Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org
This commit is contained in:
StellaOps Bot
@@ -129,6 +129,7 @@ public sealed class AdvisoryGuardrailInjectionTests
|
||||
}
|
||||
|
||||
using var stream = File.OpenRead(path);
|
||||
using StellaOps.TestKit;
|
||||
var cases = JsonSerializer.Deserialize<List<InjectionCase>>(stream, SerializerOptions);
|
||||
return cases ?? throw new InvalidOperationException("Guardrail injection harness cases could not be loaded.");
|
||||
}
|
||||
|
||||
@@ -67,6 +67,7 @@ public sealed class AdvisoryGuardrailOptionsBindingTests
|
||||
services.AddAdvisoryAiCore(configuration);
|
||||
|
||||
await using var provider = services.BuildServiceProvider();
|
||||
using StellaOps.TestKit;
|
||||
var action = () => provider.GetRequiredService<IOptions<AdvisoryGuardrailOptions>>().Value;
|
||||
action.Should().Throw<FileNotFoundException>();
|
||||
}
|
||||
|
||||
@@ -118,6 +118,7 @@ public sealed class AdvisoryGuardrailPerformanceTests
|
||||
var path = Path.Combine(AppContext.BaseDirectory, "TestData", "guardrail-blocked-phrases.json");
|
||||
using var stream = File.OpenRead(path);
|
||||
using var document = JsonDocument.Parse(stream);
|
||||
using StellaOps.TestKit;
|
||||
if (document.RootElement.TryGetProperty("phrases", out var phrasesElement) && phrasesElement.ValueKind == JsonValueKind.Array)
|
||||
{
|
||||
return phrasesElement.EnumerateArray()
|
||||
|
||||
@@ -178,6 +178,7 @@ public sealed class AdvisoryPipelineExecutorTests : IDisposable
|
||||
var guardrail = new StubGuardrailPipeline(blocked: false);
|
||||
var store = new InMemoryAdvisoryOutputStore();
|
||||
using var metrics = new AdvisoryPipelineMetrics(_meterFactory);
|
||||
using StellaOps.TestKit;
|
||||
var inferenceMetadata = ImmutableDictionary<string, string>.Empty.Add("inference.fallback_reason", "throttle");
|
||||
var inference = new StubInferenceClient
|
||||
{
|
||||
|
||||
@@ -71,6 +71,7 @@ public sealed class AdvisoryPromptAssemblerTests
|
||||
var prompt = await assembler.AssembleAsync(plan, CancellationToken.None);
|
||||
|
||||
using var document = JsonDocument.Parse(prompt.Prompt);
|
||||
using StellaOps.TestKit;
|
||||
var matches = document.RootElement
|
||||
.GetProperty("vectors")[0]
|
||||
.GetProperty("matches")
|
||||
|
||||
@@ -118,6 +118,7 @@ public sealed class HttpClientUsageAnalyzerTests
|
||||
{
|
||||
using var workspace = new AdhocWorkspace();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var projectId = ProjectId.CreateNewId();
|
||||
var documentId = DocumentId.CreateNewId(projectId);
|
||||
var stubDocumentId = DocumentId.CreateNewId(projectId);
|
||||
|
||||
@@ -485,6 +485,7 @@ public sealed class PolicyAnalyzerRoslynTests
|
||||
{
|
||||
using var workspace = new AdhocWorkspace();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var projectId = ProjectId.CreateNewId();
|
||||
var documentId = DocumentId.CreateNewId(projectId);
|
||||
var stubDocumentId = DocumentId.CreateNewId(projectId);
|
||||
|
||||
@@ -202,6 +202,7 @@ public sealed class EgressPolicyTests
|
||||
|
||||
using var client = EgressHttpClientFactory.Create(recordingPolicy, request);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
Assert.True(recordingPolicy.EnsureAllowedCalled);
|
||||
Assert.NotNull(client);
|
||||
}
|
||||
|
||||
@@ -554,6 +554,7 @@ public sealed class BundleImportTests : IAsyncLifetime
|
||||
private static async Task<string> ComputeFileDigestAsync(string filePath)
|
||||
{
|
||||
await using var stream = File.OpenRead(filePath);
|
||||
using StellaOps.TestKit;
|
||||
var hash = await SHA256.HashDataAsync(stream);
|
||||
return Convert.ToHexString(hash).ToLowerInvariant();
|
||||
}
|
||||
|
||||
@@ -364,6 +364,7 @@ public sealed class AirGapControllerContractTests
|
||||
{
|
||||
// Arrange - Create a trace context
|
||||
using var activity = new Activity("test-airgap-operation");
|
||||
using StellaOps.TestKit;
|
||||
activity.Start();
|
||||
|
||||
// Act
|
||||
|
||||
@@ -46,6 +46,7 @@ public sealed class AocGuardEndpointFilterExtensionsTests
|
||||
builder.Services.AddAocGuard();
|
||||
using var app = builder.Build();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var route = app.MapPost("/guard-object", (GuardPayload _) => TypedResults.Ok());
|
||||
|
||||
var result = route.RequireAocGuard<GuardPayload>(_ => new GuardPayload(JsonDocument.Parse("{}").RootElement));
|
||||
|
||||
@@ -37,6 +37,7 @@ public sealed class AocHttpResultsTests
|
||||
context.Response.Body.Seek(0, SeekOrigin.Begin);
|
||||
|
||||
using var document = await JsonDocument.ParseAsync(context.Response.Body, cancellationToken: TestContext.Current.CancellationToken);
|
||||
using StellaOps.TestKit;
|
||||
var root = document.RootElement;
|
||||
|
||||
// Assert
|
||||
|
||||
@@ -203,6 +203,7 @@ public sealed class AocWriteGuardTests
|
||||
}
|
||||
""");
