ahmido
29ad8852ca
Some checks failed
Main Confidence / confidence (push) Failing after 1m1s
## Summary - integrate the current `platform-dev` branch into `dev` - bring the latest platform work from the integration branch into the main development branch - include the recent findings lifecycle backfill removal slice together with the already accumulated `platform-dev` changes ## Scope - source branch: `platform-dev` - target branch: `dev` - branch role: integration PR, not a single-feature PR ## Validation - branch state reviewed before PR creation - `platform-dev` is ahead of `dev` with the expected integration history - this PR intentionally carries the accumulated `platform-dev` commits into `dev` ## Notes - this is the correct merge direction for the current workflow, where feature branches land in `platform-dev` first and `platform-dev` is then merged into `dev` - after merging, `platform-dev` can be recreated fresh from `dev` as usual Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #295
82 lines
3.0 KiB
PHP
82 lines
3.0 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use Tests\Support\OpsUx\SourceFileScanner;
|
|
|
|
it('keeps the in-scope operational controls on the shared service and evaluator paths', function (): void {
|
|
$root = SourceFileScanner::projectRoot();
|
|
|
|
$checks = [
|
|
[
|
|
'file' => $root.'/app/Filament/Resources/FindingResource/Pages/ListFindings.php',
|
|
'required' => [],
|
|
'forbidden' => [
|
|
'FindingsLifecycleBackfillRunbookService',
|
|
'FindingsLifecycleBackfillScope',
|
|
'Backfill findings lifecycle',
|
|
'backfill_lifecycle',
|
|
"config('tenantpilot.allow_admin_maintenance_actions'",
|
|
'allow_admin_maintenance_actions',
|
|
'OperationalControlActivation::',
|
|
],
|
|
],
|
|
[
|
|
'file' => $root.'/app/Filament/System/Pages/Ops/Runbooks.php',
|
|
'required' => [],
|
|
'forbidden' => [
|
|
'FindingsLifecycleBackfillRunbookService',
|
|
'FindingsLifecycleBackfillScope',
|
|
'findings.lifecycle.backfill',
|
|
'Rebuild Findings Lifecycle',
|
|
'OperationalControlActivation::',
|
|
"config('tenantpilot.allow_admin_maintenance_actions'",
|
|
],
|
|
],
|
|
[
|
|
'file' => $root.'/app/Filament/Resources/RestoreRunResource.php',
|
|
'required' => [
|
|
'guardRestoreExecutionOperationalControl(',
|
|
'OperationalControlEvaluator::class',
|
|
'OperationalControlBlockedException',
|
|
],
|
|
'forbidden' => [
|
|
'OperationalControlActivation::',
|
|
"config('tenantpilot.allow_admin_maintenance_actions'",
|
|
],
|
|
],
|
|
[
|
|
'file' => $root.'/config/tenantpilot.php',
|
|
'required' => [],
|
|
'forbidden' => [
|
|
'allow_admin_maintenance_actions',
|
|
'ALLOW_ADMIN_MAINTENANCE_ACTIONS',
|
|
],
|
|
],
|
|
];
|
|
|
|
foreach ($checks as $check) {
|
|
$source = SourceFileScanner::read($check['file']);
|
|
|
|
foreach ($check['required'] as $needle) {
|
|
expect($source)->toContain($needle);
|
|
}
|
|
|
|
foreach ($check['forbidden'] as $needle) {
|
|
expect($source)->not->toContain($needle);
|
|
}
|
|
}
|
|
|
|
foreach ([
|
|
$root.'/app/Console/Commands/TenantpilotBackfillFindingLifecycle.php',
|
|
$root.'/app/Console/Commands/TenantpilotRunDeployRunbooks.php',
|
|
$root.'/app/Services/Runbooks/FindingsLifecycleBackfillRunbookService.php',
|
|
$root.'/app/Services/Runbooks/FindingsLifecycleBackfillScope.php',
|
|
$root.'/app/Jobs/BackfillFindingLifecycleJob.php',
|
|
$root.'/app/Jobs/BackfillFindingLifecycleWorkspaceJob.php',
|
|
$root.'/app/Jobs/BackfillFindingLifecycleTenantIntoWorkspaceRunJob.php',
|
|
] as $removedPath) {
|
|
expect(file_exists($removedPath))->toBeFalse("Removed findings lifecycle backfill artifact still exists: {$removedPath}");
|
|
}
|
|
})->group('surface-guard');
|