_owner_packet_c0_packet_count=2",
"high_value_config_owner_packet_c1_packet_count=0",
"high_value_config_owner_packet_request_sent_count=0",
"high_value_config_owner_packet_received_response_count=0",
"high_value_config_owner_packet_accepted_response_count=0",
"high_value_config_owner_packet_runtime_gate_count=0",
"high_value_config_owner_packet_action_buttons_allowed=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"nginx_reload_authorized=false",
"workflow_modification_authorized=false",
"agent_bounty_runtime_authorized=false",
]:
assert_text_contains(
"iwooos_page.high_value_config_owner_packet_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.highValueConfigOwnerPacket",
list(web_messages_zh["iwooos"].keys()),
"highValueConfigOwnerPacket",
)
assert_contains(
"web_messages.en.iwooos.highValueConfigOwnerPacket",
list(web_messages_en["iwooos"].keys()),
"highValueConfigOwnerPacket",
)
for key in [
"eyebrow",
"title",
"subtitle",
"gateLabel",
"stateLabel",
"boundaryTitle",
"boundaryIntro",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.highValueConfigOwnerPacket.keys",
list(web_messages_zh["iwooos"]["highValueConfigOwnerPacket"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.highValueConfigOwnerPacket.keys",
list(web_messages_en["iwooos"]["highValueConfigOwnerPacket"].keys()),
key,
)
for key in ["packetCount", "c0Packets", "responses", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.highValueConfigOwnerPacket.summary",
list(web_messages_zh["iwooos"]["highValueConfigOwnerPacket"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.highValueConfigOwnerPacket.summary",
list(web_messages_en["iwooos"]["highValueConfigOwnerPacket"]["summary"].keys()),
key,
)
for key in ["packetDraft", "currentTier", "canonicalFields", "requestState", "responseState", "runtimeBoundary"]:
assert_contains(
"web_messages.zh-TW.iwooos.highValueConfigOwnerPacket.items",
list(web_messages_zh["iwooos"]["highValueConfigOwnerPacket"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.highValueConfigOwnerPacket.items",
list(web_messages_en["iwooos"]["highValueConfigOwnerPacket"]["items"].keys()),
key,
)
domain_tls_summary = domain_tls_inventory["summary"]
assert_equal("domain_tls_inventory.schema", domain_tls_inventory["schema_version"], "domain_tls_certbot_inventory_v1")
assert_equal("domain_tls_inventory.summary.source_config_count", domain_tls_summary["source_config_count"], 3)
assert_equal("domain_tls_inventory.summary.managed_domain_count", domain_tls_summary["managed_domain_count"], 14)
assert_equal(
"domain_tls_inventory.summary.unique_certificate_path_count",
domain_tls_summary["unique_certificate_path_count"],
10,
)
assert_equal(
"domain_tls_inventory.summary.acme_challenge_domain_count",
domain_tls_summary["acme_challenge_domain_count"],
7,
)
assert_equal(
"domain_tls_inventory.summary.certificate_owner_confirmation_required_count",
domain_tls_summary["certificate_owner_confirmation_required_count"],
4,
)
assert_equal("domain_tls_inventory.summary.runtime_gate_count", domain_tls_summary["runtime_gate_count"], 0)
assert_false("domain_tls_inventory.summary.live_tls_probe_executed", domain_tls_summary["live_tls_probe_executed"])
assert_false("domain_tls_inventory.summary.dns_change_executed", domain_tls_summary["dns_change_executed"])
assert_false("domain_tls_inventory.summary.certbot_renew_executed", domain_tls_summary["certbot_renew_executed"])
assert_false("domain_tls_inventory.summary.nginx_reload_executed", domain_tls_summary["nginx_reload_executed"])
assert_false("domain_tls_inventory.summary.action_buttons_allowed", domain_tls_summary["action_buttons_allowed"])
domain_tls_owner_confirmation_summary = domain_tls_owner_confirmation_request["summary"]
assert_equal(
"domain_tls_owner_confirmation_request.schema",
domain_tls_owner_confirmation_request["schema_version"],
"domain_tls_certbot_owner_confirmation_request_v1",
)
assert_equal(
"domain_tls_owner_confirmation_request.source_inventory_schema_version",
domain_tls_owner_confirmation_request["source_inventory_schema_version"],
"domain_tls_certbot_inventory_v1",
)
assert_equal(
"domain_tls_owner_confirmation_request.status",
domain_tls_owner_confirmation_request["status"],
"owner_confirmation_request_ready_not_dispatched",
)
expected_domain_tls_owner_confirmation_summary = {
"owner_confirmation_request_count": 4,
"c0_owner_confirmation_request_count": 4,
"c1_owner_confirmation_request_count": 0,
"required_owner_field_count": 9,
"request_field_count": 16,
"confirmation_question_count": 5,
"rejection_guard_count": 12,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"quarantined_payload_count": 0,
"dns_query_authorized_count": 0,
"dns_query_executed_count": 0,
"live_tls_probe_authorized_count": 0,
"live_tls_probe_executed_count": 0,
"certbot_renew_authorized_count": 0,
"certbot_renew_executed_count": 0,
"nginx_reload_authorized_count": 0,
"nginx_reload_executed_count": 0,
"host_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_domain_tls_owner_confirmation_summary.items():
assert_equal(
f"domain_tls_owner_confirmation_request.summary.{key}",
domain_tls_owner_confirmation_summary[key],
expected,
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"dns_query_authorized",
"dns_query_executed",
"live_tls_probe_authorized",
"live_tls_probe_executed",
"certbot_renew_authorized",
"certbot_renew_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"host_write_authorized",
"host_write_executed",
"runtime_execution_authorized",
"action_buttons_allowed",
"secret_value_collection_allowed",
"production_write_authorized",
]:
assert_false(
f"domain_tls_owner_confirmation_request.execution_boundaries.{false_key}",
domain_tls_owner_confirmation_request["execution_boundaries"][false_key],
)
assert_true(
"domain_tls_owner_confirmation_request.execution_boundaries.not_authorization",
domain_tls_owner_confirmation_request["execution_boundaries"]["not_authorization"],
)
expected_domain_tls_owner_confirmation_ids = [
"domain_tls_certbot_owner_confirmation:gitea.wooo.work",
"domain_tls_certbot_owner_confirmation:langfuse.wooo.work",
"domain_tls_certbot_owner_confirmation:signoz.wooo.work",
"domain_tls_certbot_owner_confirmation:tsenyang.com",
]
assert_equal(
"domain_tls_owner_confirmation_request.request_ids",
[item["request_id"] for item in domain_tls_owner_confirmation_request["owner_confirmation_requests"]],
expected_domain_tls_owner_confirmation_ids,
)
expected_domain_tls_confirmation_question_ids = [
"certificate_coverage_basis",
"certificate_expiry_metadata_ref",
"renewal_owner_and_method",
"acme_challenge_route_owner",
"postcheck_and_rollback_owner",
]
assert_equal(
"domain_tls_owner_confirmation_request.confirmation_question_ids",
[item["question_id"] for item in domain_tls_owner_confirmation_request["confirmation_questions"]],
expected_domain_tls_confirmation_question_ids,
)
expected_domain_tls_rejection_guards = [
"tls_private_key_or_raw_cert_payload",
"certbot_account_key_or_credentials",
"dns_provider_or_registrar_credential",
"token_secret_cookie_session",
"authorization_header_or_basic_auth",
"unredacted_certbot_log_or_env_dump",
"shell_history_or_private_key_path_dump",
"dns_query_or_tls_probe_request",
"certbot_renew_execution_request",
"nginx_reload_or_route_change_request",
"ssh_host_write_or_runtime_request",
"production_write_or_action_button_request",
]
assert_equal(
"domain_tls_owner_confirmation_request.rejection_guards",
domain_tls_owner_confirmation_request["rejection_guards"],
expected_domain_tls_rejection_guards,
)
for request in domain_tls_owner_confirmation_request["owner_confirmation_requests"]:
assert_equal(
f"domain_tls_owner_confirmation_request.{request['request_id']}.request_field_count",
len(request["request_fields"]),
16,
)
assert_equal(
f"domain_tls_owner_confirmation_request.{request['request_id']}.required_owner_field_count",
len(request["required_owner_fields"]),
9,
)
assert_equal(
f"domain_tls_owner_confirmation_request.{request['request_id']}.confirmation_question_count",
len(request["confirmation_questions"]),
5,
)
assert_true(
f"domain_tls_owner_confirmation_request.{request['request_id']}.not_approval",
request["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"quarantine_written",
"dns_query_authorized",
"dns_query_executed",
"live_tls_probe_authorized",
"live_tls_probe_executed",
"certbot_renew_authorized",
"certbot_renew_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"host_write_authorized",
"runtime_gate",
"action_buttons_allowed",
"secret_value_collection_allowed",
"production_write_authorized",
]:
assert_false(
f"domain_tls_owner_confirmation_request.{request['request_id']}.{false_key}",
request[false_key],
)
domain_tls_owner_response_acceptance_summary = domain_tls_owner_response_acceptance["summary"]
assert_equal(
"domain_tls_owner_response_acceptance.schema",
domain_tls_owner_response_acceptance["schema_version"],
"domain_tls_certbot_owner_response_acceptance_v1",
)
assert_equal(
"domain_tls_owner_response_acceptance.source_owner_confirmation_request_schema_version",
domain_tls_owner_response_acceptance["source_owner_confirmation_request_schema_version"],
"domain_tls_certbot_owner_confirmation_request_v1",
)
assert_equal(
"domain_tls_owner_response_acceptance.status",
domain_tls_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
expected_domain_tls_owner_response_acceptance_summary = {
"source_owner_confirmation_request_count": 4,
"acceptance_candidate_count": 4,
"c0_acceptance_candidate_count": 4,
"acceptance_field_count": 23,
"required_owner_response_field_count": 13,
"reviewer_check_count": 13,
"outcome_lane_count": 7,
"blocked_action_count": 20,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"certificate_coverage_confirmed_count": 0,
"certificate_expiry_metadata_accepted_count": 0,
"renewal_owner_accepted_count": 0,
"acme_route_owner_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"dns_query_authorized_count": 0,
"dns_query_executed_count": 0,
"live_tls_probe_authorized_count": 0,
"live_tls_probe_executed_count": 0,
"certbot_renew_authorized_count": 0,
"certbot_renew_executed_count": 0,
"nginx_reload_authorized_count": 0,
"nginx_reload_executed_count": 0,
"route_smoke_authorized_count": 0,
"route_smoke_executed_count": 0,
"host_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_domain_tls_owner_response_acceptance_summary.items():
assert_equal(
f"domain_tls_owner_response_acceptance.summary.{key}",
domain_tls_owner_response_acceptance_summary[key],
expected,
)
for false_key in [
"request_dispatch_authorized",
"owner_response_accepted",
"raw_certificate_storage_allowed",
"tls_private_key_read_authorized",
"secret_value_collection_allowed",
"dns_query_authorized",
"dns_query_executed",
"live_tls_probe_authorized",
"live_tls_probe_executed",
"certbot_renew_authorized",
"certbot_renew_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"route_smoke_authorized",
"route_smoke_executed",
"host_write_authorized",
"production_write_authorized",
"runtime_execution_authorized",
"action_buttons_allowed",
]:
assert_false(
f"domain_tls_owner_response_acceptance.execution_boundaries.{false_key}",
domain_tls_owner_response_acceptance["execution_boundaries"][false_key],
)
assert_true(
"domain_tls_owner_response_acceptance.execution_boundaries.not_authorization",
domain_tls_owner_response_acceptance["execution_boundaries"]["not_authorization"],
)
expected_domain_tls_owner_response_acceptance_ids = [
"domain_tls_certbot_owner_response_acceptance:gitea.wooo.work",
"domain_tls_certbot_owner_response_acceptance:langfuse.wooo.work",
"domain_tls_certbot_owner_response_acceptance:signoz.wooo.work",
"domain_tls_certbot_owner_response_acceptance:tsenyang.com",
]
assert_equal(
"domain_tls_owner_response_acceptance.candidate_ids",
[item["acceptance_candidate_id"] for item in domain_tls_owner_response_acceptance["acceptance_candidates"]],
expected_domain_tls_owner_response_acceptance_ids,
)
expected_domain_tls_owner_response_acceptance_checks = [
"owner_identity_present",
"decision_and_reason_present",
"redacted_refs_only",
"raw_certificate_absent",
"secret_value_absent",
"coverage_basis_ref_present",
"expiry_metadata_ref_not_probe",
"renewal_owner_separate_from_action",
"acme_route_owner_present",
"maintenance_window_present",
"rollback_owner_present",
"validation_plan_present",
"counts_transition_safe",
]
assert_equal(
"domain_tls_owner_response_acceptance.reviewer_checks",
[item["check_id"] for item in domain_tls_owner_response_acceptance["reviewer_checks"]],
expected_domain_tls_owner_response_acceptance_checks,
)
expected_domain_tls_owner_response_acceptance_lanes = [
"waiting_owner_response",
"quarantine_raw_certificate_or_secret",
"reject_execution_request",
"request_supplement",
"ready_for_certificate_coverage_review",
"owner_review_only_update",
"waiting_runtime_gate",
]
assert_equal(
"domain_tls_owner_response_acceptance.outcome_lanes",
[item["lane_id"] for item in domain_tls_owner_response_acceptance["outcome_lanes"]],
expected_domain_tls_owner_response_acceptance_lanes,
)
expected_domain_tls_owner_response_acceptance_blocked_actions = [
"perform_dns_query",
"perform_live_tls_probe",
"run_certbot_renew",
"run_nginx_reload",
"run_route_smoke",
"read_tls_private_key",
"store_raw_certificate_payload",
"store_dns_provider_credential",
"store_certbot_account_key",
"collect_secret_value",
"accept_unredacted_certbot_log",
"accept_shell_history_or_env_dump",
"mark_owner_response_accepted_without_reviewer_record",
"mark_certificate_coverage_confirmed_without_ref",
"modify_dns_record",
"modify_tls_certificate_path",
"modify_acme_challenge_route",
"write_production_host",
"open_runtime_gate",
"add_action_button",
]
assert_equal(
"domain_tls_owner_response_acceptance.blocked_actions",
domain_tls_owner_response_acceptance["blocked_actions"],
expected_domain_tls_owner_response_acceptance_blocked_actions,
)
for candidate in domain_tls_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"domain_tls_owner_response_acceptance.{candidate['acceptance_candidate_id']}.acceptance_field_count",
len(candidate["acceptance_fields"]),
23,
)
assert_equal(
f"domain_tls_owner_response_acceptance.{candidate['acceptance_candidate_id']}.required_owner_response_field_count",
len(candidate["required_owner_response_fields"]),
13,
)
assert_equal(
f"domain_tls_owner_response_acceptance.{candidate['acceptance_candidate_id']}.reviewer_check_count",
len(candidate["reviewer_checks"]),
13,
)
assert_equal(
f"domain_tls_owner_response_acceptance.{candidate['acceptance_candidate_id']}.outcome_lane_count",
len(candidate["outcome_lanes"]),
7,
)
assert_true(
f"domain_tls_owner_response_acceptance.{candidate['acceptance_candidate_id']}.not_approval",
candidate["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"certificate_coverage_confirmed",
"certificate_expiry_metadata_accepted",
"renewal_owner_accepted",
"acme_route_owner_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"dns_query_authorized",
"dns_query_executed",
"live_tls_probe_authorized",
"live_tls_probe_executed",
"certbot_renew_authorized",
"certbot_renew_executed",
"nginx_reload_authorized",
"nginx_reload_executed",
"route_smoke_authorized",
"route_smoke_executed",
"host_write_authorized",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
"secret_value_collection_allowed",
]:
assert_false(
f"domain_tls_owner_response_acceptance.{candidate['acceptance_candidate_id']}.{false_key}",
candidate[false_key],
)
k8s_argocd_summary = k8s_argocd_manifest_inventory["summary"]
assert_equal(
"k8s_argocd_manifest_inventory.schema",
k8s_argocd_manifest_inventory["schema_version"],
"k8s_argocd_manifest_inventory_v1",
)
assert_equal(
"k8s_argocd_manifest_inventory.status",
k8s_argocd_manifest_inventory["status"],
"repo_only_inventory_ready_no_live_cluster_read",
)
expected_k8s_argocd_summary = {
"scan_group_count": 4,
"file_count": 49,
"c0_file_count": 36,
"c1_file_count": 13,
"yaml_manifest_file_count": 45,
"supporting_source_file_count": 4,
"unique_kind_count": 20,
"top_level_kind_marker_count": 56,
"deployment_object_count": 5,
"cronjob_object_count": 5,
"secret_object_count": 6,
"network_policy_object_count": 6,
"rbac_object_count": 5,
"autoscaling_object_count": 6,
"argocd_application_count": 1,
"prometheus_rule_count": 4,
"required_owner_field_count": 11,
"evidence_gap_count": 8,
"blocked_action_count": 13,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"rendered_manifest_diff_ready_count": 0,
"argocd_health_readback_received_count": 0,
"argocd_sync_authorized_count": 0,
"argocd_sync_executed_count": 0,
"kubectl_action_authorized_count": 0,
"kubectl_action_executed_count": 0,
"live_cluster_read_authorized_count": 0,
"live_cluster_read_executed_count": 0,
"secret_value_collection_allowed_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_k8s_argocd_summary.items():
assert_equal(
f"k8s_argocd_manifest_inventory.summary.{key}",
k8s_argocd_summary[key],
expected,
)
for false_key in [
"live_cluster_read_authorized",
"live_cluster_read_executed",
"argocd_api_read_authorized",
"argocd_sync_authorized",
"argocd_sync_executed",
"kubectl_action_authorized",
"kubectl_action_executed",
"manifest_apply_authorized",
"manifest_apply_executed",
"secret_value_collection_allowed",
"production_write_authorized",
"runtime_execution_authorized",
"action_buttons_allowed",
]:
assert_false(
f"k8s_argocd_manifest_inventory.execution_boundaries.{false_key}",
k8s_argocd_manifest_inventory["execution_boundaries"][false_key],
)
assert_true(
"k8s_argocd_manifest_inventory.execution_boundaries.not_authorization",
k8s_argocd_manifest_inventory["execution_boundaries"]["not_authorization"],
)
expected_k8s_group_ids = ["awoooi_prod", "argocd", "velero", "monitoring"]
assert_equal(
"k8s_argocd_manifest_inventory.group_ids",
[item["group_id"] for item in k8s_argocd_manifest_inventory["group_summaries"]],
expected_k8s_group_ids,
)
expected_k8s_blocked_actions = [
"argocd_sync",
"kubectl_apply",
"kubectl_patch",
"kubectl_delete",
"helm_upgrade",
"secret_value_collection",
"live_cluster_write",
"manual_pod_restart",
"scale_workload",
"change_network_policy",
"change_rbac",
"restore_backup",
"open_runtime_gate",
]
assert_equal(
"k8s_argocd_manifest_inventory.blocked_actions",
k8s_argocd_manifest_inventory["blocked_actions"],
expected_k8s_blocked_actions,
)
expected_k8s_kind_counts = {
"Application": 1,
"BackupStorageLocation": 1,
"ClusterRole": 1,
"ClusterRoleBinding": 2,
"ConfigMap": 3,
"CronJob": 5,
"Deployment": 5,
"HorizontalPodAutoscaler": 3,
"Kustomization": 1,
"LimitRange": 1,
"List": 1,
"Namespace": 2,
"NetworkPolicy": 6,
"PodDisruptionBudget": 3,
"PrometheusRule": 4,
"ResourceQuota": 1,
"Secret": 6,
"Service": 5,
"ServiceAccount": 2,
"VerticalPodAutoscaler": 3,
}
assert_equal(
"k8s_argocd_manifest_inventory.kind_counts",
k8s_argocd_manifest_inventory["kind_counts"],
expected_k8s_kind_counts,
)
for row in k8s_argocd_manifest_inventory["manifest_rows"]:
for false_key in [
"owner_response_received",
"owner_response_accepted",
"rendered_manifest_diff_ready",
"argocd_health_readback_received",
"argocd_sync_authorized",
"argocd_sync_executed",
"kubectl_action_authorized",
"kubectl_action_executed",
"secret_value_collection_allowed",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"k8s_argocd_manifest_inventory.manifest_rows.{row['path']}.{false_key}",
row[false_key],
)
k8s_argocd_owner_request_summary = k8s_argocd_owner_request_draft["summary"]
assert_equal(
"k8s_argocd_owner_request_draft.schema",
k8s_argocd_owner_request_draft["schema_version"],
"k8s_argocd_owner_request_draft_v1",
)
assert_equal(
"k8s_argocd_owner_request_draft.source_inventory_schema_version",
k8s_argocd_owner_request_draft["source_inventory_schema_version"],
"k8s_argocd_manifest_inventory_v1",
)
assert_equal(
"k8s_argocd_owner_request_draft.status",
k8s_argocd_owner_request_draft["status"],
"owner_request_draft_ready_not_dispatched",
)
expected_k8s_argocd_owner_request_summary = {
"request_draft_count": 4,
"c0_request_draft_count": 3,
"c1_request_draft_count": 1,
"request_field_count": 20,
"required_owner_field_count": 11,
"evidence_gap_count": 8,
"blocked_action_count": 13,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"rendered_manifest_diff_ready_count": 0,
"argocd_health_readback_received_count": 0,
"argocd_sync_authorized_count": 0,
"argocd_sync_executed_count": 0,
"kubectl_action_authorized_count": 0,
"kubectl_action_executed_count": 0,
"live_cluster_read_authorized_count": 0,
"live_cluster_read_executed_count": 0,
"secret_value_collection_allowed_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_k8s_argocd_owner_request_summary.items():
assert_equal(
f"k8s_argocd_owner_request_draft.summary.{key}",
k8s_argocd_owner_request_summary[key],
expected,
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"rendered_manifest_diff_ready",
"argocd_api_read_authorized",
"argocd_sync_authorized",
"argocd_sync_executed",
"kubectl_action_authorized",
"kubectl_action_executed",
"live_cluster_read_authorized",
"live_cluster_read_executed",
"secret_value_collection_allowed",
"production_write_authorized",
"runtime_execution_authorized",
"action_buttons_allowed",
]:
assert_false(
f"k8s_argocd_owner_request_draft.execution_boundaries.{false_key}",
k8s_argocd_owner_request_draft["execution_boundaries"][false_key],
)
assert_true(
"k8s_argocd_owner_request_draft.execution_boundaries.not_authorization",
k8s_argocd_owner_request_draft["execution_boundaries"]["not_authorization"],
)
expected_k8s_argocd_request_ids = [
"k8s_argocd_owner_request:awoooi_prod",
"k8s_argocd_owner_request:argocd",
"k8s_argocd_owner_request:velero",
"k8s_argocd_owner_request:monitoring",
]
assert_equal(
"k8s_argocd_owner_request_draft.request_ids",
[item["request_id"] for item in k8s_argocd_owner_request_draft["request_drafts"]],
expected_k8s_argocd_request_ids,
)
assert_equal(
"k8s_argocd_owner_request_draft.blocked_actions",
k8s_argocd_owner_request_draft["blocked_actions"],
expected_k8s_blocked_actions,
)
for draft in k8s_argocd_owner_request_draft["request_drafts"]:
assert_equal(
f"k8s_argocd_owner_request_draft.{draft['request_id']}.request_field_count",
len(draft["request_fields"]),
20,
)
assert_equal(
f"k8s_argocd_owner_request_draft.{draft['request_id']}.required_owner_field_count",
len(draft["required_owner_fields"]),
11,
)
assert_true(
f"k8s_argocd_owner_request_draft.{draft['request_id']}.not_approval",
draft["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"rendered_manifest_diff_ready",
"argocd_health_readback_received",
"argocd_sync_authorized",
"argocd_sync_executed",
"kubectl_action_authorized",
"kubectl_action_executed",
"live_cluster_read_authorized",
"live_cluster_read_executed",
"secret_value_collection_allowed",
"runtime_gate",
"action_buttons_allowed",
"production_write_authorized",
]:
assert_false(
f"k8s_argocd_owner_request_draft.{draft['request_id']}.{false_key}",
draft[false_key],
)
k8s_argocd_owner_response_acceptance_summary = k8s_argocd_owner_response_acceptance[
"summary"
]
assert_equal(
"k8s_argocd_owner_response_acceptance.schema",
k8s_argocd_owner_response_acceptance["schema_version"],
"k8s_argocd_owner_response_acceptance_v1",
)
assert_equal(
"k8s_argocd_owner_response_acceptance.source_inventory_schema_version",
k8s_argocd_owner_response_acceptance["source_inventory_schema_version"],
"k8s_argocd_manifest_inventory_v1",
)
assert_equal(
"k8s_argocd_owner_response_acceptance.source_owner_request_schema_version",
k8s_argocd_owner_response_acceptance["source_owner_request_schema_version"],
"k8s_argocd_owner_request_draft_v1",
)
assert_equal(
"k8s_argocd_owner_response_acceptance.status",
k8s_argocd_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
expected_k8s_argocd_owner_response_acceptance_summary = {
"source_scan_group_count": 4,
"source_request_draft_count": 4,
"acceptance_candidate_count": 4,
"c0_acceptance_candidate_count": 3,
"c1_acceptance_candidate_count": 1,
"acceptance_field_count": 20,
"required_owner_field_count": 11,
"reviewer_check_count": 12,
"outcome_lane_count": 7,
"blocked_action_count": 18,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"rendered_manifest_diff_candidate_count": 0,
"rendered_manifest_diff_ready_count": 0,
"argocd_health_readback_received_count": 0,
"argocd_api_read_authorized_count": 0,
"argocd_api_read_executed_count": 0,
"argocd_sync_authorized_count": 0,
"argocd_sync_executed_count": 0,
"kubectl_action_authorized_count": 0,
"kubectl_action_executed_count": 0,
"live_cluster_read_authorized_count": 0,
"live_cluster_read_executed_count": 0,
"secret_value_collection_allowed_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_revision_accepted_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_k8s_argocd_owner_response_acceptance_summary.items():
assert_equal(
f"k8s_argocd_owner_response_acceptance.summary.{key}",
k8s_argocd_owner_response_acceptance_summary[key],
expected,
)
for key, value in k8s_argocd_owner_response_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"k8s_argocd_owner_response_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"k8s_argocd_owner_response_acceptance.execution_boundaries.{key}", value)
expected_k8s_argocd_owner_response_acceptance_ids = [
"k8s_argocd_owner_response_acceptance:awoooi_prod",
"k8s_argocd_owner_response_acceptance:argocd",
"k8s_argocd_owner_response_acceptance:velero",
"k8s_argocd_owner_response_acceptance:monitoring",
]
assert_equal(
"k8s_argocd_owner_response_acceptance.acceptance_candidate_ids",
[
item["acceptance_candidate_id"]
for item in k8s_argocd_owner_response_acceptance["acceptance_candidates"]
],
expected_k8s_argocd_owner_response_acceptance_ids,
)
expected_k8s_argocd_owner_response_reviewer_checks = [
"owner_identity_present",
"decision_reason_present",
"affected_scope_matches_group",
"redacted_refs_only",
"secret_value_absent",
"argocd_health_readback_ref_shape",
"argocd_sync_revision_ref_not_execution",
"rollback_revision_present",
"rendered_manifest_diff_ref_not_payload",
"maintenance_window_present",
"validation_plan_present",
"counts_transition_safe",
]
assert_equal(
"k8s_argocd_owner_response_acceptance.reviewer_check_ids",
[item["check_id"] for item in k8s_argocd_owner_response_acceptance["reviewer_checks"]],
expected_k8s_argocd_owner_response_reviewer_checks,
)
expected_k8s_argocd_owner_response_outcome_lanes = [
"waiting_owner_response",
"quarantine_raw_payload",
"reject_secret_or_unredacted_manifest",
"request_supplement",
"ready_for_rendered_manifest_review",
"owner_review_only_update",
"waiting_runtime_gate",
]
assert_equal(
"k8s_argocd_owner_response_acceptance.outcome_lane_ids",
[item["lane_id"] for item in k8s_argocd_owner_response_acceptance["outcome_lanes"]],
expected_k8s_argocd_owner_response_outcome_lanes,
)
expected_k8s_argocd_owner_response_blocked_actions = [
"argocd_api_read_without_approval",
"live_cluster_read_without_approval",
"argocd_sync",
"kubectl_apply",
"kubectl_patch",
"kubectl_delete",
"helm_upgrade",
"secret_value_collection",
"live_cluster_write",
"manual_pod_restart",
"scale_workload",
"change_network_policy",
"change_rbac",
"restore_backup",
"render_manifest_diff_from_untrusted_payload",
"mark_owner_response_accepted_without_reviewer_record",
"open_runtime_gate",
"add_action_button",
]
assert_equal(
"k8s_argocd_owner_response_acceptance.blocked_actions",
k8s_argocd_owner_response_acceptance["blocked_actions"],
expected_k8s_argocd_owner_response_blocked_actions,
)
for item in k8s_argocd_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"k8s_argocd_owner_response_acceptance.{item['acceptance_candidate_id']}.field_count",
len(item["acceptance_fields"]),
20,
)
assert_equal(
f"k8s_argocd_owner_response_acceptance.{item['acceptance_candidate_id']}.required_owner_fields",
len(item["required_owner_fields"]),
11,
)
assert_equal(
f"k8s_argocd_owner_response_acceptance.{item['acceptance_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
12,
)
assert_equal(
f"k8s_argocd_owner_response_acceptance.{item['acceptance_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
7,
)
assert_equal(
f"k8s_argocd_owner_response_acceptance.{item['acceptance_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
18,
)
assert_true(
f"k8s_argocd_owner_response_acceptance.{item['acceptance_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"rendered_manifest_diff_candidate",
"rendered_manifest_diff_ready",
"argocd_health_readback_received",
"argocd_api_read_authorized",
"argocd_api_read_executed",
"argocd_sync_authorized",
"argocd_sync_executed",
"kubectl_action_authorized",
"kubectl_action_executed",
"live_cluster_read_authorized",
"live_cluster_read_executed",
"secret_value_collection_allowed",
"maintenance_window_accepted",
"rollback_revision_accepted",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"k8s_argocd_owner_response_acceptance.{item['acceptance_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"k8s_argocd_change_evidence_acceptance.schema",
k8s_argocd_change_evidence_acceptance["schema_version"],
"k8s_argocd_change_evidence_acceptance_v1",
)
assert_equal(
"k8s_argocd_change_evidence_acceptance.status",
k8s_argocd_change_evidence_acceptance["status"],
"change_evidence_acceptance_ledger_ready_no_runtime_action",
)
assert_equal(
"k8s_argocd_change_evidence_acceptance.source_inventory_schema_version",
k8s_argocd_change_evidence_acceptance["source_inventory_schema_version"],
"k8s_argocd_manifest_inventory_v1",
)
assert_equal(
"k8s_argocd_change_evidence_acceptance.source_acceptance_schema_version",
k8s_argocd_change_evidence_acceptance["source_acceptance_schema_version"],
"k8s_argocd_owner_response_acceptance_v1",
)
expected_k8s_change_evidence_summary = {
"source_scan_group_count": 4,
"source_manifest_file_count": 49,
"source_yaml_manifest_file_count": 45,
"source_c0_file_count": 36,
"source_acceptance_candidate_count": 4,
"deployment_object_count": 5,
"cronjob_object_count": 5,
"secret_object_count": 6,
"network_policy_object_count": 6,
"rbac_object_count": 5,
"argocd_application_count": 1,
"prometheus_rule_count": 4,
"change_evidence_candidate_count": 4,
"c0_change_evidence_candidate_count": 3,
"c1_change_evidence_candidate_count": 1,
"write_capable_candidate_count": 4,
"gate_tag_count": 10,
"required_evidence_field_count": 18,
"change_evidence_field_count": 21,
"reviewer_check_count": 18,
"outcome_lane_count": 8,
"blocked_action_count": 28,
"change_evidence_received_count": 0,
"change_evidence_accepted_count": 0,
"change_evidence_rejected_count": 0,
"change_evidence_quarantined_count": 0,
"supplement_requested_count": 0,
"rendered_manifest_diff_accepted_count": 0,
"argocd_application_readback_accepted_count": 0,
"argocd_sync_revision_accepted_count": 0,
"health_before_accepted_count": 0,
"health_after_accepted_count": 0,
"rollout_status_accepted_count": 0,
"service_route_smoke_accepted_count": 0,
"metrics_alert_accepted_count": 0,
"secret_metadata_parity_accepted_count": 0,
"blast_radius_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_revision_accepted_count": 0,
"postcheck_owner_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"runtime_approval_package_ready_count": 0,
"argocd_api_read_authorized_count": 0,
"argocd_api_read_executed_count": 0,
"argocd_sync_authorized_count": 0,
"argocd_sync_executed_count": 0,
"kubectl_action_authorized_count": 0,
"kubectl_action_executed_count": 0,
"helm_upgrade_authorized_count": 0,
"helm_upgrade_executed_count": 0,
"live_cluster_read_authorized_count": 0,
"live_cluster_read_executed_count": 0,
"network_policy_apply_authorized_count": 0,
"nodeport_change_authorized_count": 0,
"rbac_change_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_before_acceptance": 62,
"coverage_percent_after_acceptance": 64,
}
for key, expected in expected_k8s_change_evidence_summary.items():
assert_equal(
f"k8s_argocd_change_evidence_acceptance.summary.{key}",
k8s_argocd_change_evidence_acceptance["summary"][key],
expected,
)
for key, value in k8s_argocd_change_evidence_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"k8s_argocd_change_evidence_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"k8s_argocd_change_evidence_acceptance.execution_boundaries.{key}", value)
expected_k8s_change_evidence_ids = [
"k8s_argocd_change_evidence:awoooi_prod",
"k8s_argocd_change_evidence:argocd",
"k8s_argocd_change_evidence:velero",
"k8s_argocd_change_evidence:monitoring",
]
assert_equal(
"k8s_argocd_change_evidence_acceptance.candidate_ids",
[
item["change_evidence_candidate_id"]
for item in k8s_argocd_change_evidence_acceptance["change_evidence_candidates"]
],
expected_k8s_change_evidence_ids,
)
assert_equal(
"k8s_argocd_change_evidence_acceptance.reviewer_checks.count",
len(k8s_argocd_change_evidence_acceptance["reviewer_checks"]),
18,
)
assert_equal(
"k8s_argocd_change_evidence_acceptance.outcome_lanes.count",
len(k8s_argocd_change_evidence_acceptance["outcome_lanes"]),
8,
)
assert_equal(
"k8s_argocd_change_evidence_acceptance.blocked_actions.count",
len(k8s_argocd_change_evidence_acceptance["blocked_actions"]),
28,
)
for item in k8s_argocd_change_evidence_acceptance["change_evidence_candidates"]:
assert_equal(
f"k8s_argocd_change_evidence_acceptance.{item['change_evidence_candidate_id']}.change_evidence_fields",
len(item["change_evidence_fields"]),
21,
)
assert_equal(
f"k8s_argocd_change_evidence_acceptance.{item['change_evidence_candidate_id']}.required_evidence_fields",
len(item["required_evidence_fields"]),
18,
)
assert_equal(
f"k8s_argocd_change_evidence_acceptance.{item['change_evidence_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
18,
)
assert_equal(
f"k8s_argocd_change_evidence_acceptance.{item['change_evidence_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
8,
)
assert_equal(
f"k8s_argocd_change_evidence_acceptance.{item['change_evidence_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
28,
)
assert_true(
f"k8s_argocd_change_evidence_acceptance.{item['change_evidence_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"change_evidence_received",
"change_evidence_accepted",
"change_evidence_rejected",
"change_evidence_quarantined",
"supplement_requested",
"proposed_commit_ref_accepted",
"rendered_manifest_diff_accepted",
"argocd_application_readback_accepted",
"argocd_sync_revision_accepted",
"health_before_accepted",
"health_after_accepted",
"rollout_status_accepted",
"service_route_smoke_accepted",
"metrics_alert_accepted",
"secret_metadata_parity_accepted",
"blast_radius_accepted",
"maintenance_window_accepted",
"rollback_revision_accepted",
"postcheck_owner_accepted",
"cross_project_sync_accepted",
"runtime_approval_package_ready",
"argocd_api_read_authorized",
"argocd_api_read_executed",
"argocd_sync_authorized",
"argocd_sync_executed",
"kubectl_action_authorized",
"kubectl_action_executed",
"helm_upgrade_authorized",
"helm_upgrade_executed",
"live_cluster_read_authorized",
"live_cluster_read_executed",
"network_policy_apply_authorized",
"nodeport_change_authorized",
"rbac_change_authorized",
"secret_value_collection_allowed",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"k8s_argocd_change_evidence_acceptance.{item['change_evidence_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"k8s_argocd_post_incident_readback_plan.schema",
k8s_argocd_post_incident_readback_plan["schema_version"],
"k8s_argocd_post_incident_readback_plan_v1",
)
assert_equal(
"k8s_argocd_post_incident_readback_plan.status",
k8s_argocd_post_incident_readback_plan["status"],
"post_incident_readback_plan_ready_no_runtime_action",
)
assert_equal(
"k8s_argocd_post_incident_readback_plan.source_schema_version",
k8s_argocd_post_incident_readback_plan["source_schema_version"],
"k8s_argocd_change_evidence_acceptance_v1",
)
assert_equal(
"k8s_argocd_post_incident_readback_plan.source_status",
k8s_argocd_post_incident_readback_plan["source_status"],
"change_evidence_acceptance_ledger_ready_no_runtime_action",
)
for source_path in [
"docs/security/K8S-ARGOCD-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/k8s-argocd-change-evidence-acceptance.snapshot.json",
]:
assert_contains(
"k8s_argocd_post_incident_readback_plan.source_paths",
k8s_argocd_post_incident_readback_plan["source_paths"],
source_path,
)
expected_k8s_post_incident_summary = {
"source_scan_group_count": 4,
"source_change_evidence_candidate_count": 4,
"source_c0_change_evidence_candidate_count": 3,
"source_c1_change_evidence_candidate_count": 1,
"source_write_capable_candidate_count": 4,
"source_manifest_file_count": 49,
"source_yaml_manifest_file_count": 45,