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var result = Guard.Validate(document.RootElement);
|
||||
|
||||
Assert.False(result.IsValid);
|
||||
|
||||
@@ -47,6 +47,7 @@ public sealed class DsseEnvelopeSerializerTests
|
||||
"payload hash must reflect the raw payload bytes");
|
||||
|
||||
using var document = JsonDocument.Parse(result.CompactJson!);
|
||||
using StellaOps.TestKit;
|
||||
var keyIds = document.RootElement
|
||||
.GetProperty("signatures")
|
||||
.EnumerateArray()
|
||||
|
||||
@@ -149,6 +149,7 @@ public sealed class EnvelopeSignatureServiceTests
|
||||
{
|
||||
var jwk = $"{{\"crv\":\"Ed25519\",\"kty\":\"OKP\",\"x\":\"{ToBase64Url(publicKey)}\"}}";
|
||||
using var sha = SHA256.Create();
|
||||
using StellaOps.TestKit;
|
||||
var digest = sha.ComputeHash(Encoding.UTF8.GetBytes(jwk));
|
||||
return $"sha256:{ToBase64Url(digest)}";
|
||||
}
|
||||
|
||||
@@ -114,6 +114,7 @@ public sealed class DsseEnvelopeSerializerTests
|
||||
Assert.NotNull(result.ExpandedJson);
|
||||
|
||||
using var expanded = JsonDocument.Parse(result.ExpandedJson!);
|
||||
using StellaOps.TestKit;
|
||||
var detached = expanded.RootElement.GetProperty("detachedPayload");
|
||||
|
||||
Assert.Equal(reference.Uri, detached.GetProperty("uri").GetString());
|
||||
|
||||
@@ -256,6 +256,7 @@ public sealed class AttestorSigningServiceTests : IDisposable
|
||||
|
||||
using var metrics = new AttestorMetrics();
|
||||
using var registry = new AttestorSigningKeyRegistry(options, TimeProvider.System, NullLogger<AttestorSigningKeyRegistry>.Instance);
|
||||
using StellaOps.TestKit;
|
||||
var auditSink = new InMemoryAttestorAuditSink();
|
||||
var service = new AttestorSigningService(
|
||||
registry,
|
||||
|
||||
@@ -277,6 +277,7 @@ public sealed class AttestorSubmissionServiceTests
|
||||
var logger = new NullLogger<AttestorSubmissionService>();
|
||||
using var metrics = new AttestorMetrics();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var service = new AttestorSubmissionService(
|
||||
validator,
|
||||
repository,
|
||||
|
||||
@@ -700,6 +700,7 @@ public sealed class AttestorVerificationServiceTests
|
||||
private static byte[] ComputeMerkleNode(byte[] left, byte[] right)
|
||||
{
|
||||
using var sha = SHA256.Create();
|
||||
using StellaOps.TestKit;
|
||||
var buffer = new byte[1 + left.Length + right.Length];
|
||||
buffer[0] = 0x01;
|
||||
Buffer.BlockCopy(left, 0, buffer, 1, left.Length);
|
||||
|
||||
@@ -24,6 +24,7 @@ public sealed class BulkVerificationWorkerTests
|
||||
var jobStore = new InMemoryBulkVerificationJobStore();
|
||||
var verificationService = new StubVerificationService();
|
||||
using var metrics = new AttestorMetrics();
|
||||
using StellaOps.TestKit;
|
||||
var options = Options.Create(new AttestorOptions
|
||||
{
|
||||
BulkVerification = new AttestorOptions.BulkVerificationOptions
|
||||
|
||||
@@ -86,6 +86,7 @@ public sealed class CachedAttestorVerificationServiceTests
|
||||
var options = Options.Create(new AttestorOptions());
|
||||
using var memoryCache = new MemoryCache(new MemoryCacheOptions());
|
||||
using var metrics = new AttestorMetrics();
|
||||
using StellaOps.TestKit;
|
||||
var cache = new InMemoryAttestorVerificationCache(memoryCache, options, new NullLogger<InMemoryAttestorVerificationCache>());
|
||||
var inner = new StubVerificationService();
|
||||
var service = new CachedAttestorVerificationService(
|
||||
|
||||
@@ -136,6 +136,7 @@ public sealed class HttpTransparencyWitnessClientTests
|
||||
using var metrics = new AttestorMetrics();
|
||||
using var activitySource = new AttestorActivitySource();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var options = Options.Create(new AttestorOptions
|
||||
{
|
||||
TransparencyWitness = new AttestorOptions.TransparencyWitnessOptions
|
||||
|
||||
@@ -309,6 +309,7 @@ public sealed class RekorInclusionVerificationIntegrationTests
|
||||
private static byte[] ComputeInteriorHash(byte[] left, byte[] right)
|
||||
{
|
||||
using var sha256 = System.Security.Cryptography.SHA256.Create();
|
||||
using StellaOps.TestKit;
|
||||
var combined = new byte[1 + left.Length + right.Length];
|
||||
combined[0] = 0x01; // Interior node prefix
|
||||
left.CopyTo(combined, 1);
|
||||
|
||||
@@ -328,6 +328,7 @@ public class SigstoreBundleVerifierTests
|
||||
DateTimeOffset.UtcNow.AddDays(-1),
|
||||
DateTimeOffset.UtcNow.AddYears(1));
|
||||
|
||||
using StellaOps.TestKit;
|
||||
return cert.Export(System.Security.Cryptography.X509Certificates.X509ContentType.Cert);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -406,6 +406,7 @@ public class BundleWorkflowIntegrationTests
|
||||
}
|
||||
|
||||
using var sha256 = System.Security.Cryptography.SHA256.Create();
|
||||
using StellaOps.TestKit;
|
||||
var combined = string.Join("|", attestations.Select(a => a.EntryId));
|
||||
var hash = sha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(combined));
|
||||
return Convert.ToHexString(hash).ToLowerInvariant();
