fix(reboot): expose windows99 verify collection packet
All checks were successful
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 59s
CD Pipeline / build-and-deploy (push) Successful in 4m50s
CD Pipeline / post-deploy-checks (push) Successful in 1m49s
All checks were successful
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 59s
CD Pipeline / build-and-deploy (push) Successful in 4m50s
CD Pipeline / post-deploy-checks (push) Successful in 1m49s
This commit is contained in:
@@ -703,6 +703,96 @@ def build_host_pressure_readback(payload: dict[str, Any]) -> dict[str, Any]:
|
||||
}
|
||||
|
||||
|
||||
def host_row_by_alias(host_boot_detection: dict[str, Any], alias: str) -> dict[str, Any]:
|
||||
rows = host_boot_detection.get("host_rows")
|
||||
if not isinstance(rows, list):
|
||||
return {}
|
||||
for item in rows:
|
||||
if isinstance(item, dict) and str(item.get("alias") or "") == alias:
|
||||
return item
|
||||
return {}
|
||||
|
||||
|
||||
def build_windows99_verify_collection_packet(
|
||||
*,
|
||||
windows99: dict[str, Any],
|
||||
host_boot_detection: dict[str, Any],
|
||||
) -> dict[str, Any]:
|
||||
"""Describe the next no-secret Windows 99 verifier collection step."""
|
||||
host99 = host_row_by_alias(host_boot_detection, "99")
|
||||
host99_reachable = host99.get("reachable") is True
|
||||
host99_uptime_known = int_value(host99.get("uptime_seconds"), -1) >= 0
|
||||
readback_present = windows99.get("readback_present") is True
|
||||
verify_ready = windows99.get("verify_ready") is True
|
||||
blockers = strings(windows99.get("blockers"))
|
||||
collection_blockers: list[str] = []
|
||||
if not host99_reachable:
|
||||
collection_blockers.append("windows99_host_not_reachable_for_verify_collection")
|
||||
if not readback_present:
|
||||
collection_blockers.append("windows99_vmware_autostart_readback_missing")
|
||||
collection_blockers.extend(
|
||||
blocker for blocker in blockers if blocker not in collection_blockers
|
||||
)
|
||||
if not host99_uptime_known:
|
||||
collection_blockers.append("windows99_uptime_unknown")
|
||||
|
||||
status = "ready_windows99_vmware_verify_readback_green"
|
||||
if not verify_ready:
|
||||
status = (
|
||||
"blocked_windows99_verify_output_missing_host_reachable"
|
||||
if host99_reachable and not readback_present
|
||||
else "blocked_windows99_verify_collection_not_ready"
|
||||
)
|
||||
return {
|
||||
"schema_version": "windows99_vmware_verify_collection_packet_v1",
|
||||
"status": status,
|
||||
"target_host_alias": "99",
|
||||
"target_host": "192.168.0.99",
|
||||
"host99_reachable": host99_reachable,
|
||||
"host99_uptime_known": host99_uptime_known,
|
||||
"readback_present": readback_present,
|
||||
"verify_ready": verify_ready,
|
||||
"can_collect_no_secret_verify": host99_reachable and not verify_ready,
|
||||
"required_vm_aliases": strings(windows99.get("required_vm_aliases"))
|
||||
or sorted(WINDOWS99_REQUIRED_VM_ALIASES),
|
||||
"expected_no_secret_output_fields": [
|
||||
"VMRUN_PRESENT",
|
||||
"VMX alias=<alias> present=<0|1>",
|
||||
"VMWARE_SERVICE name=<name> ok=<0|1>",
|
||||
"VMWARE_AUTOSTART_TASK name=AWOOOI-Start-VMware-VMs ok=<0|1>",
|
||||
"WINDOWS_UPDATE_POLICY name=<name> ok=<0|1>",
|
||||
"VM_POWER alias=<alias> running=<0|1>",
|
||||
"VMWARE_AUTOSTART_CONFIG_READY",
|
||||
"VMWARE_AUTOSTART_POWER_READY",
|
||||
"WINDOWS_UPDATE_NO_AUTO_REBOOT_READY",
|
||||
"VMWARE_AUTOSTART_VERIFY_READY",
|
||||
],
|
||||
"no_secret_verify_command": (
|
||||
"powershell -ExecutionPolicy Bypass -File "
|
||||
".\\windows99-vmware-autostart.ps1 -Mode Verify"
|
||||
),
|
||||
"post_verifier": (
|
||||
"rerun_reboot_auto_recovery_slo_scorecard_with_"