"source_c0_file_count": 36,
"deployment_object_count": 5,
"cronjob_object_count": 5,
"secret_object_count": 6,
"network_policy_object_count": 6,
"rbac_object_count": 5,
"argocd_application_count": 1,
"prometheus_rule_count": 4,
"readback_candidate_count": 4,
"c0_readback_candidate_count": 3,
"c1_readback_candidate_count": 1,
"write_capable_readback_candidate_count": 4,
"degraded_or_pending_review_required_candidate_count": 4,
"drift_or_schedule_review_required_candidate_count": 4,
"route_ai_monitoring_impact_required_candidate_count": 4,
"cross_project_sync_required_candidate_count": 4,
"no_false_green_required_candidate_count": 4,
"readback_field_count": 36,
"required_readback_field_count": 31,
"reviewer_check_count": 28,
"outcome_lane_count": 10,
"blocked_action_count": 41,
"post_incident_readback_received_count": 0,
"post_incident_readback_accepted_count": 0,
"actor_attribution_accepted_count": 0,
"argocd_app_health_accepted_count": 0,
"argocd_sync_status_accepted_count": 0,
"degraded_state_accepted_count": 0,
"pending_workload_accepted_count": 0,
"image_pull_or_scheduling_accepted_count": 0,
"rollout_before_after_accepted_count": 0,
"event_summary_accepted_count": 0,
"metrics_alert_accepted_count": 0,
"drift_scanner_accepted_count": 0,
"cronjob_schedule_accepted_count": 0,
"network_policy_service_impact_accepted_count": 0,
"rbac_serviceaccount_impact_accepted_count": 0,
"secret_metadata_parity_accepted_count": 0,
"public_admin_route_impact_accepted_count": 0,
"ai_provider_monitoring_impact_accepted_count": 0,
"backup_restore_impact_accepted_count": 0,
"operator_notification_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"recovery_or_still_degraded_accepted_count": 0,
"postcheck_readback_accepted_count": 0,
"recurrence_guard_accepted_count": 0,
"no_false_green_accepted_count": 0,
"argocd_api_read_authorized_count": 0,
"argocd_sync_authorized_count": 0,
"live_cluster_read_authorized_count": 0,
"kubectl_action_authorized_count": 0,
"helm_action_authorized_count": 0,
"network_policy_change_authorized_count": 0,
"nodeport_change_authorized_count": 0,
"rbac_change_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"route_smoke_authorized_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"coverage_percent_after_readback_plan": 66,
}
for key, expected in expected_k8s_post_incident_summary.items():
assert_equal(
f"k8s_argocd_post_incident_readback_plan.summary.{key}",
k8s_argocd_post_incident_readback_plan["summary"][key],
expected,
)
for key, value in k8s_argocd_post_incident_readback_plan["boundaries"].items():
if key == "not_authorization":
assert_true(f"k8s_argocd_post_incident_readback_plan.boundaries.{key}", value)
else:
assert_false(f"k8s_argocd_post_incident_readback_plan.boundaries.{key}", value)
expected_k8s_post_incident_ids = [
"k8s_argocd_post_incident_readback:awoooi_prod",
"k8s_argocd_post_incident_readback:argocd",
"k8s_argocd_post_incident_readback:velero",
"k8s_argocd_post_incident_readback:monitoring",
]
assert_equal(
"k8s_argocd_post_incident_readback_plan.readback_candidate_ids",
[
item["post_incident_readback_candidate_id"]
for item in k8s_argocd_post_incident_readback_plan["readback_candidates"]
],
expected_k8s_post_incident_ids,
)
assert_equal(
"k8s_argocd_post_incident_readback_plan.reviewer_checks.count",
len(k8s_argocd_post_incident_readback_plan["reviewer_checks"]),
28,
)
assert_equal(
"k8s_argocd_post_incident_readback_plan.outcome_lanes.count",
len(k8s_argocd_post_incident_readback_plan["outcome_lanes"]),
10,
)
assert_equal(
"k8s_argocd_post_incident_readback_plan.blocked_actions.count",
len(k8s_argocd_post_incident_readback_plan["blocked_actions"]),
41,
)
for item in k8s_argocd_post_incident_readback_plan["readback_candidates"]:
assert_equal(
f"k8s_argocd_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.readback_fields",
len(item["readback_fields"]),
36,
)
assert_equal(
f"k8s_argocd_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.required_readback_fields",
len(item["required_readback_fields"]),
31,
)
assert_equal(
f"k8s_argocd_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
28,
)
assert_equal(
f"k8s_argocd_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
10,
)
assert_equal(
f"k8s_argocd_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
41,
)
assert_true(
f"k8s_argocd_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.not_approval",
item["not_approval"],
)
assert_true(
f"k8s_argocd_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.write_capable",
item["write_capable"],
)
for false_key in [
"post_incident_readback_received",
"post_incident_readback_accepted",
"actor_attribution_accepted",
"argocd_app_health_accepted",
"argocd_sync_status_accepted",
"degraded_state_accepted",
"pending_workload_accepted",
"image_pull_or_scheduling_accepted",
"rollout_before_after_accepted",
"event_summary_accepted",
"metrics_alert_accepted",
"drift_scanner_accepted",
"cronjob_schedule_accepted",
"network_policy_service_impact_accepted",
"rbac_serviceaccount_impact_accepted",
"secret_metadata_parity_accepted",
"public_admin_route_impact_accepted",
"ai_provider_monitoring_impact_accepted",
"backup_restore_impact_accepted",
"operator_notification_accepted",
"cross_project_sync_accepted",
"recovery_or_still_degraded_accepted",
"postcheck_readback_accepted",
"recurrence_guard_accepted",
"no_false_green_accepted",
"argocd_api_read_authorized",
"argocd_sync_authorized",
"live_cluster_read_authorized",
"kubectl_action_authorized",
"helm_action_authorized",
"network_policy_change_authorized",
"nodeport_change_authorized",
"rbac_change_authorized",
"secret_value_collection_allowed",
"route_smoke_authorized",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"k8s_argocd_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"cd_runner_secret_injection_change_evidence_acceptance.schema",
cd_runner_secret_injection_change_evidence_acceptance["schema_version"],
"cd_runner_secret_injection_change_evidence_acceptance_v1",
)
assert_equal(
"cd_runner_secret_injection_change_evidence_acceptance.status",
cd_runner_secret_injection_change_evidence_acceptance["status"],
"change_evidence_acceptance_ledger_ready_no_runtime_action",
)
assert_equal(
"cd_runner_secret_injection_change_evidence_acceptance.mode",
cd_runner_secret_injection_change_evidence_acceptance["mode"],
"metadata_only_no_secret_value_no_workflow_change",
)
expected_cd_runner_secret_injection_summary = {
"change_evidence_candidate_count": 5,
"c0_change_evidence_candidate_count": 4,
"c1_change_evidence_candidate_count": 1,
"write_capable_candidate_count": 5,
"local_workflow_file_count": 33,
"gitea_workflow_file_count": 12,
"github_workflow_file_count": 21,
"local_referenced_secret_name_count": 42,
"runner_label_count": 5,
"export_request_count": 9,
"export_lane_count": 5,
"owner_response_template_count": 5,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"required_evidence_field_count": 19,
"reviewer_check_count": 19,
"outcome_lane_count": 8,
"blocked_action_count": 32,
"change_evidence_received_count": 0,
"change_evidence_accepted_count": 0,
"workflow_diff_accepted_count": 0,
"runner_attestation_accepted_count": 0,
"secret_name_parity_accepted_count": 0,
"secret_injection_route_accepted_count": 0,
"deploy_marker_readback_accepted_count": 0,
"guard_result_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"runtime_approval_package_ready_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"secret_metadata_coverage_percent_before_acceptance": 66,
"secret_metadata_coverage_percent_after_acceptance": 68,
"gitea_workflow_runner_coverage_percent_before_acceptance": 70,
"gitea_workflow_runner_coverage_percent_after_acceptance": 72,
}
for key, expected in expected_cd_runner_secret_injection_summary.items():
assert_equal(
f"cd_runner_secret_injection_change_evidence_acceptance.summary.{key}",
cd_runner_secret_injection_change_evidence_acceptance["summary"][key],
expected,
)
for key, value in cd_runner_secret_injection_change_evidence_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"cd_runner_secret_injection_change_evidence_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"cd_runner_secret_injection_change_evidence_acceptance.execution_boundaries.{key}", value)
expected_cd_runner_secret_injection_ids = [
"cd_runner_secret_injection:cd_pipeline_deploy_marker_and_k8s_secret_injection",
"cd_runner_secret_injection:code_review_pipeline_secret_and_notification_surface",
"cd_runner_secret_injection:deploy_alerts_and_monitoring_route",
"cd_runner_secret_injection:runner_label_and_executor_attestation",
"cd_runner_secret_injection:repository_secret_name_parity_and_injection_owner",
]
assert_equal(
"cd_runner_secret_injection_change_evidence_acceptance.candidate_ids",
[
item["change_evidence_candidate_id"]
for item in cd_runner_secret_injection_change_evidence_acceptance["change_evidence_candidates"]
],
expected_cd_runner_secret_injection_ids,
)
assert_equal(
"cd_runner_secret_injection_change_evidence_acceptance.reviewer_checks.count",
len(cd_runner_secret_injection_change_evidence_acceptance["reviewer_checks"]),
19,
)
assert_equal(
"cd_runner_secret_injection_change_evidence_acceptance.outcome_lanes.count",
len(cd_runner_secret_injection_change_evidence_acceptance["outcome_lanes"]),
8,
)
assert_equal(
"cd_runner_secret_injection_change_evidence_acceptance.blocked_actions.count",
len(cd_runner_secret_injection_change_evidence_acceptance["blocked_actions"]),
32,
)
for item in cd_runner_secret_injection_change_evidence_acceptance["change_evidence_candidates"]:
assert_equal(
f"cd_runner_secret_injection_change_evidence_acceptance.{item['change_evidence_candidate_id']}.change_evidence_fields",
len(item["change_evidence_fields"]),
22,
)
assert_equal(
f"cd_runner_secret_injection_change_evidence_acceptance.{item['change_evidence_candidate_id']}.required_evidence_fields",
len(item["required_evidence_fields"]),
19,
)
assert_equal(
f"cd_runner_secret_injection_change_evidence_acceptance.{item['change_evidence_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
19,
)
assert_equal(
f"cd_runner_secret_injection_change_evidence_acceptance.{item['change_evidence_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
8,
)
assert_equal(
f"cd_runner_secret_injection_change_evidence_acceptance.{item['change_evidence_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
32,
)
assert_true(
f"cd_runner_secret_injection_change_evidence_acceptance.{item['change_evidence_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"change_evidence_received",
"change_evidence_accepted",
"change_evidence_rejected",
"change_evidence_quarantined",
"workflow_diff_accepted",
"runner_attestation_accepted",
"secret_name_parity_accepted",
"secret_injection_route_accepted",
"deploy_marker_readback_accepted",
"guard_result_accepted",
"postcheck_evidence_accepted",
"runtime_approval_package_ready",
"runtime_execution_authorized",
"workflow_modification_authorized",
"webhook_modification_authorized",
"runner_change_authorized",
"deploy_key_change_authorized",
"branch_protection_change_authorized",
"codeowners_change_authorized",
"repo_secret_change_authorized",
"secret_value_collection_allowed",
"secret_hash_collection_allowed",
"partial_token_collection_allowed",
"secret_rotation_authorized",
"secret_store_read_authorized",
"secret_injection_change_authorized",
"step_env_secret_allowed",
"github_hosted_runner_enable_authorized",
"gitea_action_dispatch_authorized",
"cd_pipeline_run_authorized",
"deploy_marker_write_authorized",
"k8s_secret_injection_authorized",
"argocd_sync_authorized",
"production_deploy_authorized",
"refs_sync_authorized",
"force_push_authorized",
"github_primary_switch_authorized",
"disable_gitea_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"cd_runner_secret_injection_change_evidence_acceptance.{item['change_evidence_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.schema",
cd_runner_secret_injection_post_incident_readback_plan["schema_version"],
"cd_runner_secret_injection_post_incident_readback_plan_v1",
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.status",
cd_runner_secret_injection_post_incident_readback_plan["status"],
"post_incident_readback_plan_ready_no_runtime_action",
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.mode",
cd_runner_secret_injection_post_incident_readback_plan["mode"],
"metadata_only_no_secret_value_no_workflow_runner_secret_change",
)
expected_cd_runner_secret_injection_readback_summary = {
"source_change_evidence_candidate_count": 5,
"source_c0_change_evidence_candidate_count": 4,
"source_c1_change_evidence_candidate_count": 1,
"source_required_evidence_field_count": 19,
"source_reviewer_check_count": 19,
"source_blocked_action_count": 32,
"source_change_evidence_accepted_count": 0,
"source_runtime_gate_count": 0,
"readback_candidate_count": 5,
"c0_readback_candidate_count": 4,
"c1_readback_candidate_count": 1,
"write_capable_readback_candidate_count": 5,
"secret_sensitive_readback_candidate_count": 5,
"runner_or_workflow_readback_candidate_count": 5,
"deploy_or_run_readback_required_candidate_count": 5,
"cross_project_sync_required_candidate_count": 5,
"no_false_green_required_candidate_count": 5,
"readback_field_count": 44,
"required_readback_field_count": 33,
"reviewer_check_count": 30,
"outcome_lane_count": 11,
"blocked_action_count": 52,
"post_incident_readback_received_count": 0,
"post_incident_readback_accepted_count": 0,
"actor_attribution_accepted_count": 0,
"workflow_diff_state_accepted_count": 0,
"runner_attestation_accepted_count": 0,
"runner_executor_host_readback_accepted_count": 0,
"runner_workspace_cleanup_accepted_count": 0,
"runner_permission_scope_accepted_count": 0,
"secret_name_parity_accepted_count": 0,
"secret_injection_route_accepted_count": 0,
"step_env_secret_guard_accepted_count": 0,
"log_redaction_readback_accepted_count": 0,
"deploy_marker_readback_accepted_count": 0,
"gitea_action_run_readback_accepted_count": 0,
"webhook_delivery_state_accepted_count": 0,
"deploy_key_branch_protection_codeowners_accepted_count": 0,
"notification_delivery_receipt_accepted_count": 0,
"before_after_deploy_state_accepted_count": 0,
"affected_route_or_service_state_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"rollback_validation_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"post_change_monitoring_accepted_count": 0,
"recurrence_guard_accepted_count": 0,
"no_false_green_accepted_count": 0,
"workflow_modification_authorized_count": 0,
"workflow_dispatch_authorized_count": 0,
"runner_change_authorized_count": 0,
"github_hosted_runner_enable_authorized_count": 0,
"webhook_modification_authorized_count": 0,
"deploy_key_change_authorized_count": 0,
"branch_protection_change_authorized_count": 0,
"codeowners_change_authorized_count": 0,
"repo_secret_change_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"secret_injection_change_authorized_count": 0,
"gitea_action_dispatch_authorized_count": 0,
"cd_pipeline_run_authorized_count": 0,
"k8s_secret_injection_authorized_count": 0,
"argocd_sync_authorized_count": 0,
"production_deploy_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"secret_metadata_coverage_percent_after_readback_plan": 70,
"gitea_workflow_runner_coverage_percent_after_readback_plan": 74,
}
for key, expected in expected_cd_runner_secret_injection_readback_summary.items():
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.summary.{key}",
cd_runner_secret_injection_post_incident_readback_plan["summary"][key],
expected,
)
for key, value in cd_runner_secret_injection_post_incident_readback_plan["execution_boundaries"].items():
if key == "not_authorization":
assert_true(
f"cd_runner_secret_injection_post_incident_readback_plan.execution_boundaries.{key}",
value,
)
else:
assert_false(
f"cd_runner_secret_injection_post_incident_readback_plan.execution_boundaries.{key}",
value,
)
expected_cd_runner_secret_injection_readback_ids = [
"cd_runner_secret_injection_post_incident_readback:cd_pipeline_deploy_marker_and_k8s_secret_injection",
"cd_runner_secret_injection_post_incident_readback:code_review_pipeline_secret_and_notification_surface",
"cd_runner_secret_injection_post_incident_readback:deploy_alerts_and_monitoring_route",
"cd_runner_secret_injection_post_incident_readback:runner_label_and_executor_attestation",
"cd_runner_secret_injection_post_incident_readback:repository_secret_name_parity_and_injection_owner",
]
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.candidate_ids",
[
item["post_incident_readback_candidate_id"]
for item in cd_runner_secret_injection_post_incident_readback_plan["readback_candidates"]
],
expected_cd_runner_secret_injection_readback_ids,
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.reviewer_checks.count",
len(cd_runner_secret_injection_post_incident_readback_plan["reviewer_checks"]),
30,
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.outcome_lanes.count",
len(cd_runner_secret_injection_post_incident_readback_plan["outcome_lanes"]),
11,
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.blocked_actions.count",
len(cd_runner_secret_injection_post_incident_readback_plan["blocked_actions"]),
52,
)
for item in cd_runner_secret_injection_post_incident_readback_plan["readback_candidates"]:
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.readback_fields",
len(item["readback_fields"]),
44,
)
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.required_readback_fields",
len(item["required_readback_fields"]),
33,
)
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
30,
)
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
11,
)
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
52,
)
assert_true(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.not_approval",
item["not_approval"],
)
assert_true(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.requires_runtime_approval_package",
item["requires_runtime_approval_package"],
)
for false_key in [
"post_incident_readback_received",
"post_incident_readback_accepted",
"actor_attribution_accepted",
"workflow_diff_state_accepted",
"runner_attestation_accepted",
"runner_executor_host_readback_accepted",
"runner_workspace_cleanup_accepted",
"runner_permission_scope_accepted",
"secret_name_parity_accepted",
"secret_injection_route_accepted",
"step_env_secret_guard_accepted",
"log_redaction_readback_accepted",
"deploy_marker_readback_accepted",
"gitea_action_run_readback_accepted",
"webhook_delivery_state_accepted",
"deploy_key_branch_protection_codeowners_accepted",
"notification_delivery_receipt_accepted",
"before_after_deploy_state_accepted",
"affected_route_or_service_state_accepted",
"cross_project_sync_accepted",
"rollback_validation_accepted",
"postcheck_evidence_accepted",
"post_change_monitoring_accepted",
"recurrence_guard_accepted",
"no_secret_value_attestation",
"no_raw_workflow_payload_attestation",
"no_unredacted_log_attestation",
"no_false_green_attestation",
"no_false_green_accepted",
"runtime_execution_authorized",
"workflow_modification_authorized",
"workflow_dispatch_authorized",
"runner_change_authorized",
"github_hosted_runner_enable_authorized",
"webhook_modification_authorized",
"deploy_key_change_authorized",
"branch_protection_change_authorized",
"codeowners_change_authorized",
"repo_secret_change_authorized",
"secret_value_collection_allowed",
"secret_hash_collection_allowed",
"partial_token_collection_allowed",
"runner_token_collection_allowed",
"webhook_secret_collection_allowed",
"deploy_key_private_material_collection_allowed",
"secret_rotation_authorized",
"secret_store_read_authorized",
"secret_injection_change_authorized",
"gitea_action_dispatch_authorized",
"cd_pipeline_run_authorized",
"deploy_marker_write_authorized",
"k8s_secret_injection_authorized",
"argocd_sync_authorized",
"production_deploy_authorized",
"refs_sync_authorized",
"force_push_authorized",
"github_primary_switch_authorized",
"disable_gitea_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"telegram_notification_egress_inventory.schema",
telegram_notification_egress_inventory["schema_version"],
"telegram_notification_egress_inventory_v1",
)
assert_equal(
"telegram_notification_egress_inventory.status",
telegram_notification_egress_inventory["status"],
"inventory_ready_no_runtime_action",
)
assert_equal(
"telegram_notification_egress_inventory.mode",
telegram_notification_egress_inventory["mode"],
"repo_only_scan_no_secret_value_no_telegram_send",
)
expected_telegram_notification_egress_summary = {
"direct_bot_api_file_count": 11,
"direct_bot_api_call_count": 18,
"workflow_direct_bot_api_call_count": 13,
"ops_script_direct_bot_api_call_count": 4,
"ci_script_direct_bot_api_call_count": 0,
"api_direct_bot_api_call_count": 1,
"gateway_normalized_callsite_count": 56,
"gateway_final_exit_formatter_present_count": 1,
"required_owner_field_count": 18,
"reviewer_check_count": 14,
"outcome_lane_count": 9,
"blocked_action_count": 22,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"formatter_convergence_accepted_count": 0,
"redaction_contract_accepted_count": 0,
"delivery_receipt_accepted_count": 0,
"direct_bot_api_migration_authorized_count": 0,
"telegram_send_authorized_count": 0,
"bot_api_call_authorized_count": 0,
"workflow_modification_authorized_count": 0,
"script_modification_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"raw_payload_storage_allowed_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_telegram_notification_egress_summary.items():
assert_equal(
f"telegram_notification_egress_inventory.summary.{key}",
telegram_notification_egress_inventory["summary"][key],
expected,
)
expected_telegram_direct_path_counts = {
".gitea/workflows/cd-dev.yaml": 3,
".gitea/workflows/cd.yaml": 5,
".gitea/workflows/code-review.yaml": 2,
".gitea/workflows/deploy-alerts.yaml": 1,
".gitea/workflows/e2e-health.yaml": 1,
".gitea/workflows/run-migration.yml": 1,
"apps/api/src/services/channel_hub.py": 1,
"scripts/ops/backup-from-110.sh": 1,
"scripts/ops/docker-health-monitor.sh": 1,
"scripts/ops/dr-drill.sh": 1,
"scripts/ops/pg-backup.sh": 1,
}
actual_telegram_direct_path_counts: dict[str, int] = {}
for item in telegram_notification_egress_inventory["direct_bot_api_calls"]:
actual_telegram_direct_path_counts[item["path"]] = actual_telegram_direct_path_counts.get(item["path"], 0) + 1
assert_equal(
"telegram_notification_egress_inventory.direct_path_counts",
actual_telegram_direct_path_counts,
expected_telegram_direct_path_counts,
)
for key, value in telegram_notification_egress_inventory["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"telegram_notification_egress_inventory.execution_boundaries.{key}", value)
else:
assert_false(f"telegram_notification_egress_inventory.execution_boundaries.{key}", value)
for item in telegram_notification_egress_inventory["direct_bot_api_calls"]:
assert_equal(
f"telegram_notification_egress_inventory.{item['egress_surface_id']}.required_owner_fields",
len(item["required_owner_fields"]),
18,
)
assert_equal(
f"telegram_notification_egress_inventory.{item['egress_surface_id']}.reviewer_checks",
len(item["reviewer_checks"]),
14,
)
assert_equal(
f"telegram_notification_egress_inventory.{item['egress_surface_id']}.outcome_lanes",
len(item["outcome_lanes"]),
9,
)
assert_equal(
f"telegram_notification_egress_inventory.{item['egress_surface_id']}.blocked_actions",
len(item["blocked_actions"]),
22,
)
assert_true(
f"telegram_notification_egress_inventory.{item['egress_surface_id']}.not_authorization",
item["not_authorization"],
)
for false_key in [
"owner_response_received",
"owner_response_accepted",
"formatter_convergence_accepted",
"redaction_contract_accepted",
"delivery_receipt_accepted",
"direct_bot_api_migration_authorized",
"telegram_send_authorized",
"bot_api_call_authorized",
"workflow_modification_authorized",
"script_modification_authorized",
"secret_value_collection_allowed",
"raw_payload_storage_allowed",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"telegram_notification_egress_inventory.{item['egress_surface_id']}.{false_key}",
item[false_key],
)
assert_equal(
"telegram_notification_egress_owner_request_draft.schema",
telegram_notification_egress_owner_request_draft["schema_version"],
"telegram_notification_egress_owner_request_draft_v1",
)
assert_equal(
"telegram_notification_egress_owner_request_draft.status",
telegram_notification_egress_owner_request_draft["status"],
"owner_request_draft_ready_no_dispatch_no_runtime_action",
)
assert_equal(
"telegram_notification_egress_owner_request_draft.mode",
telegram_notification_egress_owner_request_draft["mode"],
"metadata_only_no_secret_value_no_telegram_send_no_workflow_change",
)
expected_telegram_egress_owner_request_summary = {
"source_direct_bot_api_call_count": 18,
"source_direct_bot_api_file_count": 11,
"request_draft_count": 11,
"workflow_request_draft_count": 6,
"ops_script_request_draft_count": 4,
"ci_script_request_draft_count": 0,
"api_direct_request_draft_count": 1,
"request_field_count": 27,
"required_owner_field_count": 19,
"preflight_check_count": 16,
"outcome_lane_count": 9,
"forbidden_payload_count": 14,
"blocked_action_count": 26,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"audit_event_emitted_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"formatter_convergence_accepted_count": 0,
"redaction_contract_accepted_count": 0,
"delivery_receipt_accepted_count": 0,
"break_glass_fallback_accepted_count": 0,
"direct_bot_api_migration_authorized_count": 0,
"telegram_send_authorized_count": 0,
"bot_api_call_authorized_count": 0,
"workflow_modification_authorized_count": 0,
"script_modification_authorized_count": 0,
"api_sender_refactor_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"raw_payload_storage_allowed_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_telegram_egress_owner_request_summary.items():
assert_equal(
f"telegram_notification_egress_owner_request_draft.summary.{key}",
telegram_notification_egress_owner_request_draft["summary"][key],
expected,
)
expected_telegram_egress_request_paths = [
".gitea/workflows/cd-dev.yaml",
".gitea/workflows/cd.yaml",
".gitea/workflows/code-review.yaml",
".gitea/workflows/deploy-alerts.yaml",
".gitea/workflows/e2e-health.yaml",
".gitea/workflows/run-migration.yml",
"apps/api/src/services/channel_hub.py",
"scripts/ops/backup-from-110.sh",
"scripts/ops/docker-health-monitor.sh",
"scripts/ops/dr-drill.sh",
"scripts/ops/pg-backup.sh",
]
assert_equal(
"telegram_notification_egress_owner_request_draft.source_paths",
[item["source_path"] for item in telegram_notification_egress_owner_request_draft["request_drafts"]],
expected_telegram_egress_request_paths,
)
for key, value in telegram_notification_egress_owner_request_draft["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"telegram_notification_egress_owner_request_draft.execution_boundaries.{key}", value)
else:
assert_false(f"telegram_notification_egress_owner_request_draft.execution_boundaries.{key}", value)
for item in telegram_notification_egress_owner_request_draft["request_drafts"]:
assert_equal(
f"telegram_notification_egress_owner_request_draft.{item['request_draft_id']}.request_fields",
len(item["request_fields"]),
27,
)
assert_equal(
f"telegram_notification_egress_owner_request_draft.{item['request_draft_id']}.required_owner_fields",
len(item["required_owner_fields"]),
19,
)
assert_equal(
f"telegram_notification_egress_owner_request_draft.{item['request_draft_id']}.preflight_checks",
len(item["preflight_checks"]),
16,
)
assert_equal(
f"telegram_notification_egress_owner_request_draft.{item['request_draft_id']}.outcome_lanes",
len(item["outcome_lanes"]),
9,
)
assert_equal(
f"telegram_notification_egress_owner_request_draft.{item['request_draft_id']}.forbidden_payloads",
len(item["forbidden_payloads"]),
14,
)
assert_equal(
f"telegram_notification_egress_owner_request_draft.{item['request_draft_id']}.blocked_actions",
len(item["blocked_actions"]),
26,
)
assert_true(
f"telegram_notification_egress_owner_request_draft.{item['request_draft_id']}.not_authorization",
item["not_authorization"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"audit_event_emitted",
"owner_response_received",
"owner_response_accepted",
"formatter_convergence_accepted",
"redaction_contract_accepted",
"delivery_receipt_accepted",
"break_glass_fallback_accepted",
"direct_bot_api_migration_authorized",
"telegram_send_authorized",
"bot_api_call_authorized",
"workflow_modification_authorized",
"script_modification_authorized",
"api_sender_refactor_authorized",
"secret_value_collection_allowed",
"raw_payload_storage_allowed",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"telegram_notification_egress_owner_request_draft.{item['request_draft_id']}.{false_key}",
item[false_key],
)
assert_equal(
"telegram_notification_egress_migration_plan_draft.schema",
telegram_notification_egress_migration_plan_draft["schema_version"],
"telegram_notification_egress_migration_plan_draft_v1",
)
assert_equal(
"telegram_notification_egress_migration_plan_draft.status",
telegram_notification_egress_migration_plan_draft["status"],
"migration_plan_draft_ready_no_runtime_action",
)
assert_equal(
"telegram_notification_egress_migration_plan_draft.mode",
telegram_notification_egress_migration_plan_draft["mode"],
"metadata_only_no_workflow_script_api_change_no_telegram_send",
)
expected_telegram_egress_migration_plan_summary = {
"source_request_draft_count": 11,
"source_direct_bot_api_call_count": 18,
"migration_candidate_count": 11,
"workflow_migration_candidate_count": 6,
"ops_script_migration_candidate_count": 4,
"api_direct_migration_candidate_count": 1,
"proposed_wave_count": 3,
"plan_field_count": 17,
"reviewer_check_count": 15,
"outcome_lane_count": 9,
"blocked_action_count": 21,
"owner_response_required_count": 11,
"maintenance_window_required_count": 11,
"rollback_owner_required_count": 11,
"postcheck_required_count": 11,
"delivery_receipt_required_count": 11,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"migration_authorized_count": 0,
"workflow_modification_authorized_count": 0,
"script_modification_authorized_count": 0,
"api_sender_refactor_authorized_count": 0,
"telegram_send_authorized_count": 0,
"bot_api_call_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"raw_payload_storage_allowed_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_telegram_egress_migration_plan_summary.items():
assert_equal(
f"telegram_notification_egress_migration_plan_draft.summary.{key}",
telegram_notification_egress_migration_plan_draft["summary"][key],
expected,
)
assert_equal(
"telegram_notification_egress_migration_plan_draft.proposed_waves",
telegram_notification_egress_migration_plan_draft["proposed_waves"],
[
"wave_1_workflow_notification_wrapper",
"wave_2_ops_notification_wrapper",
"wave_3_api_sender_gateway",
],
)
for key, value in telegram_notification_egress_migration_plan_draft["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"telegram_notification_egress_migration_plan_draft.execution_boundaries.{key}", value)
else:
assert_false(f"telegram_notification_egress_migration_plan_draft.execution_boundaries.{key}", value)
for item in telegram_notification_egress_migration_plan_draft["migration_candidates"]:
assert_equal(
f"telegram_notification_egress_migration_plan_draft.{item['migration_candidate_id']}.plan_fields",
len(item["plan_fields"]),
17,
)
assert_equal(
f"telegram_notification_egress_migration_plan_draft.{item['migration_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
15,
)
assert_equal(
f"telegram_notification_egress_migration_plan_draft.{item['migration_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
9,
)
assert_equal(
f"telegram_notification_egress_migration_plan_draft.{item['migration_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
21,
)
for true_key in [
"owner_response_required",
"maintenance_window_required",
"rollback_owner_required",
"postcheck_required",
"delivery_receipt_required",
"not_authorization",
]:
assert_true(
f"telegram_notification_egress_migration_plan_draft.{item['migration_candidate_id']}.{true_key}",
item[true_key],
)
for false_key in [
"owner_response_received",
"owner_response_accepted",
"migration_authorized",
"workflow_modification_authorized",
"script_modification_authorized",
"api_sender_refactor_authorized",
"telegram_send_authorized",
"bot_api_call_authorized",
"secret_value_collection_allowed",
"raw_payload_storage_allowed",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"telegram_notification_egress_migration_plan_draft.{item['migration_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"telegram_notification_egress_no_new_bypass_guard.schema",
telegram_notification_egress_no_new_bypass_guard["schema_version"],
"telegram_notification_egress_no_new_bypass_guard_v1",
)
assert_equal(
"telegram_notification_egress_no_new_bypass_guard.status",
telegram_notification_egress_no_new_bypass_guard["status"],
"pass_no_new_bypass",
)
assert_equal(
"telegram_notification_egress_no_new_bypass_guard.mode",
telegram_notification_egress_no_new_bypass_guard["mode"],
"repo_source_scan_no_secret_value_no_telegram_send",
)
expected_telegram_egress_no_new_bypass_summary = {
"source_direct_bot_api_call_count": 18,
"source_direct_bot_api_file_count": 11,
"baseline_signature_count": 18,
"current_direct_bot_api_call_count": 18,
"current_direct_bot_api_file_count": 11,
"guarded_method_count": 9,
"sendMessage_call_count": 18,
"sendDocument_call_count": 0,
"sendPhoto_call_count": 0,
"sendMediaGroup_call_count": 0,
"editMessageText_call_count": 0,
"other_guarded_method_call_count": 0,
"new_bypass_count": 0,
"new_bypass_file_count": 0,
"removed_baseline_call_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_telegram_egress_no_new_bypass_summary.items():
assert_equal(
f"telegram_notification_egress_no_new_bypass_guard.summary.{key}",
telegram_notification_egress_no_new_bypass_guard["summary"][key],
expected,
)
assert_equal(
"telegram_notification_egress_no_new_bypass_guard.current_paths",
[item["path"] for item in telegram_notification_egress_no_new_bypass_guard["current_direct_bot_api_calls"]],
[
".gitea/workflows/cd-dev.yaml",
".gitea/workflows/cd-dev.yaml",
".gitea/workflows/cd-dev.yaml",
".gitea/workflows/cd.yaml",
".gitea/workflows/cd.yaml",
".gitea/workflows/cd.yaml",
".gitea/workflows/cd.yaml",
".gitea/workflows/cd.yaml",
".gitea/workflows/code-review.yaml",
".gitea/workflows/code-review.yaml",
".gitea/workflows/deploy-alerts.yaml",
".gitea/workflows/e2e-health.yaml",
".gitea/workflows/run-migration.yml",
"apps/api/src/services/channel_hub.py",
"scripts/ops/backup-from-110.sh",
"scripts/ops/docker-health-monitor.sh",
"scripts/ops/dr-drill.sh",
"scripts/ops/pg-backup.sh",
],
)
assert_equal(
"telegram_notification_egress_no_new_bypass_guard.new_bypass_findings",
telegram_notification_egress_no_new_bypass_guard["new_bypass_findings"],
[],
)
assert_equal(
"telegram_notification_egress_no_new_bypass_guard.removed_baseline_signatures",
telegram_notification_egress_no_new_bypass_guard["removed_baseline_signatures"],
[],
)
for key, value in telegram_notification_egress_no_new_bypass_guard["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"telegram_notification_egress_no_new_bypass_guard.execution_boundaries.{key}", value)
else:
assert_false(f"telegram_notification_egress_no_new_bypass_guard.execution_boundaries.{key}", value)
assert_equal(
"telegram_notification_egress_owner_response_acceptance.schema",
telegram_notification_egress_owner_response_acceptance["schema_version"],
"telegram_notification_egress_owner_response_acceptance_v1",
)
assert_equal(
"telegram_notification_egress_owner_response_acceptance.status",
telegram_notification_egress_owner_response_acceptance["status"],
"owner_response_acceptance_ledger_ready_no_runtime_action",
)
assert_equal(
"telegram_notification_egress_owner_response_acceptance.mode",
telegram_notification_egress_owner_response_acceptance["mode"],
"metadata_only_no_secret_value_no_telegram_send_no_workflow_script_api_change",
)
expected_telegram_egress_owner_response_acceptance_summary = {
"source_request_draft_count": 11,
"source_migration_candidate_count": 11,
"source_direct_bot_api_call_count": 18,
"acceptance_candidate_count": 11,
"workflow_acceptance_candidate_count": 6,
"ops_script_acceptance_candidate_count": 4,
"api_direct_acceptance_candidate_count": 1,
"acceptance_field_count": 33,
"required_owner_field_count": 19,
"reviewer_check_count": 23,
"outcome_lane_count": 10,
"forbidden_payload_count": 14,
"blocked_action_count": 35,
"request_sent_count": 0,
