Add integration e2e coverage: GitHubApp, advisory pipeline, Rekor, eBPF hardening

- GitHubApp: 11 new tests (health, CRUD lifecycle, update, delete, UI SCM tab) - Advisory pipeline: 16 tests (fixture data verification, source management smoke, initial/incremental sync, cross-source merge, canonical query API, UI catalog) with KEV/GHSA/EPSS fixture data files for deterministic testing - Rekor transparency: 7 tests (container health, submit/get/verify round-trip, log consistency, attestation API) gated behind E2E_REKOR=1 - eBPF agent: 3 edge case tests (unreachable endpoint, coexistence, degraded health) plus mock limitation documentation in test header - Fix UI search race: wait for table rows before counting rowsBefore - Advisory fixture now serves real data (KEV JSON, GHSA list, EPSS CSV) - Runtime host fixture adds degraded health endpoint Suite: 143 passed, 0 failed, 32 skipped in 13.5min (up from 123 tests) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-03 10:34:04 +03:00
parent a86ef6afb8
commit 2141fea4b6
13 changed files with 1545 additions and 1 deletions
--- a/devops/compose/fixtures/integration-fixtures/advisory/default.conf
+++ b/devops/compose/fixtures/integration-fixtures/advisory/default.conf
@@ -4,6 +4,36 @@ server {

    default_type application/json;

+    # -----------------------------------------------------------------------
+    # Advisory data endpoints (for pipeline sync tests)
+    # -----------------------------------------------------------------------
+
+    # KEV catalog — realistic CISA Known Exploited Vulnerabilities feed
+    location = /kev/known_exploited_vulnerabilities.json {
+        alias /etc/nginx/data/kev-catalog.json;
+        add_header Content-Type "application/json";
+        add_header ETag '"e2e-kev-v1"';
+    }
+
+    # GHSA list — GitHub Security Advisories (REST-style)
+    location = /ghsa/security/advisories {
+        alias /etc/nginx/data/ghsa-list.json;
+        add_header Content-Type "application/json";
+        add_header X-RateLimit-Limit "5000";
+        add_header X-RateLimit-Remaining "4990";
+        add_header X-RateLimit-Reset "1893456000";
+    }
+
+    # EPSS scores — Exploit Prediction Scoring System (CSV)
+    location = /epss/epss_scores-current.csv {
+        alias /etc/nginx/data/epss-scores.csv;
+        add_header Content-Type "text/csv";
+    }
+
+    # -----------------------------------------------------------------------
+    # Source health/connectivity endpoints (for onboarding tests)
+    # -----------------------------------------------------------------------
+
    # CERT-In (India) - unreachable from most networks
    location /cert-in {
        return 200 '{"status":"healthy","source":"cert-in","description":"CERT-In fixture proxy"}';