|
||||
|
||||
@@ -350,6 +350,7 @@ public class FileSystemRootStoreTests : IDisposable
|
||||
private static X509Certificate2 CreateTestCertificate(string subject)
|
||||
{
|
||||
using var rsa = RSA.Create(2048);
|
||||
using StellaOps.TestKit;
|
||||
var request = new CertificateRequest(
|
||||
subject,
|
||||
rsa,
|
||||
|
||||
@@ -349,6 +349,7 @@ public class OfflineCertChainValidatorTests
|
||||
private static X509Certificate2 CreateFutureCertificate(string subject)
|
||||
{
|
||||
using var rsa = RSA.Create(2048);
|
||||
using StellaOps.TestKit;
|
||||
var request = new CertificateRequest(
|
||||
subject,
|
||||
rsa,
|
||||
|
||||
@@ -54,6 +54,7 @@ public sealed class JsonCanonicalizerTests
|
||||
var output = _canonicalizer.Canonicalize(input);
|
||||
|
||||
using var document = JsonDocument.Parse(output);
|
||||
using StellaOps.TestKit;
|
||||
Assert.Equal(text, document.RootElement.GetProperty("text").GetString());
|
||||
}
|
||||
|
||||
|
||||
@@ -92,6 +92,7 @@ public sealed class SmartDiffSchemaValidationTests
|
||||
}
|
||||
""");
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var result = schema.Evaluate(doc.RootElement, new EvaluationOptions
|
||||
{
|
||||
OutputFormat = OutputFormat.List,
|
||||
|
||||
@@ -216,6 +216,7 @@ public class ServiceCollectionExtensionsTests
|
||||
});
|
||||
|
||||
using var provider = services.BuildServiceProvider();
|
||||
using StellaOps.TestKit;
|
||||
var client = provider.GetRequiredService<IHttpClientFactory>().CreateClient("notify");
|
||||
|
||||
await client.GetAsync("https://notify.example/api");
|
||||
|
||||
@@ -34,6 +34,7 @@ public class ServiceCollectionExtensionsTests
|
||||
|
||||
using var provider = services.BuildServiceProvider();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var resourceOptions = provider.GetRequiredService<IOptionsMonitor<StellaOpsResourceServerOptions>>().CurrentValue;
|
||||
var jwtOptions = provider.GetRequiredService<IOptionsMonitor<JwtBearerOptions>>().Get(StellaOpsAuthenticationDefaults.AuthenticationScheme);
|
||||
|
||||
|
||||
@@ -238,6 +238,7 @@ public class StandardPluginRegistrarTests
|
||||
registrar.Register(new AuthorityPluginRegistrationContext(services, pluginContext, configuration));
|
||||
|
||||
using var provider = services.BuildServiceProvider();
|
||||
using StellaOps.TestKit;
|
||||
var optionsMonitor = provider.GetRequiredService<IOptionsMonitor<StandardPluginOptions>>();
|
||||
var options = optionsMonitor.Get("standard");
|
||||
|
||||
|
||||
@@ -56,6 +56,7 @@ public sealed class AuthorityMigrationTests
|
||||
{
|
||||
// Arrange
|
||||
await using var connection = new NpgsqlConnection(_fixture.ConnectionString);
|
||||
using StellaOps.TestKit;
|
||||
await connection.OpenAsync();
|
||||
|
||||
// Act - Check schema_migrations table
|
||||
|
||||
@@ -31,6 +31,7 @@ public sealed class BenchmarkJsonWriterTests
|
||||
await BenchmarkJsonWriter.WriteAsync(path, metadata, new[] { report }, CancellationToken.None);
|
||||
|
||||
using var document = JsonDocument.Parse(await File.ReadAllTextAsync(path));
|
||||
using StellaOps.TestKit;
|
||||
var root = document.RootElement;
|
||||
|
||||
Assert.Equal("1.0", root.GetProperty("schemaVersion").GetString());
|
||||
|
||||
@@ -509,6 +509,7 @@ public class BinaryIdentityDeterminismTests
|
||||
using var stream1 = new MemoryStream(content1);
|
||||
using var stream2 = new MemoryStream(content2);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var identity1 = await extractor.ExtractIdentityAsync(stream1);
|
||||
var identity2 = await extractor.ExtractIdentityAsync(stream2);
|
||||
|
||||
|
||||
@@ -404,6 +404,7 @@ public sealed class AttestationBundleVerifierTests : IDisposable
|
||||
{
|
||||
var bytes = Encoding.UTF8.GetBytes(content);
|
||||
using var dataStream = new MemoryStream(bytes);
|
||||
using StellaOps.TestKit;
|
||||
var entry = new PaxTarEntry(TarEntryType.RegularFile, name)
|
||||
{
|
||||
DataStream = dataStream
|
||||
|
||||
@@ -73,6 +73,7 @@ public sealed class CccsConnectorTests
|
||||
public async Task Fetch_PersistsRawDocumentWithMetadata()
|
||||
{
|
||||
await using var harness = await BuildHarnessAsync();
|
||||
using StellaOps.TestKit;
|
||||
SeedFeedResponses(harness.Handler);
|
||||
|
||||
var connector = harness.ServiceProvider.GetRequiredService<CccsConnector>();
|
||||
|
||||
@@ -83,6 +83,7 @@ public sealed class CertBundConnectorTests
|
||||
public async Task Fetch_PersistsDocumentWithMetadata()
|
||||
{
|
||||
await using var harness = await BuildHarnessAsync();
|
||||
using StellaOps.TestKit;
|
||||
SeedResponses(harness.Handler);
|
||||
|
||||
var connector = harness.ServiceProvider.GetRequiredService<CertBundConnector>();
|
||||
|
||||
@@ -33,6 +33,7 @@ public sealed class AlpineConnectorTests
|
||||
{
|
||||
await using var harness = await BuildHarnessAsync();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