"recipient_confirmed_count": 0,
"audit_event_emitted_count": 0,
"owner_response_received_count": 0,
"owner_response_accepted_count": 0,
"owner_response_rejected_count": 0,
"owner_response_quarantined_count": 0,
"supplement_requested_count": 0,
"formatter_convergence_accepted_count": 0,
"redaction_contract_accepted_count": 0,
"delivery_receipt_accepted_count": 0,
"break_glass_fallback_accepted_count": 0,
"maintenance_window_accepted_count": 0,
"rollback_owner_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"dedup_or_fingerprint_accepted_count": 0,
"no_false_green_accepted_count": 0,
"direct_bot_api_migration_authorized_count": 0,
"workflow_modification_authorized_count": 0,
"script_modification_authorized_count": 0,
"api_sender_refactor_authorized_count": 0,
"telegram_send_authorized_count": 0,
"bot_api_call_authorized_count": 0,
"workflow_dispatch_authorized_count": 0,
"production_deploy_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"raw_payload_storage_allowed_count": 0,
"production_write_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
}
for key, expected in expected_telegram_egress_owner_response_acceptance_summary.items():
assert_equal(
f"telegram_notification_egress_owner_response_acceptance.summary.{key}",
telegram_notification_egress_owner_response_acceptance["summary"][key],
expected,
)
assert_equal(
"telegram_notification_egress_owner_response_acceptance.source_paths",
[item["source_path"] for item in telegram_notification_egress_owner_response_acceptance["acceptance_candidates"]],
expected_telegram_egress_request_paths,
)
for key, value in telegram_notification_egress_owner_response_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(
f"telegram_notification_egress_owner_response_acceptance.execution_boundaries.{key}",
value,
)
else:
assert_false(
f"telegram_notification_egress_owner_response_acceptance.execution_boundaries.{key}",
value,
)
for item in telegram_notification_egress_owner_response_acceptance["acceptance_candidates"]:
assert_equal(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.acceptance_fields",
len(item["acceptance_fields"]),
33,
)
assert_equal(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.required_owner_fields",
len(item["required_owner_fields"]),
19,
)
assert_equal(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
23,
)
assert_equal(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.message_readability_guard_ref",
item.get("message_readability_guard_ref"),
"docs/security/telegram-alert-readability-guard.snapshot.json",
)
assert_equal(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
10,
)
assert_equal(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.forbidden_payloads",
len(item["forbidden_payloads"]),
14,
)
assert_equal(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
35,
)
assert_true(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.not_authorization",
item["not_authorization"],
)
for false_key in [
"request_sent",
"recipient_confirmed",
"audit_event_emitted",
"owner_response_received",
"owner_response_accepted",
"owner_response_rejected",
"owner_response_quarantined",
"supplement_requested",
"formatter_convergence_accepted",
"redaction_contract_accepted",
"delivery_receipt_accepted",
"break_glass_fallback_accepted",
"maintenance_window_accepted",
"rollback_owner_accepted",
"postcheck_evidence_accepted",
"dedup_or_fingerprint_accepted",
"no_false_green_accepted",
"direct_bot_api_migration_authorized",
"workflow_modification_authorized",
"script_modification_authorized",
"api_sender_refactor_authorized",
"telegram_send_authorized",
"bot_api_call_authorized",
"workflow_dispatch_authorized",
"production_deploy_authorized",
"secret_value_collection_allowed",
"raw_payload_storage_allowed",
"production_write_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"telegram_notification_egress_owner_response_acceptance.{item['acceptance_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"public_runtime_config_change_evidence_acceptance.schema",
public_runtime_config_change_evidence_acceptance["schema_version"],
"public_runtime_config_change_evidence_acceptance_v1",
)
assert_equal(
"public_runtime_config_change_evidence_acceptance.status",
public_runtime_config_change_evidence_acceptance["status"],
"change_evidence_acceptance_ledger_ready_no_runtime_action",
)
assert_equal(
"public_runtime_config_change_evidence_acceptance.mode",
public_runtime_config_change_evidence_acceptance["mode"],
"metadata_only_no_secret_no_route_change_no_deploy",
)
expected_public_runtime_config_summary = {
"change_evidence_candidate_count": 6,
"c0_change_evidence_candidate_count": 5,
"c1_change_evidence_candidate_count": 1,
"write_capable_candidate_count": 6,
"source_ref_count": 20,
"existing_source_ref_count": 20,
"required_evidence_field_count": 21,
"reviewer_check_count": 21,
"outcome_lane_count": 8,
"blocked_action_count": 32,
"change_evidence_received_count": 0,
"change_evidence_accepted_count": 0,
"route_scope_accepted_count": 0,
"admin_auth_boundary_accepted_count": 0,
"api_contract_readback_accepted_count": 0,
"cors_origin_diff_accepted_count": 0,
"frontend_env_diff_accepted_count": 0,
"i18n_redaction_review_accepted_count": 0,
"webhook_callback_owner_accepted_count": 0,
"desktop_mobile_smoke_accepted_count": 0,
"sensitive_string_scan_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"runtime_approval_package_ready_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"public_admin_api_runtime_config_coverage_percent_before_acceptance": 62,
"public_admin_api_runtime_config_coverage_percent_after_acceptance": 64,
}
for key, expected in expected_public_runtime_config_summary.items():
assert_equal(
f"public_runtime_config_change_evidence_acceptance.summary.{key}",
public_runtime_config_change_evidence_acceptance["summary"][key],
expected,
)
for key, value in public_runtime_config_change_evidence_acceptance["execution_boundaries"].items():
if key == "not_authorization":
assert_true(f"public_runtime_config_change_evidence_acceptance.execution_boundaries.{key}", value)
else:
assert_false(f"public_runtime_config_change_evidence_acceptance.execution_boundaries.{key}", value)
expected_public_runtime_config_ids = [
"public_runtime_config_change_evidence:public_product_route_and_i18n_redaction",
"public_runtime_config_change_evidence:admin_auth_and_operator_console_boundary",
"public_runtime_config_change_evidence:api_cors_and_public_url_runtime_config",
"public_runtime_config_change_evidence:frontend_env_and_sentry_tunnel_runtime_config",
"public_runtime_config_change_evidence:webhook_callback_and_notification_runtime_config",
"public_runtime_config_change_evidence:cross_product_runtime_route_scope",
]
assert_equal(
"public_runtime_config_change_evidence_acceptance.candidate_ids",
[
item["change_evidence_candidate_id"]
for item in public_runtime_config_change_evidence_acceptance["change_evidence_candidates"]
],
expected_public_runtime_config_ids,
)
expected_public_runtime_config_check_ids = [
"change_ref_present",
"affected_route_refs_present",
"public_url_not_internal_ip",
"admin_auth_boundary_called_out",
"api_contract_readback_present",
"cors_origin_diff_ref_only",
"frontend_env_diff_ref_present",
"i18n_redaction_review_present",
"webhook_callback_owner_present",
"desktop_mobile_smoke_present",
"api_health_readback_present",
"sensitive_string_scan_present",
"console_error_scan_present",
"no_secret_value_or_cookie",
"security_header_or_cookie_impact_called_out",
"blast_radius_present",
"maintenance_window_present",
"rollback_owner_present",
"postcheck_evidence_present",
"no_runtime_action_claim",
"cross_project_sync_noted",
]
assert_equal(
"public_runtime_config_change_evidence_acceptance.reviewer_check_ids",
[item["check_id"] for item in public_runtime_config_change_evidence_acceptance["reviewer_checks"]],
expected_public_runtime_config_check_ids,
)
expected_public_runtime_config_outcome_ids = [
"waiting_change_evidence",
"quarantine_sensitive_payload",
"reject_unredacted_or_runtime_claim",
"request_supplement",
"ready_for_reviewer_acceptance",
"ready_for_runtime_approval_package",
"waiting_maintenance_window",
"waiting_runtime_gate",
]
assert_equal(
"public_runtime_config_change_evidence_acceptance.outcome_lane_ids",
[item["lane_id"] for item in public_runtime_config_change_evidence_acceptance["outcome_lanes"]],
expected_public_runtime_config_outcome_ids,
)
expected_public_runtime_config_blocked_actions = [
"change_public_route",
"change_admin_route",
"change_api_route",
"change_cors_origin",
"modify_next_public_env",
"expose_internal_ip",
"expose_repo_slug",
"expose_owner_namespace",
"expose_secret_value",
"bypass_auth",
"change_callback_url",
"change_webhook_secret",
"modify_middleware_auth",
"disable_csrf",
"disable_rate_limit",
"change_cookie_policy",
"change_security_headers",
"publish_internal_transcript",
"publish_internal_status_code",
"deploy_frontend",
"deploy_api",
"rewrite_nginx_route",
"change_public_url",
"change_openapi_contract",
"mutate_database",
"run_migration",
"send_webhook",
"active_scan",
"enable_action_button",
"production_deploy",
"force_push",
"switch_github_primary",
]
assert_equal(
"public_runtime_config_change_evidence_acceptance.blocked_actions",
public_runtime_config_change_evidence_acceptance["blocked_actions"],
expected_public_runtime_config_blocked_actions,
)
for item in public_runtime_config_change_evidence_acceptance["change_evidence_candidates"]:
assert_equal(
f"public_runtime_config_change_evidence_acceptance.{item['change_evidence_candidate_id']}.change_evidence_fields",
len(item["change_evidence_fields"]),
24,
)
assert_equal(
f"public_runtime_config_change_evidence_acceptance.{item['change_evidence_candidate_id']}.required_evidence_fields",
len(item["required_evidence_fields"]),
21,
)
assert_equal(
f"public_runtime_config_change_evidence_acceptance.{item['change_evidence_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
21,
)
assert_equal(
f"public_runtime_config_change_evidence_acceptance.{item['change_evidence_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
8,
)
assert_equal(
f"public_runtime_config_change_evidence_acceptance.{item['change_evidence_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
32,
)
assert_true(
f"public_runtime_config_change_evidence_acceptance.{item['change_evidence_candidate_id']}.not_approval",
item["not_approval"],
)
for false_key in [
"change_evidence_received",
"change_evidence_accepted",
"change_evidence_rejected",
"change_evidence_quarantined",
"route_scope_accepted",
"admin_auth_boundary_accepted",
"api_contract_readback_accepted",
"cors_origin_diff_accepted",
"frontend_env_diff_accepted",
"i18n_redaction_review_accepted",
"webhook_callback_owner_accepted",
"desktop_mobile_smoke_accepted",
"sensitive_string_scan_accepted",
"postcheck_evidence_accepted",
"runtime_approval_package_ready",
"runtime_execution_authorized",
"runtime_config_change_authorized",
"public_route_change_authorized",
"admin_route_change_authorized",
"api_route_change_authorized",
"cors_change_authorized",
"frontend_env_change_authorized",
"middleware_auth_change_authorized",
"callback_url_change_authorized",
"webhook_receiver_change_authorized",
"webhook_secret_change_authorized",
"security_header_change_authorized",
"cookie_policy_change_authorized",
"csrf_disable_authorized",
"rate_limit_disable_authorized",
"api_contract_change_authorized",
"i18n_public_text_internal_identity_allowed",
"internal_ip_exposure_allowed",
"repo_namespace_exposure_allowed",
"owner_namespace_exposure_allowed",
"internal_status_code_exposure_allowed",
"internal_transcript_exposure_allowed",
"secret_value_collection_allowed",
"secret_hash_collection_allowed",
"partial_token_collection_allowed",
"raw_payload_storage_allowed",
"desktop_mobile_smoke_authorized",
"route_smoke_authorized",
"production_deploy_authorized",
"database_migration_authorized",
"force_push_authorized",
"github_primary_switch_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"public_runtime_config_change_evidence_acceptance.{item['change_evidence_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"iwooos_projection.summary.domain_tls_certbot_inventory_managed_domain_count",
iwooos_projection["summary"]["domain_tls_certbot_inventory_managed_domain_count"],
14,
)
assert_equal(
"iwooos_projection.summary.domain_tls_certbot_inventory_owner_confirmation_required_count",
iwooos_projection["summary"]["domain_tls_certbot_inventory_owner_confirmation_required_count"],
4,
)
assert_equal(
"iwooos_projection.summary.domain_tls_certbot_inventory_runtime_gate_count",
iwooos_projection["summary"]["domain_tls_certbot_inventory_runtime_gate_count"],
0,
)
for source_path in [
"docs/security/domain-tls-certbot-inventory.snapshot.json",
"docs/security/DOMAIN-TLS-CERTBOT-INVENTORY.md",
"docs/schemas/domain_tls_certbot_inventory_v1.schema.json",
]:
assert_contains("iwooos_projection.source_paths", iwooos_projection["source_paths"], source_path)
assert_text_contains(
"iwooos_page.domain_tls_certbot_inventory_testid",
iwooos_projection_page,
'data-testid="iwooos-domain-tls-certbot-inventory-board"',
)
assert_text_contains(
"iwooos_page.domain_tls_certbot_inventory_boundary_testid",
iwooos_projection_page,
'data-testid="iwooos-domain-tls-certbot-inventory-boundaries"',
)
assert_text_contains(
"iwooos_page.domain_tls_certbot_inventory_component",
iwooos_projection_page,
"IwoooSDomainTlsCertbotInventoryBoard",
)
for text in [
"domain_tls_certbot_inventory_frontstage_summary_count=4",
"domain_tls_certbot_inventory_frontstage_item_count=5",
"domain_tls_certbot_inventory_source_config_count=3",
"domain_tls_certbot_inventory_managed_domain_count=14",
"domain_tls_certbot_inventory_unique_certificate_path_count=10",
"domain_tls_certbot_inventory_acme_challenge_domain_count=7",
"domain_tls_certbot_inventory_owner_confirmation_required_count=4",
"domain_tls_certbot_inventory_admin_route_domain_count=1",
"domain_tls_certbot_inventory_websocket_route_domain_count=6",
"domain_tls_certbot_inventory_request_sent_count=0",
"domain_tls_certbot_inventory_received_response_count=0",
"domain_tls_certbot_inventory_accepted_response_count=0",
"domain_tls_certbot_inventory_runtime_gate_count=0",
"domain_tls_certbot_inventory_live_tls_probe_executed=false",
"domain_tls_certbot_inventory_dns_change_executed=false",
"domain_tls_certbot_inventory_certbot_renew_executed=false",
"domain_tls_certbot_inventory_nginx_reload_executed=false",
"domain_tls_certbot_inventory_action_buttons_allowed=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
]:
assert_text_contains(
"iwooos_page.domain_tls_certbot_inventory_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.domainTlsCertbotInventory",
list(web_messages_zh["iwooos"].keys()),
"domainTlsCertbotInventory",
)
assert_contains(
"web_messages.en.iwooos.domainTlsCertbotInventory",
list(web_messages_en["iwooos"].keys()),
"domainTlsCertbotInventory",
)
for key in [
"eyebrow",
"title",
"subtitle",
"checkLabel",
"stateLabel",
"boundaryTitle",
"boundaryIntro",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.domainTlsCertbotInventory.keys",
list(web_messages_zh["iwooos"]["domainTlsCertbotInventory"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.domainTlsCertbotInventory.keys",
list(web_messages_en["iwooos"]["domainTlsCertbotInventory"].keys()),
key,
)
for key in ["domains", "certPaths", "ownerConfirm", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.domainTlsCertbotInventory.summary",
list(web_messages_zh["iwooos"]["domainTlsCertbotInventory"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.domainTlsCertbotInventory.summary",
list(web_messages_en["iwooos"]["domainTlsCertbotInventory"]["summary"].keys()),
key,
)
for key in ["repoSource", "domainMap", "acmeRoutes", "ownerConfirmation", "runtimeBoundary"]:
assert_contains(
"web_messages.zh-TW.iwooos.domainTlsCertbotInventory.items",
list(web_messages_zh["iwooos"]["domainTlsCertbotInventory"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.domainTlsCertbotInventory.items",
list(web_messages_en["iwooos"]["domainTlsCertbotInventory"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.three_axis_product_progress_testid",
iwooos_projection_page,
'data-testid="iwooos-three-axis-product-progress-board"',
)
assert_text_contains(
"iwooos_page.three_axis_product_progress_component",
iwooos_projection_page,
"IwoooSThreeAxisProductProgressBoard",
)
for text in [
"iwooos_three_axis_progress_headline_percent=64",
"iwooos_three_axis_progress_framework_percent=92",
"iwooos_three_axis_progress_runtime_percent=40-45",
"iwooos_three_axis_progress_product_scope_count=8",
"iwooos_three_axis_progress_all_products_read_only=true",
"iwooos_three_axis_progress_vibework_read_only_in_scope=true",
"iwooos_three_axis_progress_vibework_runtime_ready=false",
"iwooos_three_axis_progress_agent_bounty_read_only_in_scope=true",
"iwooos_three_axis_progress_agent_bounty_runtime_ready=false",
"iwooos_three_axis_progress_runtime_product_rollout_count=0",
"iwooos_three_axis_progress_first_runtime_gate=s4_9_owner_response_accepted",
"iwooos_three_axis_progress_owner_response_accepted_count=0",
"iwooos_three_axis_progress_active_runtime_gate_count=0",
"iwooos_three_axis_progress_production_deploy_count=1",
"iwooos_three_axis_progress_kali_execution_authorized=false",
"iwooos_three_axis_progress_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.three_axis_product_progress_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.threeAxisProductProgress",
list(web_messages_zh["iwooos"].keys()),
"threeAxisProductProgress",
)
assert_contains(
"web_messages.en.iwooos.threeAxisProductProgress",
list(web_messages_en["iwooos"].keys()),
"threeAxisProductProgress",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"scopeLabel",
"currentLabel",
"nextLabel",
"boundaryLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.threeAxisProductProgress.keys",
list(web_messages_zh["iwooos"]["threeAxisProductProgress"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.threeAxisProductProgress.keys",
list(web_messages_en["iwooos"]["threeAxisProductProgress"].keys()),
key,
)
for key in ["headline", "framework", "runtime", "products"]:
assert_contains(
"web_messages.zh-TW.iwooos.threeAxisProductProgress.summary",
list(web_messages_zh["iwooos"]["threeAxisProductProgress"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.threeAxisProductProgress.summary",
list(web_messages_en["iwooos"]["threeAxisProductProgress"]["summary"].keys()),
key,
)
for key in [
"awoooiCore",
"websites",
"sourceControl",
"hosts",
"toolsMonitoring",
"vibeWork",
"agentBountyProtocol",
"futureProducts",
]:
assert_contains(
"web_messages.zh-TW.iwooos.threeAxisProductProgress.items",
list(web_messages_zh["iwooos"]["threeAxisProductProgress"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.threeAxisProductProgress.items",
list(web_messages_en["iwooos"]["threeAxisProductProgress"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_rollout_wave_ledger_testid",
iwooos_projection_page,
'data-testid="iwooos-product-rollout-wave-ledger-board"',
)
assert_text_contains(
"iwooos_page.product_rollout_wave_ledger_component",
iwooos_projection_page,
"IwoooSProductRolloutWaveLedgerBoard",
)
for text in [
"iwooos_product_rollout_wave_count=8",
"iwooos_product_rollout_all_products_count=8",
"iwooos_product_rollout_current_wave=read_only_visibility",
"iwooos_product_rollout_vibework_project_wave=read_only_visibility",
"iwooos_product_rollout_vibework_runtime_ready=false",
"iwooos_product_rollout_agent_bounty_project_wave=read_only_visibility",
"iwooos_product_rollout_agent_bounty_runtime_ready=false",
"iwooos_product_rollout_runtime_wave_count=0",
"iwooos_product_rollout_enforcement_wave_count=0",
"iwooos_product_rollout_owner_response_accepted_count=0",
"iwooos_product_rollout_active_runtime_gate_count=0",
"iwooos_product_rollout_first_runtime_candidate=s4_9_owner_response_accepted",
"iwooos_product_rollout_all_products_read_only=true",
"iwooos_product_rollout_public_secret_exposure_allowed=false",
"iwooos_product_rollout_kali_execution_authorized=false",
"iwooos_product_rollout_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_rollout_wave_ledger_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutWaveLedger",
list(web_messages_zh["iwooos"].keys()),
"productRolloutWaveLedger",
)
assert_contains(
"web_messages.en.iwooos.productRolloutWaveLedger",
list(web_messages_en["iwooos"].keys()),
"productRolloutWaveLedger",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"waveLabel",
"allowedLabel",
"beforeRuntimeLabel",
"forbiddenLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutWaveLedger.keys",
list(web_messages_zh["iwooos"]["productRolloutWaveLedger"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutWaveLedger.keys",
list(web_messages_en["iwooos"]["productRolloutWaveLedger"].keys()),
key,
)
for key in ["waves", "current", "runtime", "nextGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutWaveLedger.summary",
list(web_messages_zh["iwooos"]["productRolloutWaveLedger"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutWaveLedger.summary",
list(web_messages_en["iwooos"]["productRolloutWaveLedger"]["summary"].keys()),
key,
)
for key in [
"coreProduct",
"publicSurfaces",
"sourceControl",
"hostCoverage",
"monitoringTools",
"vibeWorkProject",
"agentBountyProtocol",
"futureTemplate",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutWaveLedger.items",
list(web_messages_zh["iwooos"]["productRolloutWaveLedger"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutWaveLedger.items",
list(web_messages_en["iwooos"]["productRolloutWaveLedger"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_rollout_acceptance_gates_testid",
iwooos_projection_page,
'data-testid="iwooos-product-rollout-acceptance-gates-board"',
)
assert_text_contains(
"iwooos_page.product_rollout_acceptance_gates_component",
iwooos_projection_page,
"IwoooSProductRolloutAcceptanceGatesBoard",
)
for text in [
"iwooos_product_rollout_acceptance_gate_count=6",
"iwooos_product_rollout_acceptance_current_stage=read_only_acceptance",
"iwooos_product_rollout_acceptance_passed_count=0",
"iwooos_product_rollout_acceptance_failed_count=0",
"iwooos_product_rollout_acceptance_owner_response_received_count=0",
"iwooos_product_rollout_acceptance_owner_response_accepted_count=0",
"iwooos_product_rollout_acceptance_redacted_evidence_pointer_count=0",
"iwooos_product_rollout_acceptance_source_control_proof_count=0",
"iwooos_product_rollout_acceptance_host_safety_window_approved=false",
"iwooos_product_rollout_acceptance_rollback_disable_ready=false",
"iwooos_product_rollout_acceptance_runtime_gate_open=false",
"iwooos_product_rollout_acceptance_runtime_wave_count=0",
"iwooos_product_rollout_acceptance_enforcement_wave_count=0",
"iwooos_product_rollout_acceptance_public_secret_exposure_allowed=false",
"iwooos_product_rollout_acceptance_kali_execution_authorized=false",
"iwooos_product_rollout_acceptance_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_rollout_acceptance_gates_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutAcceptanceGates",
list(web_messages_zh["iwooos"].keys()),
"productRolloutAcceptanceGates",
)
assert_contains(
"web_messages.en.iwooos.productRolloutAcceptanceGates",
list(web_messages_en["iwooos"].keys()),
"productRolloutAcceptanceGates",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"gateLabel",
"requiredEvidenceLabel",
"acceptanceSignalLabel",
"stillClosedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutAcceptanceGates.keys",
list(web_messages_zh["iwooos"]["productRolloutAcceptanceGates"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutAcceptanceGates.keys",
list(web_messages_en["iwooos"]["productRolloutAcceptanceGates"].keys()),
key,
)
for key in ["gateCount", "passed", "ownerEvidence", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutAcceptanceGates.summary",
list(web_messages_zh["iwooos"]["productRolloutAcceptanceGates"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutAcceptanceGates.summary",
list(web_messages_en["iwooos"]["productRolloutAcceptanceGates"]["summary"].keys()),
key,
)
for key in [
"visibilityEvidence",
"ownerEvidence",
"redactionReview",
"sourceControlProof",
"hostSafetyWindow",
"rollbackDisable",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutAcceptanceGates.items",
list(web_messages_zh["iwooos"]["productRolloutAcceptanceGates"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutAcceptanceGates.items",
list(web_messages_en["iwooos"]["productRolloutAcceptanceGates"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_rollout_acceptance_outcomes_testid",
iwooos_projection_page,
'data-testid="iwooos-product-rollout-acceptance-outcomes-board"',
)
assert_text_contains(
"iwooos_page.product_rollout_acceptance_outcomes_component",
iwooos_projection_page,
"IwoooSProductRolloutAcceptanceOutcomesBoard",
)
for text in [
"iwooos_product_rollout_acceptance_outcome_lane_count=7",
"iwooos_product_rollout_acceptance_outcome_current_stage=read_only_outcome_routing",
"iwooos_product_rollout_acceptance_outcome_keep_read_only_lane_count=1",
"iwooos_product_rollout_acceptance_outcome_returned_for_evidence_count=0",
"iwooos_product_rollout_acceptance_outcome_quarantined_count=0",
"iwooos_product_rollout_acceptance_outcome_source_control_hold_count=0",
"iwooos_product_rollout_acceptance_outcome_host_safety_hold_count=0",
"iwooos_product_rollout_acceptance_outcome_human_review_candidate_count=0",
"iwooos_product_rollout_acceptance_outcome_runtime_candidate_count=0",
"iwooos_product_rollout_acceptance_outcome_owner_response_received_count=0",
"iwooos_product_rollout_acceptance_outcome_owner_response_accepted_count=0",
"iwooos_product_rollout_acceptance_outcome_redacted_evidence_accepted_count=0",
"iwooos_product_rollout_acceptance_outcome_active_runtime_gate_count=0",
"iwooos_product_rollout_acceptance_outcome_runtime_gate_open=false",
"iwooos_product_rollout_acceptance_outcome_runtime_wave_count=0",
"iwooos_product_rollout_acceptance_outcome_enforcement_wave_count=0",
"iwooos_product_rollout_acceptance_outcome_public_secret_exposure_allowed=false",
"iwooos_product_rollout_acceptance_outcome_kali_execution_authorized=false",
"iwooos_product_rollout_acceptance_outcome_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_rollout_acceptance_outcomes_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutAcceptanceOutcomes",
list(web_messages_zh["iwooos"].keys()),
"productRolloutAcceptanceOutcomes",
)
assert_contains(
"web_messages.en.iwooos.productRolloutAcceptanceOutcomes",
list(web_messages_en["iwooos"].keys()),
"productRolloutAcceptanceOutcomes",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"laneLabel",
"whyLabel",
"nextLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutAcceptanceOutcomes.keys",
list(web_messages_zh["iwooos"]["productRolloutAcceptanceOutcomes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutAcceptanceOutcomes.keys",
list(web_messages_en["iwooos"]["productRolloutAcceptanceOutcomes"].keys()),
key,
)
for key in ["outcomes", "accepted", "quarantine", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutAcceptanceOutcomes.summary",
list(web_messages_zh["iwooos"]["productRolloutAcceptanceOutcomes"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutAcceptanceOutcomes.summary",
list(web_messages_en["iwooos"]["productRolloutAcceptanceOutcomes"]["summary"].keys()),
key,
)
for key in [
"keepReadOnly",
"returnEvidence",
"quarantineSensitive",
"sourceControlHold",
"hostSafetyHold",
"humanReviewCandidate",
"runtimeDenied",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productRolloutAcceptanceOutcomes.items",
list(web_messages_zh["iwooos"]["productRolloutAcceptanceOutcomes"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productRolloutAcceptanceOutcomes.items",
list(web_messages_en["iwooos"]["productRolloutAcceptanceOutcomes"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_map_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-map-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_map_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringMapBoard",
)
for text in [
"iwooos_product_evidence_wiring_channel_count=6",
"iwooos_product_evidence_wiring_current_stage=read_only_evidence_wiring",
"iwooos_product_evidence_wiring_visible_channel_count=6",
"iwooos_product_evidence_wiring_connected_product_count=0",
"iwooos_product_evidence_wiring_owner_response_received_count=0",
"iwooos_product_evidence_wiring_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_monitoring_tool_payload_ingested=false",
"iwooos_product_evidence_wiring_ready_for_human_review_count=0",
"iwooos_product_evidence_wiring_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_runtime_gate_open=false",
"iwooos_product_evidence_wiring_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_map_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringMap",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringMap",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringMap",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringMap",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"channelLabel",
"evidenceLabel",
"handoffLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringMap.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringMap"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringMap.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringMap"].keys()),
key,
)
for key in ["channels", "connected", "accepted", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringMap.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringMap"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringMap.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringMap"]["summary"].keys()),
key,
)
for key in [
"productScope",
"ownerResponse",
"redactedEvidence",
"sourceControlTruth",
"hostSafetyWindow",
"monitoringToolEvidence",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringMap.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringMap"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringMap.items",
list(web_messages_en["iwooos"]["productEvidenceWiringMap"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_check_count=6",
"iwooos_product_evidence_wiring_preflight_current_stage=read_only_evidence_wiring_preflight",
"iwooos_product_evidence_wiring_preflight_visible_check_count=6",
"iwooos_product_evidence_wiring_preflight_passed_count=0",
"iwooos_product_evidence_wiring_preflight_failed_count=0",
"iwooos_product_evidence_wiring_preflight_ready_for_connection_count=0",
"iwooos_product_evidence_wiring_preflight_returned_for_scope_count=0",
"iwooos_product_evidence_wiring_preflight_quarantined_count=0",
"iwooos_product_evidence_wiring_preflight_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_monitoring_tool_payload_ingested=false",
"iwooos_product_evidence_wiring_preflight_ready_for_human_review_count=0",
"iwooos_product_evidence_wiring_preflight_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflight",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflight",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflight",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflight",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"checkLabel",
"checkPointLabel",
"passSignalLabel",
"failRouteLabel",
"stillClosedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflight.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflight"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflight.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflight"].keys()),
key,
)
for key in ["checks", "passed", "quarantine", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflight.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflight"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflight.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflight"]["summary"].keys()),
key,
)
for key in [
"scopeMetadata",
"ownerEnvelope",
"redactionBoundary",
"sourceTruth",
"hostWindow",
"toolOutput",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflight.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflight"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflight.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflight"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_outcomes_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-outcomes-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_outcomes_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightOutcomesBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_outcome_lane_count=8",
"iwooos_product_evidence_wiring_preflight_outcome_current_stage=read_only_preflight_outcome_routing",
"iwooos_product_evidence_wiring_preflight_outcome_keep_read_only_lane_count=1",
"iwooos_product_evidence_wiring_preflight_outcome_ready_for_connection_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_returned_for_scope_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_returned_for_owner_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_quarantined_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_source_control_hold_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_host_safety_hold_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_tool_summary_hold_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_runtime_candidate_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_ready_for_human_review_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_outcome_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_outcome_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_outcome_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_outcome_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_outcomes_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightOutcomes",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightOutcomes",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightOutcomes",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightOutcomes",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"outcomeLabel",
"whyLabel",
"nextLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightOutcomes.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightOutcomes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightOutcomes.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightOutcomes"].keys()),
key,
)
for key in ["outcomes", "ready", "returned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightOutcomes.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightOutcomes"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightOutcomes.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightOutcomes"]["summary"].keys()),
key,
)
for key in [
"stayReadOnly",
"returnScope",
"returnOwnerEnvelope",
"quarantineSensitive",
"sourceTruthHold",
"hostWindowHold",
"toolSummaryHold",
"runtimeClosed",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightOutcomes.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightOutcomes"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightOutcomes.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightOutcomes"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_recovery_ledger_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-recovery-ledger-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_recovery_ledger_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightRecoveryLedgerBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_recovery_queue_count=7",
"iwooos_product_evidence_wiring_preflight_recovery_current_stage=read_only_recovery_ledger",
"iwooos_product_evidence_wiring_preflight_recovery_visible_queue_count=7",
"iwooos_product_evidence_wiring_preflight_recovery_submitted_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_returned_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_quarantined_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_ready_for_preflight_retry_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_ready_for_human_review_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_recovery_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_recovery_tool_summary_ingested=false",
"iwooos_product_evidence_wiring_preflight_recovery_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_recovery_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_recovery_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_recovery_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_recovery_ledger_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRecoveryLedger",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightRecoveryLedger",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRecoveryLedger",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightRecoveryLedger",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"queueLabel",
