openclaw/reporting-governance-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tighten deployment profile artifact vocabulary

Browse Source
This commit is contained in:
Eve
2026-05-08 12:44:27 +08:00
parent c19fd21aab
commit cfdb49d5a2
2 changed files with 121 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
plugins/reporting-governance/test/profile-generator.test.mjs
View File

@@ -69,8 +69,10 @@ spec:
audit: audit:
portableArtifactsRequired: true portableArtifactsRequired: true
requiredArtifacts: requiredArtifacts:
- canonical_events
- queue_items - queue_items
- bridge_receipts - bridge_receipts
- profile_snapshot
capability_expectations: capability_expectations:
required: required:
- create_queue_items - create_queue_items
@@ -113,7 +115,7 @@ test('deployment profile schema validator rejects malformed profile', () => {
operatorVisibleRecoveryRequired: true, operatorVisibleRecoveryRequired: true,
allowedTerminalStates: ['acked'], allowedTerminalStates: ['acked'],
}, },
audit: { portableArtifactsRequired: true, requiredArtifacts: ['queue_items'] }, audit: { portableArtifactsRequired: true, requiredArtifacts: ['canonical_events', 'queue_items', 'bridge_receipts'] },
capability_expectations: { required: [] }, capability_expectations: { required: [] },
}, },
}), }),
@@ -143,7 +145,7 @@ test('deployment profile schema validator rejects tightened semantic violations'
}, },
audit: { audit: {
portableArtifactsRequired: true, portableArtifactsRequired: true,
requiredArtifacts: ['queue_items'], requiredArtifacts: ['canonical_events', 'queue_items', 'bridge_receipts'],
}, },
capability_expectations: { required: [] }, capability_expectations: { required: [] },
}, },
@@ -198,13 +200,83 @@ test('deployment profile schema validator rejects tightened semantic violations'
...validBase.spec, ...validBase.spec,
audit: { audit: {
portableArtifactsRequired: 'true', portableArtifactsRequired: 'true',
requiredArtifacts: ['queue_items'], requiredArtifacts: ['canonical_events', 'queue_items', 'bridge_receipts'],
}, },
}, },
}), }),
/deployment profile schema validation failed: .*\/spec\/audit\/portableArtifactsRequired must be boolean/ /deployment profile schema validation failed: .*\/spec\/audit\/portableArtifactsRequired must be boolean/
); );
assert.throws(
() => validateDeploymentProfileSchema({
...validBase,
spec: {
...validBase.spec,
notifications: {
operatorVisibleRecoveryRequired: true,
allowedTerminalStates: [],
},
},
}),
/deployment profile schema validation failed: .*\/spec\/notifications\/allowedTerminalStates must NOT have fewer than 1 items/
);
assert.throws(
() => validateDeploymentProfileSchema({
...validBase,
spec: {
...validBase.spec,
notifications: {
operatorVisibleRecoveryRequired: true,
allowedTerminalStates: ['acked', 'acked'],
},
},
}),
/deployment profile schema validation failed: .*\/spec\/notifications\/allowedTerminalStates must NOT have duplicate items/
);
assert.throws(
() => validateDeploymentProfileSchema({
...validBase,
spec: {
...validBase.spec,
audit: {
portableArtifactsRequired: true,
requiredArtifacts: ['canonical_events', 'queue_items', 'queue_items', 'bridge_receipts'],
},
},
}),
/deployment profile schema validation failed: .*\/spec\/audit\/requiredArtifacts must NOT have duplicate items/
);
assert.throws(
() => validateDeploymentProfileSchema({
...validBase,
spec: {
...validBase.spec,
audit: {
portableArtifactsRequired: true,
requiredArtifacts: ['queue_items', 'bridge_receipts'],
},
},
}),
/deployment profile schema validation failed: .*\/spec\/audit\/requiredArtifacts must contain at least 1 valid item\(s\)/
);
assert.throws(
() => validateDeploymentProfileSchema({
...validBase,
spec: {
...validBase.spec,
audit: {
portableArtifactsRequired: true,
requiredArtifacts: ['canonical_events', 'queue_items', 'bridge_receipts', 'made_up_artifact'],
},
},
}),
/deployment profile schema validation failed: .*\/spec\/audit\/requiredArtifacts\/3 must be equal to one of the allowed values/
);
assert.throws( assert.throws(
() => validateDeploymentProfileSchema({ () => validateDeploymentProfileSchema({
...validBase, ...validBase,
@@ -322,7 +394,9 @@ spec:
audit: audit:
portableArtifactsRequired: true portableArtifactsRequired: true
requiredArtifacts: requiredArtifacts:
- canonical_events
- queue_items - queue_items
- bridge_receipts
capability_expectations: capability_expectations:
required: [] required: []
`, 'utf8'); `, 'utf8');

44
schemas/reporting-governance/deployment-profile.schema.json
View File

@@ -114,6 +114,8 @@
"operatorVisibleRecoveryRequired": { "type": "boolean" }, "operatorVisibleRecoveryRequired": { "type": "boolean" },
"allowedTerminalStates": { "allowedTerminalStates": {
"type": "array", "type": "array",
"minItems": 1,
"uniqueItems": true,
"items": { "items": {
"type": "string", "type": "string",
"enum": ["acked", "blocked", "pending_external_send"] "enum": ["acked", "blocked", "pending_external_send"]
@@ -130,10 +132,50 @@
"requiredArtifacts": { "requiredArtifacts": {
"type": "array", "type": "array",
"minItems": 1, "minItems": 1,
"items": { "type": "string", "minLength": 1 } "uniqueItems": true,
"items": {
"type": "string",
"enum": [
"canonical_events",
"evidence_records",
"decision_records",
"queue_items",
"spool_artifacts",
"bridge_receipts",
"capability_descriptor",
"profile_snapshot"
]
} }
} }
}, },
"allOf": [
{
"if": {
"properties": {
"portableArtifactsRequired": { "const": true }
},
"required": ["portableArtifactsRequired"]
},
"then": {
"properties": {
"requiredArtifacts": {
"allOf": [
{
"contains": { "const": "canonical_events" }
},
{
"contains": { "const": "queue_items" }
},
{
"contains": { "const": "bridge_receipts" }
}
]
}
}
}
}
]
},
"capability_expectations": { "capability_expectations": {
"type": "object", "type": "object",
"additionalProperties": true, "additionalProperties": true,