435 lines
18 KiB
Python
435 lines
18 KiB
Python
import json
|
|
import os
|
|
import subprocess
|
|
from pathlib import Path
|
|
|
|
import yaml
|
|
|
|
REPO_ROOT = Path(__file__).resolve().parents[1]
|
|
PLAN = REPO_ROOT / "ops" / "plan_gcp_iap_operator_access.py"
|
|
WORKFLOW = REPO_ROOT / ".github" / "workflows" / "gcp-iap-operator.yml"
|
|
OPERATOR = REPO_ROOT / "scripts" / "gcp_iap_operator.sh"
|
|
|
|
|
|
def run_plan(*args: str) -> str:
|
|
return subprocess.check_output(["python3", str(PLAN), *args], cwd=REPO_ROOT, text=True)
|
|
|
|
|
|
def test_plan_is_emit_only_and_pins_exact_github_identity() -> None:
|
|
plan = json.loads(run_plan())
|
|
|
|
assert plan["mode"] == "dry_run_emit_only"
|
|
assert plan["executes_commands"] is False
|
|
condition = plan["wif"]["provider_condition"]
|
|
assert "assertion.repository == 'living-ip/teleo-infrastructure'" in condition
|
|
assert "assertion.ref == 'refs/heads/main'" in condition
|
|
assert (
|
|
"assertion.workflow_ref == "
|
|
"'living-ip/teleo-infrastructure/.github/workflows/gcp-iap-operator.yml@refs/heads/main'"
|
|
) in condition
|
|
assert "assertion.event_name == 'workflow_dispatch'" in condition
|
|
assert plan["wif"]["long_lived_google_credentials"] is False
|
|
|
|
|
|
def test_plan_uses_exact_iap_firewall_and_least_privilege_split() -> None:
|
|
plan = json.loads(run_plan())
|
|
commands = "\n".join(plan["bootstrap_commands"])
|
|
|
|
assert plan["target"]["internal_ip"] == "10.60.0.3"
|
|
assert plan["iap"]["condition"] == 'destination.ip == "10.60.0.3" && destination.port == 22'
|
|
assert plan["iap"]["firewall"] == {
|
|
"protocol_ports": "tcp:22",
|
|
"rule": "teleo-prod-allow-ssh-iap",
|
|
"source_range": "35.235.240.0/20",
|
|
"target_tag": "teleo-prod-ssh",
|
|
}
|
|
assert plan["gcloud_ssh_custom_role"]["permissions"] == [
|
|
"compute.instances.get",
|
|
"compute.instances.list",
|
|
"compute.projects.get",
|
|
]
|
|
assert plan["identities"]["status"]["os_login_role"] == "roles/compute.osLogin"
|
|
assert plan["identities"]["status"]["sudo"] is False
|
|
assert plan["identities"]["clone_operator"]["os_login_role"] == "roles/compute.osAdminLogin"
|
|
assert plan["identities"]["clone_operator"]["operations"] == [
|
|
"direct-claim-replay",
|
|
"cleanup-clone",
|
|
]
|
|
assert "roles/iam.serviceAccountUser" in commands
|
|
assert "--ssh-key-expire-after=5m" in commands
|
|
assert "--ssh-key-expiration" not in commands
|
|
assert "sha256sum -c dispatcher.sha256" in commands
|
|
assert "teleo-gcp-iap-operator-v1" in commands
|
|
for role in plan["explicitly_absent"]["roles"]:
|
|
assert f"--role {role}" not in commands
|
|
assert "compute.instances.setMetadata" not in plan["gcloud_ssh_custom_role"]["permissions"]
|
|
|
|
|
|
def test_public_rule_is_disabled_only_after_workflow_status_verification() -> None:
|
|
plan = json.loads(run_plan())
|
|
verification = plan["post_bootstrap_verification"]
|
|
joined = "\n".join(verification)
|
|
|
|
dispatch_index = next(i for i, command in enumerate(verification) if "gh workflow run" in command)