"ownerLabel",
"requiredLabel",
"handoffLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRecoveryLedger.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRecoveryLedger"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRecoveryLedger.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRecoveryLedger"].keys()),
key,
)
for key in ["queues", "submitted", "accepted", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRecoveryLedger.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRecoveryLedger"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRecoveryLedger.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRecoveryLedger"]["summary"].keys()),
key,
)
for key in [
"scopePacket",
"ownerEnvelope",
"redactedEvidence",
"sourceTruth",
"hostWindow",
"toolSummary",
"runtimeGate",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRecoveryLedger.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRecoveryLedger"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRecoveryLedger.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRecoveryLedger"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_gates_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-retry-gates-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_gates_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightRetryGatesBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_retry_gate_count=6",
"iwooos_product_evidence_wiring_preflight_retry_current_stage=read_only_recovery_retry_gate",
"iwooos_product_evidence_wiring_preflight_retry_visible_gate_count=6",
"iwooos_product_evidence_wiring_preflight_retry_candidate_count=0",
"iwooos_product_evidence_wiring_preflight_retry_submitted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_passed_count=0",
"iwooos_product_evidence_wiring_preflight_retry_failed_count=0",
"iwooos_product_evidence_wiring_preflight_retry_returned_count=0",
"iwooos_product_evidence_wiring_preflight_retry_quarantined_count=0",
"iwooos_product_evidence_wiring_preflight_retry_ready_for_connection_count=0",
"iwooos_product_evidence_wiring_preflight_retry_ready_for_human_review_count=0",
"iwooos_product_evidence_wiring_preflight_retry_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_retry_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_retry_tool_summary_ingested=false",
"iwooos_product_evidence_wiring_preflight_retry_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_retry_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_retry_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_retry_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_gates_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryGates",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightRetryGates",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryGates",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightRetryGates",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"gateLabel",
"readyLabel",
"retryLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryGates.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryGates"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryGates.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryGates"].keys()),
key,
)
for key in ["gates", "candidate", "passed", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryGates.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryGates"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryGates.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryGates"]["summary"].keys()),
key,
)
for key in [
"scopeReady",
"ownerReady",
"redactionReady",
"sourceReady",
"hostReady",
"toolReady",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryGates.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryGates"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryGates.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryGates"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_outcomes_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-retry-outcomes-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_outcomes_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightRetryOutcomesBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_retry_outcome_lane_count=8",
"iwooos_product_evidence_wiring_preflight_retry_outcome_current_stage=read_only_retry_outcome_routing",
"iwooos_product_evidence_wiring_preflight_retry_outcome_visible_lane_count=8",
"iwooos_product_evidence_wiring_preflight_retry_outcome_ready_for_connection_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_returned_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_quarantined_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_human_review_candidate_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_runtime_candidate_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_outcome_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_retry_outcome_tool_summary_ingested=false",
"iwooos_product_evidence_wiring_preflight_retry_outcome_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_retry_outcome_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_retry_outcome_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_retry_outcome_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_outcomes_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryOutcomes",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightRetryOutcomes",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryOutcomes",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightRetryOutcomes",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"outcomeLabel",
"decisionLabel",
"nextLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryOutcomes.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryOutcomes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryOutcomes.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryOutcomes"].keys()),
key,
)
for key in ["outcomes", "ready", "review", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryOutcomes.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryOutcomes"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryOutcomes.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryOutcomes"]["summary"].keys()),
key,
)
for key in [
"stayCandidate",
"returnSupplement",
"quarantineSensitive",
"sourceTruthReturn",
"hostWindowPause",
"toolSummaryReturn",
"humanReviewWait",
"runtimeStillClosed",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryOutcomes.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryOutcomes"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryOutcomes.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryOutcomes"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-retry-review-candidate-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightRetryReviewCandidateBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_packet_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_current_stage=read_only_retry_review_candidate_preparation",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_visible_packet_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_packet_completed_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_ready_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_queue_open=false",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_created_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_reviewer_assigned_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_audit_event_emitted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_ready_for_connection_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_tool_summary_ingested=false",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_retry_review_candidate_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidate",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidate",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidate",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidate",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"packetLabel",
"requiredLabel",
"handoffLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidate.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidate"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidate.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidate"].keys()),
key,
)
for key in ["packets", "ready", "queue", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidate.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidate"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidate.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidate"]["summary"].keys()),
key,
)
for key in [
"candidateIdentity",
"sourceOutcomeTrace",
"ownerScopePacket",
"redactionAttestation",
"sourceControlReadiness",
"hostSafetyWindow",
"toolSummaryEvidence",
"runtimeSeparation",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidate.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidate"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidate.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidate"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-retry-review-candidate-preflight-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightRetryReviewCandidatePreflightBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_check_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_current_stage=read_only_retry_review_candidate_preflight",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_visible_check_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_passed_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_failed_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_ready_for_queue_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_queue_open=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_candidate_created_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_reviewer_assigned_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_audit_event_emitted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_ready_for_connection_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_tool_summary_ingested=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflight",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidatePreflight",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflight",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidatePreflight",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"checkLabel",
"requirementLabel",
"passLabel",
"failLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflight.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflight"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflight.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflight"].keys()),
key,
)
for key in ["checks", "passed", "queue", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflight.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflight"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflight.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflight"]["summary"].keys()),
key,
)
for key in [
"candidateIdentity",
"sourceOutcomeTrace",
"ownerScope",
"redactionAttestation",
"sourceControlTruth",
"hostSafetyWindow",
"toolSummary",
"runtimeSeparation",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflight.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflight"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflight.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflight"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_outcomes_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-retry-review-candidate-preflight-outcomes-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_outcomes_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomesBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_lane_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_current_stage=read_only_retry_review_candidate_preflight_outcome_routing",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_visible_lane_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_ready_for_queue_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_returned_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_quarantined_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_candidate_created_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_reviewer_assigned_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_audit_event_emitted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_ready_for_connection_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_tool_summary_ingested=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_outcome_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_outcomes_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"outcomeLabel",
"decisionLabel",
"nextLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes"].keys()),
key,
)
for key in ["outcomes", "ready", "queue", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes"]["summary"].keys()),
key,
)
for key in [
"stayReadOnly",
"returnIdentity",
"returnTrace",
"returnOwnerScope",
"quarantineRedaction",
"sourceHostHold",
"readyForHumanReviewWait",
"runtimeStillClosed",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightOutcomes"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_ledger_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-retry-review-candidate-preflight-recovery-ledger-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_ledger_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedgerBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_queue_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_current_stage=read_only_retry_review_candidate_preflight_recovery_ledger",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_visible_queue_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_submitted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_rejected_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_quarantined_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_ready_for_preflight_retry_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_ready_for_human_review_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_candidate_created_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_reviewer_assigned_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_audit_event_emitted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_tool_summary_ingested=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_ledger_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"queueLabel",
"ownerLabel",
"requiredLabel",
"recoveryLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger"].keys()),
key,
)
for key in ["queues", "submitted", "accepted", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger"]["summary"].keys()),
key,
)
for key in [
"identitySupplement",
"traceSupplement",
"ownerScopeSupplement",
"redactionResubmission",
"sourceControlEvidence",
"hostWindowEvidence",
"toolSummarySupplement",
"runtimeAttestation",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryLedger"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_retry_gates_testid",
iwooos_projection_page,
'data-testid="iwooos-product-evidence-wiring-preflight-retry-review-candidate-preflight-recovery-retry-gates-board"',
)
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_retry_gates_component",
iwooos_projection_page,
"IwoooSProductEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGatesBoard",
)
for text in [
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_gate_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_current_stage=read_only_retry_review_candidate_preflight_recovery_retry_gate",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_visible_gate_count=8",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_candidate_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_submitted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_passed_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_failed_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_ready_for_preflight_retry_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_ready_for_human_review_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_candidate_created_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_reviewer_assigned_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_audit_event_emitted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_ready_for_runtime_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_owner_response_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_redacted_evidence_pointer_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_source_control_truth_accepted_count=0",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_host_safety_window_approved=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_tool_summary_ingested=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_runtime_gate_open=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_public_secret_exposure_allowed=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_kali_execution_authorized=false",
"iwooos_product_evidence_wiring_preflight_retry_review_preflight_recovery_retry_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.product_evidence_wiring_preflight_retry_review_candidate_preflight_recovery_retry_gates_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates",
list(web_messages_zh["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates",
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates",
list(web_messages_en["iwooos"].keys()),
"productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates",
)
for key in [
"title",
"subtitle",
"summary",
"items",
"gateLabel",
"readyLabel",
"retryLabel",
"blockedLabel",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates.keys",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates.keys",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates"].keys()),
key,
)
for key in ["gates", "candidates", "passed", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates.summary",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates.summary",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates"]["summary"].keys()),
key,
)
for key in [
"identityGate",
"traceGate",
"ownerScopeGate",
"redactionGate",
"sourceControlGate",
"hostWindowGate",
"toolSummaryGate",
"runtimeGate",
]:
assert_contains(
"web_messages.zh-TW.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates.items",
list(web_messages_zh["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates.items",
list(web_messages_en["iwooos"]["productEvidenceWiringPreflightRetryReviewCandidatePreflightRecoveryRetryGates"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.first_progress_unlock_path_testid",
iwooos_projection_page,
'data-testid="iwooos-first-progress-unlock-path-board"',
)
assert_text_contains(
"iwooos_page.first_progress_unlock_path_component",
iwooos_projection_page,
"IwoooSFirstProgressUnlockPathBoard",
)
assert_equal(
"iwooos_page.first_progress_unlock_path_render_count",
iwooos_projection_page.count("<IwoooSFirstProgressUnlockPathBoard />"),
1,
)
assert_text_before(
"iwooos_page.first_progress_unlock_path_before_visual_dashboard",
iwooos_projection_page,
"<IwoooSFirstProgressUnlockPathBoard />",
"<IwoooSVisualCommandDashboard />",
)
assert_text_before(
"iwooos_page.first_progress_unlock_path_first_layer_order",
iwooos_projection_page,
"<IwoooSFirstProgressUnlockPathBoard />",
"<IwoooSProfessionalSecurityExperience />",
)
assert_text_before(
"iwooos_page.decision_gate_group_contains_first_progress_unlock_path",
iwooos_projection_page,
'id="iwooos-decision-gate-visuals"',
"<IwoooSFirstProgressUnlockPathBoard />",
)
assert_text_before(
"iwooos_page.first_progress_unlock_path_before_scope_evidence_group",
iwooos_projection_page,
"<IwoooSFirstProgressUnlockPathBoard />",
'id="iwooos-scope-evidence-visuals"',
)
assert_text_contains(
"iwooos_page.first_progress_unlock_path_boundary_details",
iwooos_projection_page,
'data-testid="iwooos-first-progress-unlock-path-boundaries"',
)
expected_first_progress_unlock_path_step_ids = [
"owner_response_scope",
"redacted_evidence_pointer",
"intake_preflight",
"review_acceptance",
"headline_review_candidate",
]
first_progress_unlock_path_steps = iwooos_projection["first_progress_unlock_path_steps"]
assert_equal(
"iwooos_projection.first_progress_unlock_path_steps.ids",
[item["step_id"] for item in first_progress_unlock_path_steps],
expected_first_progress_unlock_path_step_ids,
)
assert_equal(
"iwooos_projection.first_progress_unlock_path_steps.display_order",
[item["display_order"] for item in first_progress_unlock_path_steps],
list(range(1, len(expected_first_progress_unlock_path_step_ids) + 1)),
)
for item in first_progress_unlock_path_steps:
assert_equal(
f"iwooos_projection.first_progress_unlock_path_steps.{item['step_id']}.source_focus",
item["source_focus"],
"s4_9_owner_response",
)
assert_equal(
f"iwooos_projection.first_progress_unlock_path_steps.{item['step_id']}.display_mode",
item["display_mode"],
"first_layer_progress_unlock_path",
)
for count_key in [
"owner_response_received_count",
"owner_response_accepted_count",
"redacted_evidence_pointer_count",
"preflight_passed_count",
]:
assert_equal(
f"iwooos_projection.first_progress_unlock_path_steps.{item['step_id']}.{count_key}",
item[count_key],
0,
)
for flag in [
"headline_review_authorized",
"runtime_gate_opened",
"runtime_execution_authorized",
"action_buttons_allowed",
]:
assert_false(
f"iwooos_projection.first_progress_unlock_path_steps.{item['step_id']}.{flag}",
item[flag],
)
assert_true(
f"iwooos_projection.first_progress_unlock_path_steps.{item['step_id']}.not_authorization",
item["not_authorization"],
)
expected_progress_integrity_signal_ids = [
"coverageVisible",
"evidenceMissing",
"executionLocked",
]
progress_integrity_signals = iwooos_projection["progress_integrity_ribbon_signals"]
assert_equal(
"iwooos_projection.progress_integrity_ribbon_signals.ids",
[item["signal_id"] for item in progress_integrity_signals],
expected_progress_integrity_signal_ids,
)
assert_equal(
"iwooos_projection.progress_integrity_ribbon_signals.display_order",
[item["display_order"] for item in progress_integrity_signals],
list(range(1, len(expected_progress_integrity_signal_ids) + 1)),
)
assert_equal(
"iwooos_projection.progress_integrity_ribbon_signals.percents",
[item["percent"] for item in progress_integrity_signals],
[92, 0, 0],
)
assert_equal(
"iwooos_projection.progress_integrity_ribbon_signals.values",
[item["value"] for item in progress_integrity_signals],
["9 類", "0 / 3", "0"],
)
for item in progress_integrity_signals:
signal_id = item["signal_id"]
assert_equal(
f"iwooos_projection.progress_integrity_ribbon_signals.{signal_id}.display_mode",
item["display_mode"],
"first_screen_progress_integrity_ribbon",
)
assert_equal(
f"iwooos_projection.progress_integrity_ribbon_signals.{signal_id}.headline_percent",
item["headline_percent"],
64,
)
assert_equal(
f"iwooos_projection.progress_integrity_ribbon_signals.{signal_id}.headline_percent_delta",
item["headline_percent_delta"],
3,
)
assert_equal(
f"iwooos_projection.progress_integrity_ribbon_signals.{signal_id}.runtime_gate_count",
item["runtime_gate_count"],
0,
)
assert_false(
f"iwooos_projection.progress_integrity_ribbon_signals.{signal_id}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.progress_integrity_ribbon_signals.{signal_id}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.progress_integrity_ribbon_signals.{signal_id}.not_authorization",
item["not_authorization"],
)
evidence_signal = next(item for item in progress_integrity_signals if item["signal_id"] == "evidenceMissing")
for count_key in [
"owner_response_received_count",
"owner_response_accepted_count",
"redacted_evidence_refs_received_count",
]:
assert_equal(
f"iwooos_projection.progress_integrity_ribbon_signals.evidenceMissing.{count_key}",
evidence_signal[count_key],
0,
)
execution_signal = next(item for item in progress_integrity_signals if item["signal_id"] == "executionLocked")
for flag in ["scan_authorized", "host_change_authorized", "source_control_mutation_authorized"]:
assert_false(
f"iwooos_projection.progress_integrity_ribbon_signals.executionLocked.{flag}",
execution_signal[flag],
)
for text in [
'data-testid="iwooos-progress-integrity-ribbon"',
'data-testid="iwooos-progress-integrity-ribbon-signals"',
'data-testid="iwooos-progress-integrity-ribbon-boundaries"',
"IwoooSProgressIntegrityRibbon",
"IwoooSProgressIntegritySignal",
"progressIntegritySignals",
"progressIntegrityRibbonBoundaries",
"conic-gradient",
"progressIntegrityRibbon",
]:
assert_text_contains(
"iwooos_page.progress_integrity_ribbon",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.progress_integrity_before_executive_snapshot",
iwooos_projection_page,
"<IwoooSProgressIntegrityRibbon />",
"<IwoooSExecutiveSnapshotBoard />",
)
for text in [
"iwooos_progress_integrity_ribbon_first_layer=true",
"iwooos_progress_integrity_ribbon_signal_count=3",
"iwooos_progress_integrity_ribbon_headline_percent=64",
"iwooos_progress_integrity_ribbon_headline_delta=3",
"iwooos_progress_integrity_ribbon_read_only_scope_count=9",
"iwooos_progress_integrity_ribbon_pending_evidence_gate_count=3",
"iwooos_progress_integrity_ribbon_runtime_gate_count=0",
"owner_response_received_count=0",
"owner_response_accepted_count=0",
"redacted_evidence_refs_received_count=0",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.progress_integrity_ribbon_boundary",
iwooos_projection_page,
text,
)
expected_executive_snapshot_card_ids = [
"visibleWork",
"assetMesh",
"nextBlocker",
"reviewFixCandidate",
"runtimeLock",
]
executive_snapshot_cards = iwooos_projection["executive_snapshot_cards"]
assert_equal(
"iwooos_projection.executive_snapshot_cards.ids",
[item["card_id"] for item in executive_snapshot_cards],
expected_executive_snapshot_card_ids,
)
assert_equal(
"iwooos_projection.executive_snapshot_cards.display_order",
[item["display_order"] for item in executive_snapshot_cards],
list(range(1, len(expected_executive_snapshot_card_ids) + 1)),
)
for item in executive_snapshot_cards:
card_id = item["card_id"]
assert_equal(
f"iwooos_projection.executive_snapshot_cards.{card_id}.display_mode",
item["display_mode"],
"first_screen_executive_snapshot",
)
assert_false(
f"iwooos_projection.executive_snapshot_cards.{card_id}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.executive_snapshot_cards.{card_id}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.executive_snapshot_cards.{card_id}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.executive_snapshot_cards.{card_id}.not_authorization",
item["not_authorization"],
)
runtime_lock_card = next(item for item in executive_snapshot_cards if item["card_id"] == "runtimeLock")
for flag in ["scan_authorized", "host_change_authorized", "source_control_mutation_authorized"]:
assert_false(
f"iwooos_projection.executive_snapshot_cards.runtimeLock.{flag}",
runtime_lock_card[flag],
)
next_blocker_card = next(item for item in executive_snapshot_cards if item["card_id"] == "nextBlocker")
for count_key in ["owner_response_received_count", "owner_response_accepted_count"]:
assert_equal(
f"iwooos_projection.executive_snapshot_cards.nextBlocker.{count_key}",
next_blocker_card[count_key],
0,
)
review_fix_candidate_card = next(
item for item in executive_snapshot_cards if item["card_id"] == "reviewFixCandidate"
)
for count_key in ["review_fix_candidate_count"]:
assert_equal(
f"iwooos_projection.executive_snapshot_cards.reviewFixCandidate.{count_key}",
review_fix_candidate_card[count_key],
0,
)
for flag in ["automatic_code_change_authorized", "automatic_deploy_authorized"]:
assert_false(
f"iwooos_projection.executive_snapshot_cards.reviewFixCandidate.{flag}",
review_fix_candidate_card[flag],
)
expected_executive_snapshot_axis_ids = [
"framework",
"evidence",
"runtime",
]
executive_snapshot_axes = iwooos_projection["executive_snapshot_axes"]
assert_equal(
"iwooos_projection.executive_snapshot_axes.ids",
[item["axis_id"] for item in executive_snapshot_axes],
expected_executive_snapshot_axis_ids,
)
assert_equal(
"iwooos_projection.executive_snapshot_axes.display_order",
[item["display_order"] for item in executive_snapshot_axes],
list(range(1, len(expected_executive_snapshot_axis_ids) + 1)),
)
assert_equal(
"iwooos_projection.executive_snapshot_axes.percents",
[item["percent"] for item in executive_snapshot_axes],
[92, 0, 0],
)
for item in executive_snapshot_axes:
axis_id = item["axis_id"]
assert_equal(
f"iwooos_projection.executive_snapshot_axes.{axis_id}.display_mode",
item["display_mode"],
"first_screen_executive_snapshot_axis",
)
assert_false(
f"iwooos_projection.executive_snapshot_axes.{axis_id}.runtime_delta",
item["runtime_delta"],
)
assert_true(
f"iwooos_projection.executive_snapshot_axes.{axis_id}.not_authorization",
item["not_authorization"],
)
for text in [
'data-testid="iwooos-executive-snapshot-board"',
'data-testid="iwooos-executive-snapshot-overview"',
'data-testid="iwooos-executive-snapshot-axes-grid"',
'data-testid="iwooos-executive-snapshot-cards-grid"',
'data-testid="iwooos-executive-snapshot-boundaries"',
"IwoooSExecutiveSnapshotBoard",
"IwoooSExecutiveSnapshotCard",
"IwoooSExecutiveSnapshotAxis",
"iwooosExecutiveSnapshotCards",
"iwooosExecutiveSnapshotAxes",
"iwooosExecutiveSnapshotBoundaries",
]:
assert_text_contains(
"iwooos_page.executive_snapshot",
iwooos_projection_page,
text,
)
for card_id in expected_executive_snapshot_card_ids:
assert_text_contains(
f"iwooos_page.executive_snapshot_card_{card_id}",
iwooos_projection_page,
f"data-testid={{`iwooos-executive-snapshot-card-${{item.key}}`}}",
)
for axis_id in expected_executive_snapshot_axis_ids:
assert_text_contains(
f"iwooos_page.executive_snapshot_axis_{axis_id}",
iwooos_projection_page,
f"data-testid={{`iwooos-executive-snapshot-axis-${{item.key}}`}}",
)
assert_text_before(
"iwooos_page.executive_snapshot_before_focus_deck",
iwooos_projection_page,
"<IwoooSExecutiveSnapshotBoard />",
"<IwoooSFocusDeckBoard />",
)
for text in [
"iwooos_executive_snapshot_first_layer=true",
"iwooos_executive_snapshot_card_count=5",
"iwooos_executive_snapshot_axis_count=3",
"iwooos_executive_snapshot_above_focus_deck=true",
"iwooos_executive_snapshot_explains_done_next_blocked=true",
"iwooos_executive_snapshot_review_fix_candidate_count=0",
"iwooos_executive_snapshot_review_fix_candidate_execution_allowed=false",
"iwooos_executive_snapshot_execution_action_buttons_allowed=false",
"iwooos_executive_snapshot_runtime_gate_count=0",
"iwooos_executive_snapshot_owner_response_received_count=0",
"iwooos_executive_snapshot_owner_response_accepted_count=0",
"iwooos_executive_snapshot_scan_authorized=false",
"iwooos_executive_snapshot_host_change_authorized=false",
"iwooos_executive_snapshot_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.executive_snapshot_boundary",
iwooos_projection_page,
text,
)
expected_first_screen_depth_map_layer_ids = [
"visible",
"advanced",
"ledger",
"runtime",
]
first_screen_depth_map_layers = iwooos_projection["first_screen_depth_map_layers"]
assert_equal(
"iwooos_projection.first_screen_depth_map_layers.ids",
[item["layer_id"] for item in first_screen_depth_map_layers],
expected_first_screen_depth_map_layer_ids,
)
assert_equal(
"iwooos_projection.first_screen_depth_map_layers.display_order",
[item["display_order"] for item in first_screen_depth_map_layers],
list(range(1, len(expected_first_screen_depth_map_layer_ids) + 1)),
)
first_screen_depth_surface_counts = {
item["layer_id"]: item["surface_count"] for item in first_screen_depth_map_layers
}
assert_equal("iwooos_projection.first_screen_depth_map_layers.visible.surface_count", first_screen_depth_surface_counts["visible"], 4)
assert_equal("iwooos_projection.first_screen_depth_map_layers.advanced.surface_count", first_screen_depth_surface_counts["advanced"], 2)
assert_equal("iwooos_projection.first_screen_depth_map_layers.ledger.surface_count", first_screen_depth_surface_counts["ledger"], 4)
assert_equal("iwooos_projection.first_screen_depth_map_layers.runtime.surface_count", first_screen_depth_surface_counts["runtime"], 0)
for item in first_screen_depth_map_layers:
layer_id = item["layer_id"]
assert_equal(
f"iwooos_projection.first_screen_depth_map_layers.{layer_id}.display_mode",
item["display_mode"],
"first_screen_depth_map",
)
assert_equal(
f"iwooos_projection.first_screen_depth_map_layers.{layer_id}.default_visible",
item["default_visible"],
layer_id == "visible",
)
assert_equal(
f"iwooos_projection.first_screen_depth_map_layers.{layer_id}.runtime_gate_count",
item["runtime_gate_count"],
0,
)
assert_false(
f"iwooos_projection.first_screen_depth_map_layers.{layer_id}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.first_screen_depth_map_layers.{layer_id}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.first_screen_depth_map_layers.{layer_id}.not_authorization",
item["not_authorization"],
)
runtime_depth_layer = next(item for item in first_screen_depth_map_layers if item["layer_id"] == "runtime")
for flag in ["scan_authorized", "host_change_authorized", "source_control_mutation_authorized"]:
assert_false(
f"iwooos_projection.first_screen_depth_map_layers.runtime.{flag}",
runtime_depth_layer[flag],
)
expected_progress_evidence_rail_item_ids = [
"ownerResponses",
"redactedEvidence",
"reviewAcceptance",
"githubPrimary",
"runtimeGate",
]
progress_evidence_rail_items = iwooos_projection["progress_evidence_rail_items"]
assert_equal(
"iwooos_projection.progress_evidence_rail_items.ids",
[item["item_id"] for item in progress_evidence_rail_items],
expected_progress_evidence_rail_item_ids,
)
assert_equal(
"iwooos_projection.progress_evidence_rail_items.display_order",
[item["display_order"] for item in progress_evidence_rail_items],
list(range(1, len(expected_progress_evidence_rail_item_ids) + 1)),
)
progress_evidence_rail_values = {item["item_id"]: item["value"] for item in progress_evidence_rail_items}
assert_equal("iwooos_projection.progress_evidence_rail_items.ownerResponses.value", progress_evidence_rail_values["ownerResponses"], "0/4")
assert_equal("iwooos_projection.progress_evidence_rail_items.redactedEvidence.value", progress_evidence_rail_values["redactedEvidence"], "0")
assert_equal("iwooos_projection.progress_evidence_rail_items.reviewAcceptance.value", progress_evidence_rail_values["reviewAcceptance"], "0")
assert_equal("iwooos_projection.progress_evidence_rail_items.githubPrimary.value", progress_evidence_rail_values["githubPrimary"], "0/10")
assert_equal("iwooos_projection.progress_evidence_rail_items.runtimeGate.value", progress_evidence_rail_values["runtimeGate"], "0")
for item in progress_evidence_rail_items:
item_id = item["item_id"]
assert_equal(
f"iwooos_projection.progress_evidence_rail_items.{item_id}.display_mode",
item["display_mode"],
"first_screen_progress_evidence_rail",
)
assert_equal(
f"iwooos_projection.progress_evidence_rail_items.{item_id}.runtime_gate_count",
item["runtime_gate_count"],
0,
)
assert_false(
f"iwooos_projection.progress_evidence_rail_items.{item_id}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.progress_evidence_rail_items.{item_id}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.progress_evidence_rail_items.{item_id}.not_authorization",
item["not_authorization"],
)
owner_response_rail_item = next(item for item in progress_evidence_rail_items if item["item_id"] == "ownerResponses")
assert_equal(
"iwooos_projection.progress_evidence_rail_items.ownerResponses.owner_response_received_count",
owner_response_rail_item["owner_response_received_count"],
0,
)
assert_equal(
"iwooos_projection.progress_evidence_rail_items.ownerResponses.owner_response_accepted_count",
owner_response_rail_item["owner_response_accepted_count"],
0,
)
redacted_evidence_rail_item = next(item for item in progress_evidence_rail_items if item["item_id"] == "redactedEvidence")
assert_equal(
"iwooos_projection.progress_evidence_rail_items.redactedEvidence.redacted_evidence_count",
redacted_evidence_rail_item["redacted_evidence_count"],
0,
)
review_acceptance_rail_item = next(item for item in progress_evidence_rail_items if item["item_id"] == "reviewAcceptance")
assert_equal(
"iwooos_projection.progress_evidence_rail_items.reviewAcceptance.review_acceptance_count",
