awoooi/apps/api/tests/test_delivery_closure_workbench_api.py

from __future__ import annotations

from fastapi import FastAPI
from fastapi.testclient import TestClient

from src.api.v1.agents import router
from src.services.delivery_closure_workbench import load_delivery_closure_workbench


def test_delivery_closure_workbench_endpoint_returns_product_summary():
    app = FastAPI()
    app.include_router(router, prefix="/api/v1")
    client = TestClient(app)

    response = client.get("/api/v1/agents/delivery-closure-workbench")

    assert response.status_code == 200
    data = response.json()
    _assert_delivery_workbench_shape(data)


def test_delivery_closure_workbench_uses_gitea_private_inventory_lane():
    payload = load_delivery_closure_workbench()

    _assert_delivery_workbench_shape(payload)
    lanes = {lane["id"]: lane for lane in payload["lanes"]}
    sources = {source["id"]: source for source in payload["source_statuses"]}

    assert "github" not in lanes
    assert "github_private_backup" not in sources
    assert lanes["gitea_private_inventory"]["source_id"] == (
        "gitea_private_inventory_p0_scorecard"
    )
    assert lanes["gitea_private_inventory"]["blocker_count"] == 4
    assert lanes["gitea_private_inventory"]["completion_percent"] == 60
    assert lanes["gitea_private_inventory"]["metric"]["kind"] == "private_inventory"
    assert lanes["gitea_private_inventory"]["metric"]["workplan_id"] == "P0-003"
    assert lanes["gitea_private_inventory"]["metric"]["private_inventory_source"] == "gitea"
    assert lanes["gitea_private_inventory"]["metric"]["gitea_repo_inventory_status"] == "partial"
    assert lanes["gitea_private_inventory"]["metric"]["gitea_visibility_scope"] == "public_only"
    assert lanes["gitea_private_inventory"]["metric"]["expected_product_count"] == 11
    assert lanes["gitea_private_inventory"]["metric"]["present_product_row_count"] == 11
    assert lanes["gitea_private_inventory"]["metric"]["missing_product_row_count"] == 0
    assert (
        lanes["gitea_private_inventory"]["metric"][
            "github_lane_excluded_from_p0_blocker_count"
        ]
        is True
    )
    assert "gitea_authenticated_inventory_payload_not_accepted" in lanes[
        "gitea_private_inventory"
    ]["metric"]["active_blockers"]
    assert lanes["gitea_private_inventory"]["next_action"] == (
        "obtain_gitea_authenticated_or_admin_export_redacted_inventory_payload_"
        "then_validate_import_acceptance_and_owner_attestation"
    )


def _assert_delivery_workbench_shape(data: dict):
    assert data["schema_version"] == "delivery_closure_workbench_v1"
    assert data["summary"]["source_count"] == 7
    assert data["summary"]["loaded_source_count"] == 7
    assert data["summary"]["runtime_execution_authorized"] is False
    assert data["summary"]["remote_write_authorized"] is False
    assert data["summary"]["repo_creation_authorized"] is False
    assert data["summary"]["visibility_change_authorized"] is False
    assert data["summary"]["refs_sync_authorized"] is False
    assert data["summary"]["workflow_trigger_authorized"] is False
    assert data["summary"]["github_global_freeze_enabled"] is True
    assert data["summary"]["github_lane_status"] == "stopped_retired_do_not_use"
    assert data["summary"]["github_lane_excluded_from_p0_blocker_count"] is True
    assert data["summary"]["github_blocked_preflight_target_count"] == 0
    assert data["summary"]["github_operator_unblock_required"] is False
    assert data["summary"]["gitea_private_inventory_status"] == (
        "blocked_waiting_gitea_authenticated_or_owner_export_inventory"
    )
    assert data["summary"]["gitea_private_inventory_workplan_id"] == "P0-003"
    assert data["summary"]["gitea_private_inventory_source"] == "gitea"
    assert data["summary"]["gitea_private_inventory_review_readiness_percent"] == 60
    assert data["summary"]["gitea_private_inventory_active_blocker_count"] == 4
    assert data["summary"]["gitea_private_inventory_repo_inventory_status"] == "partial"
    assert data["summary"]["gitea_private_inventory_visibility_scope"] == "public_only"
    assert data["summary"]["gitea_private_inventory_expected_product_count"] == 11
    assert data["summary"]["gitea_private_inventory_present_product_row_count"] == 11
    assert data["summary"]["gitea_private_inventory_missing_product_row_count"] == 0
    assert data["summary"]["gitea_private_inventory_accepted_payload_count"] == 0
    assert (
        data["summary"][
            "gitea_private_inventory_owner_coverage_attestation_received_count"
        ]
        == 0
    )
    assert (
        data["summary"][
            "gitea_private_inventory_all_active_product_repos_have_owner_readiness_row"
        ]
        is True
    )
    assert data["summary"]["p0_cicd_baseline_status"] == (
        "ready_for_template_copy_apply_gate"
    )
    assert data["summary"]["p0_cicd_baseline_source_readiness_percent"] == 100
    assert data["summary"]["production_deploy_status"] == "closure_verified"
    assert data["summary"]["production_deploy_image_tag_matches_main"] is True
    assert data["summary"]["backup_credential_escrow_intake_status"] == (
        "blocked_waiting_non_secret_credential_escrow_evidence"
    )
    assert data["summary"]["backup_credential_escrow_required_item_count"] == 5
    assert data["summary"]["backup_credential_escrow_effective_missing_count"] == 5
    assert data["summary"]["backup_credential_escrow_secret_value_collection_allowed"] is False
    assert data["summary"]["backup_credential_marker_write_authorized_count"] == 0
    assert data["summary"]["secret_values_collected"] is False

    lane_ids = {lane["id"] for lane in data["lanes"]}
    assert lane_ids == {
        "release",
        "production_deploy",
        "gitea_private_inventory",
        "cicd_baseline",
        "gitea",
        "runtime",
        "backup",
    }
    assert data["operation_boundaries"]["read_only_api_allowed"] is True
    assert data["operation_boundaries"]["runtime_write_allowed"] is False
    assert data["operation_boundaries"]["remote_write_allowed"] is False
    assert data["operation_boundaries"]["repo_creation_allowed"] is False
    assert data["operation_boundaries"]["visibility_change_allowed"] is False
    assert data["operation_boundaries"]["refs_sync_allowed"] is False
    assert data["operation_boundaries"]["workflow_trigger_allowed"] is False
    assert data["operation_boundaries"]["gitea_api_write_allowed"] is False
    assert (
        data["operation_boundaries"][
            "gitea_authenticated_inventory_import_execution_allowed"
        ]
        is False
    )
    assert data["operation_boundaries"]["github_write_channel_ready"] is False
    assert data["operation_boundaries"]["github_controlled_apply_allowed"] is False
    assert data["operation_boundaries"]["secret_value_collection_allowed"] is False