All runbooks
runbookuapiredacted view

UAPI GLM 5.2 First-Wedge Test Plan

GLM Worker F implementation-agnostic first-wedge test plan for identity, placement, adapters, events, lineage, and storage policy.

Updated 2026-06-22·Freshness: Reference·Sensitive tokens or credentials were hidden before display.

UAPI GLM 5.2 First-Wedge Test Plan

GLM Worker F implementation-agnostic first-wedge test plan for identity, placement, adapters, events, lineage, and storage policy.

Promotion Metadata

  • Source feedback id: 160
  • Source feedback ids: 160
  • Promotion request id: 91
  • Feedback category: consider
  • Feedback source: ai-lane
  • Feedback created at: 2026-06-22T20:07:33.284050+00:00
  • Target slug: [REDACTED:high-entropy]
  • Review state: review
  • Reviewer note: AI lane auto-promoted redacted feedback into internal catalog context.

Source Feedback Body

Feedback 160

  • Product: uapi
  • Category: consider
  • Related slug: ``
  • Source: ai-lane
  • Created at: 2026-06-22T20:07:33.284050+00:00

GLM 5.2 UAPI First-Wedge Test Plan (2026-06-22)

Created: 2026-06-22T20:10:00Z Authority: GLM Worker F. Implementation-agnostic; portable once Codex chooses the repo.

Scope

Tests validate v0.2 contracts against fixture data only. No real auth, services, adapters, cloud, or hardware.

Fixture-Only Tests (Phase 1)

T1: Identity Gate — Valid Role Input: principal role_assertions: ["operator"]. Pass: GateRecord allow, gate identity. Ref: happy_path_storage_candidate.

T2: Identity Gate — Missing Roles (Denial) Input: principal without role_assertions. Pass: GateRecord deny. Ref: missing_role_assertions.

T3: Session Expiry Input: LoginSession expires_at in the past (15-min TTL). Pass: deny, reason cites expiry.

T4: Placement Gate — Route with Policy Refs Input: PlacementDecision allow with mount/quota/retention refs present. Pass: allow. Ref: happy_path_storage_candidate.

T5: Placement Gate — Unknown Route Input: route_candidate_id not in approved registry. Pass: deny.

T6: Placement Gate — Missing Policy Refs Input: allow decision without mount/quota/retention refs. Pass: deny. Ref: storage_route_without_policy_refs.

T7: Mock ProviderAdapter Input: mock implementing capabilities(), health_probe(), submit()->ResultPacket. Timeout: 30s. Pass: status=accepted, lineage populated.

T8: EventEnvelope Correlation Input: full chain session→gate→result. Pass: all envelopes share one correlation_id from session creation.

T9: GateRecord Evidence Refs Input: allow GateRecord with evidence_ref. Pass: allowed. Allow with empty/missing evidence_ref fails.

T10: ResultPacket Lineage Mismatch Input: lineage.correlation_id differs from session. Pass: Acceptance Gate deny. Ref: result_lineage_correlation_mismatch.

T11: Acceptance Gate — Malformed Result Input: ResultPacket missing lineage fields. Pass: denied (not failed — per Codex v0.2 boundary).

T12: Storage Candidate — Forge SN850X Input: StorageCandidate with policy refs but candidate state. Pass: candidate-only placement, no writes, explorer_catalog_allowed=false.

Phase 1 Execution Rules

  • Fixture JSON only; no live services.
  • Assert dry_run=true, authority=fixture_only_no_execution.
  • Assert writes_ledger=false, calls_backends=false, starts_services=false.
  • Reject secret-like text in fixtures before evaluation.
  • Runner matches chosen language (Jest/pytest/cargo test).

Future Integration Tests (Phase 2 — Blocked)

  • I1: Real Identity Gate vs auth provider (no auth store).
  • I2: Real ProviderAdapter with timeout (no real adapters).
  • I3: Run ledger persistence (no ledger store).
  • I4: Explorer evidence export (no Explorer docs lane).
  • I5: Forge SN850X storage write (no storage policy approval).

Phase 2 remains stubs until operator gates pass.

Sources

  • [REDACTED:high-entropy].2.schema.json
  • [REDACTED:high-entropy].2.json
  • [REDACTED:high-entropy].md

Assumptions

  • Fixture JSON is canonical; no fixture mutation.
  • Mock adapter is a test double, not real ProviderAdapter.
  • v0.2 decisions (TTL, timeout, denied-vs-failed) are authoritative.

Blockers

  • No target repo yet (Phase 1 can run standalone against fixtures).
  • Phase 2 blocked on auth/ledger/adapter approvals.

Next Handoff

  1. Codex: create/assign target repo; confirm language.
  2. GLM: port T1–T12 into chosen repo test directory.
  3. Codex: approve Phase 2 gate criteria to unblock I1–I5.