review_acceptance_rail_item["review_acceptance_count"],
0,
)
github_primary_rail_item = next(item for item in progress_evidence_rail_items if item["item_id"] == "githubPrimary")
assert_equal(
"iwooos_projection.progress_evidence_rail_items.githubPrimary.candidate_repo_count",
github_primary_rail_item["candidate_repo_count"],
10,
)
assert_equal(
"iwooos_projection.progress_evidence_rail_items.githubPrimary.github_primary_ready_count",
github_primary_rail_item["github_primary_ready_count"],
0,
)
for flag in ["source_control_mutation_authorized"]:
assert_false(
f"iwooos_projection.progress_evidence_rail_items.githubPrimary.{flag}",
github_primary_rail_item[flag],
)
runtime_gate_rail_item = next(item for item in progress_evidence_rail_items if item["item_id"] == "runtimeGate")
for flag in ["scan_authorized", "host_change_authorized", "source_control_mutation_authorized"]:
assert_false(
f"iwooos_projection.progress_evidence_rail_items.runtimeGate.{flag}",
runtime_gate_rail_item[flag],
)
expected_evidence_unlock_queue_item_ids = [
"giteaOwner",
"githubTarget",
"refTruth",
"workflowSecrets",
]
evidence_unlock_queue_items = iwooos_projection["evidence_unlock_queue_items"]
assert_equal(
"iwooos_projection.evidence_unlock_queue_items.ids",
[item["item_id"] for item in evidence_unlock_queue_items],
expected_evidence_unlock_queue_item_ids,
)
assert_equal(
"iwooos_projection.evidence_unlock_queue_items.display_order",
[item["display_order"] for item in evidence_unlock_queue_items],
list(range(1, len(expected_evidence_unlock_queue_item_ids) + 1)),
)
evidence_unlock_queue_gates = {item["item_id"]: item["gate"] for item in evidence_unlock_queue_items}
assert_equal("iwooos_projection.evidence_unlock_queue_items.giteaOwner.gate", evidence_unlock_queue_gates["giteaOwner"], "S4.9")
assert_equal("iwooos_projection.evidence_unlock_queue_items.githubTarget.gate", evidence_unlock_queue_gates["githubTarget"], "S4.10")
assert_equal("iwooos_projection.evidence_unlock_queue_items.refTruth.gate", evidence_unlock_queue_gates["refTruth"], "S4.11")
assert_equal("iwooos_projection.evidence_unlock_queue_items.workflowSecrets.gate", evidence_unlock_queue_gates["workflowSecrets"], "S4.12")
evidence_unlock_queue_values = {item["item_id"]: item["value"] for item in evidence_unlock_queue_items}
assert_equal("iwooos_projection.evidence_unlock_queue_items.giteaOwner.value", evidence_unlock_queue_values["giteaOwner"], "草稿 5")
assert_equal("iwooos_projection.evidence_unlock_queue_items.githubTarget.value", evidence_unlock_queue_values["githubTarget"], "0/10")
assert_equal("iwooos_projection.evidence_unlock_queue_items.refTruth.value", evidence_unlock_queue_values["refTruth"], "0/5")
assert_equal("iwooos_projection.evidence_unlock_queue_items.workflowSecrets.value", evidence_unlock_queue_values["workflowSecrets"], "0/5")
for item in evidence_unlock_queue_items:
item_id = item["item_id"]
assert_equal(
f"iwooos_projection.evidence_unlock_queue_items.{item_id}.display_mode",
item["display_mode"],
"first_screen_evidence_unlock_queue",
)
for count_key in ["request_sent_count", "received_count", "accepted_count", "runtime_gate_count"]:
assert_equal(
f"iwooos_projection.evidence_unlock_queue_items.{item_id}.{count_key}",
item[count_key],
0,
)
assert_false(
f"iwooos_projection.evidence_unlock_queue_items.{item_id}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.evidence_unlock_queue_items.{item_id}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.evidence_unlock_queue_items.{item_id}.not_authorization",
item["not_authorization"],
)
gitea_owner_queue_item = next(item for item in evidence_unlock_queue_items if item["item_id"] == "giteaOwner")
assert_true(
"iwooos_projection.evidence_unlock_queue_items.giteaOwner.request_draft_package_ready",
gitea_owner_queue_item["request_draft_package_ready"],
)
assert_equal(
"iwooos_projection.evidence_unlock_queue_items.giteaOwner.request_draft_template_count",
gitea_owner_queue_item["request_draft_template_count"],
5,
)
assert_equal(
"iwooos_projection.evidence_unlock_queue_items.giteaOwner.request_draft_ready_count",
gitea_owner_queue_item["request_draft_ready_count"],
1,
)
github_target_queue_item = next(item for item in evidence_unlock_queue_items if item["item_id"] == "githubTarget")
assert_equal(
"iwooos_projection.evidence_unlock_queue_items.githubTarget.candidate_repo_count",
github_target_queue_item["candidate_repo_count"],
10,
)
assert_equal(
"iwooos_projection.evidence_unlock_queue_items.githubTarget.github_primary_ready_count",
github_target_queue_item["github_primary_ready_count"],
0,
)
assert_false(
"iwooos_projection.evidence_unlock_queue_items.githubTarget.source_control_mutation_authorized",
github_target_queue_item["source_control_mutation_authorized"],
)
ref_truth_queue_item = next(item for item in evidence_unlock_queue_items if item["item_id"] == "refTruth")
assert_false(
"iwooos_projection.evidence_unlock_queue_items.refTruth.refs_sync_authorized",
ref_truth_queue_item["refs_sync_authorized"],
)
workflow_secrets_queue_item = next(item for item in evidence_unlock_queue_items if item["item_id"] == "workflowSecrets")
assert_false(
"iwooos_projection.evidence_unlock_queue_items.workflowSecrets.secret_plaintext_collection_allowed",
workflow_secrets_queue_item["secret_plaintext_collection_allowed"],
)
expected_s4_9_request_draft_package_item_ids = [
"publicGap",
"namespaceIdentity",
"adjacentScope",
"canonicalOwner",
"legacyDisposition",
]
s4_9_request_draft_package_items = iwooos_projection["s4_9_request_draft_package_items"]
assert_equal(
"iwooos_projection.s4_9_request_draft_package_items.ids",
[item["item_id"] for item in s4_9_request_draft_package_items],
expected_s4_9_request_draft_package_item_ids,
)
assert_equal(
"iwooos_projection.s4_9_request_draft_package_items.display_order",
[item["display_order"] for item in s4_9_request_draft_package_items],
list(range(1, len(expected_s4_9_request_draft_package_item_ids) + 1)),
)
assert_equal(
"iwooos_projection.s4_9_request_draft_package_items.source_template_ids",
[item["source_template_id"] for item in s4_9_request_draft_package_items],
expected_s4_9_owner_response_request_template_ids,
)
assert_equal(
"iwooos_projection.s4_9_request_draft_package_items.template_labels",
[item["template_label"] for item in s4_9_request_draft_package_items],
["D1", "D2", "D3", "D4", "D5"],
)
for item in s4_9_request_draft_package_items:
assert_equal(
f"iwooos_projection.s4_9_request_draft_package_items.{item['item_id']}.display_mode",
item["display_mode"],
"first_screen_s4_9_request_draft_package",
)
assert_equal(
f"iwooos_projection.s4_9_request_draft_package_items.{item['item_id']}.draft_status",
item["draft_status"],
"ready_not_sent",
)
for count_key in [
"request_sent_count",
"owner_response_received_count",
"owner_response_accepted_count",
"runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.s4_9_request_draft_package_items.{item['item_id']}.{count_key}",
item[count_key],
0,
)
assert_false(
f"iwooos_projection.s4_9_request_draft_package_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.s4_9_request_draft_package_items.{item['item_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.s4_9_request_draft_package_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
s4_9_request_draft_detail_rows = iwooos_projection["s4_9_request_draft_detail_rows"]
assert_equal(
"iwooos_projection.s4_9_request_draft_detail_rows.ids",
[item["row_id"] for item in s4_9_request_draft_detail_rows],
expected_s4_9_request_draft_package_item_ids,
)
assert_equal(
"iwooos_projection.s4_9_request_draft_detail_rows.display_order",
[item["display_order"] for item in s4_9_request_draft_detail_rows],
list(range(1, len(expected_s4_9_request_draft_package_item_ids) + 1)),
)
assert_equal(
"iwooos_projection.s4_9_request_draft_detail_rows.source_template_ids",
[item["source_template_id"] for item in s4_9_request_draft_detail_rows],
expected_s4_9_owner_response_request_template_ids,
)
assert_equal(
"iwooos_projection.s4_9_request_draft_detail_rows.template_labels",
[item["template_label"] for item in s4_9_request_draft_detail_rows],
["D1", "D2", "D3", "D4", "D5"],
)
for item in s4_9_request_draft_detail_rows:
assert_equal(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.display_mode",
item["display_mode"],
"first_screen_s4_9_request_draft_detail",
)
assert_equal(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.draft_status",
item["draft_status"],
"ready_not_sent",
)
assert_equal(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.required_field_count",
item["required_field_count"],
6,
)
assert_equal(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.forbidden_action_count",
item["forbidden_action_count"],
10,
)
assert_true(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.redacted_evidence_refs_only",
item["redacted_evidence_refs_only"],
)
assert_false(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.secret_plaintext_collection_allowed",
item["secret_plaintext_collection_allowed"],
)
for count_key in [
"request_sent_count",
"owner_response_received_count",
"owner_response_accepted_count",
"runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.{count_key}",
item[count_key],
0,
)
assert_false(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.s4_9_request_draft_detail_rows.{item['row_id']}.not_authorization",
item["not_authorization"],
)
s4_9_owner_response_intake_lanes = iwooos_projection["s4_9_owner_response_intake_lanes"]
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_lanes.ids",
[item["lane_id"] for item in s4_9_owner_response_intake_lanes],
expected_s4_9_request_draft_package_item_ids,
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_lanes.display_order",
[item["display_order"] for item in s4_9_owner_response_intake_lanes],
list(range(1, len(expected_s4_9_request_draft_package_item_ids) + 1)),
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_lanes.source_template_ids",
[item["source_template_id"] for item in s4_9_owner_response_intake_lanes],
expected_s4_9_owner_response_request_template_ids,
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_lanes.template_labels",
[item["template_label"] for item in s4_9_owner_response_intake_lanes],
["D1", "D2", "D3", "D4", "D5"],
)
for item in s4_9_owner_response_intake_lanes:
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"first_screen_s4_9_owner_response_intake",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_lanes.{item['lane_id']}.collection_status",
item["collection_status"],
"waiting_owner_response",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_lanes.{item['lane_id']}.request_status",
item["request_status"],
"request_ready_not_sent",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_lanes.{item['lane_id']}.latest_outcome_lane",
item["latest_outcome_lane"],
"keep_waiting_owner_response",
)
for count_key in [
"received_response_count",
"preflight_passed_count",
"accepted_response_count",
"rejected_response_count",
"runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_lanes.{item['lane_id']}.{count_key}",
item[count_key],
0,
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_lanes.{item['lane_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.s4_9_owner_response_intake_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
s4_9_owner_response_intake_next_gates = iwooos_projection["s4_9_owner_response_intake_next_gates"]
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_next_gates.ids",
[item["gate_id"] for item in s4_9_owner_response_intake_next_gates],
["redactedOwnerResponse", "preflightChecks", "humanAcceptance"],
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_next_gates.display_order",
[item["display_order"] for item in s4_9_owner_response_intake_next_gates],
[1, 2, 3],
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_next_gates.gate_labels",
[item["gate_label"] for item in s4_9_owner_response_intake_next_gates],
["G1", "G2", "G3"],
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_next_gates.required_signals",
[item["required_signal"] for item in s4_9_owner_response_intake_next_gates],
[
"redacted_owner_response_metadata_received",
"six_preflight_checks_passed",
"five_owner_response_lanes_accepted",
],
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_next_gates.current_states",
[item["current_state"] for item in s4_9_owner_response_intake_next_gates],
["waiting_owner_response", "waiting_preflight", "waiting_human_acceptance"],
)
for item in s4_9_owner_response_intake_next_gates:
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_next_gates.{item['gate_id']}.display_mode",
item["display_mode"],
"first_screen_s4_9_owner_response_intake_next_gate",
)
for count_key in [
"received_response_count",
"preflight_passed_count",
"accepted_response_count",
"runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_next_gates.{item['gate_id']}.{count_key}",
item[count_key],
0,
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_next_gates.{item['gate_id']}.headline_review_authorized",
item["headline_review_authorized"],
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_next_gates.{item['gate_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_next_gates.{item['gate_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.s4_9_owner_response_intake_next_gates.{item['gate_id']}.not_authorization",
item["not_authorization"],
)
s4_9_owner_response_intake_blocker_focus = iwooos_projection[
"s4_9_owner_response_intake_blocker_focus"
]
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.focus_id",
s4_9_owner_response_intake_blocker_focus["focus_id"],
"currentBlocker",
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.display_mode",
s4_9_owner_response_intake_blocker_focus["display_mode"],
"first_screen_s4_9_owner_response_intake_blocker_focus",
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.current_gate",
s4_9_owner_response_intake_blocker_focus["current_gate"],
"G1",
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.current_gate_id",
s4_9_owner_response_intake_blocker_focus["current_gate_id"],
"redactedOwnerResponse",
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.blocker_state",
s4_9_owner_response_intake_blocker_focus["blocker_state"],
"waiting_redacted_owner_response",
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.completion_count",
s4_9_owner_response_intake_blocker_focus["completion_count"],
0,
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.gate_total",
s4_9_owner_response_intake_blocker_focus["gate_total"],
3,
)
for count_key in [
"received_response_count",
"preflight_passed_count",
"accepted_response_count",
"runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_blocker_focus.{count_key}",
s4_9_owner_response_intake_blocker_focus[count_key],
0,
)
assert_false(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.headline_review_authorized",
s4_9_owner_response_intake_blocker_focus["headline_review_authorized"],
)
assert_false(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.runtime_execution_authorized",
s4_9_owner_response_intake_blocker_focus["runtime_execution_authorized"],
)
assert_false(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.action_buttons_allowed",
s4_9_owner_response_intake_blocker_focus["action_buttons_allowed"],
)
assert_true(
"iwooos_projection.s4_9_owner_response_intake_blocker_focus.not_authorization",
s4_9_owner_response_intake_blocker_focus["not_authorization"],
)
s4_9_owner_response_intake_delivery_cards = iwooos_projection[
"s4_9_owner_response_intake_delivery_cards"
]
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_delivery_cards.ids",
[item["card_id"] for item in s4_9_owner_response_intake_delivery_cards],
["ownerDecision", "redactedEvidence", "reviewTrail"],
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_delivery_cards.display_order",
[item["display_order"] for item in s4_9_owner_response_intake_delivery_cards],
[1, 2, 3],
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_delivery_cards.required_evidence",
[item["required_evidence"] for item in s4_9_owner_response_intake_delivery_cards],
["負責人角色、判定、範圍、理由與後續負責人", "脫敏證據參照", "預檢驗收紀錄"],
)
assert_equal(
"iwooos_projection.s4_9_owner_response_intake_delivery_cards.current_states",
[item["current_state"] for item in s4_9_owner_response_intake_delivery_cards],
[
"waiting_owner_response",
"waiting_redacted_evidence_pointer",
"waiting_preflight_and_acceptance",
],
)
for item in s4_9_owner_response_intake_delivery_cards:
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_delivery_cards.{item['card_id']}.display_mode",
item["display_mode"],
"first_screen_s4_9_owner_response_intake_delivery_card",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_intake_delivery_cards.{item['card_id']}.completed_count",
item["completed_count"],
0,
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_delivery_cards.{item['card_id']}.raw_payload_allowed",
item["raw_payload_allowed"],
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_delivery_cards.{item['card_id']}.secret_plaintext_allowed",
item["secret_plaintext_allowed"],
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_delivery_cards.{item['card_id']}.headline_review_authorized",
item["headline_review_authorized"],
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_delivery_cards.{item['card_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_false(
f"iwooos_projection.s4_9_owner_response_intake_delivery_cards.{item['card_id']}.action_buttons_allowed",
item["action_buttons_allowed"],
)
assert_true(
f"iwooos_projection.s4_9_owner_response_intake_delivery_cards.{item['card_id']}.not_authorization",
item["not_authorization"],
)
expected_s4_9_metadata_intake_field_ids = [
"ownerRoleTeam",
"decision",
"decisionReason",
"affectedScope",
"redactedEvidenceRefs",
"followupOwner",
]
expected_s4_9_metadata_intake_source_fields = [
"owner_role_or_team",
"decision",
"decision_reason",
"affected_scope",
"evidence_refs",
"followup_owner",
]
s4_9_owner_response_metadata_intake_fields = iwooos_projection[
"s4_9_owner_response_metadata_intake_fields"
]
assert_equal(
"iwooos_projection.s4_9_owner_response_metadata_intake_fields.ids",
[item["field_id"] for item in s4_9_owner_response_metadata_intake_fields],
expected_s4_9_metadata_intake_field_ids,
)
assert_equal(
"iwooos_projection.s4_9_owner_response_metadata_intake_fields.display_order",
[item["display_order"] for item in s4_9_owner_response_metadata_intake_fields],
list(range(1, len(expected_s4_9_metadata_intake_field_ids) + 1)),
)
assert_equal(
"iwooos_projection.s4_9_owner_response_metadata_intake_fields.source_required_fields",
[item["source_required_field"] for item in s4_9_owner_response_metadata_intake_fields],
expected_s4_9_metadata_intake_source_fields,
)
for item in s4_9_owner_response_metadata_intake_fields:
assert_equal(
f"iwooos_projection.s4_9_owner_response_metadata_intake_fields.{item['field_id']}.display_mode",
item["display_mode"],
"first_screen_s4_9_owner_response_metadata_intake_field",
)
assert_equal(
f"iwooos_projection.s4_9_owner_response_metadata_intake_fields.{item['field_id']}.field_status",
item["field_status"],
"waiting_owner_response_metadata",
)
assert_true(
f"iwooos_projection.s4_9_owner_response_metadata_intake_fields.{item['field_id']}.required",
item["required"],
)
for count_key in [
"filled_count",
"received_response_count",
"accepted_response_count",
"runtime_gate_count",
]:
assert_equal(
f"iwooos_projection.s4_9_owner_response_metadata_intake_fields.{item['field_id']}.{count_key}",
item[count_key],
0,
)
assert_true(
f"iwooos_projection.s4_9_owner_response_metadata_intake_fields.{item['field_id']}.redacted_reference_required",
item["redacted_reference_required"],
)
for false_key in [
"raw_payload_allowed",
"secret_plaintext_allowed",
"runtime_execution_authorized",
"action_buttons_allowed",
]:
assert_false(
f"iwooos_projection.s4_9_owner_response_metadata_intake_fields.{item['field_id']}.{false_key}",
item[false_key],
)
assert_true(
f"iwooos_projection.s4_9_owner_response_metadata_intake_fields.{item['field_id']}.not_authorization",
item["not_authorization"],
)
for text in [
'data-testid="iwooos-first-screen-depth-map-board"',
'data-testid="iwooos-first-screen-depth-map-layers"',
'data-testid="iwooos-first-screen-depth-map-flow"',
'data-testid="iwooos-first-screen-depth-map-boundaries"',
"IwoooSFirstScreenDepthMapBoard",
"firstScreenDepthLayers",
"firstScreenDepthBoundaries",
"href: '#iwooos-decision-gate-visuals'",
"href: '#iwooos-scope-evidence-visuals'",
]:
assert_text_contains(
"iwooos_page.first_screen_depth_map",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.focus_deck_before_first_screen_depth_map",
iwooos_projection_page,
"<IwoooSFocusDeckBoard />",
"<IwoooSFirstScreenDepthMapBoard />",
)
assert_text_before(
"iwooos_page.first_screen_depth_map_before_immediate_visual_mesh",
iwooos_projection_page,
"<IwoooSFirstScreenDepthMapBoard />",
"<IwoooSImmediateVisualMeshBoard />",
)
for text in [
"iwooos_first_screen_depth_map_visible_layer_count=4",
"iwooos_first_screen_depth_map_advanced_group_count=2",
"iwooos_first_screen_depth_map_ledger_group_count=4",
"iwooos_first_screen_depth_map_runtime_gate_count=0",
"iwooos_first_screen_depth_map_advanced_default_visible=false",
"iwooos_first_screen_depth_map_scope_evidence_default_visible=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.first_screen_depth_map_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-progress-evidence-rail-board"',
'data-testid="iwooos-progress-evidence-rail-items"',
'data-testid="iwooos-progress-evidence-rail-boundaries"',
"IwoooSProgressEvidenceRailBoard",
"progressEvidenceRailItems",
"progressEvidenceRailBoundaries",
]:
assert_text_contains(
"iwooos_page.progress_evidence_rail",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.first_screen_depth_map_before_progress_evidence_rail",
iwooos_projection_page,
"<IwoooSFirstScreenDepthMapBoard />",
"<IwoooSProgressEvidenceRailBoard />",
)
assert_text_before(
"iwooos_page.progress_evidence_rail_before_immediate_visual_mesh",
iwooos_projection_page,
"<IwoooSProgressEvidenceRailBoard />",
"<IwoooSImmediateVisualMeshBoard />",
)
for text in [
"iwooos_progress_evidence_rail_owner_response_received_count=0",
"iwooos_progress_evidence_rail_owner_response_accepted_count=0",
"iwooos_progress_evidence_rail_redacted_evidence_count=0",
"iwooos_progress_evidence_rail_review_acceptance_count=0",
"iwooos_progress_evidence_rail_github_primary_ready_count=0",
"iwooos_progress_evidence_rail_runtime_gate_count=0",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.progress_evidence_rail_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-evidence-unlock-queue-board"',
'data-testid="iwooos-evidence-unlock-queue-items"',
'data-testid="iwooos-evidence-unlock-queue-boundaries"',
"IwoooSEvidenceUnlockQueueBoard",
"evidenceUnlockQueueItems",
"evidenceUnlockQueueBoundaries",
]:
assert_text_contains(
"iwooos_page.evidence_unlock_queue",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.progress_evidence_rail_before_evidence_unlock_queue",
iwooos_projection_page,
"<IwoooSProgressEvidenceRailBoard />",
"<IwoooSEvidenceUnlockQueueBoard />",
)
assert_text_before(
"iwooos_page.evidence_unlock_queue_before_immediate_visual_mesh",
iwooos_projection_page,
"<IwoooSEvidenceUnlockQueueBoard />",
"<IwoooSImmediateVisualMeshBoard />",
)
for text in [
"iwooos_evidence_unlock_queue_item_count=4",
"iwooos_evidence_unlock_queue_s4_9_request_draft_template_count=5",
"iwooos_evidence_unlock_queue_s4_9_request_draft_ready_count=1",
"iwooos_evidence_unlock_queue_request_sent_count=0",
"iwooos_evidence_unlock_queue_received_count=0",
"iwooos_evidence_unlock_queue_accepted_count=0",
"iwooos_evidence_unlock_queue_github_primary_ready_count=0",
"iwooos_evidence_unlock_queue_runtime_gate_count=0",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.evidence_unlock_queue_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-s49-request-draft-package-board"',
'data-testid="iwooos-s49-request-draft-package-items"',
'data-testid="iwooos-s49-request-draft-package-boundaries"',
"IwoooSS49RequestDraftPackageBoard",
"s49RequestDraftPackageItems",
"s49RequestDraftPackageBoundaries",
"publicGap",
"namespaceIdentity",
"adjacentScope",
"canonicalOwner",
"legacyDisposition",
]:
assert_text_contains(
"iwooos_page.s49_request_draft_package",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.evidence_unlock_queue_before_s49_request_draft_package",
iwooos_projection_page,
"<IwoooSEvidenceUnlockQueueBoard />",
"<IwoooSS49RequestDraftPackageBoard />",
)
assert_text_before(
"iwooos_page.s49_request_draft_package_before_immediate_visual_mesh",
iwooos_projection_page,
"<IwoooSS49RequestDraftPackageBoard />",
"<IwoooSImmediateVisualMeshBoard />",
)
for text in [
"s4_9_owner_attestation_request_draft_frontstage_card_count=5",
"s4_9_owner_attestation_request_draft_template_ready_count=5",
"s4_9_owner_attestation_request_sent=false",
"s4_9_owner_attestation_owner_response_received_count=0",
"s4_9_owner_attestation_owner_response_accepted_count=0",
"s4_9_owner_attestation_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.s49_request_draft_package_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-s49-request-draft-detail-board"',
'data-testid="iwooos-s49-request-draft-detail-items"',
'data-testid="iwooos-s49-request-draft-detail-boundaries"',
"IwoooSS49RequestDraftDetailBoard",
"s49RequestDraftDetailItems",
"s49RequestDraftDetailBoundaries",
"s49RequestDraftDetail",
"requiredCount",
"forbiddenCount",
"redactedRefs",
"secret_plaintext_collection_allowed=false",
]:
assert_text_contains(
"iwooos_page.s49_request_draft_detail",
iwooos_projection_page,
text,
)
for text in [
"publicGap",
"namespaceIdentity",
"adjacentScope",
"canonicalOwner",
"legacyDisposition",
]:
assert_text_contains(
"iwooos_page.s49_request_draft_detail_items",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.s49_request_draft_package_before_detail",
iwooos_projection_page,
"<IwoooSS49RequestDraftPackageBoard />",
"<IwoooSS49RequestDraftDetailBoard />",
)
assert_text_before(
"iwooos_page.s49_request_draft_detail_before_immediate_visual_mesh",
iwooos_projection_page,
"<IwoooSS49RequestDraftDetailBoard />",
"<IwoooSImmediateVisualMeshBoard />",
)
for text in [
"s4_9_owner_attestation_request_draft_detail_frontstage_row_count=5",
"s4_9_owner_attestation_request_draft_detail_required_field_total=30",
"s4_9_owner_attestation_request_draft_detail_forbidden_action_count=10",
"s4_9_owner_attestation_request_sent=false",
"s4_9_owner_attestation_owner_response_received_count=0",
"s4_9_owner_attestation_owner_response_accepted_count=0",
"s4_9_owner_attestation_runtime_gate_opened=false",
"redacted_evidence_refs_only=true",
"secret_plaintext_collection_allowed=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.s49_request_draft_detail_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-s49-owner-response-intake-board"',
'data-testid="iwooos-s49-owner-response-intake-metrics"',
'data-testid="iwooos-s49-owner-response-intake-blocker-focus"',
'data-testid="iwooos-s49-owner-response-intake-completion-rail"',
'data-testid="iwooos-s49-owner-response-intake-delivery-cards"',
"iwooos-s49-owner-response-intake-delivery-card-${item.key}",
'data-testid="iwooos-s49-owner-response-metadata-intake-fields"',
"iwooos-s49-owner-response-metadata-intake-field-${item.key}",
'data-testid="iwooos-s49-owner-response-intake-next-gates"',
"iwooos-s49-owner-response-intake-next-gate-${item.key}",
'data-testid="iwooos-s49-owner-response-intake-lanes"',
'data-testid="iwooos-s49-owner-response-intake-boundaries"',
"IwoooSS49OwnerResponseIntakeBoard",
"s49OwnerResponseIntakeLanes",
"s49OwnerResponseIntakeNextGates",
"s49OwnerResponseIntakeBlockerFocus",
"s49OwnerResponseIntakeDeliveryItems",
"s49OwnerResponseMetadataIntakeFields",
"s49OwnerResponseIntakeBoundaries",
"s49OwnerResponseIntake",
"blockerFocus",
"deliveryItems",
"metadataFields",
"metadataFieldsTitle",
"ownerDecision",
"redactedEvidence",
"reviewTrail",
"nextGatesTitle",
"nextGates",
"redactedOwnerResponse",
"preflightChecks",
"humanAcceptance",
"ownerRoleTeam",
"decisionReason",
"affectedScope",
"redactedEvidenceRefs",
"followupOwner",
"G1",
"G2",
"G3",
"F1",
"F2",
"F3",
"F4",
"F5",
"F6",
"received",
"preflight",
"acceptance",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_intake",
iwooos_projection_page,
text,
)
for text in [
"publicGap",
"namespaceIdentity",
"adjacentScope",
"canonicalOwner",
"legacyDisposition",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_intake_lanes",
iwooos_projection_page,
text,
)
s49_owner_response_intake_strings = "\n".join(
collect_string_values(web_messages_zh["iwooos"]["s49OwnerResponseIntake"])
)
for forbidden in [
"read-only",
"runtime",
"headline review",
"owner role",
"owner response metadata",
"evidence refs",
"canonical source",
"visibility review owner",
]:
assert_text_not_contains(
"web_messages.zh-TW.iwooos.s49OwnerResponseIntake.forbidden_english_terms",
s49_owner_response_intake_strings,
forbidden,
)
assert_text_before(
"iwooos_page.s49_request_draft_detail_before_owner_response_intake",
iwooos_projection_page,
"<IwoooSS49RequestDraftDetailBoard />",
"<IwoooSS49OwnerResponseIntakeBoard />",
)
assert_text_before(
"iwooos_page.s49_owner_response_intake_before_immediate_visual_mesh",
iwooos_projection_page,
"<IwoooSS49OwnerResponseIntakeBoard />",
"<IwoooSImmediateVisualMeshBoard />",
)
for text in [
"s4_9_owner_response_intake_frontstage_lane_count=5",
"s4_9_owner_response_intake_next_gate_count=3",
"s4_9_owner_response_intake_next_gate_passed_count=0",
"s4_9_owner_response_intake_blocker_focus_count=1",
"s4_9_owner_response_intake_current_blocker_gate=G1",
"s4_9_owner_response_intake_next_gate_completion_count=0",
"s4_9_owner_response_intake_next_gate_total=3",
"s4_9_owner_response_intake_delivery_card_count=3",
"s4_9_owner_response_intake_delivery_card_completed_count=0",
"s4_9_owner_response_intake_delivery_raw_payload_allowed=false",
"s4_9_owner_response_intake_received_count=0",
"s4_9_owner_response_intake_preflight_passed_count=0",
"s4_9_owner_response_intake_accepted_count=0",
"s4_9_owner_response_intake_rejected_count=0",
"s4_9_owner_response_intake_runtime_gate_count=0",
"s4_9_owner_response_intake_source_bound=true",
"s4_9_owner_response_intake_handoff_queue_count=5",
"s4_9_owner_response_intake_handoff_queue_ready_count=0",
"s4_9_owner_response_intake_handoff_queue_received_count=0",
"s4_9_owner_response_intake_handoff_queue_accepted_count=0",
"s4_9_owner_response_intake_handoff_queue_runtime_gate_count=0",
"s4_9_owner_response_intake_handoff_queue_raw_payload_allowed=false",
"s4_9_owner_response_intake_handoff_queue_action_buttons_allowed=false",
"s4_9_owner_response_metadata_intake_field_count=6",
"s4_9_owner_response_metadata_intake_required_count=6",
"s4_9_owner_response_metadata_intake_filled_count=0",
"s4_9_owner_response_metadata_intake_received_count=0",
"s4_9_owner_response_metadata_intake_accepted_count=0",
"s4_9_owner_response_metadata_intake_runtime_gate_count=0",
"s4_9_owner_response_metadata_intake_redacted_ref_required=true",
"s4_9_owner_response_metadata_intake_raw_payload_allowed=false",
"s4_9_owner_response_metadata_intake_secret_plaintext_allowed=false",
"s4_9_owner_response_metadata_intake_action_buttons_allowed=false",
"s4_9_owner_response_intake_runtime_gate_opened=false",
"s4_9_owner_response_intake_action_buttons_allowed=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.s49_owner_response_intake_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.focus_deck_testid",
iwooos_projection_page,
'data-testid="iwooos-focus-deck-board"',
)
assert_text_contains(
"iwooos_page.focus_deck_component",
iwooos_projection_page,
"IwoooSFocusDeckBoard",
)
assert_text_before(
"iwooos_page.focus_deck_before_command_map",
iwooos_projection_page,
"<IwoooSFocusDeckBoard />",
"<IwoooSCommandMapBoard />",
)
assert_text_contains(
"iwooos_page.focus_deck_boundaries",
iwooos_projection_page,
'data-testid="iwooos-focus-deck-boundaries"',
)
for text in [
"href: '#iwooos-decision-gate-visuals'",
"href: '#iwooos-scope-evidence-visuals'",
"id=\"iwooos-decision-gate-visuals\"",
"id=\"iwooos-scope-evidence-visuals\"",
"iwooos-command-map-source-control",
"iwooos_focus_deck_first_layer=true",
"iwooos_focus_deck_item_count=5",
"iwooos_focus_deck_anchor_navigation_allowed=true",
"iwooos_focus_deck_execution_action_buttons_allowed=false",
"iwooos_focus_deck_runtime_gate_count=0",
"iwooos_focus_deck_above_command_map=true",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.focus_deck_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-immediate-visual-mesh-board"',
'data-testid="iwooos-immediate-visual-mesh-canvas"',
'data-testid="iwooos-immediate-visual-mesh-boundaries"',
"IwoooSImmediateVisualMeshBoard",
"iwooosImmediateVisualMeshNodes",
"iwooosImmediateVisualMeshStats",
"iwooosImmediateVisualMeshBoundaries",
"conic-gradient",
]:
assert_text_contains(
"iwooos_page.immediate_visual_mesh",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.focus_deck_before_immediate_visual_mesh",
iwooos_projection_page,
"<IwoooSFocusDeckBoard />",
"<IwoooSImmediateVisualMeshBoard />",
)
assert_text_before(
"iwooos_page.immediate_visual_mesh_before_command_map",
iwooos_projection_page,
"<IwoooSImmediateVisualMeshBoard />",
"<IwoooSCommandMapBoard />",
)
for text in [
"iwooos_immediate_visual_mesh_first_layer=true",
"iwooos_immediate_visual_mesh_node_count=7",
"iwooos_immediate_visual_mesh_link_count=6",
"iwooos_immediate_visual_mesh_above_command_map=true",
"iwooos_immediate_visual_mesh_anchor_navigation_allowed=false",
"iwooos_immediate_visual_mesh_execution_action_buttons_allowed=false",
"iwooos_immediate_visual_mesh_runtime_gate_count=0",
"iwooos_immediate_visual_mesh_scan_authorized=false",
"iwooos_immediate_visual_mesh_host_change_authorized=false",
"iwooos_immediate_visual_mesh_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.immediate_visual_mesh_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-topology-atlas-board"',
'data-testid="iwooos-topology-atlas-canvas"',
'data-testid="iwooos-topology-atlas-active-panel"',
'data-testid="iwooos-topology-atlas-path-explorer"',
'data-testid="iwooos-topology-atlas-path-explorer-selector"',
'data-testid="iwooos-topology-atlas-path-explorer-sequence"',
'data-testid="iwooos-topology-atlas-path-explorer-summary"',
'data-testid="iwooos-topology-atlas-intelligence-deck"',
'data-testid="iwooos-topology-atlas-intelligence-selector"',
'data-testid="iwooos-topology-atlas-intelligence-trail"',
'data-testid="iwooos-topology-atlas-blast-rings"',
'data-testid="iwooos-topology-atlas-node-drilldown"',
'data-testid="iwooos-topology-atlas-node-drilldown-metrics"',
'data-testid="iwooos-topology-atlas-node-drilldown-selector"',
'data-testid="iwooos-topology-atlas-technical-charts"',
'data-testid="iwooos-topology-atlas-boundaries"',
"IwoooSTopologyAtlasBoard",
"IwoooSTopologyAtlasMode",
"IwoooSTopologyPathKey",
"IwoooSTopologyInsightKey",
"IwoooSTopologyNodeKey",
"IwoooSTopologyDrilldownNode",
"IwoooSTopologyPathExplorerPath",
"IwoooSTopologyInsightItem",
"iwooosTopologyAtlasLenses",
"iwooosTopologyAtlasNodes",
"iwooosTopologyDrilldownNodes",
"iwooosTopologyPathExplorerPaths",
"iwooosTopologyInsightDeck",
"iwooosTopologyAtlasLayers",
"iwooosTopologyAtlasCharts",
"iwooosTopologyAtlasBoundaries",
"iwooos-topology-grid",
]:
assert_text_contains(
"iwooos_page.topology_atlas",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.immediate_visual_mesh_before_topology_atlas",
iwooos_projection_page,
"<IwoooSImmediateVisualMeshBoard />",
"<IwoooSTopologyAtlasBoard />",
)
assert_text_before(
"iwooos_page.topology_atlas_before_gate_radar",
iwooos_projection_page,
"<IwoooSTopologyAtlasBoard />",
"<IwoooSGateRadarBoard />",
)
assert_text_before(
"iwooos_page.topology_atlas_before_command_map",
iwooos_projection_page,
"<IwoooSTopologyAtlasBoard />",
"<IwoooSCommandMapBoard />",
)
for text in [
"iwooos_topology_atlas_first_layer=true",
"iwooos_topology_atlas_lens_count=4",
"iwooos_topology_atlas_node_count=7",
"iwooos_topology_drilldown_node_count=7",
"iwooos_topology_drilldown_default_node=productSurface",
"iwooos_topology_drilldown_interactive_node_allowed=true",
"iwooos_topology_path_explorer_path_count=4",
"iwooos_topology_path_explorer_default_path=externalToGate",
"iwooos_topology_path_explorer_interactive_path_allowed=true",
"iwooos_topology_intelligence_deck_count=4",
