Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org
This commit is contained in:
StellaOps Bot
@@ -122,6 +122,7 @@ public class CecilMethodFingerprinterTests
|
||||
{
|
||||
// Arrange
|
||||
using var cts = new CancellationTokenSource();
|
||||
using StellaOps.TestKit;
|
||||
cts.Cancel();
|
||||
|
||||
var testAssemblyPath = typeof(CecilMethodFingerprinterTests).Assembly.Location;
|
||||
|
||||
@@ -355,6 +355,7 @@ public class NuGetPackageDownloaderTests : IDisposable
|
||||
// Add a minimal .nuspec file
|
||||
var nuspecEntry = archive.CreateEntry("test.nuspec");
|
||||
using var writer = new StreamWriter(nuspecEntry.Open());
|
||||
using StellaOps.TestKit;
|
||||
writer.Write("""
|
||||
<?xml version="1.0"?>
|
||||
<package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
|
||||
|
||||
@@ -74,6 +74,7 @@ public sealed class AdvisoryClientTests
|
||||
});
|
||||
|
||||
using var temp = new TempFile();
|
||||
using StellaOps.TestKit;
|
||||
var bundle = new
|
||||
{
|
||||
items = new[]
|
||||
|
||||
@@ -183,6 +183,7 @@ public sealed class RubyLanguageAnalyzerTests
|
||||
|
||||
Assert.True(store.TryGet(ScanAnalysisKeys.RubyObservationPayload, out AnalyzerObservationPayload payload));
|
||||
using var document = JsonDocument.Parse(payload.Content.ToArray());
|
||||
using StellaOps.TestKit;
|
||||
var root = document.RootElement;
|
||||
var environment = root.GetProperty("environment");
|
||||
|
||||
|
||||
@@ -113,6 +113,7 @@ public class ElfDynamicSectionParserTests : NativeTestBase
|
||||
buffer[1] = (byte)'Z';
|
||||
|
||||
using var stream = new MemoryStream(buffer);
|
||||
using StellaOps.TestKit;
|
||||
var result = ElfDynamicSectionParser.TryParse(stream, out var info);
|
||||
|
||||
result.Should().BeFalse();
|
||||
|
||||
@@ -277,6 +277,7 @@ public class HeuristicScannerTests
|
||||
|
||||
// Act
|
||||
using var stream = new MemoryStream(data);
|
||||
using StellaOps.TestKit;
|
||||
var result = HeuristicScanner.Scan(stream, NativeFormat.Elf);
|
||||
|
||||
// Assert
|
||||
|
||||
@@ -747,6 +747,7 @@ public sealed class MachOReaderTests
|
||||
{
|
||||
var data = BuildMachO64();
|
||||
using var stream = new MemoryStream(data);
|
||||
using StellaOps.TestKit;
|
||||
var result = MachOReader.Parse(stream, "/usr/bin/myapp", "sha256:abc123");
|
||||
|
||||
Assert.NotNull(result);
|
||||
|
||||
@@ -175,6 +175,7 @@ public class NativeFormatDetectorTests
|
||||
var bytes = new byte[] { 0x00, 0x01, 0x02, 0x03 };
|
||||
using var stream = new MemoryStream(bytes);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var detected = NativeFormatDetector.TryDetect(stream, out var id);
|
||||
|
||||
Assert.False(detected);
|
||||
|
||||
@@ -134,6 +134,7 @@ public class NativeObservationSerializerTests
|
||||
var json = NativeObservationSerializer.Serialize(original);
|
||||
using var stream = new MemoryStream(System.Text.Encoding.UTF8.GetBytes(json));
|
||||
|
||||
using StellaOps.TestKit;
|
||||
// Act
|
||||
var doc = await NativeObservationSerializer.ReadAsync(stream);
|
||||
|
||||
|
||||
@@ -145,6 +145,7 @@ public class PeReaderTests : NativeTestBase
|
||||
var invalidData = new byte[] { 0x00, 0x01, 0x02, 0x03 };
|
||||
using var stream = new MemoryStream(invalidData);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
// Act
|
||||
var result = PeReader.Parse(stream, "invalid.exe");
|
||||
|
||||
|
||||
@@ -330,6 +330,7 @@ public sealed class PluginPackagingTests
|
||||
var elfHeader = CreateMinimalElfHeader();
|
||||
using var stream = new MemoryStream(elfHeader);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var result = await analyzer.AnalyzeAsync("/test/binary.so", stream, options);
|
||||
|
||||