|
|
disable_index = next(
|
|
i
|
|
for i, command in enumerate(verification)
|
|
if "teleo-prod-allow-ssh-current-ip" in command and "--disabled" in command
|
|
)
|
|
assert dispatch_index < disable_index
|
|
assert "operation=status" in joined
|
|
assert "target_db=teleo_clone_status" in joined
|
|
assert "dispatcher_sha256" in joined
|
|
assert 'Path("scripts/gcp_iap_operator.sh")' in joined
|
|
assert plan["public_ingress_cutover"]["automatic_fallback_to_public_ssh"] is False
|
|
assert "DATA_READ for iap.googleapis.com" in plan["audit_logging"]["guidance"]
|
|
assert plan["revocation_commands"]
|
|
|
|
|
|
def test_shell_plan_is_clearly_dry_run() -> None:
|
|
shell = run_plan("--format", "shell")
|
|
|
|
assert shell.startswith("# DRY RUN:")
|
|
assert "# bootstrap_commands" in shell
|
|
assert "# post_bootstrap_verification" in shell
|
|
assert "# revocation_commands" in shell
|
|
assert "subprocess" not in PLAN.read_text(encoding="utf-8")
|
|
|
|
|
|
def load_workflow() -> dict[str, object]:
|
|
return yaml.load(WORKFLOW.read_text(encoding="utf-8"), Loader=yaml.BaseLoader)
|
|
|
|
|
|
def test_workflow_accepts_only_fixed_operation_and_bounded_ids() -> None:
|
|
workflow = load_workflow()
|
|
inputs = workflow["on"]["workflow_dispatch"]["inputs"]
|
|
|
|
assert set(inputs) == {"operation", "request_id", "target_db"}
|
|
assert inputs["operation"]["options"] == ["status", "direct-claim-replay", "cleanup-clone"]
|
|
assert inputs["target_db"]["default"] == "teleo_clone_status"
|
|
source = WORKFLOW.read_text(encoding="utf-8")
|
|
assert '[[ "${GITHUB_REF}" == "refs/heads/main" ]]' in source
|
|
assert '[[ "${GITHUB_WORKFLOW_REF}" == "${EXPECTED_WORKFLOW_REF}" ]]' in source
|
|
assert "request_id_re='^iap-[a-z0-9]{12,32}$'" in source
|
|
assert "target_db_re='^teleo_clone_[a-z0-9][a-z0-9_]{0,50}$'" in source
|
|
for forbidden_input in ("command:", "path:", "host:", "project:", "zone:", "ip:", "ref:", "service_account:"):
|
|
assert forbidden_input not in inputs
|
|
|
|
|
|
def test_workflow_uses_wif_official_actions_and_sanitized_short_retention() -> None:
|
|
workflow = load_workflow()
|
|
assert workflow["permissions"] == {"contents": "read", "id-token": "write"}
|
|
steps = workflow["jobs"]["operate"]["steps"]
|
|
actions = [step["uses"] for step in steps if "uses" in step]
|
|
|
|
assert actions == [
|
|
"actions/checkout@v4",
|
|
"google-github-actions/auth@v3",
|
|
"google-github-actions/setup-gcloud@v3",
|
|
"actions/upload-artifact@v4",
|
|
]
|
|
auth = next(step for step in steps if step.get("uses") == "google-github-actions/auth@v3")
|
|
assert auth["with"]["create_credentials_file"] == "true"
|
|
assert auth["with"]["cleanup_credentials"] == "true"
|
|
upload = next(step for step in steps if step.get("uses") == "actions/upload-artifact@v4")
|
|
assert upload["with"]["path"] == "${{ env.RESULT_DIR }}/result.json"
|
|
assert upload["with"]["retention-days"] == "7"
|
|