|
||||
"windows99_vmware_file_no_secret_no_reboot"
|
||||
),
|
||||
"collection_blockers": collection_blockers,
|
||||
"safe_collection_channels": [
|
||||
"authorized_windows99_console_verify_stdout_only",
|
||||
"existing_management_channel_verify_mode_only",
|
||||
"committed_no_secret_artifact_file_then_scorecard_rerun",
|
||||
],
|
||||
"forbidden_actions": [
|
||||
"windows_password_or_secret_collection",
|
||||
"host_reboot",
|
||||
"vm_power_change",
|
||||
"windows_update_policy_apply",
|
||||
"manual_registry_edit",
|
||||
"service_restart",
|
||||
"github_api",
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
def choose_safe_next_step(
|
||||
*,
|
||||
blockers: list[str],
|
||||
@@ -998,6 +1088,10 @@ def enrich_machine_readback(payload: dict[str, Any]) -> dict[str, Any]:
|
||||
source_controls_present = (
|
||||
bool(controls) and source_control_ready_count == len(controls)
|
||||
)
|
||||
windows99_verify_collection = build_windows99_verify_collection_packet(
|
||||
windows99=windows99,
|
||||
host_boot_detection=host_boot_detection,
|
||||
)
|
||||
|
||||
rollups = {
|
||||
"active_blocker_count": len(active_blockers),
|
||||
@@ -1064,6 +1158,19 @@ def enrich_machine_readback(payload: dict[str, Any]) -> dict[str, Any]:
|
||||
"windows99_vmware_powered_off_count": len(
|
||||
strings(windows99.get("powered_off_aliases"))
|
||||
),
|
||||
"windows99_verify_collection_status": windows99_verify_collection["status"],
|
||||
"windows99_verify_collection_can_collect_no_secret": (
|
||||
windows99_verify_collection["can_collect_no_secret_verify"] is True
|
||||
),
|
||||
"windows99_verify_collection_blocker_count": len(
|
||||
strings(windows99_verify_collection.get("collection_blockers"))
|
||||
),
|
||||
"windows99_host99_reachable": (
|
||||
windows99_verify_collection["host99_reachable"] is True
|
||||
),
|
||||
"windows99_host99_uptime_known": (
|
||||
windows99_verify_collection["host99_uptime_known"] is True
|
||||
),
|
||||
"capacity_checked": capacity.get("checked") is True,
|
||||
"capacity_free_gib": capacity.get("free_gib"),
|
||||
"capacity_min_free_gib": capacity.get("min_free_gib"),
|
||||
@@ -1091,6 +1198,12 @@ def enrich_machine_readback(payload: dict[str, Any]) -> dict[str, Any]:
|
||||
"windows99_update_no_auto_reboot_ready": rollups[
|
||||
"windows99_update_no_auto_reboot_ready"
|
||||
],
|
||||
"windows99_verify_collection_status": rollups[
|
||||
"windows99_verify_collection_status"
|
||||
],
|
||||
"windows99_verify_collection_can_collect_no_secret": rollups[
|
||||
"windows99_verify_collection_can_collect_no_secret"
|
||||
],
|
||||
"runtime_write_authorized_by_this_scorecard": False,
|
||||
"host_reboot_authorized_by_this_scorecard": False,
|
||||
"workflow_trigger_authorized_by_this_scorecard": False,
|
||||
@@ -1133,6 +1246,12 @@ def enrich_machine_readback(payload: dict[str, Any]) -> dict[str, Any]:
|
||||
"reboot_auto_recovery_windows99_update_no_auto_reboot_ready": rollups[
|
||||
"windows99_update_no_auto_reboot_ready"
|
||||
],
|
||||
"reboot_auto_recovery_windows99_verify_collection_status": rollups[
|
||||
"windows99_verify_collection_status"
|
||||
],
|
||||
"reboot_auto_recovery_windows99_verify_collection_can_collect_no_secret": (
|
||||
rollups["windows99_verify_collection_can_collect_no_secret"]
|
||||
),
|
||||
"secret_values_collected": False,
|
||||
"github_api_used": False,
|
||||
"workflow_trigger_performed": False,
|
||||
@@ -1148,6 +1267,7 @@ def enrich_machine_readback(payload: dict[str, Any]) -> dict[str, Any]:
|
||||
payload["readback"] = readback
|
||||
payload["rollups"] = rollups
|
||||
payload["summary"] = summary
