fix(registry): seed valid ampel complypack content in mock registry#554
Open
hbraswelrh wants to merge 1 commit into
Open
fix(registry): seed valid ampel complypack content in mock registry#554hbraswelrh wants to merge 1 commit into
hbraswelrh wants to merge 1 commit into
Conversation
hbraswelrh
force-pushed
the
opsx/ampel-complypack-content
branch
from
65d37ef to
dc3dab5
Compare
hbraswelrh
force-pushed
the
opsx/ampel-complypack-content
branch
from
dc3dab5 to
5423ed7
Compare
Replace the dummy ampel complypack payload in the mock OCI registry with valid granular policy JSON that the ampel provider's LoadGranularPolicies() accepts. The dummy content lacked the required 'id' field, causing cross-repo integration test failures when the ampel provider consumes ComplypackContentPath (complytime-providers PR complytime#52). Changes: - Add testdata/ampel-complypack/block-force-push.json with valid AmpelPolicy content (copied from cross-repo test fixture) - Add //go:embed directive for ampel complypack testdata - Update seedDefaults() to use buildTarGzFromFS instead of buildDummyTarGz for the complypacks/ampel-bp artifact - Add TestBuildTarGzFromFS_AmpelFS verifying archive structure and JSON content validity - Extend TestSeedDefaults_AllReposSeeded with ampel complypack content blob verification (manifest -> layer -> gzip -> tar -> JSON -> id field) Follows the OPA complypack pattern established in commit 74fbae8. Ref: complytime/complytime-providers#52
hbraswelrh
force-pushed
the
opsx/ampel-complypack-content
branch
from
5423ed7 to
de55823
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replace the dummy ampel complypack payload in the mock OCI registry with valid granular policy JSON that the ampel provider's
LoadGranularPolicies()accepts. The dummy content ({"name":"...","version":"..."}) lacked the requiredidfield, causing cross-repo integration test failures when the ampel provider consumesComplypackContentPath(complytime/complytime-providers#52).Changes
Code
cmd/mock-oci-registry/main.go: Added//go:embed testdata/ampel-complypack/*directive and updatedseedDefaults()to usebuildTarGzFromFS(ampelComplypackData, ...)instead ofbuildDummyTarGz("policy.json", ...)for thecomplypacks/ampel-bpartifact.cmd/mock-oci-registry/testdata/ampel-complypack/block-force-push.json(new): ValidAmpelPolicyfixture withid,meta.controls, andtenetsfields, copied from the existing cross-repo test fixture.Tests
cmd/mock-oci-registry/main_test.go: AddedTestBuildTarGzFromFS_AmpelFS(archive structure + JSONidfield validation) and extendedTestSeedDefaults_AllReposSeededwith ampel complypack content blob verification (manifest → layer → gzip → tar → JSON →idfield).Spec Artifacts
openspec/changes/ampel-complypack-content/: Proposal, design (3 decisions), spec (4 requirements, 6 scenarios), and tasks.Pattern
Follows the OPA complypack pattern established in commit
74fbae8:testdata/ampel-complypack/via//go:embedbuildTarGzFromFS()to package them as a tar.gz payloadaddComplypackArtifact()inseedDefaults()Merge Ordering
This PR is backward-compatible and safe to merge before
complytime-providersPR #52:ComplypackContentPathand falls back to the pre-staged granular policies directory (still present incross_repo_integration_test.sh)complytime-providersmain, a follow-up will remove the pre-staged content (tasks 3.1, 3.2 in the spec)Review Council
Passed 9-agent review council (1 iteration): all 9 APPROVE, 0 REQUEST CHANGES.
Verification
make build— passesmake test-unit— all tests pass (including newTestBuildTarGzFromFS_AmpelFS)make lint— 0 issuesSupplemental to complytime/complytime-providers#52.