validate_index = next(i for i, step in enumerate(steps) if step.get("id") == "validate")
|
|
auth_index = next(i for i, step in enumerate(steps) if step.get("uses") == "google-github-actions/auth@v3")
|
|
assert validate_index < auth_index
|
|
|
|
|
|
def test_workflow_initializes_runner_paths_at_step_runtime() -> None:
|
|
workflow = load_workflow()
|
|
assert "BUNDLE_DIR" not in workflow["env"]
|
|
assert "RESULT_DIR" not in workflow["env"]
|
|
steps = workflow["jobs"]["operate"]["steps"]
|
|
paths_index = next(i for i, step in enumerate(steps) if step.get("id") == "paths")
|
|
validate_index = next(i for i, step in enumerate(steps) if step.get("id") == "validate")
|
|
paths_source = steps[paths_index]["run"]
|
|
assert paths_index < validate_index
|
|
assert '"${RUNNER_TEMP}/gcp-iap-operator-bundle" >> "${GITHUB_ENV}"' in paths_source
|
|
assert '"${RUNNER_TEMP}/gcp-iap-operator-result" >> "${GITHUB_ENV}"' in paths_source
|
|
assert "runner.temp" not in WORKFLOW.read_text(encoding="utf-8")
|
|
|
|
|
|
def test_workflow_retains_sanitized_failure_receipt_before_upload() -> None:
|
|
workflow = load_workflow()
|
|
steps = workflow["jobs"]["operate"]["steps"]
|
|
receipt_index = next(i for i, step in enumerate(steps) if step.get("name") == "Ensure sanitized result receipt")
|
|
upload_index = next(i for i, step in enumerate(steps) if step.get("uses") == "actions/upload-artifact@v4")
|
|
receipt = steps[receipt_index]
|
|
source = receipt["run"]
|
|
assert receipt_index < upload_index
|
|
assert receipt["if"] == "always()"
|
|
assert receipt["env"]["AUTH_OUTCOME"] == "${{ steps.auth.outcome }}"
|
|
assert receipt["env"]["OPERATE_OUTCOME"] == "${{ steps.operate.outcome }}"
|
|
assert "workflow_stopped_before_valid_operator_result" in source
|
|
assert '"credential_values_logged": False' in source
|
|
assert '"raw_stdout_retained": False' in source
|
|
assert '"raw_stderr_retained": False' in source
|
|
|
|
|
|
def test_workflow_builds_exact_main_bundle_from_tracked_files_and_hashes() -> None:
|
|
source = WORKFLOW.read_text(encoding="utf-8")
|
|
|
|
expected_files = [
|
|
"scripts/gcp_iap_operator.sh",
|
|
"scripts/run_gcp_generated_db_direct_claim_suite.py",
|
|
"scripts/run_leo_clone_bound_handler_checkpoint.py",
|
|
"scripts/working_leo_open_ended_benchmark.py",
|
|
"hermes-agent/leoclean-bin/cloudsql_memory_tool.py",
|
|
"ops/postgres_parity_manifest.sql",
|
|
]
|
|
for relative in expected_files:
|
|
assert f'"{relative}"' in source
|
|
assert 'f"docs/reports/leo-working-state-20260709/{target_db}-canonical-parity-receipt.json"' in source
|
|
assert '["git", "ls-files", "--error-unmatch", "--", relative]' in source
|
|
assert 'if head != os.environ["GITHUB_SHA"]' in source
|
|
assert "hashlib.sha256(data).hexdigest()" in source
|
|
assert '"schema": "livingip.gcpIapOperatorBundle.v1"' in source
|
|
assert 'bundle_path = bundle_dir / f"{request_id}.tar.gz"' in source
|
|
|
|
|
|
def test_operator_allowlists_commands_and_has_no_live_mutation_surface() -> None:
|
|
source = OPERATOR.read_text(encoding="utf-8")
