215 lines
7.4 KiB
TypeScript
215 lines
7.4 KiB
TypeScript
import { expect, test, type Page, type Route } from '@playwright/test';
|
|
|
|
import type { StubAuthSession } from '../../src/app/testing/auth-fixtures';
|
|
|
|
const adminSession: StubAuthSession = {
|
|
subjectId: 'ops-cutover-user',
|
|
tenant: 'tenant-default',
|
|
scopes: [
|
|
'admin',
|
|
'ui.read',
|
|
'ui.admin',
|
|
'orch:read',
|
|
'orch:operate',
|
|
'health:read',
|
|
'policy:read',
|
|
],
|
|
};
|
|
|
|
const mockConfig = {
|
|
authority: {
|
|
issuer: '/authority',
|
|
clientId: 'stella-ops-ui',
|
|
authorizeEndpoint: '/authority/connect/authorize',
|
|
tokenEndpoint: '/authority/connect/token',
|
|
logoutEndpoint: '/authority/connect/logout',
|
|
redirectUri: 'https://127.0.0.1:4400/auth/callback',
|
|
postLogoutRedirectUri: 'https://127.0.0.1:4400/',
|
|
scope: 'openid profile email ui.read',
|
|
audience: '/gateway',
|
|
dpopAlgorithms: ['ES256'],
|
|
refreshLeewaySeconds: 60,
|
|
},
|
|
apiBaseUrls: {
|
|
authority: '/authority',
|
|
scanner: '/scanner',
|
|
policy: '/policy',
|
|
concelier: '/concelier',
|
|
attestor: '/attestor',
|
|
gateway: '/gateway',
|
|
},
|
|
quickstartMode: true,
|
|
setup: 'complete',
|
|
};
|
|
|
|
async function fulfillJson(route: Route, body: unknown): Promise<void> {
|
|
await route.fulfill({
|
|
status: 200,
|
|
contentType: 'application/json',
|
|
body: JSON.stringify(body),
|
|
});
|
|
}
|
|
|
|
async function navigateClientSide(page: Page, target: string): Promise<void> {
|
|
await page.evaluate((url) => {
|
|
window.history.pushState({}, '', url);
|
|
window.dispatchEvent(new PopStateEvent('popstate', { state: window.history.state }));
|
|
}, target);
|
|
}
|
|
|
|
test.beforeEach(async ({ page }) => {
|
|
await page.addInitScript((session) => {
|
|
(window as { __stellaopsTestSession?: unknown }).__stellaopsTestSession = session;
|
|
}, adminSession);
|
|
|
|
await page.route('**/platform/envsettings.json', (route) => fulfillJson(route, mockConfig));
|
|
await page.route('**/config.json', (route) => fulfillJson(route, mockConfig));
|
|
await page.route('**/.well-known/openid-configuration', (route) =>
|
|
fulfillJson(route, {
|
|
issuer: 'https://127.0.0.1:4400/authority',
|
|
authorization_endpoint: 'https://127.0.0.1:4400/authority/connect/authorize',
|
|
token_endpoint: 'https://127.0.0.1:4400/authority/connect/token',
|
|
jwks_uri: 'https://127.0.0.1:4400/authority/.well-known/jwks.json',
|
|
response_types_supported: ['code'],
|
|
subject_types_supported: ['public'],
|
|
id_token_signing_alg_values_supported: ['RS256'],
|
|
}),
|
|
);
|
|
await page.route('**/authority/.well-known/jwks.json', (route) => fulfillJson(route, { keys: [] }));
|
|
await page.route('**/console/profile**', (route) =>
|
|
fulfillJson(route, {
|
|
subjectId: adminSession.subjectId,
|
|
username: 'ops-cutover',
|
|
displayName: 'Ops Cutover',
|
|
tenant: adminSession.tenant,
|
|
roles: ['admin'],
|
|
scopes: adminSession.scopes,
|
|
}),
|
|
);
|
|
await page.route('**/console/token/introspect**', (route) =>
|
|
fulfillJson(route, {
|
|
active: true,
|
|
tenant: adminSession.tenant,
|
|
subject: adminSession.subjectId,
|
|
scopes: adminSession.scopes,
|
|
}),
|
|
);
|
|
await page.route('**/api/v2/context/regions', (route) =>
|
|
fulfillJson(route, [{ regionId: 'eu-west', displayName: 'EU West', sortOrder: 1, enabled: true }]),
|
|
);
|
|
await page.route('**/api/v2/context/environments**', (route) =>
|
|
fulfillJson(route, [
|
|
{
|
|
environmentId: 'prod',
|
|
regionId: 'eu-west',
|
|
environmentType: 'prod',
|
|
displayName: 'Prod',
|
|
sortOrder: 1,
|
|
enabled: true,
|
|
},
|
|
]),
|
|
);
|
|
await page.route('**/api/v2/context/preferences', (route) =>
|
|
fulfillJson(route, {
|
|
tenantId: adminSession.tenant,
|
|
actorId: adminSession.subjectId,
|
|
