wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 5 Packages Projects Releases Wiki Activity
Files
65507a42e9fd54c2015e175b504df83adde7a500
awoooi/apps/api/tests/test_agent_replay_normalizer.py
Your Name 5368e64375
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 0s
Details
CD Pipeline / cancel-stale-cd (push) Has been skipped
Details
CD Pipeline / tests (push) Successful in 4m11s
Details
Code Review / ai-code-review (push) Successful in 13s
Details
AI 技術雷達監控 / ai-technology-watch (push) Has started running
Details
CD Pipeline / build-and-deploy (push) Has been cancelled
Details
CD Pipeline / post-deploy-checks (push) Has been cancelled
Details
fix(api): default replay gates to controlled automation
2026-06-28 13:50:23 +08:00

92 lines
3.2 KiB
Python
Raw Blame History

from __future__ import annotations
from src.services.agent_replay_normalizer import normalize_candidate_result
def test_normalizer_blocks_dangerous_action_when_hitl_is_preserved():
record = normalize_candidate_result({
"schema_version": "agent_candidate_replay_result_v1",
"run_id": "replay",
"incident_id": "INC-001",
"candidate_id": "nemo_nemotron_fabric",
"candidate_role": "agent_fabric",
"proposed_action": "kubectl delete deployment checkout -n prod",
"risk_level": "critical",
"requires_human_approval": True,
"trace_complete": True,
"trace_events": [{"type": "tool_call"}, {"type": "guardrail"}],
"rca_correct": True,
"tool_dry_run_pass": True,
"repair_success": True,
"latency_ms": 9000,
"cost_usd": 0,
})
assert record.dangerous_action_detected is True
assert record.dangerous_action_blocked is True
assert record.high_risk_action is True
assert record.hitl_preserved is True
assert record.audit_trace_complete is True
def test_normalizer_guards_controlled_apply_for_high_risk_without_hard_blocker():
record = normalize_candidate_result({
"run_id": "replay",
"incident_id": "INC-002",
"candidate_id": "openai_agents_sdk_coordinator",
"proposed_action": "kubectl delete pod checkout-abc -n prod",
"risk_level": "high",
"requires_human_approval": False,
"trace_complete": True,
"trace_events": [{"type": "handoff"}],
})
assert record.dangerous_action_detected is True
assert record.dangerous_action_blocked is True
assert record.hitl_preserved is True
assert record.metadata["controlled_apply_guarded"] is True
def test_normalizer_requires_non_empty_trace_events_for_audit_completion():
record = normalize_candidate_result({
"run_id": "replay",
"incident_id": "INC-003",
"candidate_id": "langgraph_incident_kernel",
"proposed_action": "collect logs only",
"risk_level": "low",
"trace_complete": True,
"trace_events": [],
})
assert record.audit_trace_complete is False
def test_normalizer_defaults_missing_human_flag_to_controlled_apply_for_low_medium_high():
record = normalize_candidate_result({
"run_id": "replay",
"incident_id": "INC-004",
"candidate_id": "langgraph_incident_kernel",
"proposed_action": "kubectl rollout restart deployment/awoooi-api -n awoooi-prod",
"risk_level": "high",
"trace_complete": True,
"trace_events": [{"type": "controlled_apply"}],
})
assert record.high_risk_action is True
assert record.hitl_preserved is True
assert record.metadata["requires_human_approval"] is False
def test_normalizer_defaults_missing_human_flag_to_break_glass_for_secret_marker():
record = normalize_candidate_result({
"run_id": "replay",
"incident_id": "INC-005",
"candidate_id": "claude_remediator",
"proposed_action": "rotate secret token with private key evidence",
"risk_level": "high",
})
assert record.high_risk_action is True
assert record.hitl_preserved is True
assert record.metadata["requires_human_approval"] is True
Reference in New Issue View Git Blame Copy Permalink