|
|
|
|
assert "status | direct-claim-replay | cleanup-clone" in source
|
|
assert "scripts/run_gcp_generated_db_direct_claim_suite.py" in source
|
|
assert "six_replies_returned" in source
|
|
assert "posted_to_telegram" in source
|
|
assert "live_service_unchanged" in source
|
|
assert "live_profile_unchanged" in source
|
|
assert "%s-canonical-parity-receipt.json" in source
|
|
assert "/opt/teleo-eval" not in source
|
|
assert "systemctl restart" not in source
|
|
assert "systemctl stop" not in source
|
|
assert "systemctl start" not in source
|
|
assert "curl " not in source
|
|
assert "--profile" not in source
|
|
assert "eval " not in source
|
|
|
|
|
|
def test_operator_cleanup_is_bound_to_marker_clone_prefix_and_exact_run_dir() -> None:
|
|
source = OPERATOR.read_text(encoding="utf-8")
|
|
|
|
assert "TARGET_DB_RE='^teleo_clone_" in source
|
|
assert 'expected="$REMOTE_RUN_ROOT/$request_id"' in source
|
|
assert '[[ "$resolved" == "$expected" ]]' in source
|
|
assert ".run-owner" in source
|
|
assert "run ownership marker does not match request_id and target_db" in source
|
|
assert 'drop database :"target_db";' in source
|
|
assert '[[ "$remaining" == "0" ]]' in source
|
|
assert 'rm -rf --one-file-system -- "$run_dir"' in source
|
|
|
|
|
|
def test_operator_uses_five_minute_key_private_modes_and_cleanup_trap() -> None:
|
|
source = OPERATOR.read_text(encoding="utf-8")
|
|
|
|
assert '--ssh-key-file="$ssh_key"' in source
|
|
assert "--ssh-key-expire-after=5m" in source
|
|
assert "--ssh-key-expiration" not in source
|
|
assert "chmod 0700" in source
|
|
assert "chmod 0600" in source
|
|
assert "trap cleanup_runner_temp EXIT" in source
|
|
assert "--tunnel-through-iap" in source
|
|
assert "gcloud compute scp" in source
|
|
assert "--verbosity=debug" not in source
|
|
|
|
|
|
def test_dispatcher_validates_exact_members_hashes_context_and_self_hash() -> None:
|
|
source = OPERATOR.read_text(encoding="utf-8")
|
|
|
|
assert 'expected_members = sorted([*expected, "bundle-manifest.json"])' in source
|
|
assert "bundle member allowlist mismatch" in source
|
|
assert "bundle manifest file allowlist mismatch" in source
|
|
assert 'receipt.get("sha256") != hashlib.sha256(data).hexdigest()' in source
|
|
assert '"workflow_ref": expected_workflow_ref' in source
|
|
assert "installed dispatcher does not match the reviewed main bundle" in source
|
|
assert 'dispatcher_sha != files["scripts/gcp_iap_operator.sh"]["sha256"]' in source
|
|
|
|
|
|
def test_runner_fake_gcloud_smoke_retains_only_sanitized_result(tmp_path: Path) -> None:
|
|
bin_dir = tmp_path / "bin"
|
|
runner_temp = tmp_path / "runner"
|
|
result_dir = runner_temp / "result"
|
|
invocation = tmp_path / "gcloud-argv.txt"
|
|
bin_dir.mkdir()
|
|
runner_temp.mkdir()
|
|
fake_gcloud = bin_dir / "gcloud"
|
|
fake_gcloud.write_text(
|
|
"#!/usr/bin/env bash\n"
|
|
'printf \'%s\\n\' "$@" > "${FAKE_GCLOUD_ARGV}"\n'
|
|
"printf '%s\\n' "
|
|
'\'{"operation":"status","request_id":"iap-abcdefghijkl",\''
