Add unit tests and implementations for MongoDB index models and OpenAPI metadata

- Implemented `MongoIndexModelTests` to verify index models for various stores. - Created `OpenApiMetadataFactory` with methods to generate OpenAPI metadata. - Added tests for `OpenApiMetadataFactory` to ensure expected defaults and URL overrides. - Introduced `ObserverSurfaceSecrets` and `WebhookSurfaceSecrets` for managing secrets. - Developed `RuntimeSurfaceFsClient` and `WebhookSurfaceFsClient` for manifest retrieval. - Added dependency injection tests for `SurfaceEnvironmentRegistration` in both Observer and Webhook contexts. - Implemented tests for secret resolution in `ObserverSurfaceSecretsTests` and `WebhookSurfaceSecretsTests`. - Created `EnsureLinkNotMergeCollectionsMigrationTests` to validate MongoDB migration logic. - Added project files for MongoDB tests and NuGet package mirroring.
2025-11-17 21:21:56 +02:00
parent d3128aec24
commit 9075bad2d9
146 changed files with 152183 additions and 82 deletions
--- a/src/Zastava/StellaOps.Zastava.Webhook/Secrets/WebhookSurfaceSecrets.cs
+++ b/src/Zastava/StellaOps.Zastava.Webhook/Secrets/WebhookSurfaceSecrets.cs
@@ -0,0 +1,43 @@
+using Microsoft.Extensions.Options;
+using StellaOps.Scanner.Surface.Secrets;
+using StellaOps.Zastava.Core.Configuration;
+using StellaOps.Zastava.Webhook.Configuration;
+
+namespace StellaOps.Zastava.Webhook.Secrets;
+
+internal interface IWebhookSurfaceSecrets
+{
+    ValueTask<AttestationSecret> GetAttestationAsync(string? name, CancellationToken cancellationToken = default);
+}
+
+internal sealed class WebhookSurfaceSecrets : IWebhookSurfaceSecrets
+{
+    private const string Component = "Zastava.Webhook";
+
+    private readonly ISurfaceSecretProvider _provider;
+    private readonly IOptions<ZastavaRuntimeOptions> _runtime;
+    private readonly IOptions<ZastavaWebhookOptions> _webhook;
+
+    public WebhookSurfaceSecrets(
+        ISurfaceSecretProvider provider,
+        IOptions<ZastavaRuntimeOptions> runtime,
+        IOptions<ZastavaWebhookOptions> webhook)
+    {
+        _provider = provider ?? throw new ArgumentNullException(nameof(provider));
+        _runtime = runtime ?? throw new ArgumentNullException(nameof(runtime));
+        _webhook = webhook ?? throw new ArgumentNullException(nameof(webhook));
+    }
+
+    public async ValueTask<AttestationSecret> GetAttestationAsync(string? name, CancellationToken cancellationToken = default)
+    {
+        var options = _webhook.Value.Secrets;
+        var request = new SurfaceSecretRequest(
+            Tenant: _runtime.Value.Tenant,
+            Component: Component,
+            SecretType: "attestation",
+            Name: string.IsNullOrWhiteSpace(name) ? options.AttestationName : name);
+
+        var handle = await _provider.GetAsync(request, cancellationToken).ConfigureAwait(false);
+        return SurfaceSecretParser.ParseAttestationSecret(handle);
+    }
+}
--- a/src/Zastava/StellaOps.Zastava.Webhook/Surface/WebhookSurfaceFsClient.cs
+++ b/src/Zastava/StellaOps.Zastava.Webhook/Surface/WebhookSurfaceFsClient.cs
@@ -0,0 +1,65 @@
+using Microsoft.Extensions.Options;
+using StellaOps.Scanner.Surface.FS;
+using StellaOps.Zastava.Core.Configuration;
+
+namespace StellaOps.Zastava.Webhook.Surface;
+
+internal interface IWebhookSurfaceFsClient
+{
+    Task<(bool Found, string? ManifestUri)> TryGetManifestAsync(string manifestDigest, CancellationToken cancellationToken = default);
+}
+
+internal sealed class WebhookSurfaceFsClient : IWebhookSurfaceFsClient
+{
+    private readonly ISurfaceManifestReader _manifestReader;
+    private readonly SurfaceManifestPathBuilder _pathBuilder;
+    private readonly IOptions<ZastavaRuntimeOptions> _runtimeOptions;
+
+    public WebhookSurfaceFsClient(
+        ISurfaceManifestReader manifestReader,
+        IOptions<SurfaceCacheOptions> cacheOptions,
+        IOptions<SurfaceManifestStoreOptions> storeOptions,
+        IOptions<ZastavaRuntimeOptions> runtimeOptions)
+    {
+        _manifestReader = manifestReader ?? throw new ArgumentNullException(nameof(manifestReader));
+        _runtimeOptions = runtimeOptions ?? throw new ArgumentNullException(nameof(runtimeOptions));
+
+        if (cacheOptions is null)
+        {
+            throw new ArgumentNullException(nameof(cacheOptions));
+        }
+
+        if (storeOptions is null)
+        {
+            throw new ArgumentNullException(nameof(storeOptions));
+        }
+
+        _pathBuilder = new SurfaceManifestPathBuilder(cacheOptions.Value, storeOptions.Value);
+    }
+
+    public async Task<(bool Found, string? ManifestUri)> TryGetManifestAsync(string manifestDigest, CancellationToken cancellationToken = default)
+    {
+        if (string.IsNullOrWhiteSpace(manifestDigest))
+        {
+            return (false, null);
+        }
+
+        cancellationToken.ThrowIfCancellationRequested();
+
+        // First check whether the manifest exists in the local surface store.
+        var manifest = await _manifestReader.TryGetByDigestAsync(manifestDigest.Trim(), cancellationToken).ConfigureAwait(false);
+        if (manifest is null)
+        {
+            return (false, null);
+        }
+
+        var tenant = !string.IsNullOrWhiteSpace(manifest.Tenant)
+            ? manifest.Tenant
+            : _runtimeOptions.Value.Tenant;
+
+        var digestHex = SurfaceManifestPathBuilder.EnsureSha256Digest(manifestDigest); // strips sha256:
+        var uri = _pathBuilder.BuildManifestUri(tenant, digestHex);
+
+        return (true, uri);
+    }
+}