kitos/Aegis
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(phase-34): resolve blocking tech debt — Redis, domain exceptions, indexes, CI
Some checks failed
Aegis CI / lint-and-test (push) Has been cancelled
Details

Browse Source 
Foundational changes required before any new feature work can begin.

- 0.1 Redis infrastructure: add redis:7-alpine to docker-compose dev and prod,
  REDIS_URL config, singleton client in app/infrastructure/redis_client.py
- 0.2 Token blacklist on Redis SEC-001: replace in-memory dict with Redis SETEX
  keyed by jti, auto-expiring TTL derived from token exp
- 0.3 Database indexes SR-006: Alembic migration b019 with 5 composite indexes
  for scoring, MTTD/MTTR, remediation, and notification queries
- 0.4 Domain exceptions TD-003: app/domain/exceptions.py with typed errors,
  error_handler middleware mapping them to HTTP, services decoupled from FastAPI
- 0.5 Fix silenced exceptions TD-007: replace 4 bare except-pass blocks in
  test_workflow_service with logger.warning with exc_info
- 0.6 CI pipeline TD-009: GitHub Actions workflow with Postgres and Redis
  service containers, ruff lint, pytest; ruff.toml for baseline config
This commit is contained in:
Kitos
2026-02-17 15:43:05 +01:00
parent 6a327f6b51
commit 6d18a5417d
21 changed files with 464 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/tests/test_campaigns_and_snapshots.py
View File

@@ -142,7 +142,7 @@ class TestCampaigns:
def test_circular_dependency_prevention(self, db, campaign_with_tests):
"""Intentar crear dependencia circular en campaign_tests falla."""
from fastapi import HTTPException
from app.domain.exceptions import InvalidOperationError
campaign = campaign_with_tests["campaign"]
cts = (
@@ -157,11 +157,11 @@ class TestCampaigns:
db.commit()
# Try to create B -> A (circular)
with pytest.raises(HTTPException) as exc_info:
with pytest.raises(InvalidOperationError) as exc_info:
validate_no_circular_dependency(
db, campaign.id, cts[0].id, cts[1].id
)
assert exc_info.value.status_code == 400
assert exc_info.value.code == "INVALID_OPERATION"
def test_campaign_scheduling_next_run(self):
"""next_run_at se calcula correctamente para weekly/monthly/quarterly."""

21
backend/tests/test_t106_workflow_service.py
View File

@@ -43,10 +43,19 @@ class _FakeSettings:
SECRET_KEY = "test"
ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 60
REDIS_URL = "redis://localhost:6379/0"
MINIO_ENDPOINT = "localhost:9000"
MINIO_ACCESS_KEY = "test"
MINIO_SECRET_KEY = "test"
MINIO_BUCKET = "test"
MINIO_SECURE = False
MAX_RETEST_COUNT = 3
CORS_ORIGINS = "http://localhost:3000"
SCORING_WEIGHT_TESTS = 40
SCORING_WEIGHT_DETECTION_RULES = 20
SCORING_WEIGHT_D3FEND = 15
SCORING_WEIGHT_FRESHNESS = 15
SCORING_WEIGHT_PLATFORM_DIVERSITY = 10
config_mod.settings = _FakeSettings()
@@ -105,8 +114,8 @@ from app.services.test_workflow_service import (
reopen_test,
)
# We also need HTTPException for assertions
from fastapi import HTTPException
# We need the domain exceptions for assertions
from app.domain.exceptions import InvalidTransitionError
# ---------------------------------------------------------------------------
# Helpers
@@ -175,9 +184,11 @@ def test_draft_to_validated_fails(mock_log):
try:
transition_state(db, test, TestState.validated, user)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
assert exc.current_state == "draft"
assert exc.target_state == "validated"
print(" [PASS] Transition draft -> validated correctly fails")