result.Should().NotBeNull();
|
||||
|
||||
@@ -272,6 +272,7 @@ public sealed class HomebrewReceiptParserTests
|
||||
""";
|
||||
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(json));
|
||||
|
||||
using StellaOps.TestKit;
|
||||
// Act
|
||||
var receipt = _parser.Parse(stream);
|
||||
|
||||
|
||||
@@ -36,6 +36,7 @@ public sealed class OsAnalyzerDeterminismTests
|
||||
public async Task DpkgAnalyzerMatchesGolden()
|
||||
{
|
||||
using var fixture = FixtureManager.UseFixture("dpkg", out var rootPath);
|
||||
using StellaOps.TestKit;
|
||||
var analyzer = new DpkgPackageAnalyzer(NullLogger<DpkgPackageAnalyzer>.Instance);
|
||||
var context = CreateContext(rootPath);
|
||||
|
||||
|
||||
@@ -468,6 +468,7 @@ public class ChocolateyPackageAnalyzerTests
|
||||
CreateNuspecFile(packageDir, "git", "2.42.0", "Git", "Author", "Git");
|
||||
|
||||
using var cts = new CancellationTokenSource();
|
||||
using StellaOps.TestKit;
|
||||
cts.Cancel();
|
||||
|
||||
try
|
||||
|
||||
@@ -112,6 +112,7 @@ public sealed class LayerCacheRoundTripTests : IAsyncLifetime
|
||||
// Compaction removes CAS entry once over threshold.
|
||||
// Force compaction by writing a large entry.
|
||||
using var largeStream = CreateStream(new string('x', 400_000));
|
||||
using StellaOps.TestKit;
|
||||
var largeHash = "sha256:" + new string('e', 64);
|
||||
await _fileCas.PutAsync(new FileCasPutRequest(largeHash, largeStream), CancellationToken.None);
|
||||
_timeProvider.Advance(TimeSpan.FromMinutes(1));
|
||||
|
||||
@@ -80,6 +80,7 @@ public class DotNetCallGraphExtractorTests
|
||||
{
|
||||
await using var temp = await TempDirectory.CreateAsync();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var csprojPath = Path.Combine(temp.Path, "App.csproj");
|
||||
await File.WriteAllTextAsync(csprojPath, """
|
||||
<Project Sdk="Microsoft.NET.Sdk">
|
||||
|
||||
@@ -531,6 +531,7 @@ public class JavaCallGraphExtractorTests
|
||||
// Arrange: Create a temp directory
|
||||
await using var temp = await TempDirectory.CreateAsync();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var request1 = new CallGraphExtractionRequest(
|
||||
ScanId: "scan-a",
|
||||
Language: "java",
|
||||
|
||||
@@ -484,6 +484,7 @@ public sealed class JavaScriptCallGraphExtractorTests : IAsyncLifetime
|
||||
{
|
||||
await using var temp = await TempDirectory.CreateAsync();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var packageJson = """
|
||||
{
|
||||
"name": "test-app",
|
||||
|
||||
@@ -21,6 +21,7 @@ public class ReachabilityGraphBuilderUnionTests
|
||||
var writer = new ReachabilityUnionWriter();
|
||||
|
||||
using var temp = new TempDir();
|
||||
using StellaOps.TestKit;
|
||||
var result = await writer.WriteAsync(graph, temp.Path, "analysis-graph-1");
|
||||
|
||||
Assert.Equal(2, result.Nodes.RecordCount);
|
||||
|
||||
@@ -20,6 +20,7 @@ public class ReachabilityUnionPublisherTests
|
||||
|
||||
var cas = new FakeFileContentAddressableStore();
|
||||
using var temp = new TempDir();
|
||||
using StellaOps.TestKit;
|
||||
var publisher = new ReachabilityUnionPublisher(new ReachabilityUnionWriter());
|
||||
|
||||
var result = await publisher.PublishAsync(graph, cas, temp.Path, "analysis-pub-1");
|
||||
|
||||
@@ -339,6 +339,7 @@ public sealed class ComponentDifferTests
|
||||
|
||||
var json = DiffJsonSerializer.Serialize(document);
|
||||
using var parsed = JsonDocument.Parse(json);
|
||||
using StellaOps.TestKit;
|
||||
var changeJson = parsed.RootElement
|
||||
.GetProperty("layers")[0]
|
||||
.GetProperty("changes")[0];
|
||||
|
||||
@@ -830,6 +830,7 @@ public sealed class EntryTraceAnalyzerTests
|
||||
{
|
||||
var manifest = archive.CreateEntry("META-INF/MANIFEST.MF");
