UAPI GLM 5.2 First-Wedge Test Plan
GLM Worker F implementation-agnostic first-wedge test plan for identity, placement, adapters, events, lineage, and storage policy.
Promotion Metadata
- Source feedback id:
160 - Source feedback ids:
160 - Promotion request id:
91 - Feedback category:
consider - Feedback source:
ai-lane - Feedback created at:
2026-06-22T20:07:33.284050+00:00 - Target slug:
[REDACTED:high-entropy] - Review state:
review - Reviewer note: AI lane auto-promoted redacted feedback into internal catalog context.
Source Feedback Body
Feedback 160
- Product:
uapi - Category:
consider - Related slug: ``
- Source:
ai-lane - Created at:
2026-06-22T20:07:33.284050+00:00
GLM 5.2 UAPI First-Wedge Test Plan (2026-06-22)
Created: 2026-06-22T20:10:00Z Authority: GLM Worker F. Implementation-agnostic; portable once Codex chooses the repo.
Scope
Tests validate v0.2 contracts against fixture data only. No real auth, services, adapters, cloud, or hardware.
Fixture-Only Tests (Phase 1)
T1: Identity Gate — Valid Role
Input: principal role_assertions: ["operator"]. Pass: GateRecord allow, gate identity. Ref: happy_path_storage_candidate.
T2: Identity Gate — Missing Roles (Denial)
Input: principal without role_assertions. Pass: GateRecord deny. Ref: missing_role_assertions.
T3: Session Expiry
Input: LoginSession expires_at in the past (15-min TTL). Pass: deny, reason cites expiry.
T4: Placement Gate — Route with Policy Refs
Input: PlacementDecision allow with mount/quota/retention refs present. Pass: allow. Ref: happy_path_storage_candidate.
T5: Placement Gate — Unknown Route
Input: route_candidate_id not in approved registry. Pass: deny.
T6: Placement Gate — Missing Policy Refs
Input: allow decision without mount/quota/retention refs. Pass: deny. Ref: storage_route_without_policy_refs.
T7: Mock ProviderAdapter
Input: mock implementing capabilities(), health_probe(), submit()->ResultPacket. Timeout: 30s. Pass: status=accepted, lineage populated.
T8: EventEnvelope Correlation
Input: full chain session→gate→result. Pass: all envelopes share one correlation_id from session creation.
T9: GateRecord Evidence Refs
Input: allow GateRecord with evidence_ref. Pass: allowed. Allow with empty/missing evidence_ref fails.
T10: ResultPacket Lineage Mismatch
Input: lineage.correlation_id differs from session. Pass: Acceptance Gate deny. Ref: result_lineage_correlation_mismatch.
T11: Acceptance Gate — Malformed Result
Input: ResultPacket missing lineage fields. Pass: denied (not failed — per Codex v0.2 boundary).
T12: Storage Candidate — Forge SN850X
Input: StorageCandidate with policy refs but candidate state. Pass: candidate-only placement, no writes, explorer_catalog_allowed=false.
Phase 1 Execution Rules
- Fixture JSON only; no live services.
- Assert
dry_run=true,authority=fixture_only_no_execution. - Assert
writes_ledger=false,calls_backends=false,starts_services=false. - Reject secret-like text in fixtures before evaluation.
- Runner matches chosen language (Jest/pytest/cargo test).
Future Integration Tests (Phase 2 — Blocked)
- I1: Real Identity Gate vs auth provider (no auth store).
- I2: Real ProviderAdapter with timeout (no real adapters).
- I3: Run ledger persistence (no ledger store).
- I4: Explorer evidence export (no Explorer docs lane).
- I5: Forge SN850X storage write (no storage policy approval).
Phase 2 remains stubs until operator gates pass.
Sources
[REDACTED:high-entropy].2.schema.json[REDACTED:high-entropy].2.json[REDACTED:high-entropy].md
Assumptions
- Fixture JSON is canonical; no fixture mutation.
- Mock adapter is a test double, not real ProviderAdapter.
- v0.2 decisions (TTL, timeout, denied-vs-failed) are authoritative.
Blockers
- No target repo yet (Phase 1 can run standalone against fixtures).
- Phase 2 blocked on auth/ledger/adapter approvals.
Next Handoff
- Codex: create/assign target repo; confirm language.
- GLM: port T1–T12 into chosen repo test directory.
- Codex: approve Phase 2 gate criteria to unblock I1–I5.