regions: ['eu-west'],
|
|
environments: ['prod'],
|
|
timeWindow: '24h',
|
|
stage: 'all',
|
|
updatedAt: '2026-03-08T10:00:00Z',
|
|
updatedBy: adminSession.subjectId,
|
|
}),
|
|
);
|
|
|
|
await page.route('**/api/v1/authority/quotas/alerts', (route) =>
|
|
fulfillJson(route, {
|
|
thresholds: [
|
|
{ category: 'license', enabled: true, warningThreshold: 80, criticalThreshold: 95 },
|
|
{ category: 'jobs', enabled: true, warningThreshold: 70, criticalThreshold: 90 },
|
|
{ category: 'api', enabled: true, warningThreshold: 85, criticalThreshold: 95 },
|
|
],
|
|
channels: [{ type: 'email', enabled: true, target: 'ops@example.com', events: ['warning', 'critical'] }],
|
|
escalationMinutes: 30,
|
|
}),
|
|
);
|
|
|
|
await page.route('**/api/v1/platform/health/services/scanner', (route) =>
|
|
fulfillJson(route, {
|
|
service: {
|
|
name: 'scanner',
|
|
displayName: 'Scanner',
|
|
state: 'healthy',
|
|
uptime: 99.98,
|
|
latencyP50Ms: 12,
|
|
latencyP95Ms: 45,
|
|
latencyP99Ms: 91,
|
|
errorRate: 0.12,
|
|
checks: [{ name: 'db', status: 'pass', lastChecked: '2026-03-08T10:00:00Z' }],
|
|
lastUpdated: '2026-03-08T10:00:00Z',
|
|
version: '1.4.2',
|
|
dependencies: ['authority'],
|
|
},
|
|
dependencyStatus: [],
|
|
metricHistory: [],
|
|
recentErrors: [],
|
|
}),
|
|
);
|
|
await page.route('**/api/v1/platform/health/services/scanner/alerts/config', (route) =>
|
|
fulfillJson(route, {
|
|
degradedThreshold: { errorRatePercent: 1, latencyP95Ms: 200 },
|
|
unhealthyThreshold: { errorRatePercent: 5, latencyP95Ms: 500 },
|
|
notificationChannels: ['email'],
|
|
enabled: true,
|
|
}),
|
|
);
|
|
|
|
await page.route('**/gateway/api/v1/aoc/provenance/validate', async (route) => {
|
|
const request = route.request();
|
|
const body = request.postDataJSON() as { inputType: string; inputValue: string };
|
|
await fulfillJson(route, {
|
|
inputValue: body.inputValue,
|
|
inputType: body.inputType,
|
|
isComplete: true,
|
|
validatedAt: '2026-03-08T10:05:00Z',
|
|
validationErrors: [],
|
|
steps: [
|
|
{
|
|
stepType: 'ingestion',
|
|
status: 'valid',
|
|
timestamp: '2026-03-08T10:00:00Z',
|
|
label: `Validated ${body.inputValue}`,
|
|
hash: 'sha256:1234567890abcdef',
|
|
},
|
|
],
|
|
});
|
|
});
|
|
});
|
|
|
|
test('old quota alert deep links land on canonical operations route', async ({ page }) => {
|
|
await page.goto('/ops/operations', { waitUntil: 'networkidle' });
|
|
await navigateClientSide(page, '/ops/quotas/alerts?category=api');
|
|
|
|
await expect(page).toHaveURL(/\/ops\/operations\/quotas\/alerts\?category=api(?:&.*)?$/);
|
|
await expect(page.getByRole('heading', { name: 'Quota Alert Configuration' })).toBeVisible();
|
|
await expect(page.getByText('API Rate Limit')).toBeVisible();
|
|
});
|
|
|
|
test('legacy platform health detail bookmarks land on canonical health route', async ({ page }) => {
|
|
await page.goto('/ops/operations', { waitUntil: 'networkidle' });
|
|
await navigateClientSide(page, '/platform/ops/health-slo/services/scanner');
|
|
|
|
await expect(page).toHaveURL(/\/ops\/operations\/health-slo\/services\/scanner(?:\?.*)?$/);
|
|
await expect(page.getByRole('heading', { name: 'Scanner' })).toBeVisible();
|
|
});
|
|
|
|
test('legacy AOC provenance links land on canonical route and keep validation input', async ({ page }) => {
|
|
await page.goto('/ops/operations', { waitUntil: 'networkidle' });
|
|
await navigateClientSide(page, '/ops/aoc/provenance?type=cve_id&value=CVE-2026-0001');
|
|
|
|
await expect(page).toHaveURL(/\/ops\/operations\/aoc\/provenance\?type=cve_id&value=CVE-2026-0001(?:&.*)?$/);
|
|
await expect(page.getByRole('heading', { name: 'Provenance Chain Validator' })).toBeVisible();
|
|
await expect(page.getByText('Complete Chain')).toBeVisible();
|
|
await expect(page.getByText('Validated CVE-2026-0001')).toBeVisible();
|
|
});
|