|
||||
using var writer = new StreamWriter(manifest.Open(), Encoding.UTF8);
|
||||
using StellaOps.TestKit;
|
||||
writer.WriteLine("Manifest-Version: 1.0");
|
||||
writer.WriteLine($"Main-Class: {mainClass}");
|
||||
writer.Flush();
|
||||
|
||||
@@ -151,6 +151,7 @@ public sealed class EntryTraceNdjsonWriterTests
|
||||
Assert.EndsWith("\n", ndjsonLine, StringComparison.Ordinal);
|
||||
var json = ndjsonLine.TrimEnd('\n');
|
||||
using var document = JsonDocument.Parse(json);
|
||||
using StellaOps.TestKit;
|
||||
return document.RootElement.Clone();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -191,6 +191,7 @@ public sealed class LayeredRootFileSystemTests : IDisposable
|
||||
{
|
||||
using var stream = File.Create(path);
|
||||
using var writer = new TarWriter(stream, leaveOpen: false);
|
||||
using StellaOps.TestKit;
|
||||
writerAction(writer);
|
||||
}
|
||||
|
||||
|
||||
@@ -207,6 +207,7 @@ public class PoEPipelineTests : IDisposable
|
||||
{
|
||||
// Using SHA256 as BLAKE3 placeholder
|
||||
using var sha = SHA256.Create();
|
||||
using StellaOps.TestKit;
|
||||
var hashBytes = sha.ComputeHash(data);
|
||||
var hashHex = Convert.ToHexString(hashBytes).ToLowerInvariant();
|
||||
return $"blake3:{hashHex}";
|
||||
|
||||
@@ -40,6 +40,7 @@ public sealed class PostgresProofSpineRepositoryTests
|
||||
};
|
||||
|
||||
await using var dataSource = new ScannerDataSource(Options.Create(options), NullLogger<ScannerDataSource>.Instance);
|
||||
using StellaOps.TestKit;
|
||||
var repository = new PostgresProofSpineRepository(
|
||||
dataSource,
|
||||
NullLogger<PostgresProofSpineRepository>.Instance,
|
||||
|
||||
@@ -275,6 +275,7 @@ public class AttestingRichGraphWriterTests : IAsyncLifetime
|
||||
public async ValueTask<byte[]> ComputeHashAsync(Stream stream, string? algorithmId = null, CancellationToken cancellationToken = default)
|
||||
{
|
||||
using var buffer = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
await stream.CopyToAsync(buffer, cancellationToken).ConfigureAwait(false);
|
||||
return System.Security.Cryptography.SHA256.HashData(buffer.ToArray());
|
||||
}
|
||||
|
||||
@@ -383,6 +383,7 @@ public class BinaryReachabilityLifterTests
|
||||
using var ms = new MemoryStream();
|
||||
using var writer = new BinaryWriter(ms);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var stringTable = new StringBuilder();
|
||||
stringTable.Append('\0');
|
||||
var stringOffsets = new Dictionary<string, int>(StringComparer.Ordinal);
|
||||
|
||||
@@ -17,6 +17,7 @@ public class ReachabilityUnionPublisherTests
|
||||
Edges: new ReachabilityUnionEdge[0]);
|
||||
|
||||
using var temp = new TempDir();
|
||||
using StellaOps.TestKit;
|
||||
var cas = new FakeFileContentAddressableStore();
|
||||
var publisher = new ReachabilityUnionPublisher(new ReachabilityUnionWriter());
|
||||
|
||||
|
||||
@@ -180,6 +180,7 @@ public class ReachabilityUnionWriterTests
|
||||
var writer = new ReachabilityUnionWriter();
|
||||
using var temp = new TempDir();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var graph = new ReachabilityUnionGraph(
|
||||
Nodes: new[]
|
||||
{
|
||||
|
||||
@@ -49,6 +49,7 @@ public class RichGraphPublisherTests
|
||||
|
||||
var payloadBytes = Base64UrlDecode(payloadBase64Url!);
|
||||
using var payloadDoc = JsonDocument.Parse(payloadBytes);
|
||||
using StellaOps.TestKit;
|
||||
Assert.Equal(
|
||||
result.GraphHash,
|
||||
payloadDoc.RootElement.GetProperty("hashes").GetProperty("graphHash").GetString());
|
||||
|
||||
@@ -122,6 +122,7 @@ public class RichGraphWriterTests
|
||||
var writer = new RichGraphWriter(CryptoHashFactory.CreateDefault());
|
||||