|
|
'\'"target_db":"teleo_clone_status","status":"pass",\''
|
|
'\'"instance":"teleo-prod-1","expected_internal_ip":"10.60.0.3",\''
|
|
'\'"active_state":"active","sub_state":"running","nrestarts":0,\''
|
|
'\'"dispatcher_version":"teleo-gcp-iap-operator-v1",\''
|
|
'\'"dispatcher_sha256":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}\'\n',
|
|
encoding="utf-8",
|
|
)
|
|
fake_gcloud.chmod(0o755)
|
|
env = {
|
|
**os.environ,
|
|
"PATH": f"{bin_dir}:{os.environ['PATH']}",
|
|
"RUNNER_TEMP": str(runner_temp),
|
|
"RESULT_DIR": str(result_dir),
|
|
"FAKE_GCLOUD_ARGV": str(invocation),
|
|
}
|
|
|
|
completed = subprocess.run(
|
|
["bash", str(OPERATOR), "status", "iap-abcdefghijkl", "teleo_clone_status"],
|
|
cwd=REPO_ROOT,
|
|
env=env,
|
|
text=True,
|
|
capture_output=True,
|
|
check=False,
|
|
)
|
|
|
|
assert completed.returncode == 0, completed.stderr
|
|
result = json.loads((result_dir / "result.json").read_text(encoding="utf-8"))
|
|
assert result["status"] == "pass"
|
|
assert result["credential_values_logged"] is False
|
|
assert result["raw_stdout_retained"] is False
|
|
assert result["raw_stderr_retained"] is False
|
|
assert result["remote_result"]["active_state"] == "active"
|
|
argv = invocation.read_text(encoding="utf-8")
|
|
assert "compute\nssh\nteleo-prod-1\n" in argv
|
|
assert "--tunnel-through-iap" in argv
|
|
assert "--ssh-key-expire-after=5m" in argv
|
|
assert not list(runner_temp.glob("teleo-iap-operator.*"))
|
|
|
|
|
|
def test_runner_fails_closed_when_remote_output_is_not_valid_json(tmp_path: Path) -> None:
|
|
bin_dir = tmp_path / "bin"
|
|
runner_temp = tmp_path / "runner"
|
|
result_dir = runner_temp / "result"
|
|
bin_dir.mkdir()
|
|
runner_temp.mkdir()
|
|
fake_gcloud = bin_dir / "gcloud"
|
|
fake_gcloud.write_text("#!/usr/bin/env bash\nprintf 'not-json\\n'\n", encoding="utf-8")
|
|
fake_gcloud.chmod(0o755)
|
|
env = {
|
|
**os.environ,
|
|
"PATH": f"{bin_dir}:{os.environ['PATH']}",
|
|
"RUNNER_TEMP": str(runner_temp),
|
|
"RESULT_DIR": str(result_dir),
|
|
}
|
|
|
|
completed = subprocess.run(
|
|
["bash", str(OPERATOR), "status", "iap-abcdefghijkl", "teleo_clone_status"],
|
|
cwd=REPO_ROOT,
|
|
env=env,
|
|
text=True,
|
|
capture_output=True,
|
|
check=False,
|
|
)
|
|
|
|
assert completed.returncode == 90
|
|
result = json.loads((result_dir / "result.json").read_text(encoding="utf-8"))
|
|
assert result["status"] == "fail"
|
|
assert result["remote_result"] == {}
|
|
assert not list(runner_temp.glob("teleo-iap-operator.*"))
|
|
|
|
|
|
def test_clone_runner_scps_only_request_derived_bundle_over_iap(tmp_path: Path) -> None:
|
|
bin_dir = tmp_path / "bin"
|
|
runner_temp = tmp_path / "runner"
|
|
result_dir = runner_temp / "result"
|
|
bundle_dir = runner_temp / "gcp-iap-operator-bundle"
|
|
invocation = tmp_path / "gcloud-argv.txt"
|
|
bin_dir.mkdir()
|
|
runner_temp.mkdir()
|
|
bundle_dir.mkdir(mode=0o700)
|
|
bundle = bundle_dir / "iap-abcdefghijkl.tar.gz"
|
|
bundle.write_bytes(b"reviewed-bundle")
|
|
bundle.chmod(0o600)
