openclaw/reporting-governance-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: tighten decision record storage contract

Browse Source
This commit is contained in:
Eve
2026-05-08 13:30:17 +08:00
parent 30cb206438
commit a440187962
2 changed files with 216 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

156
plugins/reporting-governance/test/decision-store.test.mjs
View File

@@ -59,18 +59,22 @@ function createPlannedDecision() {
});
}
test('decision artifact validates minimal package-owned contract', () => {
function createArtifact(overrides = {}) {
const planned = createPlannedDecision();
const artifact = createDecisionRecordArtifact({
decision: planned.decision,
receipt: planned.receipt,
recordedAt: '2026-05-08T04:00:00.000Z',
source: {
return createDecisionRecordArtifact({
decision: overrides.decision ?? planned.decision,
receipt: overrides.receipt ?? planned.receipt,
recordedAt: overrides.recordedAt ?? '2026-05-08T04:00:00.000Z',
source: overrides.source ?? {
event_id: 'evt_watchdog_001',
task_id: 'task-reporting-governance',
correlation_id: 'corr-001',
},
});
}
test('decision artifact validates minimal package-owned contract', () => {
const artifact = createArtifact();
assert.equal(artifact.kind, 'DecisionRecordArtifact');
assert.equal(artifact.apiVersion, 'reporting-governance/v1alpha1');
@@ -82,12 +86,7 @@ test('decision artifact validates minimal package-owned contract', () => {
test('decision artifact validator rejects malformed top-level or nested fields', () => {
assert.throws(() => validateDecisionRecordArtifact(null), /decision record artifact must be an object/);
const planned = createPlannedDecision();
const artifact = createDecisionRecordArtifact({
decision: planned.decision,
receipt: planned.receipt,
recordedAt: '2026-05-08T04:00:00.000Z',
});
const artifact = createArtifact({ source: { task_id: 'task-reporting-governance' } });
const wrongKind = structuredClone(artifact);
wrongKind.kind = 'NotDecisionRecordArtifact';
@@ -103,12 +102,9 @@ test('decision artifact validator rejects malformed top-level or nested fields',
});
test('decision artifact validator enforces metadata and spec consistency', () => {
const planned = createPlannedDecision();
const artifact = createDecisionRecordArtifact({
decision: planned.decision,
receipt: planned.receipt,
recordedAt: '2026-05-08T04:00:00.000Z',
const artifact = createArtifact({
source: {
event_id: 'evt_watchdog_001',
task_id: 'task-reporting-governance',
correlation_id: 'corr-001',
},
@@ -131,25 +127,100 @@ test('decision artifact validator enforces metadata and spec consistency', () =>
assert.throws(() => validateDecisionRecordArtifact(mismatchedCorrelation), /correlation_id mismatch between metadata and spec\.source/);
});
test('decision artifact validator rejects malformed recorded_at timestamp', () => {
const planned = createPlannedDecision();
const artifact = createDecisionRecordArtifact({
decision: planned.decision,
receipt: planned.receipt,
recordedAt: '2026-05-08T04:00:00.000Z',
test('decision artifact validator rejects non-canonical recorded_at timestamp', () => {
const artifact = createArtifact({ source: { task_id: 'task-reporting-governance' } });
artifact.metadata.recorded_at = '2026-05-08T12:00:00+08:00';
assert.throws(() => validateDecisionRecordArtifact(artifact), /recorded_at must be a canonical ISO-8601 UTC timestamp with millisecond precision/);
});
test('decision artifact validator rejects invalid or mismatched event source linkage', () => {
const artifact = createArtifact();
const missingSourceEvent = structuredClone(artifact);
missingSourceEvent.spec.source.event_id = null;
assert.throws(() => validateDecisionRecordArtifact(missingSourceEvent), /event_id must be present in both metadata and spec\.source/);
const mismatchedSourceEvent = structuredClone(artifact);
mismatchedSourceEvent.spec.source.event_id = 'evt_watchdog_002';
assert.throws(() => validateDecisionRecordArtifact(mismatchedSourceEvent), /event_id mismatch between metadata and spec\.source/);
const malformedSourceEvent = structuredClone(artifact);
malformedSourceEvent.spec.source.event_id = ' ';
assert.throws(() => validateDecisionRecordArtifact(malformedSourceEvent), /spec\.source\.event_id must be a non-empty string/);
});
test('decision artifact validator accepts stable path-like event refs used by runtime artifacts', () => {
const artifact = createArtifact({
source: {
event_id: 'state/long-task-watchdog-events/2026-05-07T142633Z-reporting-governance-plugin-watchdog-watchdog-fired.json',
task_id: 'task-reporting-governance',
correlation_id: 'corr-001',
},
});
artifact.metadata.recorded_at = 'not-a-timestamp';
assert.throws(() => validateDecisionRecordArtifact(artifact), /recorded_at must be a valid ISO-8601 timestamp/);
assert.equal(validateDecisionRecordArtifact(artifact), artifact);