using var temp = new TempDir();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var union = new ReachabilityUnionGraph(
|
||||
Nodes: new[]
|
||||
{
|
||||
|
||||
@@ -79,6 +79,7 @@ public sealed class PredicateGoldenFixtureTests
|
||||
});
|
||||
|
||||
using var parsed = JsonDocument.Parse(json);
|
||||
using StellaOps.TestKit;
|
||||
Assert.Equal("reachability_flip", parsed.RootElement.GetProperty("changeType").GetString());
|
||||
}
|
||||
|
||||
|
||||
@@ -50,6 +50,7 @@ public sealed class ReachabilityGateTests
|
||||
var json = JsonSerializer.Serialize(gate);
|
||||
using var parsed = JsonDocument.Parse(json);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var root = parsed.RootElement;
|
||||
Assert.True(root.TryGetProperty("reachable", out _));
|
||||
Assert.True(root.TryGetProperty("configActivated", out _));
|
||||
|
||||
@@ -50,6 +50,7 @@ public sealed class OciArtifactPusherTests
|
||||
Assert.NotNull(handler.ManifestBytes);
|
||||
|
||||
using var doc = JsonDocument.Parse(handler.ManifestBytes!);
|
||||
using StellaOps.TestKit;
|
||||
Assert.True(doc.RootElement.TryGetProperty("annotations", out var annotations));
|
||||
Assert.True(annotations.TryGetProperty("org.opencontainers.image.created", out _));
|
||||
}
|
||||
|
||||
@@ -279,6 +279,7 @@ public sealed class VerdictOciPublisherTests
|
||||
Assert.NotNull(handler.ManifestBytes);
|
||||
using var doc = JsonDocument.Parse(handler.ManifestBytes!);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
Assert.True(doc.RootElement.TryGetProperty("layers", out var layers));
|
||||
Assert.Equal(1, layers.GetArrayLength());
|
||||
|
||||
|
||||
@@ -180,6 +180,7 @@ public sealed class BinaryEvidenceServiceTests : IAsyncLifetime
|
||||
var table = $"{_schemaName}.scans";
|
||||
|
||||
await using var connection = await _dataSource.OpenSystemConnectionAsync().ConfigureAwait(false);
|
||||
using StellaOps.TestKit;
|
||||
await connection.ExecuteAsync(
|
||||
$"INSERT INTO {table} (scan_id) VALUES (@ScanId)",
|
||||
new { ScanId = scanId }).ConfigureAwait(false);
|
||||
|
||||
@@ -80,6 +80,7 @@ public sealed class EpssRepositoryIntegrationTests : IAsyncLifetime
|
||||
Assert.Equal(day2, current["CVE-2024-0001"].ModelDate);
|
||||
|
||||
await using var connection = await _dataSource.OpenSystemConnectionAsync();
|
||||
using StellaOps.TestKit;
|
||||
var changes = (await connection.QueryAsync<ChangeRow>(
|
||||
"""
|
||||
SELECT cve_id, old_score, new_score, old_percentile, new_percentile, flags
|
||||
|
||||
@@ -91,6 +91,7 @@ public sealed class StorageDualWriteFixture
|
||||
await _fixture.TruncateAllTablesAsync();
|
||||
|
||||
await using var connection = new Npgsql.NpgsqlConnection(_fixture.ConnectionString);
|
||||
using StellaOps.TestKit;
|
||||
await connection.OpenAsync();
|
||||
await using var command = new Npgsql.NpgsqlCommand(
|
||||
"SELECT EXISTS (SELECT FROM information_schema.tables WHERE table_schema = @schema AND table_name = 'artifacts');",
|
||||
|
||||
@@ -225,6 +225,7 @@ public sealed class FileSurfaceManifestStoreTests : IAsyncDisposable
|
||||
public async ValueTask<byte[]> ComputeHashAsync(Stream stream, string? algorithmId = null, CancellationToken cancellationToken = default)
|
||||
{
|
||||
await using var buffer = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
await stream.CopyToAsync(buffer, cancellationToken).ConfigureAwait(false);
|
||||
return SHA256.HashData(buffer.ToArray());
|
||||
}
|
||||
|
||||
@@ -58,6 +58,7 @@ public sealed class CasAccessSecretParserTests
|
||||
};
|
||||
|
||||
using var handle = SurfaceSecretHandle.FromBytes(Encoding.UTF8.GetBytes(json), metadata);
|
||||
using StellaOps.TestKit;
|
||||
var secret = SurfaceSecretParser.ParseCasAccessSecret(handle);