"iwooos_topology_intelligence_default_item=assetContext",
"iwooos_topology_intelligence_interactive_item_allowed=true",
"iwooos_topology_atlas_layer_count=5",
"iwooos_topology_atlas_technical_chart_count=3",
"iwooos_topology_atlas_interactive_lens_allowed=true",
"iwooos_topology_atlas_execution_action_buttons_allowed=false",
"iwooos_topology_drilldown_execution_action_buttons_allowed=false",
"iwooos_topology_path_explorer_execution_action_buttons_allowed=false",
"iwooos_topology_intelligence_execution_action_buttons_allowed=false",
"iwooos_topology_atlas_runtime_gate_count=0",
"iwooos_topology_drilldown_runtime_gate_count=0",
"iwooos_topology_path_explorer_runtime_gate_count=0",
"iwooos_topology_intelligence_runtime_gate_count=0",
"iwooos_topology_atlas_scan_authorized=false",
"iwooos_topology_atlas_host_change_authorized=false",
"iwooos_topology_atlas_source_control_mutation_authorized=false",
"iwooos_topology_drilldown_scan_authorized=false",
"iwooos_topology_drilldown_host_change_authorized=false",
"iwooos_topology_drilldown_source_control_mutation_authorized=false",
"iwooos_topology_path_explorer_scan_authorized=false",
"iwooos_topology_path_explorer_host_change_authorized=false",
"iwooos_topology_path_explorer_source_control_mutation_authorized=false",
"iwooos_topology_intelligence_scan_authorized=false",
"iwooos_topology_intelligence_host_change_authorized=false",
"iwooos_topology_intelligence_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.topology_atlas_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-decision-runway-board"',
'data-testid="iwooos-decision-runway-progress-rail"',
'data-testid="iwooos-decision-runway-selector"',
'data-testid="iwooos-decision-runway-active-panel"',
'data-testid="iwooos-decision-runway-dependency-grid"',
'data-testid="iwooos-decision-runway-boundary-strip"',
'data-testid="iwooos-decision-runway-boundaries"',
"IwoooSDecisionRunwayBoard",
"IwoooSDecisionRunwayStepKey",
"IwoooSDecisionRunwayStep",
"IwoooSDecisionRunwayDependency",
"IwoooSDecisionRunwayBoundarySignal",
"iwooosDecisionRunwaySteps",
"iwooosDecisionRunwayDependencies",
"iwooosDecisionRunwayBoundarySignals",
"iwooosDecisionRunwayBoundaries",
"iwooos-decision-runway-grid",
]:
assert_text_contains(
"iwooos_page.decision_runway",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.topology_atlas_before_decision_runway",
iwooos_projection_page,
"<IwoooSTopologyAtlasBoard />",
"<IwoooSDecisionRunwayBoard />",
)
assert_text_before(
"iwooos_page.decision_runway_before_gate_radar",
iwooos_projection_page,
"<IwoooSDecisionRunwayBoard />",
"<IwoooSGateRadarBoard />",
)
assert_text_before(
"iwooos_page.decision_runway_before_command_map",
iwooos_projection_page,
"<IwoooSDecisionRunwayBoard />",
"<IwoooSCommandMapBoard />",
)
for text in [
"iwooos_decision_runway_first_layer=true",
"iwooos_decision_runway_step_count=5",
"iwooos_decision_runway_default_step=ownerEvidence",
"iwooos_decision_runway_dependency_count=7",
"iwooos_decision_runway_boundary_signal_count=4",
"iwooos_decision_runway_above_gate_radar=true",
"iwooos_decision_runway_interactive_step_allowed=true",
"iwooos_decision_runway_execution_action_buttons_allowed=false",
"iwooos_decision_runway_runtime_gate_count=0",
"iwooos_decision_runway_owner_response_received_count=0",
"iwooos_decision_runway_owner_response_accepted_count=0",
"iwooos_decision_runway_scan_authorized=false",
"iwooos_decision_runway_host_change_authorized=false",
"iwooos_decision_runway_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.decision_runway_boundary",
iwooos_projection_page,
text,
)
for text in [
'data-testid="iwooos-gate-radar-board"',
'data-testid="iwooos-gate-radar-canvas"',
'data-testid="iwooos-gate-radar-active-panel"',
'data-testid="iwooos-gate-radar-boundaries"',
"IwoooSGateRadarBoard",
"IwoooSGateRadarMode",
"iwooosGateRadarLanes",
"iwooosGateRadarSummary",
"iwooosGateRadarBoundaries",
"conic-gradient",
]:
assert_text_contains(
"iwooos_page.gate_radar",
iwooos_projection_page,
text,
)
assert_text_before(
"iwooos_page.immediate_visual_mesh_before_gate_radar",
iwooos_projection_page,
"<IwoooSImmediateVisualMeshBoard />",
"<IwoooSGateRadarBoard />",
)
assert_text_before(
"iwooos_page.gate_radar_before_command_map",
iwooos_projection_page,
"<IwoooSGateRadarBoard />",
"<IwoooSCommandMapBoard />",
)
for text in [
"iwooos_gate_radar_first_layer=true",
"iwooos_gate_radar_lane_count=4",
"iwooos_gate_radar_default_lane=visible",
"iwooos_gate_radar_above_command_map=true",
"iwooos_gate_radar_interactive_lens_allowed=true",
"iwooos_gate_radar_execution_action_buttons_allowed=false",
"iwooos_gate_radar_runtime_gate_count=0",
"iwooos_gate_radar_scan_authorized=false",
"iwooos_gate_radar_host_change_authorized=false",
"iwooos_gate_radar_source_control_mutation_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.gate_radar_boundary",
iwooos_projection_page,
text,
)
assert_text_contains(
"iwooos_page.command_map_testid",
iwooos_projection_page,
'data-testid="iwooos-command-map-board"',
)
assert_text_contains(
"iwooos_page.command_map_component",
iwooos_projection_page,
"IwoooSCommandMapBoard",
)
assert_text_before(
"iwooos_page.command_map_before_first_unlock_path",
iwooos_projection_page,
"<IwoooSCommandMapBoard />",
"<IwoooSFirstProgressUnlockPathBoard />",
)
assert_text_before(
"iwooos_page.command_map_before_visual_dashboard",
iwooos_projection_page,
"<IwoooSCommandMapBoard />",
"<IwoooSVisualCommandDashboard />",
)
assert_text_contains(
"iwooos_page.command_map_boundaries",
iwooos_projection_page,
'data-testid="iwooos-command-map-boundaries"',
)
for text in [
"iwooos_command_map_first_layer=true",
"iwooos_command_map_mode_count=6",
"iwooos_command_map_default_mode=unlock",
"iwooos_command_map_above_first_progress_unlock_path=true",
"iwooos_command_map_navigation_controls_allowed=true",
"iwooos_command_map_execution_action_buttons_allowed=false",
"iwooos_command_map_runtime_gate_count=0",
"iwooos_command_map_kali_execute_authorized=false",
"iwooos_command_map_host_mutation_authorized=false",
"iwooos_command_map_source_control_mutation_authorized=false",
"iwooos_command_map_github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"not_authorization=true",
]:
assert_text_contains(
"iwooos_page.command_map_boundary",
iwooos_projection_page,
text,
)
expected_command_map_item_ids = [
"unlock",
"scope",
"hosts",
"sourceControl",
"awooop",
"boundary",
]
command_map_items = iwooos_projection["command_map_items"]
assert_equal(
"iwooos_projection.command_map_items.ids",
[item["item_id"] for item in command_map_items],
expected_command_map_item_ids,
)
assert_equal(
"iwooos_projection.command_map_items.display_order",
[item["display_order"] for item in command_map_items],
list(range(1, len(expected_command_map_item_ids) + 1)),
)
for item in command_map_items:
assert_equal(
f"iwooos_projection.command_map_items.{item['item_id']}.display_mode",
item["display_mode"],
"first_layer_command_map",
)
assert_true(
f"iwooos_projection.command_map_items.{item['item_id']}.navigation_control_allowed",
item["navigation_control_allowed"],
)
assert_false(
f"iwooos_projection.command_map_items.{item['item_id']}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.command_map_items.{item['item_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.command_map_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.command_map_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
source_control_item = next(item for item in command_map_items if item["item_id"] == "sourceControl")
assert_false(
"iwooos_projection.command_map_items.sourceControl.source_control_mutation_authorized",
source_control_item["source_control_mutation_authorized"],
)
assert_false(
"iwooos_projection.command_map_items.sourceControl.github_primary_switch_authorized",
source_control_item["github_primary_switch_authorized"],
)
boundary_item = next(item for item in command_map_items if item["item_id"] == "boundary")
assert_false(
"iwooos_projection.command_map_items.boundary.kali_execute_authorized",
boundary_item["kali_execute_authorized"],
)
assert_false(
"iwooos_projection.command_map_items.boundary.host_mutation_authorized",
boundary_item["host_mutation_authorized"],
)
expected_focus_deck_item_ids = [
"workMap",
"unlockPath",
"productScope",
"hostTools",
"sourceControl",
]
focus_deck_items = iwooos_projection["focus_deck_items"]
assert_equal(
"iwooos_projection.focus_deck_items.ids",
[item["item_id"] for item in focus_deck_items],
expected_focus_deck_item_ids,
)
assert_equal(
"iwooos_projection.focus_deck_items.display_order",
[item["display_order"] for item in focus_deck_items],
list(range(1, len(expected_focus_deck_item_ids) + 1)),
)
for item in focus_deck_items:
assert_equal(
f"iwooos_projection.focus_deck_items.{item['item_id']}.display_mode",
item["display_mode"],
"first_layer_focus_deck",
)
assert_true(
f"iwooos_projection.focus_deck_items.{item['item_id']}.anchor_navigation_allowed",
item["anchor_navigation_allowed"],
)
assert_false(
f"iwooos_projection.focus_deck_items.{item['item_id']}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.focus_deck_items.{item['item_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.focus_deck_items.{item['item_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.focus_deck_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
source_control_focus = next(item for item in focus_deck_items if item["item_id"] == "sourceControl")
assert_false(
"iwooos_projection.focus_deck_items.sourceControl.source_control_mutation_authorized",
source_control_focus["source_control_mutation_authorized"],
)
assert_false(
"iwooos_projection.focus_deck_items.sourceControl.github_primary_switch_authorized",
source_control_focus["github_primary_switch_authorized"],
)
expected_immediate_visual_mesh_node_ids = [
"core",
"products",
"hosts",
"sourceControl",
"monitoring",
"awooop",
"runtimeGate",
]
immediate_visual_mesh_nodes = iwooos_projection["immediate_visual_mesh_nodes"]
assert_equal(
"iwooos_projection.immediate_visual_mesh_nodes.ids",
[item["node_id"] for item in immediate_visual_mesh_nodes],
expected_immediate_visual_mesh_node_ids,
)
assert_equal(
"iwooos_projection.immediate_visual_mesh_nodes.display_order",
[item["display_order"] for item in immediate_visual_mesh_nodes],
list(range(1, len(expected_immediate_visual_mesh_node_ids) + 1)),
)
for item in immediate_visual_mesh_nodes:
assert_equal(
f"iwooos_projection.immediate_visual_mesh_nodes.{item['node_id']}.display_mode",
item["display_mode"],
"first_screen_visual_mesh",
)
assert_true(
f"iwooos_projection.immediate_visual_mesh_nodes.{item['node_id']}.read_only",
item["read_only"],
)
assert_false(
f"iwooos_projection.immediate_visual_mesh_nodes.{item['node_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.immediate_visual_mesh_nodes.{item['node_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.immediate_visual_mesh_nodes.{item['node_id']}.not_authorization",
item["not_authorization"],
)
hosts_mesh_node = next(item for item in immediate_visual_mesh_nodes if item["node_id"] == "hosts")
assert_false(
"iwooos_projection.immediate_visual_mesh_nodes.hosts.host_change_authorized",
hosts_mesh_node["host_change_authorized"],
)
source_control_mesh_node = next(item for item in immediate_visual_mesh_nodes if item["node_id"] == "sourceControl")
assert_false(
"iwooos_projection.immediate_visual_mesh_nodes.sourceControl.source_control_mutation_authorized",
source_control_mesh_node["source_control_mutation_authorized"],
)
runtime_gate_mesh_node = next(item for item in immediate_visual_mesh_nodes if item["node_id"] == "runtimeGate")
assert_false(
"iwooos_projection.immediate_visual_mesh_nodes.runtimeGate.scan_authorized",
runtime_gate_mesh_node["scan_authorized"],
)
expected_topology_atlas_lens_ids = [
"architecture",
"topology",
"attackSurface",
"evidenceFlow",
]
topology_atlas_lenses = iwooos_projection["topology_atlas_lenses"]
assert_equal(
"iwooos_projection.topology_atlas_lenses.ids",
[item["lens_id"] for item in topology_atlas_lenses],
expected_topology_atlas_lens_ids,
)
assert_equal(
"iwooos_projection.topology_atlas_lenses.display_order",
[item["display_order"] for item in topology_atlas_lenses],
list(range(1, len(expected_topology_atlas_lens_ids) + 1)),
)
for item in topology_atlas_lenses:
assert_equal(
f"iwooos_projection.topology_atlas_lenses.{item['lens_id']}.display_mode",
item["display_mode"],
"first_screen_professional_topology_atlas",
)
assert_true(
f"iwooos_projection.topology_atlas_lenses.{item['lens_id']}.interactive_lens_allowed",
item["interactive_lens_allowed"],
)
assert_false(
f"iwooos_projection.topology_atlas_lenses.{item['lens_id']}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.topology_atlas_lenses.{item['lens_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.topology_atlas_lenses.{item['lens_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.topology_atlas_lenses.{item['lens_id']}.not_authorization",
item["not_authorization"],
)
topology_lens = next(item for item in topology_atlas_lenses if item["lens_id"] == "topology")
for flag in ["scan_authorized", "host_change_authorized"]:
assert_false(
f"iwooos_projection.topology_atlas_lenses.topology.{flag}",
topology_lens[flag],
)
attack_surface_lens = next(item for item in topology_atlas_lenses if item["lens_id"] == "attackSurface")
for flag in ["source_control_mutation_authorized", "github_primary_switch_authorized", "blast_radius_verified"]:
assert_false(
f"iwooos_projection.topology_atlas_lenses.attackSurface.{flag}",
attack_surface_lens[flag],
)
evidence_flow_lens = next(item for item in topology_atlas_lenses if item["lens_id"] == "evidenceFlow")
for count_key in ["owner_response_received_count", "reviewer_accepted_count"]:
assert_equal(
f"iwooos_projection.topology_atlas_lenses.evidenceFlow.{count_key}",
evidence_flow_lens[count_key],
0,
)
expected_topology_atlas_node_ids = [
"productSurface",
"sourceControl",
"kali",
"devHosts",
"monitoring",
"awooopTruth",
"runtimeGate",
]
topology_atlas_nodes = iwooos_projection["topology_atlas_nodes"]
assert_equal(
"iwooos_projection.topology_atlas_nodes.ids",
[item["node_id"] for item in topology_atlas_nodes],
expected_topology_atlas_node_ids,
)
assert_equal(
"iwooos_projection.topology_atlas_nodes.display_order",
[item["display_order"] for item in topology_atlas_nodes],
list(range(1, len(expected_topology_atlas_node_ids) + 1)),
)
for item in topology_atlas_nodes:
assert_true(
f"iwooos_projection.topology_atlas_nodes.{item['node_id']}.read_only",
item["read_only"],
)
assert_false(
f"iwooos_projection.topology_atlas_nodes.{item['node_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.topology_atlas_nodes.{item['node_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.topology_atlas_nodes.{item['node_id']}.not_authorization",
item["not_authorization"],
)
for node_id in ["kali", "devHosts"]:
node = next(item for item in topology_atlas_nodes if item["node_id"] == node_id)
assert_false(
f"iwooos_projection.topology_atlas_nodes.{node_id}.scan_authorized",
node["scan_authorized"],
)
assert_false(
f"iwooos_projection.topology_atlas_nodes.{node_id}.host_change_authorized",
node["host_change_authorized"],
)
source_control_topology_node = next(item for item in topology_atlas_nodes if item["node_id"] == "sourceControl")
assert_false(
"iwooos_projection.topology_atlas_nodes.sourceControl.source_control_mutation_authorized",
source_control_topology_node["source_control_mutation_authorized"],
)
expected_topology_atlas_chart_ids = [
"contextDepth",
"blastRadius",
"evidenceFreshness",
]
topology_atlas_charts = iwooos_projection["topology_atlas_technical_charts"]
assert_equal(
"iwooos_projection.topology_atlas_technical_charts.ids",
[item["chart_id"] for item in topology_atlas_charts],
expected_topology_atlas_chart_ids,
)
assert_equal(
"iwooos_projection.topology_atlas_technical_charts.display_order",
[item["display_order"] for item in topology_atlas_charts],
list(range(1, len(expected_topology_atlas_chart_ids) + 1)),
)
for item in topology_atlas_charts:
assert_equal(
f"iwooos_projection.topology_atlas_technical_charts.{item['chart_id']}.display_mode",
item["display_mode"],
"first_screen_professional_topology_atlas",
)
assert_false(
f"iwooos_projection.topology_atlas_technical_charts.{item['chart_id']}.runtime_delta",
item["runtime_delta"],
)
assert_true(
f"iwooos_projection.topology_atlas_technical_charts.{item['chart_id']}.not_authorization",
item["not_authorization"],
)
blast_radius_chart = next(item for item in topology_atlas_charts if item["chart_id"] == "blastRadius")
assert_false(
"iwooos_projection.topology_atlas_technical_charts.blastRadius.blast_radius_verified",
blast_radius_chart["blast_radius_verified"],
)
expected_topology_drilldown_node_ids = [
"productSurface",
"sourceControl",
"kali",
"devHosts",
"monitoring",
"awooopTruth",
"runtimeGate",
]
topology_drilldown_nodes = iwooos_projection["topology_drilldown_nodes"]
assert_equal(
"iwooos_projection.topology_drilldown_nodes.ids",
[item["node_id"] for item in topology_drilldown_nodes],
expected_topology_drilldown_node_ids,
)
assert_equal(
"iwooos_projection.topology_drilldown_nodes.display_order",
[item["display_order"] for item in topology_drilldown_nodes],
list(range(1, len(expected_topology_drilldown_node_ids) + 1)),
)
for item in topology_drilldown_nodes:
assert_true(
f"iwooos_projection.topology_drilldown_nodes.{item['node_id']}.interactive_node_allowed",
item["interactive_node_allowed"],
)
assert_false(
f"iwooos_projection.topology_drilldown_nodes.{item['node_id']}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.topology_drilldown_nodes.{item['node_id']}.scan_authorized",
item["scan_authorized"],
)
assert_false(
f"iwooos_projection.topology_drilldown_nodes.{item['node_id']}.host_change_authorized",
item["host_change_authorized"],
)
assert_false(
f"iwooos_projection.topology_drilldown_nodes.{item['node_id']}.source_control_mutation_authorized",
item["source_control_mutation_authorized"],
)
assert_false(
f"iwooos_projection.topology_drilldown_nodes.{item['node_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.topology_drilldown_nodes.{item['node_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.topology_drilldown_nodes.{item['node_id']}.not_authorization",
item["not_authorization"],
)
expected_topology_path_explorer_path_ids = [
"externalToGate",
"sourceToHost",
"kaliToDev",
"evidenceToGate",
]
expected_topology_path_explorer_sequences = {
"externalToGate": ["productSurface", "sourceControl", "monitoring", "awooopTruth", "runtimeGate"],
"sourceToHost": ["sourceControl", "kali", "devHosts", "runtimeGate"],
"kaliToDev": ["kali", "devHosts", "runtimeGate"],
"evidenceToGate": ["monitoring", "awooopTruth", "runtimeGate"],
}
topology_path_explorer_paths = iwooos_projection["topology_path_explorer_paths"]
assert_equal(
"iwooos_projection.topology_path_explorer_paths.ids",
[item["path_id"] for item in topology_path_explorer_paths],
expected_topology_path_explorer_path_ids,
)
assert_equal(
"iwooos_projection.topology_path_explorer_paths.display_order",
[item["display_order"] for item in topology_path_explorer_paths],
list(range(1, len(expected_topology_path_explorer_path_ids) + 1)),
)
for item in topology_path_explorer_paths:
path_id = item["path_id"]
assert_equal(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.node_sequence",
item["node_sequence"],
expected_topology_path_explorer_sequences[path_id],
)
assert_true(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.interactive_path_allowed",
item["interactive_path_allowed"],
)
assert_false(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.scan_authorized",
item["scan_authorized"],
)
assert_false(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.host_change_authorized",
item["host_change_authorized"],
)
assert_false(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.source_control_mutation_authorized",
item["source_control_mutation_authorized"],
)
assert_false(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.topology_path_explorer_paths.{path_id}.not_authorization",
item["not_authorization"],
)
expected_topology_intelligence_deck_ids = [
"assetContext",
"attackPath",
"blastRadius",
"evidenceTimeline",
]
expected_topology_intelligence_sequences = {
"assetContext": ["productSurface", "sourceControl", "monitoring"],
"attackPath": ["sourceControl", "kali", "devHosts", "runtimeGate"],
"blastRadius": ["kali", "devHosts", "runtimeGate"],
"evidenceTimeline": ["monitoring", "awooopTruth", "runtimeGate"],
}
topology_intelligence_deck = iwooos_projection["topology_intelligence_deck"]
assert_equal(
"iwooos_projection.topology_intelligence_deck.ids",
[item["insight_id"] for item in topology_intelligence_deck],
expected_topology_intelligence_deck_ids,
)
assert_equal(
"iwooos_projection.topology_intelligence_deck.display_order",
[item["display_order"] for item in topology_intelligence_deck],
list(range(1, len(expected_topology_intelligence_deck_ids) + 1)),
)
for item in topology_intelligence_deck:
insight_id = item["insight_id"]
assert_equal(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.display_mode",
item["display_mode"],
"professional_graph_intelligence_deck",
)
assert_equal(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.node_sequence",
item["node_sequence"],
expected_topology_intelligence_sequences[insight_id],
)
assert_true(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.interactive_item_allowed",
item["interactive_item_allowed"],
)
assert_false(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.scan_authorized",
item["scan_authorized"],
)
assert_false(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.host_change_authorized",
item["host_change_authorized"],
)
assert_false(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.source_control_mutation_authorized",
item["source_control_mutation_authorized"],
)
assert_false(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.topology_intelligence_deck.{insight_id}.not_authorization",
item["not_authorization"],
)
expected_decision_runway_step_ids = [
"ownerEvidence",
"reviewerAcceptance",
"hostWindow",
"githubPrimary",
"runtimeGate",
]
decision_runway_steps = iwooos_projection["decision_runway_steps"]
assert_equal(
"iwooos_projection.decision_runway_steps.ids",
[item["step_id"] for item in decision_runway_steps],
expected_decision_runway_step_ids,
)
assert_equal(
"iwooos_projection.decision_runway_steps.display_order",
[item["display_order"] for item in decision_runway_steps],
list(range(1, len(expected_decision_runway_step_ids) + 1)),
)
assert_equal(
"iwooos_projection.decision_runway_steps.progress",
[item["progress"] for item in decision_runway_steps],
[18, 12, 35, 22, 0],
)
for item in decision_runway_steps:
step_id = item["step_id"]
assert_equal(
f"iwooos_projection.decision_runway_steps.{step_id}.display_mode",
item["display_mode"],
"first_screen_decision_runway",
)
assert_true(
f"iwooos_projection.decision_runway_steps.{step_id}.interactive_step_allowed",
item["interactive_step_allowed"],
)
assert_false(
f"iwooos_projection.decision_runway_steps.{step_id}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.decision_runway_steps.{step_id}.scan_authorized",
item["scan_authorized"],
)
assert_false(
f"iwooos_projection.decision_runway_steps.{step_id}.host_change_authorized",
item["host_change_authorized"],
)
assert_false(
f"iwooos_projection.decision_runway_steps.{step_id}.source_control_mutation_authorized",
item["source_control_mutation_authorized"],
)
assert_false(
f"iwooos_projection.decision_runway_steps.{step_id}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.decision_runway_steps.{step_id}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.decision_runway_steps.{step_id}.not_authorization",
item["not_authorization"],
)
expected_decision_runway_dependency_ids = [
"iwooos",
"awooop",
"vibework",
"agentBounty",
"kali",
"devHosts",
"monitoring",
]
decision_runway_dependencies = iwooos_projection["decision_runway_dependencies"]
assert_equal(
"iwooos_projection.decision_runway_dependencies.ids",
[item["dependency_id"] for item in decision_runway_dependencies],
expected_decision_runway_dependency_ids,
)
assert_equal(
"iwooos_projection.decision_runway_dependencies.display_order",
[item["display_order"] for item in decision_runway_dependencies],
list(range(1, len(expected_decision_runway_dependency_ids) + 1)),
)
for item in decision_runway_dependencies:
dependency_id = item["dependency_id"]
assert_equal(
f"iwooos_projection.decision_runway_dependencies.{dependency_id}.display_mode",
item["display_mode"],
"first_screen_decision_runway_dependency",
)
assert_false(
f"iwooos_projection.decision_runway_dependencies.{dependency_id}.runtime_delta",
item["runtime_delta"],
)
assert_true(
f"iwooos_projection.decision_runway_dependencies.{dependency_id}.not_authorization",
item["not_authorization"],
)
expected_decision_runway_boundary_signal_ids = [
"scan",
"hostChange",
"sourceMutation",
"runtimeExecution",
]
decision_runway_boundary_signals = iwooos_projection["decision_runway_boundary_signals"]
assert_equal(
"iwooos_projection.decision_runway_boundary_signals.ids",
[item["signal_id"] for item in decision_runway_boundary_signals],
expected_decision_runway_boundary_signal_ids,
)
assert_equal(
"iwooos_projection.decision_runway_boundary_signals.display_order",
[item["display_order"] for item in decision_runway_boundary_signals],
list(range(1, len(expected_decision_runway_boundary_signal_ids) + 1)),
)
for item in decision_runway_boundary_signals:
signal_id = item["signal_id"]
assert_false(
f"iwooos_projection.decision_runway_boundary_signals.{signal_id}.authorized",
item["authorized"],
)
assert_false(
f"iwooos_projection.decision_runway_boundary_signals.{signal_id}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_true(
f"iwooos_projection.decision_runway_boundary_signals.{signal_id}.not_authorization",
item["not_authorization"],
)
expected_gate_radar_lane_ids = [
"visible",
"blocker",
"review",
"locked",
]
gate_radar_lanes = iwooos_projection["gate_radar_lanes"]
assert_equal(
"iwooos_projection.gate_radar_lanes.ids",
[item["lane_id"] for item in gate_radar_lanes],
expected_gate_radar_lane_ids,
)
assert_equal(
"iwooos_projection.gate_radar_lanes.display_order",
[item["display_order"] for item in gate_radar_lanes],
list(range(1, len(expected_gate_radar_lane_ids) + 1)),
)
assert_equal(
"iwooos_projection.gate_radar_lanes.scores",
[item["score"] for item in gate_radar_lanes],
[92, 64, 40, 0],
)
for item in gate_radar_lanes:
assert_equal(
f"iwooos_projection.gate_radar_lanes.{item['lane_id']}.display_mode",
item["display_mode"],
"first_screen_gate_radar",
)
assert_true(
f"iwooos_projection.gate_radar_lanes.{item['lane_id']}.interactive_lens_allowed",
item["interactive_lens_allowed"],
)
assert_false(
f"iwooos_projection.gate_radar_lanes.{item['lane_id']}.execution_action_button_allowed",
item["execution_action_button_allowed"],
)
assert_false(
f"iwooos_projection.gate_radar_lanes.{item['lane_id']}.runtime_gate_opened",
item["runtime_gate_opened"],
)
assert_false(
f"iwooos_projection.gate_radar_lanes.{item['lane_id']}.runtime_execution_authorized",
item["runtime_execution_authorized"],
)
assert_true(
f"iwooos_projection.gate_radar_lanes.{item['lane_id']}.not_authorization",
item["not_authorization"],
)
blocker_gate_radar_lane = next(item for item in gate_radar_lanes if item["lane_id"] == "blocker")
for count_key in ["owner_response_received_count", "owner_response_accepted_count", "github_primary_ready_count"]:
assert_equal(
f"iwooos_projection.gate_radar_lanes.blocker.{count_key}",
blocker_gate_radar_lane[count_key],
0,
)
review_gate_radar_lane = next(item for item in gate_radar_lanes if item["lane_id"] == "review")
assert_true(
"iwooos_projection.gate_radar_lanes.review.human_review_required",
review_gate_radar_lane["human_review_required"],
)
assert_false(
"iwooos_projection.gate_radar_lanes.review.formal_decision_record_created",
review_gate_radar_lane["formal_decision_record_created"],
)
locked_gate_radar_lane = next(item for item in gate_radar_lanes if item["lane_id"] == "locked")
for flag in ["scan_authorized", "host_change_authorized", "source_control_mutation_authorized"]:
assert_false(
f"iwooos_projection.gate_radar_lanes.locked.{flag}",
locked_gate_radar_lane[flag],
)
for text in [
"iwooos_first_unlock_path_step_count=5",
"iwooos_first_unlock_path_current_focus=s4_9_owner_response",
"iwooos_first_unlock_path_owner_response_received_count=0",
"iwooos_first_unlock_path_owner_response_accepted_count=0",
"iwooos_first_unlock_path_redacted_evidence_pointer_count=0",
"iwooos_first_unlock_path_intake_preflight_passed_count=0",
"iwooos_first_unlock_path_headline_review_authorized=false",
"iwooos_first_unlock_path_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_progress_unlock_path_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstProgressUnlockPath",
list(web_messages_zh["iwooos"].keys()),
"firstProgressUnlockPath",
)
assert_contains(
"web_messages.en.iwooos.firstProgressUnlockPath",
list(web_messages_en["iwooos"].keys()),
"firstProgressUnlockPath",
)
for key in ["eyebrow", "title", "subtitle", "summary", "items", "stepLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstProgressUnlockPath.keys",
list(web_messages_zh["iwooos"]["firstProgressUnlockPath"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstProgressUnlockPath.keys",
list(web_messages_en["iwooos"]["firstProgressUnlockPath"].keys()),
key,
)
for key in ["focus", "steps", "accepted", "headline"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstProgressUnlockPath.summary",
list(web_messages_zh["iwooos"]["firstProgressUnlockPath"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstProgressUnlockPath.summary",
list(web_messages_en["iwooos"]["firstProgressUnlockPath"]["summary"].keys()),
key,
)
for key in [
"ownerResponseScope",
"redactedEvidencePointer",
"intakePreflight",
"reviewAcceptance",
"headlineReviewCandidate",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstProgressUnlockPath.items",
list(web_messages_zh["iwooos"]["firstProgressUnlockPath"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstProgressUnlockPath.items",
list(web_messages_en["iwooos"]["firstProgressUnlockPath"]["items"].keys()),
key,
)
assert_contains(
"web_messages.zh-TW.iwooos.commandMap",
list(web_messages_zh["iwooos"].keys()),
"commandMap",
)
assert_contains(
"web_messages.en.iwooos.commandMap",
list(web_messages_en["iwooos"].keys()),
"commandMap",
)
for key in ["eyebrow", "title", "subtitle", "tabsLabel", "boundaryTitle", "panelLabels", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.commandMap.keys",
list(web_messages_zh["iwooos"]["commandMap"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.commandMap.keys",
list(web_messages_en["iwooos"]["commandMap"].keys()),
key,
)
for key in ["evidence", "next", "locked"]:
assert_contains(
"web_messages.zh-TW.iwooos.commandMap.panelLabels",
list(web_messages_zh["iwooos"]["commandMap"]["panelLabels"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.commandMap.panelLabels",
list(web_messages_en["iwooos"]["commandMap"]["panelLabels"].keys()),
key,
)
for key in expected_command_map_item_ids:
assert_contains(
"web_messages.zh-TW.iwooos.commandMap.items",
list(web_messages_zh["iwooos"]["commandMap"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.commandMap.items",
list(web_messages_en["iwooos"]["commandMap"]["items"].keys()),
key,
)
for field in ["title", "state", "detail", "evidence", "next", "locked"]:
assert_contains(
f"web_messages.zh-TW.iwooos.commandMap.items.{key}",
list(web_messages_zh["iwooos"]["commandMap"]["items"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.commandMap.items.{key}",
list(web_messages_en["iwooos"]["commandMap"]["items"][key].keys()),
field,
)
assert_contains(
"web_messages.zh-TW.iwooos.executiveSnapshot",
list(web_messages_zh["iwooos"].keys()),
"executiveSnapshot",
)
assert_contains(
"web_messages.en.iwooos.executiveSnapshot",
list(web_messages_en["iwooos"].keys()),
"executiveSnapshot",
)
for key in ["eyebrow", "title", "subtitle", "axes", "cards", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.executiveSnapshot.keys",
list(web_messages_zh["iwooos"]["executiveSnapshot"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.executiveSnapshot.keys",
list(web_messages_en["iwooos"]["executiveSnapshot"].keys()),
key,
)
for key in expected_executive_snapshot_axis_ids:
assert_contains(
"web_messages.zh-TW.iwooos.executiveSnapshot.axes",
list(web_messages_zh["iwooos"]["executiveSnapshot"]["axes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.executiveSnapshot.axes",
list(web_messages_en["iwooos"]["executiveSnapshot"]["axes"].keys()),
key,
)
assert_contains(
f"web_messages.zh-TW.iwooos.executiveSnapshot.axes.{key}",
list(web_messages_zh["iwooos"]["executiveSnapshot"]["axes"][key].keys()),
"label",
)
assert_contains(
f"web_messages.en.iwooos.executiveSnapshot.axes.{key}",
list(web_messages_en["iwooos"]["executiveSnapshot"]["axes"][key].keys()),
"label",
)
assert_text_contains(
"iwooos_page.executive_snapshot_framework_axis",
iwooos_projection_page,
"{ key: 'framework', value: '92%', percent: 92",
)
for key in expected_executive_snapshot_card_ids:
assert_contains(
"web_messages.zh-TW.iwooos.executiveSnapshot.cards",
list(web_messages_zh["iwooos"]["executiveSnapshot"]["cards"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.executiveSnapshot.cards",
list(web_messages_en["iwooos"]["executiveSnapshot"]["cards"].keys()),
key,
)
for field in ["title", "body"]:
assert_contains(
f"web_messages.zh-TW.iwooos.executiveSnapshot.cards.{key}",
list(web_messages_zh["iwooos"]["executiveSnapshot"]["cards"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.executiveSnapshot.cards.{key}",
list(web_messages_en["iwooos"]["executiveSnapshot"]["cards"][key].keys()),
field,
)
assert_contains(
"web_messages.zh-TW.iwooos.focusDeck",
list(web_messages_zh["iwooos"].keys()),
"focusDeck",
)
assert_contains(
"web_messages.en.iwooos.focusDeck",
list(web_messages_en["iwooos"].keys()),
"focusDeck",
)
for key in ["eyebrow", "title", "subtitle", "summary", "items", "boundaryTitle"]:
assert_contains(
"web_messages.zh-TW.iwooos.focusDeck.keys",
list(web_messages_zh["iwooos"]["focusDeck"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.focusDeck.keys",
list(web_messages_en["iwooos"]["focusDeck"].keys()),
key,
)
for key in ["items", "runtime", "mode"]:
assert_contains(
"web_messages.zh-TW.iwooos.focusDeck.summary",
list(web_messages_zh["iwooos"]["focusDeck"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.focusDeck.summary",
list(web_messages_en["iwooos"]["focusDeck"]["summary"].keys()),
key,
)
for key in expected_focus_deck_item_ids:
assert_contains(
"web_messages.zh-TW.iwooos.focusDeck.items",
list(web_messages_zh["iwooos"]["focusDeck"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.focusDeck.items",
list(web_messages_en["iwooos"]["focusDeck"]["items"].keys()),
key,
)
for field in ["label", "title", "body"]:
assert_contains(
f"web_messages.zh-TW.iwooos.focusDeck.items.{key}",
list(web_messages_zh["iwooos"]["focusDeck"]["items"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.focusDeck.items.{key}",
list(web_messages_en["iwooos"]["focusDeck"]["items"][key].keys()),
field,
)
assert_contains(
"web_messages.zh-TW.iwooos.immediateVisualMesh",
list(web_messages_zh["iwooos"].keys()),
"immediateVisualMesh",
)
assert_contains(
"web_messages.en.iwooos.immediateVisualMesh",
list(web_messages_en["iwooos"].keys()),
"immediateVisualMesh",
)
for key in ["eyebrow", "title", "subtitle", "center", "stats", "nodes", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.immediateVisualMesh.keys",
list(web_messages_zh["iwooos"]["immediateVisualMesh"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.immediateVisualMesh.keys",
list(web_messages_en["iwooos"]["immediateVisualMesh"].keys()),
key,
)
for key in ["assetScope", "hostScope", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.immediateVisualMesh.stats",
list(web_messages_zh["iwooos"]["immediateVisualMesh"]["stats"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.immediateVisualMesh.stats",
list(web_messages_en["iwooos"]["immediateVisualMesh"]["stats"].keys()),
key,
)
assert_contains(
f"web_messages.zh-TW.iwooos.immediateVisualMesh.stats.{key}",
list(web_messages_zh["iwooos"]["immediateVisualMesh"]["stats"][key].keys()),
"label",
)
assert_contains(
f"web_messages.en.iwooos.immediateVisualMesh.stats.{key}",
