fix(automation): domain-separate backup fingerprints
This commit is contained in:
@@ -147,35 +147,57 @@ async def test_backfill_run_inserts_satisfy_no_default_cost_column() -> None:
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_long_occurrence_fingerprint_fits_real_pg_varchar() -> None:
|
||||
async def test_domain_separated_fingerprints_avoid_cross_domain_pg_collision() -> None:
|
||||
engine = create_async_engine(_explicit_local_test_database_url(), echo=False)
|
||||
source_fingerprint = "legacy-backup-occurrence:" + ("a" * 64)
|
||||
stored_fingerprint = (
|
||||
deliberate_raw_fingerprint = backfill._sha256(source_fingerprint)
|
||||
stored_long_fingerprint = (
|
||||
backup_restore_alertmanager_ingress._approval_storage_fingerprint(
|
||||
source_fingerprint
|
||||
)
|
||||
)
|
||||
stored_raw_fingerprint = (
|
||||
backup_restore_alertmanager_ingress._approval_storage_fingerprint(
|
||||
deliberate_raw_fingerprint
|
||||
)
|
||||
)
|
||||
assert stored_long_fingerprint != stored_raw_fingerprint
|
||||
try:
|
||||
async with engine.connect() as connection:
|
||||
transaction = await connection.begin()
|
||||
try:
|
||||
await connection.execute(text("""
|
||||
CREATE TEMP TABLE approval_records (
|
||||
fingerprint VARCHAR(64) NOT NULL
|
||||
source_identity TEXT NOT NULL,
|
||||
fingerprint VARCHAR(64) NOT NULL UNIQUE
|
||||
) ON COMMIT DROP
|
||||
"""))
|
||||
await connection.execute(
|
||||
text("""
|
||||
INSERT INTO approval_records (fingerprint)
|
||||
VALUES (:fingerprint)
|
||||
INSERT INTO approval_records (
|
||||
source_identity, fingerprint
|
||||
) VALUES
|
||||
('long', :stored_long_fingerprint),
|
||||
('deliberate_raw', :stored_raw_fingerprint)
|
||||
"""),
|
||||
{"fingerprint": stored_fingerprint},
|
||||
{
|
||||
"stored_long_fingerprint": stored_long_fingerprint,
|
||||
"stored_raw_fingerprint": stored_raw_fingerprint,
|
||||
},
|
||||
)
|
||||
persisted = await connection.scalar(
|
||||
text("SELECT fingerprint FROM approval_records")
|
||||
)
|
||||
assert persisted == stored_fingerprint
|
||||
assert len(persisted) == 64
|
||||
persisted = (
|
||||
await connection.execute(text("""
|
||||
SELECT source_identity, fingerprint
|
||||
FROM approval_records
|
||||
ORDER BY source_identity
|
||||
"""))
|
||||
).mappings().all()
|
||||
assert len(persisted) == 2
|
||||
assert {row["fingerprint"] for row in persisted} == {
|
||||
stored_long_fingerprint,
|
||||
stored_raw_fingerprint,
|
||||
}
|
||||
assert all(len(row["fingerprint"]) == 64 for row in persisted)
|
||||
finally:
|
||||
await transaction.rollback()
|
||||
finally:
|
||||
|
||||
Reference in New Issue
Block a user