|
||||
payload["windows99_verify_collection"] = windows99_verify_collection
|
||||
return payload
|
||||
|
||||
|
||||
|
||||
@@ -232,9 +232,26 @@ def test_green_summary_and_recent_all_host_probe_can_claim_slo(tmp_path: Path) -
|
||||
assert payload["readback"]["runtime_write_authorized_by_this_scorecard"] is False
|
||||
assert payload["readback"]["windows99_vmware_verify_ready"] is True
|
||||
assert payload["readback"]["windows99_update_no_auto_reboot_ready"] is True
|
||||
assert payload["readback"]["windows99_verify_collection_status"] == (
|
||||
"ready_windows99_vmware_verify_readback_green"
|
||||
)
|
||||
assert (
|
||||
payload["readback"]["windows99_verify_collection_can_collect_no_secret"]
|
||||
is False
|
||||
)
|
||||
assert payload["rollups"]["source_controls_present"] is True
|
||||
assert payload["rollups"]["windows99_vmware_verify_ready"] is True
|
||||
assert payload["rollups"]["windows99_update_no_auto_reboot_ready"] is True
|
||||
assert payload["rollups"]["windows99_verify_collection_status"] == (
|
||||
"ready_windows99_vmware_verify_readback_green"
|
||||
)
|
||||
assert (
|
||||
payload["rollups"]["windows99_verify_collection_can_collect_no_secret"]
|
||||
is False
|
||||
)
|
||||
assert payload["rollups"]["windows99_verify_collection_blocker_count"] == 0
|
||||
assert payload["rollups"]["windows99_host99_reachable"] is True
|
||||
assert payload["rollups"]["windows99_host99_uptime_known"] is True
|
||||
assert payload["rollups"]["readiness_percent"] == 100
|
||||
assert payload["summary"]["reboot_auto_recovery_workplan_id"] == "P0-006"
|
||||
assert payload["summary"]["reboot_auto_recovery_current_phase"] == "slo_ready"
|
||||
@@ -256,6 +273,11 @@ def test_green_summary_and_recent_all_host_probe_can_claim_slo(tmp_path: Path) -
|
||||
"188",
|
||||
]
|
||||
assert payload["windows99_vmware_autostart"]["verify_ready"] is True
|
||||
assert payload["windows99_verify_collection"]["collection_blockers"] == []
|
||||
assert (
|
||||
payload["windows99_verify_collection"]["post_verifier"]
|
||||
== "rerun_reboot_auto_recovery_slo_scorecard_with_windows99_vmware_file_no_secret_no_reboot"
|
||||
)
|
||||
assert payload["active_blockers"] == []
|
||||
assert payload["source_controls"][
|
||||
"conversation_event_hot_path_index_migration_source_present"
|
||||
@@ -285,6 +307,25 @@ def test_missing_windows99_vmware_readback_fails_closed(tmp_path: Path) -> None:
|
||||
assert payload["windows99_vmware_autostart"]["readback_present"] is False
|
||||
assert payload["readback"]["windows99_vmware_verify_ready"] is False
|
||||
assert payload["readback"]["windows99_update_no_auto_reboot_ready"] is False
|
||||
assert payload["readback"]["windows99_verify_collection_status"] == (
|
||||
"blocked_windows99_verify_output_missing_host_reachable"
|
||||
)
|
||||
assert (
|
||||
payload["readback"]["windows99_verify_collection_can_collect_no_secret"]
|
||||
is True
|
||||
)
|
||||
assert payload["windows99_verify_collection"]["collection_blockers"] == [
|
||||
"windows99_vmware_autostart_readback_missing"
|
||||
]
|
||||
assert "VMRUN_PRESENT" in payload["windows99_verify_collection"][
|
||||
"expected_no_secret_output_fields"
|
||||
]
|
||||
assert "-Mode Verify" in payload["windows99_verify_collection"][
|
||||
"no_secret_verify_command"
|
||||
]
|
||||
assert "windows_password_or_secret_collection" in payload[
|
||||
"windows99_verify_collection"
|
||||
]["forbidden_actions"]
|
||||
assert payload["safe_next_step"] == (
|
||||
"collect_windows99_vmware_autostart_verify_readback_then_rerun_all_host_"
|
||||
"reboot_scorecard_no_secret_no_reboot"
|
||||
|
||||
Reference in New Issue
Block a user