|
||||
|
||||
Assert.Equal("s3", secret.Driver);
|
||||
|
||||
@@ -103,6 +103,7 @@ public sealed class RegistryAccessSecretParserTests
|
||||
};
|
||||
|
||||
using var handle = SurfaceSecretHandle.FromBytes(ReadOnlySpan<byte>.Empty, metadata);
|
||||
using StellaOps.TestKit;
|
||||
var secret = SurfaceSecretParser.ParseRegistryAccessSecret(handle);
|
||||
|
||||
var entry = Assert.Single(secret.Entries);
|
||||
|
||||
@@ -40,6 +40,7 @@ namespace StellaOps.Scanner.Surface.Secrets.Tests
|
||||
services.AddSurfaceSecrets();
|
||||
|
||||
await using var provider = services.BuildServiceProvider();
|
||||
using StellaOps.TestKit;
|
||||
var secretProvider = provider.GetRequiredService<ISurfaceSecretProvider>();
|
||||
var handle = await secretProvider.GetAsync(new SurfaceSecretRequest("tenant", "component", "registry"));
|
||||
try
|
||||
|
||||
@@ -128,6 +128,7 @@ public sealed class ActionablesEndpointsTests
|
||||
using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var response = await client.GetAsync("/api/v1/actionables/delta/delta-12345678");
|
||||
var result = await response.Content.ReadFromJsonAsync<ActionablesResponseDto>(SerializerOptions);
|
||||
|
||||
|
||||
@@ -21,6 +21,7 @@ public sealed class AuthorizationTests
|
||||
});
|
||||
|
||||
using var client = factory.CreateClient();
|
||||
using StellaOps.TestKit;
|
||||
var response = await client.GetAsync("/api/v1/__auth-probe");
|
||||
|
||||
Assert.Equal(HttpStatusCode.Unauthorized, response.StatusCode);
|
||||
|
||||
@@ -112,6 +112,7 @@ public sealed class BaselineEndpointsTests
|
||||
using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var response = await client.GetAsync("/api/v1/baselines/recommendations/sha256:artifact123");
|
||||
var result = await response.Content.ReadFromJsonAsync<BaselineRecommendationsResponseDto>(SerializerOptions);
|
||||
|
||||
|
||||
@@ -63,6 +63,7 @@ public sealed class CallGraphEndpointsTests
|
||||
{
|
||||
Content = JsonContent.Create(request)
|
||||
};
|
||||
using StellaOps.TestKit;
|
||||
secondRequest.Headers.TryAddWithoutValidation("Content-Digest", "sha256:deadbeef");
|
||||
|
||||
var second = await client.SendAsync(secondRequest);
|
||||
|
||||
@@ -205,6 +205,7 @@ public sealed class CounterfactualEndpointsTests
|
||||
using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var request = new CounterfactualRequestDto
|
||||
{
|
||||
FindingId = "finding-123",
|
||||
|
||||
@@ -130,6 +130,7 @@ public sealed class DeltaCompareEndpointsTests
|
||||
using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var request = new DeltaCompareRequestDto
|
||||
{
|
||||
BaseDigest = "sha256:base123",
|
||||
|
||||
@@ -112,6 +112,7 @@ public sealed class EvidenceEndpointsTests
|
||||
});
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var response = await client.GetAsync("/api/v1/scans/nonexistent-scan/evidence");
|
||||
|
||||
// Current behavior: returns empty list (200 OK) for non-existent scans
|
||||
|
||||
@@ -123,6 +123,7 @@ public sealed class FindingsEvidenceControllerTests
|
||||
private static async Task<Guid> SeedFindingAsync(ScannerApplicationFactory factory)
|
||||
{
|
||||
using var scope = factory.Services.CreateScope();
|
||||
using StellaOps.TestKit;
|
||||
var db = scope.ServiceProvider.GetRequiredService<TriageDbContext>();
|
||||
|
||||
await db.Database.MigrateAsync();
|
||||
|
||||
@@ -13,6 +13,7 @@ public sealed class HealthEndpointsTests
|
||||
using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var healthResponse = await client.GetAsync("/healthz");
|
||||
Assert.True(healthResponse.IsSuccessStatusCode, $"Expected 200 from /healthz, received {(int)healthResponse.StatusCode}.");
|