harness.Handler.AddJsonResponse(SecDbUri, BuildMinimalSecDb());
|
||||
|
||||
var connector = harness.ServiceProvider.GetRequiredService<AlpineConnector>();
|
||||
|
||||
@@ -44,6 +44,7 @@ public sealed class AlpineDependencyInjectionRoutineTests
|
||||
|
||||
using var provider = services.BuildServiceProvider(validateScopes: true);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var options = provider.GetRequiredService<IOptions<AlpineOptions>>().Value;
|
||||
Assert.Equal(new Uri("https://secdb.alpinelinux.org/"), options.BaseUri);
|
||||
Assert.Equal(new[] { "v3.20" }, options.Releases);
|
||||
|
||||
@@ -73,6 +73,7 @@ public sealed class DebianConnectorTests : IAsyncLifetime
|
||||
{
|
||||
await using var provider = await BuildServiceProviderAsync();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
SeedInitialResponses();
|
||||
|
||||
var connector = provider.GetRequiredService<DebianConnector>();
|
||||
|
||||
@@ -43,6 +43,7 @@ public sealed class SuseConnectorTests
|
||||
{
|
||||
await using var harness = await BuildHarnessAsync();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
SeedInitialResponses(harness.Handler);
|
||||
|
||||
var connector = harness.ServiceProvider.GetRequiredService<SuseConnector>();
|
||||
|
||||
@@ -42,6 +42,7 @@ public sealed class UbuntuConnectorTests
|
||||
{
|
||||
await using var harness = await BuildHarnessAsync();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
SeedInitialResponses(harness.Handler);
|
||||
|
||||
var connector = harness.ServiceProvider.GetRequiredService<UbuntuConnector>();
|
||||
|
||||
@@ -34,6 +34,7 @@ public sealed class IcsCisaConnectorTests
|
||||
public async Task FetchParseMap_EndToEnd_ProducesCanonicalAdvisories()
|
||||
{
|
||||
await using var harness = await BuildHarnessAsync();
|
||||
using StellaOps.TestKit;
|
||||
RegisterResponses(harness.Handler);
|
||||
|
||||
var connector = harness.ServiceProvider.GetRequiredService<IcsCisaConnector>();
|
||||
|
||||
@@ -351,6 +351,7 @@ public sealed class KisaConnectorTests : IAsyncLifetime
|
||||
|
||||
using var metrics = new KisaMetricCollector();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var connector = provider.GetRequiredService<KisaConnector>();
|
||||
await connector.FetchAsync(provider, CancellationToken.None);
|
||||
await connector.ParseAsync(provider, CancellationToken.None);
|
||||
|
||||
@@ -264,6 +264,7 @@ public sealed class RuBduConnectorSnapshotTests : IAsyncLifetime
|
||||
entry.LastWriteTime = new DateTimeOffset(2025, 10, 14, 9, 0, 0, TimeSpan.Zero);
|
||||
using var entryStream = entry.Open();
|
||||
using var writer = new StreamWriter(entryStream, new UTF8Encoding(encoderShouldEmitUTF8Identifier: false));
|
||||
using StellaOps.TestKit;
|
||||
writer.Write(xml);
|
||||
}
|
||||
|
||||
|
||||
@@ -88,6 +88,7 @@ public sealed class RuNkckiConnectorTests : IAsyncLifetime
|
||||
public async Task Fetch_ReusesCachedBulletinWhenListingFails()
|
||||
{
|
||||
await using var provider = await BuildServiceProviderAsync();
|
||||
using StellaOps.TestKit;
|
||||
SeedListingAndBulletin();
|
||||
|
||||
var connector = provider.GetRequiredService<RuNkckiConnector>();
|
||||
|
||||
@@ -43,6 +43,7 @@ public sealed class RuNkckiJsonParserTests
|
||||
""";
|
||||
|
||||
using var document = JsonDocument.Parse(json);
|
||||
using StellaOps.TestKit;
|
||||
var dto = RuNkckiJsonParser.Parse(document.RootElement);
|
||||
|
||||
Assert.Equal("BDU:2025-00001", dto.FstecId);
|
||||
|
||||
@@ -145,6 +145,7 @@ public sealed class MirrorSignatureVerifierTests
|
||||
private static string WritePublicKeyPem(CryptoSigningKey signingKey)
|
||||
{
|
||||
using var ecdsa = ECDsa.Create(signingKey.PublicParameters);
|
||||
using StellaOps.TestKit;
|
||||
var info = ecdsa.ExportSubjectPublicKeyInfo();
|
||||
var pem = PemEncoding.Write("PUBLIC KEY", info);
|
||||
var path = Path.Combine(Path.GetTempPath(), $"stellaops-mirror-{Guid.NewGuid():N}.pem");
|
||||
|
||||
@@ -427,6 +427,7 @@ public sealed class StellaOpsMirrorConnectorTests : IAsyncLifetime
|
||||
ArgumentNullException.ThrowIfNull(signingKey);
|
||||
var path = Path.Combine(Path.GetTempPath(), $"stellaops-mirror-{Guid.NewGuid():N}.pem");
|
||||
using var ecdsa = ECDsa.Create(signingKey.PublicParameters);
|
||||
using StellaOps.TestKit;
|
||||
var publicKeyInfo = ecdsa.ExportSubjectPublicKeyInfo();
|
||||
var pem = PemEncoding.Write("PUBLIC KEY", publicKeyInfo);
|
||||
File.WriteAllText(path, pem);
|
||||
|
||||
@@ -50,6 +50,7 @@ public sealed class MsrcConnectorTests : IAsyncLifetime
|
||||
public async Task FetchParseMap_ProducesCanonicalAdvisory()
|
||||
{
|
||||
await using var provider = await BuildServiceProviderAsync();
|
||||
using StellaOps.TestKit;
|
||||
SeedResponses();
|
||||
|
||||
var connector = provider.GetRequiredService<MsrcConnector>();
|
||||
|
||||
@@ -270,6 +270,7 @@ public sealed class JobCoordinatorTests
|
||||
