fix(iwooos): count alertmanager receipts in security readback
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 1s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 1m28s
CD Pipeline / build-and-deploy (push) Successful in 5m25s
CD Pipeline / post-deploy-checks (push) Has been cancelled
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 1s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 1m28s
CD Pipeline / build-and-deploy (push) Successful in 5m25s
CD Pipeline / post-deploy-checks (push) Has been cancelled
This commit is contained in:
@@ -71,6 +71,9 @@ def test_iwooos_security_operating_system_readback_exposes_api_validator() -> No
|
||||
assert payload["summary"]["operation_packet_validator_available_count"] == 1
|
||||
assert payload["summary"]["operation_packet_required_field_count"] == 24
|
||||
assert payload["summary"]["wazuh_registry_accepted_count"] == 6
|
||||
assert payload["summary"]["alert_receipt_accepted_count"] == 0
|
||||
assert payload["summary"]["alert_receipt_observed_count"] == 0
|
||||
assert payload["summary"]["alert_receipt_source_status"] == "not_connected"
|
||||
assert payload["summary"]["runtime_gate_count"] == 0
|
||||
assert payload["operation_packet_validation_endpoint"] == (
|
||||
"/api/v1/iwooos/security-operating-system/validate-operation-packet"
|
||||
@@ -87,6 +90,26 @@ def test_iwooos_security_operating_system_readback_exposes_api_validator() -> No
|
||||
)
|
||||
|
||||
|
||||
def test_iwooos_security_operating_system_accepts_alert_receipt_readback() -> None:
|
||||
payload = load_latest_iwooos_security_operating_system(
|
||||
alert_receipt_readback={
|
||||
"events": [{"provider_event_id": "alertmanager:received:alert-a"}],
|
||||
"total": 1,
|
||||
"limit": 20,
|
||||
"source_status": "ready",
|
||||
}
|
||||
)
|
||||
|
||||
assert payload["summary"]["alert_receipt_accepted_count"] == 1
|
||||
assert payload["summary"]["alert_receipt_observed_count"] == 1
|
||||
assert payload["summary"]["alert_receipt_source_status"] == "ready"
|
||||
assert payload["summary"]["runtime_gate_count"] == 0
|
||||
assert any(
|
||||
marker == "iwooos_security_operating_system_alert_receipt_accepted_count=1"
|
||||
for marker in payload["boundary_markers"]
|
||||
)
|
||||
|
||||
|
||||
def test_iwooos_security_operating_system_api_is_public_safe() -> None:
|
||||
response = _client().get("/api/v1/iwooos/security-operating-system")
|
||||
|
||||
@@ -103,6 +126,31 @@ def test_iwooos_security_operating_system_api_is_public_safe() -> None:
|
||||
assert "WAZUH_API_PASSWORD" not in response.text
|
||||
|
||||
|
||||
def test_iwooos_security_operating_system_api_counts_alertmanager_receipts(
|
||||
monkeypatch,
|
||||
) -> None:
|
||||
async def fake_recent_events(**_: object) -> dict[str, object]:
|
||||
return {
|
||||
"events": [{"provider_event_id": "alertmanager:received:alert-a"}],
|
||||
"total": 1,
|
||||
"limit": 20,
|
||||
}
|
||||
|
||||
monkeypatch.setattr(
|
||||
"src.api.v1.iwooos.list_recent_channel_events",
|
||||
fake_recent_events,
|
||||
)
|
||||
|
||||
response = _client().get("/api/v1/iwooos/security-operating-system")
|
||||
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
assert data["summary"]["alert_receipt_accepted_count"] == 1
|
||||
assert data["summary"]["alert_receipt_observed_count"] == 1
|
||||
assert data["summary"]["alert_receipt_source_status"] == "ready"
|
||||
assert data["summary"]["runtime_gate_count"] == 0
|
||||
|
||||
|
||||
def test_iwooos_security_operation_packet_validator_accepts_redacted_loop() -> None:
|
||||
payload = validate_iwooos_security_operation_packet(_valid_operation_packet())
|
||||
|
||||
|
||||
Reference in New Issue
Block a user