||||
|
||||
|
||||
@@ -128,6 +128,7 @@ public sealed class IdempotencyMiddlewareTests
|
||||
await using var factory = CreateFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var content = new StringContent("""{"test":"nodigest"}""", Encoding.UTF8, "application/json");
|
||||
// Not adding Content-Digest header - middleware should compute it
|
||||
|
||||
|
||||
@@ -420,6 +420,7 @@ public sealed class ManifestEndpointsTests
|
||||
// Arrange
|
||||
await using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
using StellaOps.TestKit;
|
||||
var scanId = Guid.NewGuid();
|
||||
|
||||
// Act - Trailing slash with empty root hash
|
||||
|
||||
@@ -239,6 +239,7 @@ public sealed class OfflineKitEndpointsTests
|
||||
private static (string KeyId, string PublicKeyPem, string DsseJson) CreateSignedDsse(byte[] bundleBytes)
|
||||
{
|
||||
using var rsa = RSA.Create(2048);
|
||||
using StellaOps.TestKit;
|
||||
var publicKeyDer = rsa.ExportSubjectPublicKeyInfo();
|
||||
var fingerprint = ComputeSha256Hex(publicKeyDer);
|
||||
|
||||
|
||||
@@ -55,6 +55,7 @@ public sealed class PlatformEventPublisherRegistrationTests
|
||||
});
|
||||
using var scope = factory.Services.CreateScope();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var options = scope.ServiceProvider.GetRequiredService<IOptions<ScannerWebServiceOptions>>().Value;
|
||||
Assert.True(options.Events.Enabled);
|
||||
Assert.Equal("redis", options.Events.Driver);
|
||||
|
||||
@@ -64,6 +64,7 @@ public sealed class PolicyEndpointsTests
|
||||
using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
const string policyYaml = """
|
||||
version: "1.0"
|
||||
rules:
|
||||
|
||||
@@ -179,6 +179,7 @@ public sealed class ProofSpineEndpointsTests
|
||||
await using var factory = new ScannerApplicationFactory();
|
||||
using var scope = factory.Services.CreateScope();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var builder = scope.ServiceProvider.GetRequiredService<ProofSpineBuilder>();
|
||||
var repository = scope.ServiceProvider.GetRequiredService<IProofSpineRepository>();
|
||||
|
||||
|
||||
@@ -175,6 +175,7 @@ public sealed class RateLimitingTests
|
||||
// Arrange
|
||||
await using var factory = CreateFactory();
|
||||
using var client = factory.CreateClient();
|
||||
using StellaOps.TestKit;
|
||||
var scanId = Guid.NewGuid();
|
||||
|
||||
// Act - Requests from "anonymous" tenant
|
||||
|
||||
@@ -87,6 +87,7 @@ public sealed class ReachabilityDriftEndpointsTests
|
||||
private static async Task SeedCallGraphSnapshotsAsync(IServiceProvider services, string baseScanId, string headScanId)
|
||||
{
|
||||
using var scope = services.CreateScope();
|
||||
using StellaOps.TestKit;
|
||||
var repo = scope.ServiceProvider.GetRequiredService<ICallGraphSnapshotRepository>();
|
||||
|
||||
var baseSnapshot = CreateSnapshot(
|
||||
|
||||
@@ -26,6 +26,7 @@ public sealed class ReportSamplesTests
|
||||
var path = Path.Combine(repoRoot, "samples", "api", "reports", "report-sample.dsse.json");
|
||||
Assert.True(File.Exists(path), $"Sample file not found at {path}.");
|
||||
await using var stream = File.OpenRead(path);
|
||||
using StellaOps.TestKit;
|
||||
var response = await JsonSerializer.DeserializeAsync<ReportResponseDto>(stream, SerializerOptions);
|
||||
Assert.NotNull(response);
|
||||
Assert.NotNull(response!.Report);
|
||||
|
||||
@@ -186,6 +186,7 @@ rules:
|
||||
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var request = new ReportRequestDto
|
||||
{
|
||||
ImageDigest = "sha256:cafebabe",
|
||||
|
||||
@@ -270,6 +270,7 @@ public sealed class RubyPackagesEndpointsTests
|
||||
}
|
||||
|
||||
using var client = factory.CreateClient();
|
||||