jobOptions.Definitions.Add(definition.Kind, definition);
|
||||
|
||||
using var diagnostics = new JobDiagnostics();
|
||||
using StellaOps.TestKit;
|
||||
var coordinator = new JobCoordinator(
|
||||
Options.Create(jobOptions),
|
||||
jobStore,
|
||||
|
||||
@@ -51,6 +51,7 @@ public sealed class JobPluginRegistrationExtensionsTests
|
||||
descriptor => descriptor.ServiceType.FullName == typeof(PluginRoutineExecuted).FullName);
|
||||
|
||||
using var provider = services.BuildServiceProvider();
|
||||
using StellaOps.TestKit;
|
||||
var schedulerOptions = provider.GetRequiredService<IOptions<JobSchedulerOptions>>().Value;
|
||||
|
||||
Assert.True(schedulerOptions.Definitions.TryGetValue(PluginJob.JobKind, out var definition));
|
||||
|
||||
@@ -49,6 +49,7 @@ public sealed class JobSchedulerBuilderTests
|
||||
builder.AddJob<DefaultedJob>(kind: "jobs:defaults");
|
||||
|
||||
using var provider = services.BuildServiceProvider();
|
||||
using StellaOps.TestKit;
|
||||
var options = provider.GetRequiredService<IOptions<JobSchedulerOptions>>().Value;
|
||||
|
||||
Assert.True(options.Definitions.TryGetValue("jobs:defaults", out var definition));
|
||||
|
||||
@@ -44,6 +44,7 @@ public sealed class JsonExporterDependencyInjectionRoutineTests
|
||||
routine.Register(services, configuration);
|
||||
|
||||
using var provider = services.BuildServiceProvider();
|
||||
using StellaOps.TestKit;
|
||||
var optionsAccessor = provider.GetRequiredService<IOptions<JobSchedulerOptions>>();
|
||||
var options = optionsAccessor.Value;
|
||||
|
||||
|
||||
@@ -433,6 +433,7 @@ public sealed class JsonFeedExporterTests : IDisposable
|
||||
private static string WriteSigningKey(string directory)
|
||||
{
|
||||
using var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP256);
|
||||
using StellaOps.TestKit;
|
||||
var pkcs8 = ecdsa.ExportPkcs8PrivateKey();
|
||||
var pem = BuildPem("PRIVATE KEY", pkcs8);
|
||||
var path = Path.Combine(directory, $"mirror-key-{Guid.NewGuid():N}.pem");
|
||||
|
||||
@@ -1198,6 +1198,7 @@ public sealed class TrivyDbFeedExporterTests : IDisposable
|
||||
var archivePath = Path.Combine(workingDirectory, "db.tar.gz");
|
||||
File.WriteAllBytes(archivePath, _payload);
|
||||
using var sha256 = SHA256.Create();
|
||||
using StellaOps.TestKit;
|
||||
var digest = "sha256:" + Convert.ToHexString(sha256.ComputeHash(_payload)).ToLowerInvariant();
|
||||
|
||||
return Task.FromResult(new TrivyDbBuilderResult(
|
||||
|
||||
@@ -498,6 +498,7 @@ public sealed class AdvisoryPrecedenceMergerTests
|
||||
var logger = new TestLogger<AdvisoryPrecedenceMerger>();
|
||||
using var metrics = new MetricCollector("StellaOps.Concelier.Merge");
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var merger = new AdvisoryPrecedenceMerger(
|
||||
new AffectedPackagePrecedenceResolver(),
|
||||
options,
|
||||
|
||||
@@ -130,6 +130,7 @@ public sealed class CanonicalJsonSerializerTests
|
||||
|
||||
var json = CanonicalJsonSerializer.Serialize(advisory);
|
||||
using var document = JsonDocument.Parse(json);
|
||||
using StellaOps.TestKit;
|
||||
var rangeElement = document.RootElement
|
||||
.GetProperty("affectedPackages")[0]
|
||||
.GetProperty("versionRanges")[0];
|
||||
|
||||
@@ -56,6 +56,7 @@ public sealed class OsvGhsaParityDiagnosticsTests
|
||||
var measurements = new List<(string Instrument, long Value, IReadOnlyDictionary<string, object?> Tags)>();
|
||||
using var listener = CreateListener(measurements);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
OsvGhsaParityDiagnostics.RecordReport(report, "");
|
||||
|
||||
listener.Dispose();
|
||||
|
||||
@@ -114,6 +114,7 @@ public sealed class ProvenanceDiagnosticsTests
|
||||
var measurements = new List<(string Instrument, long Value, IReadOnlyDictionary<string, object?> Tags)>();
|
||||
using var listener = CreateListener(measurements, "concelier.range.primitives");
|
||||
|
||||
using StellaOps.TestKit;
|
||||
ProvenanceDiagnostics.RecordRangePrimitive("source-D", range);
|
||||
|
||||
listener.Dispose();
|
||||
|
||||
@@ -508,6 +508,7 @@ public class SbomParserTests
|
||||
|
||||
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(content));
|
||||
|
||||
using StellaOps.TestKit;
|
||||
// Act
|
||||
var result = await _parser.ParseAsync(stream, SbomFormat.CycloneDX);
|
||||
|
||||
|
||||
@@ -25,6 +25,7 @@ public class ConcelierTimelineCursorTests : IClassFixture<WebApplicationFactory<
|
||||
client.DefaultRequestHeaders.Add("X-Stella-Tenant", "tenant-a");
|
||||
|
||||
using var request = new HttpRequestMessage(HttpMethod.Get, "/obs/concelier/timeline?cursor=5&limit=2");
|
||||
using StellaOps.TestKit;
|
||||
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("text/event-stream"));
|
||||
|
||||
var response = await client.SendAsync(request, HttpCompletionOption.ResponseHeadersRead);
|
||||
|
||||
@@ -43,6 +43,7 @@ public class ConcelierTimelineEndpointTests : IClassFixture<WebApplicationFactor
