feat: guarddog-nexus — webhook-based PyPI scanner with web UI

2026-05-09 04:48:10 +03:00
parent bdcc82807d
commit 4ce99d3c85
32 changed files with 1865 additions and 0 deletions
--- a/tests/test_webhooks.py
+++ b/tests/test_webhooks.py
@@ -0,0 +1,72 @@
+"""Tests for Nexus webhook receiver."""
+
+from unittest.mock import patch
+
+import pytest
+
+
+@pytest.mark.asyncio
+async def test_webhook_rejects_invalid_json(client):
+    resp = await client.post(
+        "/webhooks/nexus",
+        content="not json",
+        headers={"Content-Type": "application/json"},
+    )
+    assert resp.status_code == 400
+
+
+@pytest.mark.asyncio
+async def test_webhook_ignores_deleted_action(client, sample_nexus_webhook):
+    sample_nexus_webhook["action"] = "DELETED"
+    resp = await client.post(
+        "/webhooks/nexus",
+        json=sample_nexus_webhook,
+    )
+    assert resp.status_code == 200
+    assert resp.json()["status"] == "ignored"
+
+
+@pytest.mark.asyncio
+async def test_webhook_accepts_created(client, sample_nexus_webhook):
+    with patch("guarddog_nexus.webhooks._scan_in_background") as _mock_scan:
+        resp = await client.post(
+            "/webhooks/nexus",
+            json=sample_nexus_webhook,
+        )
+        assert resp.status_code == 200
+        data = resp.json()
+        assert data["status"] == "accepted"
+        assert data["package"] == "requests-2.31.0.tar.gz"
+        assert data["action"] == "CREATED"
+
+
+@pytest.mark.asyncio
+async def test_webhook_accepts_updated(client, sample_nexus_webhook):
+    sample_nexus_webhook["action"] = "UPDATED"
+    with patch("guarddog_nexus.webhooks._scan_in_background") as _mock_scan:
+        resp = await client.post(
+            "/webhooks/nexus",
+            json=sample_nexus_webhook,
+        )
+        assert resp.status_code == 200
+        assert resp.json()["status"] == "accepted"
+
+
+@pytest.mark.asyncio
+async def test_webhook_skips_metadata_assets(client, sample_nexus_webhook):
+    sample_nexus_webhook["asset"]["name"] = "index.html"
+    resp = await client.post(
+        "/webhooks/nexus",
+        json=sample_nexus_webhook,
+    )
+    assert resp.status_code == 200
+    assert resp.json()["status"] == "ignored"
+
+
+@pytest.mark.asyncio
+async def test_webhook_missing_asset(client):
+    resp = await client.post(
+        "/webhooks/nexus",
+        json={"action": "CREATED", "repositoryName": "test"},
+    )
+    assert resp.status_code == 400