using StellaOps.TestKit;
|
||||
var encodedDigest = Uri.EscapeDataString(digest);
|
||||
var response = await client.GetAsync($"/api/v1/scans/{encodedDigest}/entrytrace");
|
||||
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
|
||||
|
||||
@@ -301,6 +301,7 @@ rules: []
|
||||
using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var request = new RuntimePolicyRequestDto
|
||||
{
|
||||
Images = Array.Empty<string>()
|
||||
|
||||
@@ -597,6 +597,7 @@ public sealed class RuntimeReconciliationTests
|
||||
public Task PutAsync(ArtifactObjectDescriptor descriptor, Stream content, CancellationToken cancellationToken)
|
||||
{
|
||||
using var ms = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
content.CopyTo(ms);
|
||||
_store[$"{descriptor.Bucket}/{descriptor.Key}"] = ms.ToArray();
|
||||
return Task.CompletedTask;
|
||||
|
||||
@@ -85,6 +85,7 @@ public sealed class SbomEndpointsTests
|
||||
ArgumentNullException.ThrowIfNull(content);
|
||||
|
||||
using var buffer = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
await content.CopyToAsync(buffer, cancellationToken).ConfigureAwait(false);
|
||||
|
||||
var key = $"{descriptor.Bucket}:{descriptor.Key}";
|
||||
|
||||
@@ -143,6 +143,7 @@ public sealed class SbomUploadEndpointsTests
|
||||
ArgumentNullException.ThrowIfNull(content);
|
||||
|
||||
using var buffer = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
await content.CopyToAsync(buffer, cancellationToken).ConfigureAwait(false);
|
||||
|
||||
var key = $"{descriptor.Bucket}:{descriptor.Key}";
|
||||
|
||||
@@ -143,6 +143,7 @@ public sealed class ScannerSurfaceSecretConfiguratorTests
|
||||
""";
|
||||
|
||||
using var handle = SurfaceSecretHandle.FromBytes(Encoding.UTF8.GetBytes(json));
|
||||
using StellaOps.TestKit;
|
||||
var secretProvider = new StubSecretProvider(new Dictionary<string, SurfaceSecretHandle>(StringComparer.OrdinalIgnoreCase)
|
||||
{
|
||||
["registry"] = handle
|
||||
|
||||
@@ -24,6 +24,7 @@ public sealed partial class ScansEndpointsTests
|
||||
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var submitResponse = await client.PostAsJsonAsync("/api/v1/scans", new
|
||||
{
|
||||
image = new { digest = "sha256:image-demo" }
|
||||
|
||||
@@ -100,6 +100,7 @@ public sealed partial class ScansEndpointsTests
|
||||
public Task PutAsync(ArtifactObjectDescriptor descriptor, Stream content, CancellationToken cancellationToken)
|
||||
{
|
||||
using var buffer = new MemoryStream();
|
||||
using StellaOps.TestKit;
|
||||
content.CopyTo(buffer);
|
||||
Objects[descriptor.Key] = buffer.ToArray();
|
||||
return Task.CompletedTask;
|
||||
|
||||
@@ -38,6 +38,7 @@ public sealed partial class ScansEndpointsTests
|
||||
var scanId = submitPayload!.ScanId;
|
||||
|
||||
using var scope = factory.Services.CreateScope();
|
||||
using StellaOps.TestKit;
|
||||
var coordinator = scope.ServiceProvider.GetRequiredService<IScanCoordinator>();
|
||||
var recordMode = scope.ServiceProvider.GetRequiredService<IRecordModeService>();
|
||||
var timeProvider = scope.ServiceProvider.GetRequiredService<TimeProvider>();
|
||||
|
||||
@@ -182,6 +182,7 @@ public sealed partial class ScansEndpointsTests
|
||||
});
|
||||
|
||||
using var client = factory.CreateClient();
|
||||
using StellaOps.TestKit;
|
||||
var response = await client.GetAsync("/api/v1/scans/scan-missing/entrytrace");
|
||||
Assert.Equal(HttpStatusCode.NotFound, response.StatusCode);
|
||||
}
|
||||
|
||||
@@ -477,6 +477,7 @@ public sealed class SliceCacheTests
|
||||
// Arrange
|
||||
var options = Microsoft.Extensions.Options.Options.Create(new SliceCacheOptions { Enabled = false });
|
||||
using var cache = new SliceCache(options);
|
||||
using StellaOps.TestKit;
