fix(awooop): 移除 tenants public api 內部控制鍵
All checks were successful
Code Review / ai-code-review (push) Successful in 15s
CD Pipeline / tests (push) Successful in 1m31s
CD Pipeline / build-and-deploy (push) Successful in 4m40s
CD Pipeline / post-deploy-checks (push) Successful in 1m39s

This commit is contained in:
Your Name
2026-06-15 04:42:27 +08:00
parent 179606580f
commit 93fd0f9a71
3 changed files with 24 additions and 17 deletions

View File

@@ -14,6 +14,12 @@ FORBIDDEN_PUBLIC_MARKERS = [
"AWOOOI / " + "AwoooP / " + "IwoooS",
"Tsen" + "Yang Website",
"Bitan " + "Pharmacy",
"repo_owner_namespace_redacted=true",
"raw_repository_namespace_visible=false",
"public_api_raw_repo_namespace_allowed=false",
"read_only_inventory_only=true",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]
@@ -93,6 +99,8 @@ def test_tenant_asset_inventory_merges_products_routes_and_repos() -> None:
assert "blocked_waiting_" not in inventory_payload
assert "observe_scope_review" not in inventory_payload
assert all(marker not in inventory_payload for marker in FORBIDDEN_PUBLIC_MARKERS)
assert "只讀資產台帳" in " ".join(inventory["boundaries"])
assert all("=" not in boundary for boundary in inventory["boundaries"])
assert {item["risk"] for item in inventory["source_repos"]}.issubset(
{"high", "medium", "low", "unknown"}
)
@@ -135,5 +143,5 @@ def test_tenant_response_model_keeps_asset_inventory_contract() -> None:
response_payload = response.model_dump_json()
assert "owenhytsai" not in response_payload
assert "nexu-io" not in response_payload
assert all(marker not in response_payload for marker in FORBIDDEN_PUBLIC_MARKERS[:3])
assert all(marker not in response_payload for marker in FORBIDDEN_PUBLIC_MARKERS)
assert response.asset_inventory.source_repos[0].source_namespace_redacted is True