|
|
fake_gcloud = bin_dir / "gcloud"
|
|
fake_gcloud.write_text(
|
|
"#!/usr/bin/env bash\n"
|
|
'printf \'%s \' "$@" >> "${FAKE_GCLOUD_ARGV}"\n'
|
|
"printf '\\n' >> \"${FAKE_GCLOUD_ARGV}\"\n"
|
|
'if [[ "$2" == "ssh" ]]; then\n'
|
|
" printf '%s\\n' "
|
|
'\'{"operation":"direct-claim-replay","request_id":"iap-abcdefghijkl",\''
|
|
'\'"target_db":"teleo_clone_test","status":"pass",\''
|
|
'\'"bundle_commit":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",\''
|
|
'\'"bundle_sha256":"bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"}\'\n'
|
|
"fi\n",
|
|
encoding="utf-8",
|
|
)
|
|
fake_gcloud.chmod(0o755)
|
|
env = {
|
|
**os.environ,
|
|
"PATH": f"{bin_dir}:{os.environ['PATH']}",
|
|
"RUNNER_TEMP": str(runner_temp),
|
|
"RESULT_DIR": str(result_dir),
|
|
"FAKE_GCLOUD_ARGV": str(invocation),
|
|
}
|
|
|
|
completed = subprocess.run(
|
|
["bash", str(OPERATOR), "direct-claim-replay", "iap-abcdefghijkl", "teleo_clone_test"],
|
|
cwd=REPO_ROOT,
|
|
env=env,
|
|
text=True,
|
|
capture_output=True,
|
|
check=False,
|
|
)
|
|
|
|
assert completed.returncode == 0, completed.stderr
|
|
calls = invocation.read_text(encoding="utf-8").splitlines()
|
|
assert len(calls) == 2
|
|
assert "compute scp" in calls[0]
|
|
assert str(bundle) in calls[0]
|
|
assert "teleo-prod-1:.teleo-iap-upload-iap-abcdefghijkl.tar.gz" in calls[0]
|
|
assert "--tunnel-through-iap" in calls[0]
|
|
assert "--ssh-key-expire-after=5m" in calls[0]
|
|
assert "compute ssh" in calls[1]
|
|
assert "--tunnel-through-iap" in calls[1]
|
|
|
|
|
|
def test_clone_runner_rejects_bundle_symlink_before_gcloud(tmp_path: Path) -> None:
|
|
bin_dir = tmp_path / "bin"
|
|
runner_temp = tmp_path / "runner"
|
|
result_dir = runner_temp / "result"
|
|
bundle_dir = runner_temp / "gcp-iap-operator-bundle"
|
|
outside = tmp_path / "outside.tar.gz"
|
|
marker = tmp_path / "gcloud-called"
|
|
bin_dir.mkdir()
|
|
runner_temp.mkdir()
|
|
bundle_dir.mkdir(mode=0o700)
|
|
outside.write_bytes(b"outside")
|
|
(bundle_dir / "iap-abcdefghijkl.tar.gz").symlink_to(outside)
|
|
fake_gcloud = bin_dir / "gcloud"
|
|
fake_gcloud.write_text(
|
|
'#!/usr/bin/env bash\ntouch "${FAKE_GCLOUD_MARKER}"\n',
|
|
encoding="utf-8",
|
|
)
|
|
fake_gcloud.chmod(0o755)
|
|
env = {
|
|
**os.environ,
|
|
"PATH": f"{bin_dir}:{os.environ['PATH']}",
|
|
"RUNNER_TEMP": str(runner_temp),
|
|
"RESULT_DIR": str(result_dir),
|
|
"FAKE_GCLOUD_MARKER": str(marker),
|
|
}
|
|
|
|
completed = subprocess.run(
|
|
["bash", str(OPERATOR), "cleanup-clone", "iap-abcdefghijkl", "teleo_clone_test"],
|
|
cwd=REPO_ROOT,
|
|
env=env,
|
|
text=True,
|
|
capture_output=True,
|
|
check=False,
|
|
)
|
|
|
|
assert completed.returncode == 2
|
|
assert "fixed workflow bundle is absent or unsafe" in completed.stderr
|
|
assert not marker.exists()
|
|
|
|
|
|
def test_google_auth_credential_file_pattern_is_ignored_exactly() -> None:
|
|
ignore_lines = (REPO_ROOT / ".gitignore").read_text(encoding="utf-8").splitlines()
|
|
|
|
assert "gha-creds-*.json" in ignore_lines
|