|
||||
var cacheResult = CreateTestCacheResult();
|
||||
|
||||
// Act
|
||||
|
||||
@@ -189,6 +189,7 @@ public sealed class TriageStatusEndpointsTests
|
||||
using var factory = new ScannerApplicationFactory();
|
||||
using var client = factory.CreateClient();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var request = new BulkTriageQueryRequestDto
|
||||
{
|
||||
Limit = 10
|
||||
|
||||
@@ -317,6 +317,7 @@ public sealed class CompositeScanAnalyzerDispatcherTests
|
||||
|
||||
await using var services = serviceCollection.BuildServiceProvider();
|
||||
|
||||
using StellaOps.TestKit;
|
||||
var scopeFactory = services.GetRequiredService<IServiceScopeFactory>();
|
||||
var loggerFactory = services.GetRequiredService<ILoggerFactory>();
|
||||
var metrics = services.GetRequiredService<ScannerWorkerMetrics>();
|
||||
|
||||
@@ -86,6 +86,7 @@ public sealed class HmacDsseEnvelopeSignerTests
|
||||
{
|
||||
var secret = Convert.FromBase64String(base64Secret);
|
||||
using var hmac = new System.Security.Cryptography.HMACSHA256(secret);
|
||||
using StellaOps.TestKit;
|
||||
var pae = BuildPae(payloadType, payload);
|
||||
var signature = hmac.ComputeHash(pae);
|
||||
return Base64UrlEncode(signature);
|
||||
|
||||
@@ -31,6 +31,7 @@ public sealed class LeaseHeartbeatServiceTests
|
||||
|
||||
var optionsMonitor = new StaticOptionsMonitor<ScannerWorkerOptions>(options);
|
||||
using var cts = new CancellationTokenSource();
|
||||
using StellaOps.TestKit;
|
||||
var scheduler = new RecordingDelayScheduler(cts);
|
||||
var lease = new TestJobLease(TimeSpan.FromSeconds(90));
|
||||
var randomProvider = new DeterministicRandomProvider(seed: 1337);
|
||||
|
||||
@@ -91,6 +91,7 @@ public sealed class RedisWorkerSmokeTests
|
||||
var hostedService = provider.GetRequiredService<ScannerWorkerHostedService>();
|
||||
using var cts = new CancellationTokenSource(TimeSpan.FromSeconds(30));
|
||||
|
||||
using StellaOps.TestKit;
|
||||
await hostedService.StartAsync(cts.Token);
|
||||
|
||||
var smokeObserver = provider.GetRequiredService<QueueBackedScanJobSourceDependencies>();
|
||||
|
||||
@@ -94,6 +94,7 @@ public sealed class RegistrySecretStageExecutorTests
|
||||
var measurements = new List<(long Value, KeyValuePair<string, object?>[] Tags)>();
|
||||
using var listener = CreateCounterListener("scanner_worker_registry_secret_requests_total", measurements);
|
||||
|
||||
using StellaOps.TestKit;
|
||||
await executor.ExecuteAsync(context, CancellationToken.None);
|
||||
listener.RecordObservableInstruments();
|
||||
|
||||
|
||||
@@ -34,6 +34,7 @@ public sealed class ScannerStorageSurfaceSecretConfiguratorTests
|
||||
""";
|
||||
|
||||
using var handle = SurfaceSecretHandle.FromBytes(Encoding.UTF8.GetBytes(json));
|
||||
using StellaOps.TestKit;
|
||||
var secretProvider = new StubSecretProvider(handle);
|
||||
var environment = new StubSurfaceEnvironment("tenant-eu");
|
||||
|
||||
|
||||
@@ -526,6 +526,7 @@ public sealed class SurfaceManifestStageExecutorTests
|
||||
|
||||
var determinismPayload = Assert.Single(publisher.LastRequest!.Payloads, p => p.Kind == "determinism.json");
|
||||
using var document = JsonDocument.Parse(determinismPayload.Content);
|
||||
using StellaOps.TestKit;
|
||||
var root = document.RootElement;
|
||||
|
||||
Assert.True(root.GetProperty("fixedClock").GetBoolean());
|
||||
|
||||
@@ -67,6 +67,7 @@ public sealed class WorkerBasicScanScenarioTests
|
||||
.AddLogging(builder =>
|
||||
{
|
||||
builder.ClearProviders();
|
||||
using StellaOps.TestKit;
|
||||
builder.AddProvider(testLoggerProvider);
|
||||
builder.SetMinimumLevel(LogLevel.Debug);
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user