up

2025-11-26 07:47:08 +02:00
parent 56e2f64d07
commit 1c782897f7
184 changed files with 8991 additions and 649 deletions
--- a/src/Scanner/__Tests/StellaOps.Scanner.WebService.Tests/ScansEndpointsTests.Replay.cs
+++ b/src/Scanner/__Tests/StellaOps.Scanner.WebService.Tests/ScansEndpointsTests.Replay.cs
@@ -0,0 +1,74 @@
+using System;
+using System.Collections.Generic;
+using System.Net.Http.Json;
+using System.Threading.Tasks;
+using Microsoft.Extensions.DependencyInjection;
+using StellaOps.Replay.Core;
+using StellaOps.Scanner.WebService.Contracts;
+using StellaOps.Scanner.WebService.Domain;
+using StellaOps.Scanner.WebService.Replay;
+using StellaOps.Scanner.WebService.Services;
+using Xunit;
+
+namespace StellaOps.Scanner.WebService.Tests;
+
+public sealed partial class ScansEndpointsTests
+{
+    [Fact]
+    public async Task RecordModeService_AttachesReplayAndSurfacedInStatus()
+    {
+        using var secrets = new TestSurfaceSecretsScope();
+        using var factory = new ScannerApplicationFactory(cfg =>
+        {
+            cfg["scanner:authority:enabled"] = "false";
+        });
+        using var client = factory.CreateClient();
+
+        var submitResponse = await client.PostAsJsonAsync("/api/v1/scans", new
+        {
+            image = new { digest = "sha256:demo" }
+        });
+        submitResponse.EnsureSuccessStatusCode();
+
+        var submitPayload = await submitResponse.Content.ReadFromJsonAsync<ScanSubmitResponse>();
+        Assert.NotNull(submitPayload);
+        var scanId = submitPayload!.ScanId;
+
+        using var scope = factory.Services.CreateScope();
+        var coordinator = scope.ServiceProvider.GetRequiredService<IScanCoordinator>();
+        var recordMode = scope.ServiceProvider.GetRequiredService<IRecordModeService>();
+        var timeProvider = scope.ServiceProvider.GetRequiredService<TimeProvider>();
+
+        var manifest = new ReplayManifest
+        {
+            Scan = new ReplayScanMetadata
+            {
+                Id = scanId,
+                Time = timeProvider.GetUtcNow()
+            }
+        };
+
+        var replay = await recordMode.AttachAsync(
+            new ScanId(scanId),
+            manifest,
+            new ReplayBundleWriteResult("tar1", "z1", 128, 64, "cas://replay/z1.tar.zst"),
+            new ReplayBundleWriteResult("tar2", "z2", 256, 96, "cas://replay/z2.tar.zst"),
+            sbomDigest: "sha256:sbom",
+            findingsDigest: "findings-digest",
+            coordinator: coordinator,
+            additionalBundles: new[]
+            {
+                (new ReplayBundleWriteResult("tar3", "z3", 1, 2, "cas://replay/z3.tar.zst"), "reachability")
+            });
+
+        Assert.NotNull(replay);
+
+        var status = await client.GetFromJsonAsync<ScanStatusResponse>($"/api/v1/scans/{scanId}");
+        Assert.NotNull(status);
+        Assert.NotNull(status!.Replay);
+        Assert.Equal(replay!.ManifestHash, status.Replay!.ManifestHash);
+        Assert.Equal(3, status.Replay!.Bundles.Count);
+        Assert.Contains(status.Replay!.Bundles, b => b.Type == "reachability");
+        Assert.All(status.Replay!.Bundles, b => Assert.StartsWith("sha256:", b.Digest, StringComparison.Ordinal));
+    }
+}