|
||||
|
||||
var stream = await response.Content.ReadAsStreamAsync();
|
||||
using var reader = new StreamReader(stream);
|
||||
using StellaOps.TestKit;
|
||||
var firstLine = await reader.ReadLineAsync();
|
||||
firstLine.Should().NotBeNull();
|
||||
firstLine!.Should().StartWith("event: ingest.update");
|
||||
|
||||
@@ -69,6 +69,7 @@ public sealed class VulnExplorerTelemetryTests : IDisposable
|
||||
public void IsWithdrawn_DetectsWithdrawnFlagsAndTimestamps()
|
||||
{
|
||||
using var json = JsonDocument.Parse("{\"withdrawn\":true,\"withdrawn_at\":\"2024-10-10T00:00:00Z\"}");
|
||||
using StellaOps.TestKit;
|
||||
Assert.True(VulnExplorerTelemetry.IsWithdrawn(json.RootElement));
|
||||
}
|
||||
|
||||
|
||||
@@ -101,6 +101,7 @@ public sealed class DatabaseMigrationTests : IAsyncLifetime
|
||||
Assert.Equal(0, otherVisible);
|
||||
|
||||
await using var violationConnection = await _dataSource.OpenConnectionAsync(tenant, cancellationToken);
|
||||
using StellaOps.TestKit;
|
||||
await using var violationCommand = new NpgsqlCommand(@"
|
||||
INSERT INTO evidence_locker.evidence_bundles
|
||||
(bundle_id, tenant_id, kind, status, root_hash, storage_key)
|
||||
|
||||
@@ -443,6 +443,7 @@ public sealed class EvidenceBundlePackagingServiceTests
|
||||
{
|
||||
Stored = true;
|
||||
using var memory = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
content.CopyTo(memory);
|
||||
StoredBytes = memory.ToArray();
|
||||
|
||||
|
||||
@@ -395,6 +395,7 @@ public sealed class EvidenceLockerIntegrationTests : IDisposable
|
||||
if (entry.DataStream is not null)
|
||||
{
|
||||
using var contentStream = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
entry.DataStream.CopyTo(contentStream);
|
||||
entries[entry.Name] = Encoding.UTF8.GetString(contentStream.ToArray());
|
||||
}
|
||||
|
||||
@@ -99,6 +99,7 @@ public sealed class EvidenceLockerWebServiceContractTests : IDisposable
|
||||
|
||||
var content = await response.Content.ReadAsStringAsync(TestContext.Current.CancellationToken);
|
||||
using var doc = JsonDocument.Parse(content);
|
||||
using StellaOps.TestKit;
|
||||
var root = doc.RootElement;
|
||||
|
||||
// Verify contract schema for retrieved bundle
|
||||
|
||||
@@ -347,6 +347,7 @@ public sealed class EvidenceLockerWebServiceTests
|
||||
}
|
||||
|
||||
using var entryStream = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
entry.DataStream!.CopyTo(entryStream);
|
||||
var content = Encoding.UTF8.GetString(entryStream.ToArray());
|
||||
entries[entry.Name] = content;
|
||||
|
||||
@@ -337,6 +337,7 @@ public sealed class EvidencePortableBundleServiceTests
|
||||
{
|
||||
Stored = true;
|
||||
using var memory = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
content.CopyTo(memory);
|
||||
StoredBytes = memory.ToArray();
|
||||
|
||||
|
||||
@@ -200,6 +200,7 @@ public sealed class EvidenceSignatureServiceTests
|
||||
private static SigningKeyMaterialOptions CreateKeyMaterial()
|
||||
{
|
||||
using var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP256);
|
||||
using StellaOps.TestKit;
|
||||
var privatePem = ecdsa.ExportECPrivateKeyPem();
|
||||
var publicPem = ecdsa.ExportSubjectPublicKeyInfoPem();
|
||||
return new SigningKeyMaterialOptions
|
||||
|
||||
@@ -477,6 +477,7 @@ public sealed class EvidenceSnapshotServiceTests
|
||||
CancellationToken cancellationToken)
|
||||
{
|
||||
using var memory = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
content.CopyTo(memory);
|
||||
var bytes = memory.ToArray();
|
||||
|
||||
|
||||
@@ -45,6 +45,7 @@ public sealed class FileSystemEvidenceObjectStoreTests : IDisposable
|
||||
var firstMetadata = await store.StoreAsync(first, options, cancellationToken);
|
||||
|
||||
using var second = CreateStream("payload-1");
|
||||
using StellaOps.TestKit;
|
||||
var secondMetadata = await store.StoreAsync(second, options, cancellationToken);
|
||||
|
||||
Assert.Equal(firstMetadata.Sha256, secondMetadata.Sha256);
|
||||
|
||||
@@ -77,6 +77,7 @@ public sealed class GoldenFixturesTests
|
||||
private static JsonElement ReadJson(string path)
|
||||
{
|
||||
using var doc = JsonDocument.Parse(File.ReadAllText(path), new JsonDocumentOptions { AllowTrailingCommas = true });
|
||||
using StellaOps.TestKit;
|
||||
return doc.RootElement.Clone();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -116,6 +116,7 @@ public sealed class S3EvidenceObjectStoreTests
|
||||
var ifNoneMatch = request.Headers?["If-None-Match"];
|
||||
|
||||
using var memory = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
request.InputStream.CopyTo(memory);
|
||||
|
||||
PutRequests.Add(new CapturedPutObjectRequest(
|
||||
|
||||
@@ -125,6 +125,7 @@ public sealed class TimelineIndexerEvidenceTimelinePublisherTests
|
||||
Assert.Equal(HttpMethod.Post, request.Method);
|
||||
|
||||
using var json = JsonDocument.Parse(request.Content!);
|
||||
using StellaOps.TestKit;
