fix(iwooos): count alertmanager receipts in security readback
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 1s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 1m28s
CD Pipeline / build-and-deploy (push) Successful in 5m25s
CD Pipeline / post-deploy-checks (push) Has been cancelled

This commit is contained in:
ogt
2026-07-09 22:36:09 +08:00
parent dced1be755
commit 13faee8fd4
3 changed files with 115 additions and 4 deletions

View File

@@ -71,6 +71,9 @@ def test_iwooos_security_operating_system_readback_exposes_api_validator() -> No
assert payload["summary"]["operation_packet_validator_available_count"] == 1
assert payload["summary"]["operation_packet_required_field_count"] == 24
assert payload["summary"]["wazuh_registry_accepted_count"] == 6
assert payload["summary"]["alert_receipt_accepted_count"] == 0
assert payload["summary"]["alert_receipt_observed_count"] == 0
assert payload["summary"]["alert_receipt_source_status"] == "not_connected"
assert payload["summary"]["runtime_gate_count"] == 0
assert payload["operation_packet_validation_endpoint"] == (
"/api/v1/iwooos/security-operating-system/validate-operation-packet"
@@ -87,6 +90,26 @@ def test_iwooos_security_operating_system_readback_exposes_api_validator() -> No
)
def test_iwooos_security_operating_system_accepts_alert_receipt_readback() -> None:
payload = load_latest_iwooos_security_operating_system(
alert_receipt_readback={
"events": [{"provider_event_id": "alertmanager:received:alert-a"}],
"total": 1,
"limit": 20,
"source_status": "ready",
}
)
assert payload["summary"]["alert_receipt_accepted_count"] == 1
assert payload["summary"]["alert_receipt_observed_count"] == 1
assert payload["summary"]["alert_receipt_source_status"] == "ready"
assert payload["summary"]["runtime_gate_count"] == 0
assert any(
marker == "iwooos_security_operating_system_alert_receipt_accepted_count=1"
for marker in payload["boundary_markers"]
)
def test_iwooos_security_operating_system_api_is_public_safe() -> None:
response = _client().get("/api/v1/iwooos/security-operating-system")
@@ -103,6 +126,31 @@ def test_iwooos_security_operating_system_api_is_public_safe() -> None:
assert "WAZUH_API_PASSWORD" not in response.text
def test_iwooos_security_operating_system_api_counts_alertmanager_receipts(
monkeypatch,
) -> None:
async def fake_recent_events(**_: object) -> dict[str, object]:
return {
"events": [{"provider_event_id": "alertmanager:received:alert-a"}],
"total": 1,
"limit": 20,
}
monkeypatch.setattr(
"src.api.v1.iwooos.list_recent_channel_events",
fake_recent_events,
)
response = _client().get("/api/v1/iwooos/security-operating-system")
assert response.status_code == 200
data = response.json()
assert data["summary"]["alert_receipt_accepted_count"] == 1
assert data["summary"]["alert_receipt_observed_count"] == 1
assert data["summary"]["alert_receipt_source_status"] == "ready"
assert data["summary"]["runtime_gate_count"] == 0
def test_iwooos_security_operation_packet_validator_accepts_redacted_loop() -> None:
payload = validate_iwooos_security_operation_packet(_valid_operation_packet())