72
backend/tests/test_workflow.py
View File

@@ -37,10 +37,13 @@ if "app.config" not in sys.modules:
SECRET_KEY = "test"
ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 60
REDIS_URL = "redis://localhost:6379/0"
MINIO_ENDPOINT = "localhost:9000"
MINIO_ACCESS_KEY = "test"
MINIO_SECRET_KEY = "test"
MINIO_BUCKET = "test"
MINIO_SECURE = False
MAX_RETEST_COUNT = 3
_cfg.settings = _FakeSettings()
sys.modules["app.config"] = _cfg
@@ -72,6 +75,7 @@ for _mod in [
# ---------------------------------------------------------------------------
from fastapi import HTTPException
from app.domain.exceptions import InvalidOperationError, InvalidTransitionError
from app.models.enums import TestState, TestResult
from app.services.test_workflow_service import (
VALID_TRANSITIONS,
@@ -208,7 +212,7 @@ def test_rejection_and_reopen(mock_log):
@patch("app.services.test_workflow_service.log_action")
def test_invalid_transitions(mock_log):
"""Verify that invalid state transitions raise HTTPException."""
"""Verify that invalid state transitions raise InvalidTransitionError."""
db = _make_db()
user = _make_user("admin")
@@ -216,41 +220,41 @@ def test_invalid_transitions(mock_log):
test = _make_test(TestState.draft)
try:
transition_state(db, test, TestState.validated, user)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# draft -> blue_evaluating (should fail)
test = _make_test(TestState.draft)
try:
transition_state(db, test, TestState.blue_evaluating, user)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# red_executing -> in_review (should fail, must go through blue_evaluating)
test = _make_test(TestState.red_executing)
try:
transition_state(db, test, TestState.in_review, user)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# validated -> anything (terminal state)
test = _make_test(TestState.validated)
try:
transition_state(db, test, TestState.draft, user)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# rejected -> red_executing (must go through draft first)
test = _make_test(TestState.rejected)
try:
transition_state(db, test, TestState.red_executing, user)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# ===========================================================================
@@ -268,17 +272,17 @@ def test_red_tech_cannot_access_blue_phase(mock_log):
test = _make_test(TestState.red_executing)
try:
submit_blue_evidence(db, test, red_tech)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# Red tech cannot validate (test must be in blue_evaluating for submit_blue)
test2 = _make_test(TestState.draft)
try:
submit_blue_evidence(db, test2, red_tech)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# ===========================================================================
@@ -298,17 +302,17 @@ def test_blue_tech_cannot_access_red_phase(mock_log):
test = _make_test(TestState.blue_evaluating)
try:
start_execution(db, test, blue_tech)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# Blue tech cannot submit red evidence on a draft test
test2 = _make_test(TestState.draft)
try:
submit_red_evidence(db, test2, blue_tech)
assert False, "Should have raised HTTPException"
except HTTPException as exc:
assert exc.status_code == 400
assert False, "Should have raised InvalidTransitionError"
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# ===========================================================================
@@ -509,15 +513,15 @@ def test_cannot_validate_outside_in_review(mock_log):
try:
validate_as_red_lead(db, test, red_lead, "approved", "OK")
assert False, f"Red Lead should not validate in {state.value}"
except HTTPException as exc:
assert exc.status_code == 400
except InvalidOperationError as exc:
assert exc.code == "INVALID_OPERATION"
test2 = _make_test(state)
try:
validate_as_blue_lead(db, test2, blue_lead, "approved", "OK")
assert False, f"Blue Lead should not validate in {state.value}"
except HTTPException as exc:
assert exc.status_code == 400
except InvalidOperationError as exc:
assert exc.code == "INVALID_OPERATION"
# ===========================================================================
@@ -536,8 +540,8 @@ def test_cannot_reopen_non_rejected_test(mock_log):
try:
reopen_test(db, test, user)
assert False, f"Should not reopen from {state.value}"
except HTTPException as exc:
assert exc.status_code == 400
except InvalidTransitionError as exc:
assert exc.code == "INVALID_TRANSITION"
# ---------------------------------------------------------------------------