list(web_messages_en["iwooos"]["immediateVisualMesh"]["stats"][key].keys()),
"label",
)
for key in ["products", "hosts", "sourceControl", "monitoring", "awooop", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.immediateVisualMesh.nodes",
list(web_messages_zh["iwooos"]["immediateVisualMesh"]["nodes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.immediateVisualMesh.nodes",
list(web_messages_en["iwooos"]["immediateVisualMesh"]["nodes"].keys()),
key,
)
for field in ["title", "body"]:
assert_contains(
f"web_messages.zh-TW.iwooos.immediateVisualMesh.nodes.{key}",
list(web_messages_zh["iwooos"]["immediateVisualMesh"]["nodes"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.immediateVisualMesh.nodes.{key}",
list(web_messages_en["iwooos"]["immediateVisualMesh"]["nodes"][key].keys()),
field,
)
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas",
list(web_messages_zh["iwooos"].keys()),
"topologyAtlas",
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas",
list(web_messages_en["iwooos"].keys()),
"topologyAtlas",
)
for key in [
"eyebrow",
"title",
"subtitle",
"tabsLabel",
"mapLabel",
"panelLabels",
"pathExplorer",
"nodeDrilldown",
"lenses",
"nodes",
"layers",
"charts",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.keys",
list(web_messages_zh["iwooos"]["topologyAtlas"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.keys",
list(web_messages_en["iwooos"]["topologyAtlas"].keys()),
key,
)
for key in ["evidence", "next", "locked"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.panelLabels",
list(web_messages_zh["iwooos"]["topologyAtlas"]["panelLabels"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.panelLabels",
list(web_messages_en["iwooos"]["topologyAtlas"]["panelLabels"].keys()),
key,
)
for key in ["eyebrow", "selectorLabel", "fields", "paths"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.pathExplorer.keys",
list(web_messages_zh["iwooos"]["topologyAtlas"]["pathExplorer"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.pathExplorer.keys",
list(web_messages_en["iwooos"]["topologyAtlas"]["pathExplorer"].keys()),
key,
)
for key in ["evidence", "risk", "next", "locked"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.pathExplorer.fields",
list(web_messages_zh["iwooos"]["topologyAtlas"]["pathExplorer"]["fields"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.pathExplorer.fields",
list(web_messages_en["iwooos"]["topologyAtlas"]["pathExplorer"]["fields"].keys()),
key,
)
for key in ["externalToGate", "sourceToHost", "kaliToDev", "evidenceToGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.pathExplorer.paths",
list(web_messages_zh["iwooos"]["topologyAtlas"]["pathExplorer"]["paths"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.pathExplorer.paths",
list(web_messages_en["iwooos"]["topologyAtlas"]["pathExplorer"]["paths"].keys()),
key,
)
for field in ["title", "evidence", "risk", "next", "locked"]:
assert_contains(
f"web_messages.zh-TW.iwooos.topologyAtlas.pathExplorer.paths.{key}",
list(web_messages_zh["iwooos"]["topologyAtlas"]["pathExplorer"]["paths"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.topologyAtlas.pathExplorer.paths.{key}",
list(web_messages_en["iwooos"]["topologyAtlas"]["pathExplorer"]["paths"][key].keys()),
field,
)
for key in ["eyebrow", "title", "subtitle", "selectorLabel", "ringLabel", "fields", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.intelligenceDeck.keys",
list(web_messages_zh["iwooos"]["topologyAtlas"]["intelligenceDeck"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.intelligenceDeck.keys",
list(web_messages_en["iwooos"]["topologyAtlas"]["intelligenceDeck"].keys()),
key,
)
for key in ["signal", "interpretation", "next"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.intelligenceDeck.fields",
list(web_messages_zh["iwooos"]["topologyAtlas"]["intelligenceDeck"]["fields"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.intelligenceDeck.fields",
list(web_messages_en["iwooos"]["topologyAtlas"]["intelligenceDeck"]["fields"].keys()),
key,
)
for key in ["assetContext", "attackPath", "blastRadius", "evidenceTimeline"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.intelligenceDeck.items",
list(web_messages_zh["iwooos"]["topologyAtlas"]["intelligenceDeck"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.intelligenceDeck.items",
list(web_messages_en["iwooos"]["topologyAtlas"]["intelligenceDeck"]["items"].keys()),
key,
)
for field in ["title", "signal", "interpretation", "next", "ring"]:
assert_contains(
f"web_messages.zh-TW.iwooos.topologyAtlas.intelligenceDeck.items.{key}",
list(web_messages_zh["iwooos"]["topologyAtlas"]["intelligenceDeck"]["items"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.topologyAtlas.intelligenceDeck.items.{key}",
list(web_messages_en["iwooos"]["topologyAtlas"]["intelligenceDeck"]["items"][key].keys()),
field,
)
for key in ["eyebrow", "selectorLabel", "fields", "nodes"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.nodeDrilldown.keys",
list(web_messages_zh["iwooos"]["topologyAtlas"]["nodeDrilldown"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.nodeDrilldown.keys",
list(web_messages_en["iwooos"]["topologyAtlas"]["nodeDrilldown"].keys()),
key,
)
for key in ["relation", "evidence", "next", "boundary"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.nodeDrilldown.fields",
list(web_messages_zh["iwooos"]["topologyAtlas"]["nodeDrilldown"]["fields"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.nodeDrilldown.fields",
list(web_messages_en["iwooos"]["topologyAtlas"]["nodeDrilldown"]["fields"].keys()),
key,
)
for key in ["productSurface", "sourceControl", "kali", "devHosts", "monitoring", "awooopTruth", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.nodeDrilldown.nodes",
list(web_messages_zh["iwooos"]["topologyAtlas"]["nodeDrilldown"]["nodes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.nodeDrilldown.nodes",
list(web_messages_en["iwooos"]["topologyAtlas"]["nodeDrilldown"]["nodes"].keys()),
key,
)
assert_contains(
f"web_messages.zh-TW.iwooos.topologyAtlas.nodeDrilldown.nodes.{key}",
list(web_messages_zh["iwooos"]["topologyAtlas"]["nodeDrilldown"]["nodes"][key].keys()),
"body",
)
assert_contains(
f"web_messages.en.iwooos.topologyAtlas.nodeDrilldown.nodes.{key}",
list(web_messages_en["iwooos"]["topologyAtlas"]["nodeDrilldown"]["nodes"][key].keys()),
"body",
)
for key in ["architecture", "topology", "attackSurface", "evidenceFlow"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.lenses",
list(web_messages_zh["iwooos"]["topologyAtlas"]["lenses"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.lenses",
list(web_messages_en["iwooos"]["topologyAtlas"]["lenses"].keys()),
key,
)
for field in ["title", "mapTitle", "detail", "evidence", "next", "locked"]:
assert_contains(
f"web_messages.zh-TW.iwooos.topologyAtlas.lenses.{key}",
list(web_messages_zh["iwooos"]["topologyAtlas"]["lenses"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.topologyAtlas.lenses.{key}",
list(web_messages_en["iwooos"]["topologyAtlas"]["lenses"][key].keys()),
field,
)
for key in ["productSurface", "sourceControl", "kali", "devHosts", "monitoring", "awooopTruth", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.nodes",
list(web_messages_zh["iwooos"]["topologyAtlas"]["nodes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.nodes",
list(web_messages_en["iwooos"]["topologyAtlas"]["nodes"].keys()),
key,
)
assert_contains(
f"web_messages.zh-TW.iwooos.topologyAtlas.nodes.{key}",
list(web_messages_zh["iwooos"]["topologyAtlas"]["nodes"][key].keys()),
"title",
)
assert_contains(
f"web_messages.en.iwooos.topologyAtlas.nodes.{key}",
list(web_messages_en["iwooos"]["topologyAtlas"]["nodes"][key].keys()),
"title",
)
for key in ["externalSurface", "codeSupply", "hostFabric", "evidenceOps", "gateControl"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.layers",
list(web_messages_zh["iwooos"]["topologyAtlas"]["layers"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.layers",
list(web_messages_en["iwooos"]["topologyAtlas"]["layers"].keys()),
key,
)
for field in ["title", "body"]:
assert_contains(
f"web_messages.zh-TW.iwooos.topologyAtlas.layers.{key}",
list(web_messages_zh["iwooos"]["topologyAtlas"]["layers"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.topologyAtlas.layers.{key}",
list(web_messages_en["iwooos"]["topologyAtlas"]["layers"][key].keys()),
field,
)
for key in ["contextDepth", "blastRadius", "evidenceFreshness"]:
assert_contains(
"web_messages.zh-TW.iwooos.topologyAtlas.charts",
list(web_messages_zh["iwooos"]["topologyAtlas"]["charts"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.topologyAtlas.charts",
list(web_messages_en["iwooos"]["topologyAtlas"]["charts"].keys()),
key,
)
for field in ["label", "body"]:
assert_contains(
f"web_messages.zh-TW.iwooos.topologyAtlas.charts.{key}",
list(web_messages_zh["iwooos"]["topologyAtlas"]["charts"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.topologyAtlas.charts.{key}",
list(web_messages_en["iwooos"]["topologyAtlas"]["charts"][key].keys()),
field,
)
assert_contains(
"web_messages.zh-TW.iwooos.decisionRunway",
list(web_messages_zh["iwooos"].keys()),
"decisionRunway",
)
assert_contains(
"web_messages.en.iwooos.decisionRunway",
list(web_messages_en["iwooos"].keys()),
"decisionRunway",
)
for key in [
"eyebrow",
"title",
"subtitle",
"railLabel",
"selectorLabel",
"fields",
"boundarySignals",
"steps",
"dependencies",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.decisionRunway.keys",
list(web_messages_zh["iwooos"]["decisionRunway"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.decisionRunway.keys",
list(web_messages_en["iwooos"]["decisionRunway"].keys()),
key,
)
for key in ["evidence", "next", "blocked"]:
assert_contains(
"web_messages.zh-TW.iwooos.decisionRunway.fields",
list(web_messages_zh["iwooos"]["decisionRunway"]["fields"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.decisionRunway.fields",
list(web_messages_en["iwooos"]["decisionRunway"]["fields"].keys()),
key,
)
for key in expected_decision_runway_boundary_signal_ids:
assert_contains(
"web_messages.zh-TW.iwooos.decisionRunway.boundarySignals",
list(web_messages_zh["iwooos"]["decisionRunway"]["boundarySignals"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.decisionRunway.boundarySignals",
list(web_messages_en["iwooos"]["decisionRunway"]["boundarySignals"].keys()),
key,
)
assert_contains(
f"web_messages.zh-TW.iwooos.decisionRunway.boundarySignals.{key}",
list(web_messages_zh["iwooos"]["decisionRunway"]["boundarySignals"][key].keys()),
"label",
)
assert_contains(
f"web_messages.en.iwooos.decisionRunway.boundarySignals.{key}",
list(web_messages_en["iwooos"]["decisionRunway"]["boundarySignals"][key].keys()),
"label",
)
for key in expected_decision_runway_step_ids:
assert_contains(
"web_messages.zh-TW.iwooos.decisionRunway.steps",
list(web_messages_zh["iwooos"]["decisionRunway"]["steps"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.decisionRunway.steps",
list(web_messages_en["iwooos"]["decisionRunway"]["steps"].keys()),
key,
)
for field in ["short", "title", "body", "evidence", "next", "blocked"]:
assert_contains(
f"web_messages.zh-TW.iwooos.decisionRunway.steps.{key}",
list(web_messages_zh["iwooos"]["decisionRunway"]["steps"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.decisionRunway.steps.{key}",
list(web_messages_en["iwooos"]["decisionRunway"]["steps"][key].keys()),
field,
)
for key in expected_decision_runway_dependency_ids:
assert_contains(
"web_messages.zh-TW.iwooos.decisionRunway.dependencies",
list(web_messages_zh["iwooos"]["decisionRunway"]["dependencies"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.decisionRunway.dependencies",
list(web_messages_en["iwooos"]["decisionRunway"]["dependencies"].keys()),
key,
)
for field in ["title", "body"]:
assert_contains(
f"web_messages.zh-TW.iwooos.decisionRunway.dependencies.{key}",
list(web_messages_zh["iwooos"]["decisionRunway"]["dependencies"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.decisionRunway.dependencies.{key}",
list(web_messages_en["iwooos"]["decisionRunway"]["dependencies"][key].keys()),
field,
)
assert_contains(
"web_messages.zh-TW.iwooos.gateRadar",
list(web_messages_zh["iwooos"].keys()),
"gateRadar",
)
assert_contains(
"web_messages.en.iwooos.gateRadar",
list(web_messages_en["iwooos"].keys()),
"gateRadar",
)
for key in [
"eyebrow",
"title",
"subtitle",
"tabsLabel",
"activeLabel",
"summary",
"panelLabels",
"lanes",
"boundaryTitle",
"boundaryIntro",
]:
assert_contains(
"web_messages.zh-TW.iwooos.gateRadar.keys",
list(web_messages_zh["iwooos"]["gateRadar"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.gateRadar.keys",
list(web_messages_en["iwooos"]["gateRadar"].keys()),
key,
)
for key in ["visibleScope", "currentBlocker", "runtimeGate"]:
assert_contains(
"web_messages.zh-TW.iwooos.gateRadar.summary",
list(web_messages_zh["iwooos"]["gateRadar"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.gateRadar.summary",
list(web_messages_en["iwooos"]["gateRadar"]["summary"].keys()),
key,
)
assert_contains(
f"web_messages.zh-TW.iwooos.gateRadar.summary.{key}",
list(web_messages_zh["iwooos"]["gateRadar"]["summary"][key].keys()),
"label",
)
assert_contains(
f"web_messages.en.iwooos.gateRadar.summary.{key}",
list(web_messages_en["iwooos"]["gateRadar"]["summary"][key].keys()),
"label",
)
for key in ["evidence", "next", "locked"]:
assert_contains(
"web_messages.zh-TW.iwooos.gateRadar.panelLabels",
list(web_messages_zh["iwooos"]["gateRadar"]["panelLabels"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.gateRadar.panelLabels",
list(web_messages_en["iwooos"]["gateRadar"]["panelLabels"].keys()),
key,
)
for key in ["visible", "blocker", "review", "locked"]:
assert_contains(
"web_messages.zh-TW.iwooos.gateRadar.lanes",
list(web_messages_zh["iwooos"]["gateRadar"]["lanes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.gateRadar.lanes",
list(web_messages_en["iwooos"]["gateRadar"]["lanes"].keys()),
key,
)
for field in ["title", "state", "detail", "evidence", "next", "locked"]:
assert_contains(
f"web_messages.zh-TW.iwooos.gateRadar.lanes.{key}",
list(web_messages_zh["iwooos"]["gateRadar"]["lanes"][key].keys()),
field,
)
assert_contains(
f"web_messages.en.iwooos.gateRadar.lanes.{key}",
list(web_messages_en["iwooos"]["gateRadar"]["lanes"][key].keys()),
field,
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_testid",
iwooos_projection_page,
'data-testid="iwooos-first-unlock-evidence-packet-board"',
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_component",
iwooos_projection_page,
"IwoooSFirstUnlockEvidencePacketBoard",
)
for text in [
"iwooos_first_unlock_evidence_packet_slot_count=5",
"iwooos_first_unlock_evidence_packet_current_focus=s4_9_owner_response",
"iwooos_first_unlock_evidence_packet_filled_count=0",
"iwooos_first_unlock_evidence_packet_accepted_count=0",
"iwooos_first_unlock_evidence_packet_redacted_pointer_required=true",
"iwooos_first_unlock_evidence_packet_raw_payload_allowed=false",
"iwooos_first_unlock_evidence_packet_secret_value_allowed=false",
"iwooos_first_unlock_evidence_packet_headline_review_authorized=false",
"iwooos_first_unlock_evidence_packet_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacket",
list(web_messages_zh["iwooos"].keys()),
"firstUnlockEvidencePacket",
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacket",
list(web_messages_en["iwooos"].keys()),
"firstUnlockEvidencePacket",
)
for key in ["title", "subtitle", "summary", "items", "slotLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacket.keys",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacket"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacket.keys",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacket"].keys()),
key,
)
for key in ["slots", "filled", "accepted", "payload"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacket.summary",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacket"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacket.summary",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacket"]["summary"].keys()),
key,
)
for key in [
"ownerDecisionMetadata",
"scopeEvidenceRefs",
"redactionAttestation",
"preflightTrace",
"reviewAcceptanceSummary",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacket.items",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacket"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacket.items",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacket"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_preflight_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-first-unlock-evidence-packet-preflight-outcome-board"',
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_preflight_outcome_component",
iwooos_projection_page,
"IwoooSFirstUnlockEvidencePacketPreflightOutcomeBoard",
)
for text in [
"iwooos_first_unlock_evidence_packet_preflight_outcome_lane_count=6",
"iwooos_first_unlock_evidence_packet_preflight_ready_for_review_count=0",
"iwooos_first_unlock_evidence_packet_preflight_needs_supplement_count=0",
"iwooos_first_unlock_evidence_packet_preflight_quarantined_count=0",
"iwooos_first_unlock_evidence_packet_preflight_rejected_count=0",
"iwooos_first_unlock_evidence_packet_review_accepted_count=0",
"iwooos_first_unlock_evidence_packet_headline_review_authorized=false",
"iwooos_first_unlock_evidence_packet_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_preflight_outcome_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketPreflightOutcomes",
list(web_messages_zh["iwooos"].keys()),
"firstUnlockEvidencePacketPreflightOutcomes",
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketPreflightOutcomes",
list(web_messages_en["iwooos"].keys()),
"firstUnlockEvidencePacketPreflightOutcomes",
)
for key in ["title", "subtitle", "summary", "items", "laneLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketPreflightOutcomes.keys",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketPreflightOutcomes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketPreflightOutcomes.keys",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketPreflightOutcomes"].keys()),
key,
)
for key in ["lanes", "ready", "quarantine", "accepted"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketPreflightOutcomes.summary",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketPreflightOutcomes"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketPreflightOutcomes.summary",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketPreflightOutcomes"]["summary"].keys()),
key,
)
for key in [
"readyForReview",
"needsOwnerMetadata",
"needsScopeRefs",
"quarantineRawPayload",
"rejectSecretValue",
"waitingReviewer",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketPreflightOutcomes.items",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketPreflightOutcomes"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketPreflightOutcomes.items",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketPreflightOutcomes"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_path_testid",
iwooos_projection_page,
'data-testid="iwooos-first-unlock-evidence-packet-supplement-path-board"',
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_path_component",
iwooos_projection_page,
"IwoooSFirstUnlockEvidencePacketSupplementPathBoard",
)
for text in [
"iwooos_first_unlock_evidence_packet_supplement_path_step_count=5",
"iwooos_first_unlock_evidence_packet_supplement_current_focus=owner_metadata_and_scope_refs",
"iwooos_first_unlock_evidence_packet_supplement_ready_count=0",
"iwooos_first_unlock_evidence_packet_supplement_submitted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_accepted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_blocked_count=0",
"iwooos_first_unlock_evidence_packet_supplement_quarantined_count=0",
"iwooos_first_unlock_evidence_packet_supplement_request_sent=false",
"iwooos_first_unlock_evidence_packet_supplement_raw_payload_allowed=false",
"iwooos_first_unlock_evidence_packet_supplement_secret_value_allowed=false",
"iwooos_first_unlock_evidence_packet_headline_review_authorized=false",
"iwooos_first_unlock_evidence_packet_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_path_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPath",
list(web_messages_zh["iwooos"].keys()),
"firstUnlockEvidencePacketSupplementPath",
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPath",
list(web_messages_en["iwooos"].keys()),
"firstUnlockEvidencePacketSupplementPath",
)
for key in ["title", "subtitle", "summary", "items", "stepLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPath.keys",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPath"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPath.keys",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPath"].keys()),
key,
)
for key in ["steps", "ready", "submitted", "accepted"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPath.summary",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPath"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPath.summary",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPath"]["summary"].keys()),
key,
)
for key in [
"ownerMetadataPatch",
"scopeRefsPatch",
"redactionPatch",
"preflightTracePatch",
"reviewerQueuePatch",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPath.items",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPath"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPath.items",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPath"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_pre_review_testid",
iwooos_projection_page,
'data-testid="iwooos-first-unlock-evidence-packet-supplement-pre-review-board"',
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_pre_review_component",
iwooos_projection_page,
"IwoooSFirstUnlockEvidencePacketSupplementPreReviewBoard",
)
for text in [
"iwooos_first_unlock_evidence_packet_supplement_pre_review_check_count=6",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_current_focus=supplement_pre_review",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_passed_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_failed_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_ready_for_review_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_queue_open=false",
"iwooos_first_unlock_evidence_packet_supplement_request_sent=false",
"iwooos_first_unlock_evidence_packet_supplement_submitted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_accepted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_raw_payload_allowed=false",
"iwooos_first_unlock_evidence_packet_supplement_secret_value_allowed=false",
"iwooos_first_unlock_evidence_packet_headline_review_authorized=false",
"iwooos_first_unlock_evidence_packet_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_pre_review_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPreReview",
list(web_messages_zh["iwooos"].keys()),
"firstUnlockEvidencePacketSupplementPreReview",
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPreReview",
list(web_messages_en["iwooos"].keys()),
"firstUnlockEvidencePacketSupplementPreReview",
)
for key in ["title", "subtitle", "summary", "items", "checkLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPreReview.keys",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPreReview"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPreReview.keys",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPreReview"].keys()),
key,
)
for key in ["checks", "passed", "ready", "queue"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPreReview.summary",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPreReview"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPreReview.summary",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPreReview"]["summary"].keys()),
key,
)
for key in [
"ownerMetadataComplete",
"scopeRefsTraceable",
"redactionAttested",
"preflightTraceAttached",
"noMutationClauseHeld",
"reviewerQueueReady",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPreReview.items",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPreReview"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPreReview.items",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPreReview"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_pre_review_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-first-unlock-evidence-packet-supplement-pre-review-outcome-board"',
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_pre_review_outcome_component",
iwooos_projection_page,
"IwoooSFirstUnlockEvidencePacketSupplementPreReviewOutcomeBoard",
)
for text in [
"iwooos_first_unlock_evidence_packet_supplement_pre_review_outcome_lane_count=6",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_ready_for_queue_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_returned_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_quarantined_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_rejected_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_reviewer_assigned_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_queue_open=false",
"iwooos_first_unlock_evidence_packet_supplement_request_sent=false",
"iwooos_first_unlock_evidence_packet_supplement_submitted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_accepted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_raw_payload_allowed=false",
"iwooos_first_unlock_evidence_packet_supplement_secret_value_allowed=false",
"iwooos_first_unlock_evidence_packet_headline_review_authorized=false",
"iwooos_first_unlock_evidence_packet_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_supplement_pre_review_outcome_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPreReviewOutcomes",
list(web_messages_zh["iwooos"].keys()),
"firstUnlockEvidencePacketSupplementPreReviewOutcomes",
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPreReviewOutcomes",
list(web_messages_en["iwooos"].keys()),
"firstUnlockEvidencePacketSupplementPreReviewOutcomes",
)
for key in ["title", "subtitle", "summary", "items", "outcomeLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPreReviewOutcomes.keys",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPreReviewOutcomes"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPreReviewOutcomes.keys",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPreReviewOutcomes"].keys()),
key,
)
for key in ["lanes", "ready", "returned", "assigned"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPreReviewOutcomes.summary",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPreReviewOutcomes"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPreReviewOutcomes.summary",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPreReviewOutcomes"]["summary"].keys()),
key,
)
for key in [
"readyForReviewerQueue",
"returnToSupplement",
"quarantineSensitiveMaterial",
"rejectMutationRequest",
"keepQueueClosed",
"waitReviewerAssignment",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketSupplementPreReviewOutcomes.items",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketSupplementPreReviewOutcomes"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketSupplementPreReviewOutcomes.items",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketSupplementPreReviewOutcomes"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preparation_testid",
iwooos_projection_page,
'data-testid="iwooos-first-unlock-evidence-packet-reviewer-assignment-preparation-board"',
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preparation_component",
iwooos_projection_page,
"IwoooSFirstUnlockEvidencePacketReviewerAssignmentPreparationBoard",
)
for text in [
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preparation_packet_count=6",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preparation_current_focus=reviewer_assignment_preparation",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preparation_ready_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preparation_reviewer_candidate_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preparation_reviewer_assigned_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preparation_audit_event_emitted=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_ready_for_queue_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_queue_open=false",
"iwooos_first_unlock_evidence_packet_supplement_request_sent=false",
"iwooos_first_unlock_evidence_packet_supplement_submitted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_accepted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_raw_payload_allowed=false",
"iwooos_first_unlock_evidence_packet_supplement_secret_value_allowed=false",
"iwooos_first_unlock_evidence_packet_headline_review_authorized=false",
"iwooos_first_unlock_evidence_packet_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preparation_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreparation",
list(web_messages_zh["iwooos"].keys()),
"firstUnlockEvidencePacketReviewerAssignmentPreparation",
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreparation",
list(web_messages_en["iwooos"].keys()),
"firstUnlockEvidencePacketReviewerAssignmentPreparation",
)
for key in ["title", "subtitle", "summary", "items", "packetLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreparation.keys",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreparation"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreparation.keys",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreparation"].keys()),
key,
)
for key in ["packets", "ready", "candidates", "assigned"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreparation.summary",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreparation"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreparation.summary",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreparation"]["summary"].keys()),
key,
)
for key in [
"queueStatusFreeze",
"reviewerRoleBoundary",
"scopePacket",
"evidencePointerIndex",
"conflictDisclosure",
"assignmentAuditDraft",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreparation.items",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreparation"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreparation.items",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreparation"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preflight_testid",
iwooos_projection_page,
'data-testid="iwooos-first-unlock-evidence-packet-reviewer-assignment-preflight-board"',
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preflight_component",
iwooos_projection_page,
"IwoooSFirstUnlockEvidencePacketReviewerAssignmentPreflightBoard",
)
for text in [
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_check_count=6",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_current_focus=reviewer_assignment_preflight",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_passed_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_failed_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_ready_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_reviewer_candidate_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_reviewer_assigned_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_queue_open=false",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_audit_event_emitted=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_ready_for_queue_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_queue_open=false",
"iwooos_first_unlock_evidence_packet_supplement_request_sent=false",
"iwooos_first_unlock_evidence_packet_supplement_submitted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_accepted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_raw_payload_allowed=false",
"iwooos_first_unlock_evidence_packet_supplement_secret_value_allowed=false",
"iwooos_first_unlock_evidence_packet_headline_review_authorized=false",
"iwooos_first_unlock_evidence_packet_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preflight_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflight",
list(web_messages_zh["iwooos"].keys()),
"firstUnlockEvidencePacketReviewerAssignmentPreflight",
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflight",
list(web_messages_en["iwooos"].keys()),
"firstUnlockEvidencePacketReviewerAssignmentPreflight",
)
for key in ["title", "subtitle", "summary", "items", "checkLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflight.keys",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflight"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflight.keys",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflight"].keys()),
key,
)
for key in ["checks", "passed", "ready", "assigned"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflight.summary",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflight"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflight.summary",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflight"]["summary"].keys()),
key,
)
for key in [
"queueStillClosed",
"roleBoundaryTraceable",
"scopePacketTraceable",
"evidenceIndexRedacted",
"conflictDisclosureClear",
"auditDraftMetadataOnly",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflight.items",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflight"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflight.items",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflight"]["items"].keys()),
key,
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_testid",
iwooos_projection_page,
'data-testid="iwooos-first-unlock-evidence-packet-reviewer-assignment-preflight-outcome-board"',
)
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_component",
iwooos_projection_page,
"IwoooSFirstUnlockEvidencePacketReviewerAssignmentPreflightOutcomeBoard",
)
for text in [
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_lane_count=6",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_current_focus=reviewer_assignment_preflight_outcomes",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_ready_for_candidate_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_returned_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_quarantined_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_conflict_hold_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_audit_event_emitted=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_reviewer_candidate_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_reviewer_assigned_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_queue_open=false",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_passed_count=0",
"iwooos_first_unlock_evidence_packet_reviewer_assignment_preflight_ready_count=0",
"iwooos_first_unlock_evidence_packet_supplement_pre_review_queue_open=false",
"iwooos_first_unlock_evidence_packet_supplement_request_sent=false",
"iwooos_first_unlock_evidence_packet_supplement_submitted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_accepted_count=0",
"iwooos_first_unlock_evidence_packet_supplement_raw_payload_allowed=false",
"iwooos_first_unlock_evidence_packet_supplement_secret_value_allowed=false",
"iwooos_first_unlock_evidence_packet_headline_review_authorized=false",
"iwooos_first_unlock_evidence_packet_runtime_gate_opened=false",
"runtime_execution_authorized=false",
"active_runtime_gate_count=0",
"action_buttons_allowed=false",
"not_authorization=true",
"secret_value_collection_allowed=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"github_primary_switch_authorized=false",
"gitea_disablement_authorized=false",
]:
assert_text_contains(
"iwooos_page.first_unlock_evidence_packet_reviewer_assignment_preflight_outcome_boundary",
iwooos_projection_page,
text,
)
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome",
list(web_messages_zh["iwooos"].keys()),
"firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome",
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome",
list(web_messages_en["iwooos"].keys()),
"firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome",
)
for key in ["title", "subtitle", "summary", "items", "outcomeLabel", "boundaryTitle", "boundaryIntro"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome.keys",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome.keys",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome"].keys()),
key,
)
for key in ["outcomes", "candidates", "assigned", "audit"]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome.summary",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome.summary",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome"]["summary"].keys()),
key,
)
for key in [
"keepQueueClosed",
"returnRoleBoundary",