assert.equal(artifact.metadata.event_id, 'state/long-task-watchdog-events/2026-05-07T142633Z-reporting-governance-plugin-watchdog-watchdog-fired.json');
});
test('decision artifact validator enforces receipt status enum and required fields for pending failed and partial states', () => {
const pendingArtifact = createArtifact();
pendingArtifact.spec.receipt.status = 'planned';
pendingArtifact.spec.receipt.delivery_state = 'pending_external_send';
assert.equal(validateDecisionRecordArtifact(pendingArtifact), pendingArtifact);
const failedArtifact = createArtifact({
receipt: {
policy_id: 'no-silence.missed-checkpoint',
decision: 'force_checkpoint',
status: 'failed',
delivery_state: 'failed',
enforcement_intent: [],
blocked_actions: [],
operator_notice_required: true,
notes: ['sender failed'],
failure_reason: 'sender_exit_nonzero'
}
});
assert.equal(validateDecisionRecordArtifact(failedArtifact), failedArtifact);
const failedMissingReason = structuredClone(failedArtifact);
delete failedMissingReason.spec.receipt.failure_reason;
assert.throws(() => validateDecisionRecordArtifact(failedMissingReason), /failure_reason is required when status=failed/);
const partialArtifact = createArtifact({
receipt: {
policy_id: 'no-silence.missed-checkpoint',
decision: 'force_checkpoint',
status: 'degraded',
delivery_state: 'partial',
enforcement_intent: [{ action: 'emit_event', mandatory: true }],
blocked_actions: [{ action: 'notify_operator', mandatory: true, reason: 'binding unavailable' }],
operator_notice_required: true,
notes: ['event emitted but notice not sent']
}
});
assert.equal(validateDecisionRecordArtifact(partialArtifact), partialArtifact);
const partialMissingBlocked = structuredClone(partialArtifact);
partialMissingBlocked.spec.receipt.blocked_actions = [];
assert.throws(() => validateDecisionRecordArtifact(partialMissingBlocked), /blocked_actions must be non-empty when delivery_state=partial/);
});
test('decision artifact validator rejects unsupported receipt state combinations', () => {
const artifact = createArtifact();
artifact.spec.receipt.status = 'acked';
artifact.spec.receipt.delivery_state = 'pending_external_send';
assert.throws(() => validateDecisionRecordArtifact(artifact), /status=acked is incompatible with delivery_state=pending_external_send/);
const badStatus = createArtifact();
badStatus.spec.receipt.status = 'mystery';
assert.throws(() => validateDecisionRecordArtifact(badStatus), /spec\.receipt\.status must be one of/);
});
test('decision artifact filename is stable and readable', () => {
const planned = createPlannedDecision();
const artifact = createDecisionRecordArtifact({
decision: planned.decision,
receipt: planned.receipt,
recordedAt: '2026-05-08T04:00:00.000Z',
});
const artifact = createArtifact({ source: { task_id: 'task-reporting-governance' } });
const fileName = createDecisionRecordFileName(artifact);
assert.match(fileName, /^2026-05-08T04-00-00-000Z-no-silence\.missed-checkpoint-force_checkpoint-dec_[a-f0-9-]+\.json$/);
@@ -166,7 +237,7 @@ test('decision artifact filename sanitizes unsafe policy and decision segments',
decision: 'force checkpoint!',
correlation_id: null,
task_id: null,
event_id: null,
event_id: 'evt_1234',
},
spec: {
decision: {
@@ -174,10 +245,17 @@ test('decision artifact filename sanitizes unsafe policy and decision segments',
decision: 'force checkpoint!',
},
receipt: {
policy_id: '../policy with spaces?',
decision: 'force checkpoint!',
status: 'planned',
delivery_state: 'pending_external_send',
enforcement_intent: [],
blocked_actions: [],
operator_notice_required: false,
notes: [],
},
source: {
event_id: null,
event_id: 'evt_1234',
task_id: null,
correlation_id: null,
},
@@ -251,6 +329,7 @@ test('file decision store load rejects corrupted or malformed artifacts', async
recorded_at: '',
policy_id: 'no-silence.missed-checkpoint',
decision: 'force_checkpoint',
event_id: 'evt_watchdog_001',
},
spec: {
decision: {
@@ -258,10 +337,17 @@ test('file decision store load rejects corrupted or malformed artifacts', async
decision: 'force_checkpoint',
},
receipt: {
policy_id: 'no-silence.missed-checkpoint',
decision: 'force_checkpoint',
status: 'planned',
delivery_state: 'pending_external_send',
enforcement_intent: [],
blocked_actions: [],
operator_notice_required: false,
notes: [],
},
source: {
event_id: null,
event_id: 'evt_watchdog_001',
task_id: null,
correlation_id: null,
},
@@ -287,11 +373,13 @@ test('file decision store produces distinct filenames for same decision written
decision: planned.decision,
receipt: planned.receipt,
recordedAt: '2026-05-08T04:00:00.000Z',
source: { task_id: 'task-reporting-governance' }
});
const second = store.write({
decision: planned.decision,
receipt: planned.receipt,
recordedAt: '2026-05-08T04:00:00.000Z',
source: { task_id: 'task-reporting-governance' }
});
assert.notEqual(first.artifact.metadata.record_id, second.artifact.metadata.record_id);