diff --git a/plugins/reporting-governance/test/profile-generator.test.mjs b/plugins/reporting-governance/test/profile-generator.test.mjs index 01287a2..7943511 100644 --- a/plugins/reporting-governance/test/profile-generator.test.mjs +++ b/plugins/reporting-governance/test/profile-generator.test.mjs @@ -69,8 +69,10 @@ spec: audit: portableArtifactsRequired: true requiredArtifacts: + - canonical_events - queue_items - bridge_receipts + - profile_snapshot capability_expectations: required: - create_queue_items @@ -113,7 +115,7 @@ test('deployment profile schema validator rejects malformed profile', () => { operatorVisibleRecoveryRequired: true, allowedTerminalStates: ['acked'], }, - audit: { portableArtifactsRequired: true, requiredArtifacts: ['queue_items'] }, + audit: { portableArtifactsRequired: true, requiredArtifacts: ['canonical_events', 'queue_items', 'bridge_receipts'] }, capability_expectations: { required: [] }, }, }), @@ -143,7 +145,7 @@ test('deployment profile schema validator rejects tightened semantic violations' }, audit: { portableArtifactsRequired: true, - requiredArtifacts: ['queue_items'], + requiredArtifacts: ['canonical_events', 'queue_items', 'bridge_receipts'], }, capability_expectations: { required: [] }, }, @@ -198,13 +200,83 @@ test('deployment profile schema validator rejects tightened semantic violations' ...validBase.spec, audit: { portableArtifactsRequired: 'true', - requiredArtifacts: ['queue_items'], + requiredArtifacts: ['canonical_events', 'queue_items', 'bridge_receipts'], }, }, }), /deployment profile schema validation failed: .*\/spec\/audit\/portableArtifactsRequired must be boolean/ ); + assert.throws( + () => validateDeploymentProfileSchema({ + ...validBase, + spec: { + ...validBase.spec, + notifications: { + operatorVisibleRecoveryRequired: true, + allowedTerminalStates: [], + }, + }, + }), + /deployment profile schema validation failed: .*\/spec\/notifications\/allowedTerminalStates must NOT have fewer than 1 items/ + ); + + assert.throws( + () => validateDeploymentProfileSchema({ + ...validBase, + spec: { + ...validBase.spec, + notifications: { + operatorVisibleRecoveryRequired: true, + allowedTerminalStates: ['acked', 'acked'], + }, + }, + }), + /deployment profile schema validation failed: .*\/spec\/notifications\/allowedTerminalStates must NOT have duplicate items/ + ); + + assert.throws( + () => validateDeploymentProfileSchema({ + ...validBase, + spec: { + ...validBase.spec, + audit: { + portableArtifactsRequired: true, + requiredArtifacts: ['canonical_events', 'queue_items', 'queue_items', 'bridge_receipts'], + }, + }, + }), + /deployment profile schema validation failed: .*\/spec\/audit\/requiredArtifacts must NOT have duplicate items/ + ); + + assert.throws( + () => validateDeploymentProfileSchema({ + ...validBase, + spec: { + ...validBase.spec, + audit: { + portableArtifactsRequired: true, + requiredArtifacts: ['queue_items', 'bridge_receipts'], + }, + }, + }), + /deployment profile schema validation failed: .*\/spec\/audit\/requiredArtifacts must contain at least 1 valid item\(s\)/ + ); + + assert.throws( + () => validateDeploymentProfileSchema({ + ...validBase, + spec: { + ...validBase.spec, + audit: { + portableArtifactsRequired: true, + requiredArtifacts: ['canonical_events', 'queue_items', 'bridge_receipts', 'made_up_artifact'], + }, + }, + }), + /deployment profile schema validation failed: .*\/spec\/audit\/requiredArtifacts\/3 must be equal to one of the allowed values/ + ); + assert.throws( () => validateDeploymentProfileSchema({ ...validBase, @@ -322,7 +394,9 @@ spec: audit: portableArtifactsRequired: true requiredArtifacts: + - canonical_events - queue_items + - bridge_receipts capability_expectations: required: [] `, 'utf8'); diff --git a/schemas/reporting-governance/deployment-profile.schema.json b/schemas/reporting-governance/deployment-profile.schema.json index e7597e2..1eed3b9 100644 --- a/schemas/reporting-governance/deployment-profile.schema.json +++ b/schemas/reporting-governance/deployment-profile.schema.json @@ -114,6 +114,8 @@ "operatorVisibleRecoveryRequired": { "type": "boolean" }, "allowedTerminalStates": { "type": "array", + "minItems": 1, + "uniqueItems": true, "items": { "type": "string", "enum": ["acked", "blocked", "pending_external_send"] @@ -130,9 +132,49 @@ "requiredArtifacts": { "type": "array", "minItems": 1, - "items": { "type": "string", "minLength": 1 } + "uniqueItems": true, + "items": { + "type": "string", + "enum": [ + "canonical_events", + "evidence_records", + "decision_records", + "queue_items", + "spool_artifacts", + "bridge_receipts", + "capability_descriptor", + "profile_snapshot" + ] + } } - } + }, + "allOf": [ + { + "if": { + "properties": { + "portableArtifactsRequired": { "const": true } + }, + "required": ["portableArtifactsRequired"] + }, + "then": { + "properties": { + "requiredArtifacts": { + "allOf": [ + { + "contains": { "const": "canonical_events" } + }, + { + "contains": { "const": "queue_items" } + }, + { + "contains": { "const": "bridge_receipts" } + } + ] + } + } + } + } + ] }, "capability_expectations": { "type": "object",