|
||||
var root = json.RootElement;
|
||||
Assert.Equal("evidence.hold.created", root.GetProperty("kind").GetString());
|
||||
Assert.Equal(hold.CaseId, root.GetProperty("attributes").GetProperty("caseId").GetString());
|
||||
|
||||
@@ -35,6 +35,7 @@ public sealed class S3ArtifactClientTests
|
||||
|
||||
var client = new S3ArtifactClient(mock.Object, Microsoft.Extensions.Logging.Abstractions.NullLogger<S3ArtifactClient>.Instance);
|
||||
using var stream = new MemoryStream(new byte[] { 1, 2, 3 });
|
||||
using StellaOps.TestKit;
|
||||
await client.PutObjectAsync("bucket", "key", stream, new Dictionary<string, string> { ["a"] = "b" }, default);
|
||||
|
||||
mock.Verify(x => x.PutObjectAsync(It.Is<PutObjectRequest>(r => r.Metadata["a"] == "b"), default), Times.Once);
|
||||
|
||||
@@ -92,6 +92,7 @@ public sealed class VexPolicyBinderTests
|
||||
public void Bind_Stream_SupportsEncoding()
|
||||
{
|
||||
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(JsonPolicy));
|
||||
using StellaOps.TestKit;
|
||||
var result = VexPolicyBinder.Bind(stream, VexPolicyDocumentFormat.Json);
|
||||
|
||||
Assert.True(result.Success);
|
||||
|
||||
@@ -79,6 +79,7 @@ public class VexPolicyDiagnosticsTests
|
||||
public void PolicyProvider_ComputesRevisionAndDigest_AndEmitsTelemetry()
|
||||
{
|
||||
using var listener = new MeterListener();
|
||||
using StellaOps.TestKit;
|
||||
var reloadMeasurements = 0;
|
||||
string? lastRevision = null;
|
||||
listener.InstrumentPublished += (instrument, _) =>
|
||||
|
||||
@@ -289,6 +289,7 @@ public sealed class MirrorBundlePublisherTests
|
||||
private static string ComputeSha256(byte[] bytes)
|
||||
{
|
||||
using var sha = SHA256.Create();
|
||||
using StellaOps.TestKit;
|
||||
var digest = sha.ComputeHash(bytes);
|
||||
return "sha256:" + Convert.ToHexString(digest).ToLowerInvariant();
|
||||
}
|
||||
|
||||
@@ -38,6 +38,7 @@ public sealed class OfflineBundleArtifactStoreTests
|
||||
Assert.True(fs.FileExists(manifestPath));
|
||||
await using var manifestStream = fs.File.OpenRead(manifestPath);
|
||||
using var document = await JsonDocument.ParseAsync(manifestStream);
|
||||
using StellaOps.TestKit;
|
||||
var artifacts = document.RootElement.GetProperty("artifacts");
|
||||
Assert.True(artifacts.GetArrayLength() >= 1);
|
||||
var first = artifacts.EnumerateArray().First();
|
||||
|
||||
@@ -71,6 +71,7 @@ public sealed class S3ArtifactStoreTests
|
||||
public Task PutObjectAsync(string bucketName, string key, Stream content, IDictionary<string, string> metadata, CancellationToken cancellationToken)
|
||||
{
|
||||
using var ms = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
content.CopyTo(ms);
|
||||
var bytes = ms.ToArray();
|
||||
PutCalls.GetOrAdd(bucketName, _ => new List<S3Entry>()).Add(new S3Entry(key, bytes, new Dictionary<string, string>(metadata)));
|
||||
|
||||
@@ -60,6 +60,7 @@ public sealed class CsafExporterTests
|
||||
|
||||
stream.Position = 0;
|
||||
using var document = JsonDocument.Parse(stream);
|
||||
using StellaOps.TestKit;
|
||||
var root = document.RootElement;
|
||||
|
||||
root.GetProperty("document").GetProperty("tracking").GetProperty("id").GetString()!.Should().StartWith("stellaops:csaf");
|
||||
|
||||
@@ -44,6 +44,7 @@ public sealed class CycloneDxExporterTests
|
||||
|
||||
stream.Position = 0;
|
||||
using var document = JsonDocument.Parse(stream);
|
||||
using StellaOps.TestKit;
|
||||
var root = document.RootElement;
|
||||
|
||||
root.GetProperty("bomFormat").GetString().Should().Be("CycloneDX");
|
||||
|
||||
@@ -38,6 +38,7 @@ public sealed class OpenVexExporterTests
|
||||
|
||||
stream.Position = 0;
|
||||
using var document = JsonDocument.Parse(stream);
|
||||
using StellaOps.TestKit;
|
||||
var root = document.RootElement;
|
||||
root.GetProperty("document").GetProperty("author").GetString().Should().Be("StellaOps Excititor");
|
||||
root.GetProperty("statements").GetArrayLength().Should().Be(1);
|
||||
|
||||
@@ -50,6 +50,7 @@ public sealed class PostgresAppendOnlyLinksetStoreTests : IAsyncLifetime
|
||||
if (stream is not null)
|
||||
{
|
||||
using var reader = new StreamReader(stream);
|
||||
using StellaOps.TestKit;
|
||||
var sql = await reader.ReadToEndAsync();
|
||||
await _fixture.Fixture.ExecuteSqlAsync(sql);
|
||||
}
|
||||
|
||||
@@ -107,6 +107,7 @@ public class AirgapImportEndpointTests
|
||||
});
|
||||
|
||||
using var client = factory.CreateClient(new WebApplicationFactoryClientOptions { AllowAutoRedirect = false });
|
||||
using StellaOps.TestKit;
|
||||
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", "vex.admin");
|
||||
|
||||
var request = new AirgapImportRequest
|
||||
|
||||
@@ -64,6 +64,7 @@ public class AirgapSignerTrustServiceTests
|
||||
public void Validate_Allows_On_Metadata_Match()
|
||||
{
|
||||
using var temp = ConnectorMetadataTempFile();
|
||||
using StellaOps.TestKit;
|
||||