"returnScopePacket",
"quarantineEvidenceIndex",
"holdConflictDisclosure",
"keepAuditDraftMetadataOnly",
]:
assert_contains(
"web_messages.zh-TW.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome.items",
list(web_messages_zh["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome.items",
list(web_messages_en["iwooos"]["firstUnlockEvidencePacketReviewerAssignmentPreflightOutcome"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"compactTitle",
"compactDetail",
"openIwooos",
"sourceLabel",
"sourceDetail",
"boundaryLabel",
"metrics",
]:
assert_contains(
"web_messages.zh-TW.security.iwooosBridge",
list(web_messages_zh["security"]["iwooosBridge"].keys()),
key,
)
assert_contains(
"web_messages.en.security.iwooosBridge",
list(web_messages_en["security"]["iwooosBridge"].keys()),
key,
)
for key in ["overall", "framework", "runtimeGates", "actions"]:
assert_contains(
"web_messages.zh-TW.security.iwooosBridge.metrics",
list(web_messages_zh["security"]["iwooosBridge"]["metrics"].keys()),
key,
)
assert_contains(
"web_messages.en.security.iwooosBridge.metrics",
list(web_messages_en["security"]["iwooosBridge"]["metrics"].keys()),
key,
)
for key in ["title", "subtitle", "states", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.surfaceConnections",
list(web_messages_zh["iwooos"]["surfaceConnections"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.surfaceConnections",
list(web_messages_en["iwooos"]["surfaceConnections"].keys()),
key,
)
for key in ["embeddedBridge", "directBridge", "awooopCandidate", "reviewHandoffCandidate"]:
assert_contains(
"web_messages.zh-TW.iwooos.surfaceConnections.states",
list(web_messages_zh["iwooos"]["surfaceConnections"]["states"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.surfaceConnections.states",
list(web_messages_en["iwooos"]["surfaceConnections"]["states"].keys()),
key,
)
for key in [
"securityCompliance",
"legacySecurity",
"legacyCompliance",
"alerts",
"errors",
"authorizations",
"governance",
"alertOperationLogs",
"awooopApprovals",
"codeReview",
]:
assert_contains(
"web_messages.zh-TW.iwooos.surfaceConnections.items",
list(web_messages_zh["iwooos"]["surfaceConnections"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.surfaceConnections.items",
list(web_messages_en["iwooos"]["surfaceConnections"]["items"].keys()),
key,
)
for key in ["title", "subtitle", "gateLabel", "guardLabel", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.sourceControlReadiness",
list(web_messages_zh["iwooos"]["sourceControlReadiness"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.sourceControlReadiness",
list(web_messages_en["iwooos"]["sourceControlReadiness"].keys()),
key,
)
for key in [
"candidateRepos",
"primaryReady",
"ownerResponses",
"refsTruth",
"workflowSecrets",
"rollbackAdr",
]:
assert_contains(
"web_messages.zh-TW.iwooos.sourceControlReadiness.items",
list(web_messages_zh["iwooos"]["sourceControlReadiness"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.sourceControlReadiness.items",
list(web_messages_en["iwooos"]["sourceControlReadiness"]["items"].keys()),
key,
)
for key in ["title", "subtitle", "routeLabel", "stageLabel", "boundaryLabel", "guardTitle", "summary", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.awooopCoverage",
list(web_messages_zh["iwooos"]["awooopCoverage"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.awooopCoverage",
list(web_messages_en["iwooos"]["awooopCoverage"].keys()),
key,
)
for key in ["routes", "covered", "runtimeGates", "actions"]:
assert_contains(
"web_messages.zh-TW.iwooos.awooopCoverage.summary",
list(web_messages_zh["iwooos"]["awooopCoverage"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.awooopCoverage.summary",
list(web_messages_en["iwooos"]["awooopCoverage"]["summary"].keys()),
key,
)
for key in ["home", "workItems", "contracts", "tenants", "runs", "runDetail", "approvals", "approvalDecision"]:
assert_contains(
"web_messages.zh-TW.iwooos.awooopCoverage.items",
list(web_messages_zh["iwooos"]["awooopCoverage"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.awooopCoverage.items",
list(web_messages_en["iwooos"]["awooopCoverage"]["items"].keys()),
key,
)
for key in ["title", "subtitle", "movementLabel", "guardLabel", "boundaryTitle", "summary", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.securityConvergenceRoadmap",
list(web_messages_zh["iwooos"]["securityConvergenceRoadmap"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityConvergenceRoadmap",
list(web_messages_en["iwooos"]["securityConvergenceRoadmap"].keys()),
key,
)
for key in ["mode", "coverage", "accepted", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.securityConvergenceRoadmap.summary",
list(web_messages_zh["iwooos"]["securityConvergenceRoadmap"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityConvergenceRoadmap.summary",
list(web_messages_en["iwooos"]["securityConvergenceRoadmap"]["summary"].keys()),
key,
)
for key in [
"visibilityFirst",
"ownerResponse",
"redactedEvidence",
"humanDecision",
"runtimeGate",
"sourceControlCutover",
]:
assert_contains(
"web_messages.zh-TW.iwooos.securityConvergenceRoadmap.items",
list(web_messages_zh["iwooos"]["securityConvergenceRoadmap"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.securityConvergenceRoadmap.items",
list(web_messages_en["iwooos"]["securityConvergenceRoadmap"]["items"].keys()),
key,
)
for key in ["title", "subtitle", "packetLabel", "movementLabel", "guardLabel", "boundaryTitle", "summary", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseCollectionBoard",
list(web_messages_zh["iwooos"]["ownerResponseCollectionBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseCollectionBoard",
list(web_messages_en["iwooos"]["ownerResponseCollectionBoard"].keys()),
key,
)
for key in ["packets", "templates", "received", "accepted"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseCollectionBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseCollectionBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseCollectionBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseCollectionBoard"]["summary"].keys()),
key,
)
for key in ["giteaAttestation", "githubTarget", "refsTruth", "workflowSecretNames"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseCollectionBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseCollectionBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseCollectionBoard.items",
list(web_messages_en["iwooos"]["ownerResponseCollectionBoard"]["items"].keys()),
key,
)
for key in ["title", "subtitle", "laneLabel", "ruleLabel", "guardLabel", "boundaryTitle", "summary", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseIntakeSafetyBoard",
list(web_messages_zh["iwooos"]["ownerResponseIntakeSafetyBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseIntakeSafetyBoard",
list(web_messages_en["iwooos"]["ownerResponseIntakeSafetyBoard"].keys()),
key,
)
for key in ["rules", "ingested", "quarantined", "rejected"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseIntakeSafetyBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseIntakeSafetyBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseIntakeSafetyBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseIntakeSafetyBoard"]["summary"].keys()),
key,
)
for key in [
"redactedEvidenceOnly",
"ownerScopeCompletion",
"secretValueQuarantine",
"repoMutationRequest",
"refsMutationRequest",
"runtimeExecutionRequest",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseIntakeSafetyBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseIntakeSafetyBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseIntakeSafetyBoard.items",
list(web_messages_en["iwooos"]["ownerResponseIntakeSafetyBoard"]["items"].keys()),
key,
)
for key in ["title", "subtitle", "laneLabel", "resultLabel", "guardLabel", "boundaryTitle", "summary", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseReviewOutcomeBoard",
list(web_messages_zh["iwooos"]["ownerResponseReviewOutcomeBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseReviewOutcomeBoard",
list(web_messages_en["iwooos"]["ownerResponseReviewOutcomeBoard"].keys()),
key,
)
for key in ["lanes", "ready", "accepted", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseReviewOutcomeBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseReviewOutcomeBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseReviewOutcomeBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseReviewOutcomeBoard"]["summary"].keys()),
key,
)
for key in [
"remainWaiting",
"needsEvidence",
"readyForHumanReview",
"quarantined",
"rejected",
"readonlyUpdate",
"humanDecisionRequired",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseReviewOutcomeBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseReviewOutcomeBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseReviewOutcomeBoard.items",
list(web_messages_en["iwooos"]["ownerResponseReviewOutcomeBoard"]["items"].keys()),
key,
)
for key in ["title", "subtitle", "queueLabel", "prepLabel", "guardLabel", "boundaryTitle", "summary", "items"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseHumanDecisionQueueBoard",
list(web_messages_zh["iwooos"]["ownerResponseHumanDecisionQueueBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseHumanDecisionQueueBoard",
list(web_messages_en["iwooos"]["ownerResponseHumanDecisionQueueBoard"].keys()),
key,
)
for key in ["queueItems", "ready", "approved", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseHumanDecisionQueueBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseHumanDecisionQueueBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseHumanDecisionQueueBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseHumanDecisionQueueBoard"]["summary"].keys()),
key,
)
for key in [
"decisionPacketDraft",
"evidenceTraceBundle",
"reviewerAssignment",
"rollbackWindowCandidate",
"runtimeGateSeparated",
"sourceControlCutoverSeparated",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseHumanDecisionQueueBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseHumanDecisionQueueBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseHumanDecisionQueueBoard.items",
list(web_messages_en["iwooos"]["ownerResponseHumanDecisionQueueBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"guardItemLabel",
"draftLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseDecisionRecordDraftGuardBoard",
list(web_messages_zh["iwooos"]["ownerResponseDecisionRecordDraftGuardBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseDecisionRecordDraftGuardBoard",
list(web_messages_en["iwooos"]["ownerResponseDecisionRecordDraftGuardBoard"].keys()),
key,
)
for key in ["guards", "drafts", "formalRecords", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseDecisionRecordDraftGuardBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseDecisionRecordDraftGuardBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseDecisionRecordDraftGuardBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseDecisionRecordDraftGuardBoard"]["summary"].keys()),
key,
)
for key in [
"recordIdentityDraft",
"decisionScopeSnapshot",
"reviewerRolePlaceholder",
"evidenceVersionFreeze",
"approvalNotExecutionBoundary",
"followupRuntimeGatePointer",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseDecisionRecordDraftGuardBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseDecisionRecordDraftGuardBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseDecisionRecordDraftGuardBoard.items",
list(web_messages_en["iwooos"]["ownerResponseDecisionRecordDraftGuardBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"checkItemLabel",
"preflightLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordCandidatePreflightBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordCandidatePreflightBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordCandidatePreflightBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordCandidatePreflightBoard"].keys()),
key,
)
for key in ["checks", "candidates", "formalRecords", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordCandidatePreflightBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordCandidatePreflightBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordCandidatePreflightBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordCandidatePreflightBoard"]["summary"].keys()),
key,
)
for key in [
"candidateIdentityTrace",
"reviewerIdentityBoundary",
"evidenceVersionChain",
"scopeAndExpiry",
"riskRollbackField",
"runtimeGateSeparation",
"sourceControlSeparation",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordCandidatePreflightBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordCandidatePreflightBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordCandidatePreflightBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordCandidatePreflightBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"laneLabel",
"resultLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordCandidateOutcomeBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordCandidateOutcomeBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordCandidateOutcomeBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordCandidateOutcomeBoard"].keys()),
key,
)
for key in ["lanes", "ready", "promoted", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordCandidateOutcomeBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordCandidateOutcomeBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordCandidateOutcomeBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordCandidateOutcomeBoard"]["summary"].keys()),
key,
)
for key in [
"remainCandidateWaiting",
"returnToDraft",
"needsEvidenceRefresh",
"needsReviewerClarification",
"readyForRecordOwner",
"quarantineSensitivePayload",
"rejectMutationRequest",
"runtimeOrCutoverGateRequired",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordCandidateOutcomeBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordCandidateOutcomeBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordCandidateOutcomeBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordCandidateOutcomeBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"packetLabel",
"handoffLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffBoard"].keys()),
key,
)
for key in ["packets", "ready", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffBoard"]["summary"].keys()),
key,
)
for key in [
"handoffIdentityBundle",
"handoffDecisionContext",
"handoffEvidenceLock",
"handoffReviewerNotes",
"handoffRiskRollback",
"handoffRuntimeGatePointer",
"handoffSourceControlPointer",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"checkLabel",
"reviewLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffReviewBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffReviewBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewBoard"].keys()),
key,
)
for key in ["checks", "passed", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffReviewBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffReviewBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewBoard"]["summary"].keys()),
key,
)
for key in [
"packetCompleteness",
"recordOwnerIdentityScope",
"authorityBoundaryMatch",
"evidenceVersionConfirm",
"reviewerNoteConfirm",
"mutationRequestReject",
"runtimeCutoverSeparation",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffReviewBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffReviewBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"laneLabel",
"resultLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard"].keys()),
key,
)
for key in ["lanes", "ready", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard"]["summary"].keys()),
key,
)
for key in [
"remainReviewWaiting",
"requestPacketCompletion",
"requestOwnerScopeClarification",
"requestEvidenceRefresh",
"readyForRecordOwnerReview",
"quarantineSensitivePayload",
"rejectMutationRequest",
"runtimeOrCutoverGateRequired",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerHandoffReviewOutcomeBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"packetLabel",
"prepareLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewPreparationBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewPreparationBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewPreparationBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewPreparationBoard"].keys()),
key,
)
for key in ["packets", "ready", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewPreparationBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewPreparationBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewPreparationBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewPreparationBoard"]["summary"].keys()),
key,
)
for key in [
"reviewIdentityPacket",
"handoffOutcomeSnapshot",
"ownerScopePacket",
"authorityBoundaryPacket",
"evidenceTracePacket",
"reviewerNotePacket",
"mutationRejectionPacket",
"runtimeCutoverPointer",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewPreparationBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewPreparationBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewPreparationBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewPreparationBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"checkLabel",
"reviewLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"].keys()),
key,
)
for key in ["checks", "passed", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"]["summary"].keys()),
key,
)
for key in [
"identityTraceCheck",
"handoffOutcomeCheck",
"ownerScopeCheck",
"authorityBoundaryCheck",
"evidenceTraceCheck",
"reviewerNoteCheck",
"mutationRejectionCheck",
"runtimeCutoverSeparationCheck",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewChecklistBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewChecklistBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"laneLabel",
"resultLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewOutcomeBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewOutcomeBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewOutcomeBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewOutcomeBoard"].keys()),
key,
)
for key in ["lanes", "ready", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewOutcomeBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewOutcomeBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewOutcomeBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewOutcomeBoard"]["summary"].keys()),
key,
)
for key in [
"remainOwnerReviewWaiting",
"requestTraceCompletion",
"requestOwnerScopeClarification",
"requestAuthorityBoundaryFix",
"readyForManualOwnerAssignmentReview",
"quarantineSensitivePayload",
"rejectMutationRequest",
"runtimeOrPrimaryGateRequired",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerReviewOutcomeBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerReviewOutcomeBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerReviewOutcomeBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerReviewOutcomeBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"packetLabel",
"preparationLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentPreparationBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentPreparationBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentPreparationBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentPreparationBoard"].keys()),
key,
)
for key in ["packets", "ready", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentPreparationBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentPreparationBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentPreparationBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentPreparationBoard"]["summary"].keys()),
key,
)
for key in [
"assignmentIdentityCandidate",
"ownerScopeConfirmation",
"authorityBoundaryConfirmation",
"evidenceTraceConfirmation",
"reviewOutcomeReference",
"backupOwnerNote",
"mutationRejectionConfirmation",
"runtimePrimarySeparation",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentPreparationBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentPreparationBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentPreparationBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentPreparationBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"checkLabel",
"confirmationLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentChecklistBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentChecklistBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentChecklistBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentChecklistBoard"].keys()),
key,
)
for key in ["checks", "passed", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentChecklistBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentChecklistBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentChecklistBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentChecklistBoard"]["summary"].keys()),
key,
)
for key in [
"assignmentIdentityReadable",
"ownerScopeCurrent",
"authorityBoundaryReadable",
"evidenceTraceReadable",
"reviewOutcomeLinked",
"backupOwnerNoteReadable",
"mutationRejectionConfirmed",
"runtimePrimarySeparated",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentChecklistBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentChecklistBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentChecklistBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentChecklistBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"laneLabel",
"resultLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentOutcomeBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentOutcomeBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentOutcomeBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentOutcomeBoard"].keys()),
key,
)
for key in ["lanes", "ready", "assigned", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentOutcomeBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentOutcomeBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentOutcomeBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentOutcomeBoard"]["summary"].keys()),
key,
)
for key in [
"remainAssignmentCheckWaiting",
"requestIdentityClarification",
"requestScopeRefresh",
"requestAuthorityBoundaryFix",
"readyForManualOwnerAssignmentDecision",
"quarantineSensitivePayload",
"rejectMutationRequest",
"runtimeOrPrimaryGateRequired",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentOutcomeBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentOutcomeBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentOutcomeBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentOutcomeBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"packetLabel",
"requirementLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard"].keys()),
key,
)
for key in ["packets", "ready", "decisions", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard"]["summary"].keys()),
key,
)
for key in [
"outcomeTracePacket",
"ownerIdentityPacket",
"scopeSnapshotPacket",
"authorityBoundaryPacket",
"evidenceReviewPacket",
"quarantineAndExceptionPacket",
"mutationRejectionPacket",
"runtimePrimaryGatePacket",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionPreparationBoard"]["items"].keys()),
key,
)
for key in [
"title",
"subtitle",
"checkLabel",
"confirmationLabel",
"guardLabel",
"boundaryTitle",
"summary",
"items",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard"].keys()),
key,
)
for key in ["checks", "passed", "decisions", "runtime"]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard.summary",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard"]["summary"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard.summary",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard"]["summary"].keys()),
key,
)
for key in [
"decisionTraceReadable",
"ownerIdentityConfirmable",
"scopeSnapshotCurrent",
"authorityBoundaryChecked",
"evidenceChainReadable",
"quarantineExceptionChecked",
"mutationRejectionChecked",
"runtimePrimarySeparated",
]:
assert_contains(
"web_messages.zh-TW.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard.items",
list(web_messages_zh["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard"]["items"].keys()),
key,
)
assert_contains(
"web_messages.en.iwooos.ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard.items",
list(web_messages_en["iwooos"]["ownerResponseFormalRecordOwnerAssignmentDecisionChecklistBoard"]["items"].keys()),
key,
)
owner_summary = owner_rollup["summary"]
assert_equal("owner_rollup.total_received_response_count", owner_summary["total_received_response_count"], 0)
assert_equal("owner_rollup.total_accepted_response_count", owner_summary["total_accepted_response_count"], 0)
assert_equal("owner_rollup.owner_response_evidence_routing_rule_count", owner_summary["owner_response_evidence_routing_rule_count"], 6)
assert_equal("owner_rollup.owner_response_validation_display_section_count", owner_summary["owner_response_validation_display_section_count"], 8)
assert_equal(
"owner_rollup.owner_response_validation_state_transition_rule_count",
owner_summary["owner_response_validation_state_transition_rule_count"],
7,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_checklist_count",
owner_summary["owner_response_validation_reviewer_checklist_count"],
9,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_outcome_lane_count",
owner_summary["owner_response_validation_reviewer_outcome_lane_count"],
7,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_audit_event_template_count",
owner_summary["owner_response_validation_reviewer_audit_event_template_count"],
4,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_audit_display_section_count",
owner_summary["owner_response_validation_reviewer_audit_display_section_count"],
5,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_audit_collection_check_count",
owner_summary["owner_response_validation_reviewer_audit_collection_check_count"],
6,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_audit_redaction_example_count",
owner_summary["owner_response_validation_reviewer_audit_redaction_example_count"],
5,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_audit_retention_rule_count",
owner_summary["owner_response_validation_reviewer_audit_retention_rule_count"],
5,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_audit_retention_check_count",
owner_summary["owner_response_validation_reviewer_audit_retention_check_count"],
6,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_audit_handoff_packet_count",
owner_summary["owner_response_validation_reviewer_audit_handoff_packet_count"],
6,
)
assert_equal(
"owner_rollup.owner_response_validation_reviewer_audit_handoff_check_count",
owner_summary["owner_response_validation_reviewer_audit_handoff_check_count"],
6,
)
assert_equal(
"owner_rollup.owner_response_validation_parallel_session_sync_check_count",
owner_summary["owner_response_validation_parallel_session_sync_check_count"],
6,
)
assert_equal(
"owner_rollup.owner_response_validation_parallel_session_conflict_lane_count",
owner_summary["owner_response_validation_parallel_session_conflict_lane_count"],
6,
)
assert_equal(
"owner_rollup.owner_response_validation_parallel_session_recovery_check_count",
owner_summary["owner_response_validation_parallel_session_recovery_check_count"],
6,
)
assert_equal(
"owner_rollup.owner_response_validation_parallel_session_recovery_outcome_lane_count",
owner_summary["owner_response_validation_parallel_session_recovery_outcome_lane_count"],
7,
)
assert_false("owner_rollup.runtime_execution_authorized", owner_summary["runtime_execution_authorized"])
assert_false("owner_rollup.repo_creation_authorized", owner_summary["repo_creation_authorized"])
assert_false("owner_rollup.refs_sync_authorized", owner_summary["refs_sync_authorized"])
assert_false("owner_rollup.workflow_modification_authorized", owner_summary["workflow_modification_authorized"])
assert_false("owner_rollup.github_primary_switch_authorized", owner_summary["github_primary_switch_authorized"])
assert_false("owner_rollup.action_buttons_allowed", owner_summary["action_buttons_allowed"])
next_candidate = owner_rollup["next_collection_candidate"]
assert_equal("owner_rollup.next_collection_candidate.order", next_candidate["order"], 1)
assert_equal(
"owner_rollup.next_collection_candidate.lane_id",
next_candidate["lane_id"],
"s4_9_gitea_inventory_owner_attestation_response",
)
assert_equal(
"owner_rollup.next_collection_candidate.display_status",
next_candidate["display_status"],
"next_owner_response_required",
)
assert_equal(
"owner_rollup.next_collection_candidate.required_response_template_count",
next_candidate["required_response_template_count"],
5,
)
assert_equal("owner_rollup.next_collection_candidate.received_response_count", next_candidate["received_response_count"], 0)
assert_equal("owner_rollup.next_collection_candidate.accepted_response_count", next_candidate["accepted_response_count"], 0)
assert_equal(
"owner_rollup.next_collection_candidate.awooop_display_mode",
next_candidate["awooop_display_mode"],
"display_next_collection_item_only",
)
assert_true("owner_rollup.next_collection_candidate.blocked_until_received", next_candidate["blocked_until_received"])
assert_false("owner_rollup.next_collection_candidate.execution_authorized", next_candidate["execution_authorized"])
assert_true("owner_rollup.next_collection_candidate.not_approval", next_candidate["not_approval"])
owner_local_validation = owner_rollup["latest_local_validation"]
assert_equal("owner_rollup.latest_local_validation.status", owner_local_validation["status"], "repo_snapshot_guard_pass")
assert_equal("owner_rollup.latest_local_validation.scope", owner_local_validation["scope"], "repo_snapshot_only")
assert_equal("owner_rollup.latest_local_validation.result", owner_local_validation["result"], "SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK")
assert_equal("owner_rollup.latest_local_validation.received_response_count", owner_local_validation["received_response_count"], 0)
assert_equal("owner_rollup.latest_local_validation.accepted_response_count", owner_local_validation["accepted_response_count"], 0)
assert_false("owner_rollup.latest_local_validation.runtime_actions_authorized", owner_local_validation["runtime_actions_authorized"])
assert_false("owner_rollup.latest_local_validation.repo_or_refs_actions_authorized", owner_local_validation["repo_or_refs_actions_authorized"])
assert_false("owner_rollup.latest_local_validation.workflow_or_secret_actions_authorized", owner_local_validation["workflow_or_secret_actions_authorized"])
assert_true("owner_rollup.latest_local_validation.not_authorization", owner_local_validation["not_authorization"])
primary_summary = primary_gate["summary"]
assert_equal("primary_gate.candidate_repo_count", primary_summary["candidate_repo_count"], 10)
assert_equal("primary_gate.in_scope_repo_count", primary_summary["in_scope_repo_count"], 9)
assert_equal("primary_gate.primary_ready_count", primary_summary["primary_ready_count"], 0)
assert_equal("primary_gate.blocked_in_scope_count", primary_summary["blocked_in_scope_count"], 9)
assert_equal("owner_rollup.total_response_template_count", owner_summary["total_response_template_count"], 24)
assert_false("primary_gate.runtime_actions_authorized", primary_summary["runtime_actions_authorized"])
assert_false("primary_gate.github_primary_switch_authorized", primary_summary["github_primary_switch_authorized"])
assert_false("primary_gate.action_buttons_allowed", primary_summary["action_buttons_allowed"])
assert_false("primary_gate.raw_secret_storage_authorized", primary_summary["raw_secret_storage_authorized"])
acceptance_ids = [item["check_id"] for item in acceptance["acceptance_checks"]]
assert_equal("acceptance.total_contracts", acceptance["summary"]["total_contracts"], manifest_count)
assert_equal(
"acceptance.ready_for_mirror_count",
acceptance["summary"]["ready_for_mirror_count"],
readiness_summary["ready_for_mirror_count"],
)
assert_contains("acceptance_checks", acceptance_ids, "PROGRESS_ESTIMATE_NOT_AUTHORIZATION")
assert_equal("acceptance.summary.acceptance_check_count", acceptance["summary"]["acceptance_check_count"], len(acceptance_ids))
assert_equal(
"acceptance.summary.blocking_check_count",
acceptance["summary"]["blocking_check_count"],
sum(1 for item in acceptance["acceptance_checks"] if item["blocking_if_failed"]),
)
assert_false("acceptance.runtime_execution_authorized", acceptance["runtime_execution_authorized"])
dry_run_summary = dry_run["summary"]
dry_run_step_ids = [item["step_id"] for item in dry_run["dry_run_steps"]]
assert_equal("dry_run.dry_run_status", dry_run["dry_run_status"], "contract_defined_not_executed")
assert_equal("dry_run.total_contracts", dry_run_summary["total_contracts"], manifest_count)
assert_equal(
"dry_run.ready_for_mirror_count",
dry_run_summary["ready_for_mirror_count"],
readiness_summary["ready_for_mirror_count"],
)
assert_equal("dry_run.acceptance_check_count", dry_run_summary["acceptance_check_count"], 8)
assert_false("dry_run.runtime_execution_authorized", dry_run["runtime_execution_authorized"])
assert_false("dry_run.runtime_actions_executed", dry_run_summary["runtime_actions_executed"])
assert_false("dry_run.payloads_ingested", dry_run_summary["payloads_ingested"])
assert_contains("dry_run_steps", dry_run_step_ids, "CHECK_PROGRESS_GUARD")
assert_contains("dry_run_steps", dry_run_step_ids, "CHECK_OWNER_RESPONSE_GUARD")
local_validation = dry_run["latest_local_validation"]
assert_equal("dry_run.latest_local_validation.status", local_validation["status"], "repo_snapshot_guard_pass")
assert_equal("dry_run.latest_local_validation.scope", local_validation["scope"], "repo_snapshot_only")
assert_equal(
"dry_run.latest_local_validation.result",
local_validation["result"],
"SECURITY_MIRROR_PROGRESS_GUARD_OK; SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK; IWOOOS_CONFIG_CONTROL_GUARD_OK; IWOOOS_OWNER_GATE_GUARD_OK; PACKAGE_SUPPLY_CHAIN_OWNER_POLICY_GUARD_OK",
)
assert_contains("dry_run.latest_local_validation.validated_steps", local_validation["validated_steps"], "CHECK_PROGRESS_GUARD")
assert_contains(
"dry_run.latest_local_validation.validated_steps",
local_validation["validated_steps"],
"CHECK_OWNER_RESPONSE_GUARD",
)
assert_contains(
"dry_run.latest_local_validation.validated_steps",
local_validation["validated_steps"],
"CHECK_OWNER_GATE_GUARD",
)
assert_contains(
"dry_run.latest_local_validation.validated_steps",
local_validation["validated_steps"],
"CHECK_CONFIG_CONTROL_GUARD",
)
assert_contains(
"dry_run.latest_local_validation.validated_steps",
local_validation["validated_steps"],
"CHECK_PACKAGE_SUPPLY_CHAIN_OWNER_POLICY_GUARD",
)
assert_false("dry_run.latest_local_validation.runtime_actions_executed", local_validation["runtime_actions_executed"])
assert_false("dry_run.latest_local_validation.payloads_ingested", local_validation["payloads_ingested"])
assert_false("dry_run.latest_local_validation.production_ingestion_enabled", local_validation["production_ingestion_enabled"])
assert_true("dry_run.latest_local_validation.not_authorization", local_validation["not_authorization"])
forbidden_actions = (
set(rollup["forbidden_actions"])
| set(acceptance["forbidden_actions"])
| set(iwooos_projection["forbidden_frontend_outputs"])
)
for action in [
"start_kali_scan",
"call_kali_execute_endpoint",
"create_github_repo",
"change_repo_visibility",
"sync_git_refs",
"switch_github_primary",
"production_deploy",
]:
assert_contains("forbidden_actions", list(forbidden_actions), action)
frontend_product_text = "\n".join(
[
iwooos_projection_page,
json.dumps(web_messages_zh["iwooos"], ensure_ascii=False),
json.dumps(web_messages_en["iwooos"], ensure_ascii=False),
]
)
for expected in [
"iwooos-wazuh-managed-host-coverage-board",
"wazuhManagedHostCoverage",
"wazuh_managed_host_coverage_manager_registry_accepted_count=0",
"wazuh_managed_host_coverage_runtime_gate_count=0",
]:
assert_text_contains("iwooos_frontend_product_text.wazuh_managed_host_coverage", frontend_product_text, expected)
for forbidden in [
"工作視窗",
"內部對話",
"對話內容",
"批准!繼續",
"In app browser",
"My request for Codex",
]:
assert_text_not_contains("iwooos_frontend_product_text.internal_conversation", frontend_product_text, forbidden)
def main() -> None:
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument(
"--root",
default=Path(__file__).resolve().parents[2],
type=Path,
help="Repository root. Defaults to the current script's repository.",
)
args = parser.parse_args()
validate(args.root.resolve())
print("SECURITY_MIRROR_PROGRESS_GUARD_OK")
if __name__ == "__main__":
main()
Reference in New Issue View Git Blame Copy Permalink