Environment.SetEnvironmentVariable("STELLAOPS_CONNECTOR_SIGNER_METADATA_PATH", temp.Path);
|
||||
var service = new AirgapSignerTrustService(NullLogger<AirgapSignerTrustService>.Instance);
|
||||
|
||||
|
||||
@@ -65,6 +65,7 @@ public sealed class AttestationVerifyEndpointTests
|
||||
{
|
||||
using var factory = new TestWebApplicationFactory(
|
||||
configureServices: services => TestServiceOverrides.Apply(services));
|
||||
using StellaOps.TestKit;
|
||||
var client = factory.CreateClient();
|
||||
|
||||
var request = new AttestationVerifyRequest
|
||||
|
||||
@@ -99,6 +99,7 @@ public sealed class EvidenceLockerEndpointTests : IAsyncLifetime
|
||||
|
||||
await _stubStore.SaveAsync(record, CancellationToken.None);
|
||||
using var client = _factory.WithWebHostBuilder(_ => { }).CreateClient();
|
||||
using StellaOps.TestKit;
|
||||
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", "vex.read");
|
||||
|
||||
var response = await client.GetAsync($"/evidence/vex/locker/{record.BundleId}/manifest/file");
|
||||
|
||||
@@ -43,6 +43,7 @@ public sealed class EvidenceTelemetryTests
|
||||
using var listener = CreateListener((instrument, value, tags) =>
|
||||
{
|
||||
measurements.Add((instrument.Name, value, tags.ToArray()));
|
||||
using StellaOps.TestKit;
|
||||
});
|
||||
|
||||
var now = DateTimeOffset.UtcNow;
|
||||
|
||||
@@ -202,6 +202,7 @@ public sealed class IngestEndpointsTests
|
||||
|
||||
Assert.Equal(TimeSpan.FromDays(2), _orchestrator.LastReconcileOptions?.MaxAge);
|
||||
using var document = JsonDocument.Parse(JsonSerializer.Serialize(ok.Value));
|
||||
using StellaOps.TestKit;
|
||||
Assert.Equal("reconciled", document.RootElement.GetProperty("providers")[0].GetProperty("action").GetString());
|
||||
}
|
||||
|
||||
|
||||
@@ -79,6 +79,7 @@ public sealed class MirrorEndpointsTests : IDisposable
|
||||
response.EnsureSuccessStatusCode();
|
||||
|
||||
using var document = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
|
||||
using StellaOps.TestKit;
|
||||
var exports = document.RootElement.GetProperty("exports");
|
||||
Assert.Equal(1, exports.GetArrayLength());
|
||||
var entry = exports[0];
|
||||
|
||||
@@ -90,6 +90,7 @@ public sealed class ObservabilityEndpointTests : IDisposable
|
||||
private void SeedDatabase()
|
||||
{
|
||||
using var scope = _factory.Services.CreateScope();
|
||||
using StellaOps.TestKit;
|
||||
var rawStore = scope.ServiceProvider.GetRequiredService<IVexRawStore>();
|
||||
var linksetStore = scope.ServiceProvider.GetRequiredService<IAppendOnlyLinksetStore>();
|
||||
var providerStore = scope.ServiceProvider.GetRequiredService<IVexProviderStore>();
|
||||
|
||||
@@ -27,6 +27,7 @@ public sealed class PolicyEndpointsTests
|
||||
});
|
||||
|
||||
using var client = factory.CreateClient(new() { AllowAutoRedirect = false });
|
||||
using StellaOps.TestKit;
|
||||
client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", "vex.read");
|
||||
client.DefaultRequestHeaders.Add("X-Stella-Tenant", "test");
|
||||
|
||||
|
||||
@@ -157,6 +157,7 @@ public sealed class ResolveEndpointTests : IDisposable
|
||||
private async Task SeedClaimAsync(string vulnerabilityId, string productKey, string providerId)
|
||||
{
|
||||
await using var scope = _factory.Services.CreateAsyncScope();
|
||||
using StellaOps.TestKit;
|
||||
var store = scope.ServiceProvider.GetRequiredService<IVexClaimStore>();
|
||||
var timeProvider = scope.ServiceProvider.GetRequiredService<TimeProvider>();
|
||||
var observedAt = timeProvider.GetUtcNow();
|
||||
|
||||
@@ -141,6 +141,7 @@ public sealed class RiskFeedEndpointsTests
|
||||
});
|
||||
|
||||
using var client = factory.CreateClient(new() { AllowAutoRedirect = false });
|
||||
using StellaOps.TestKit;
|
||||
client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", "vex.read");
|
||||
client.DefaultRequestHeaders.Add("X-Stella-Tenant", TestTenant);
|
||||
|
||||
|
||||
@@ -38,6 +38,7 @@ public sealed class VexAttestationLinkEndpointTests : IDisposable
|
||||
public async Task GetAttestationLink_ReturnsServiceUnavailable()
|
||||
{
|
||||
using var client = _factory.CreateClient(new WebApplicationFactoryClientOptions { AllowAutoRedirect = false });
|
||||
using StellaOps.TestKit;
|
||||
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", "vex.read");
|
||||
|
||||
var response = await client.GetAsync("/v1/vex/attestations/att-123");
|
||||
|
||||
@@ -57,6 +57,7 @@ public sealed class VexEvidenceChunksEndpointTests : IDisposable
|
||||
public async Task ChunksEndpoint_ReportsMigrationStatusHeaders()
|
||||
{
|
||||
using var client = _factory.CreateClient(new WebApplicationFactoryClientOptions { AllowAutoRedirect = false });
|
||||
using StellaOps.TestKit;
|
||||
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", "vex.read");
|
||||
client.DefaultRequestHeaders.Add("X-Stella-Tenant", "tests");
|
||||
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user