Benjamin Admin
b71771e52e
One contract example (Mission #3's public tender) is not enough to safely generalise: it risks baking tender-shaped assumptions into the later Scope→Journey selector. This mission runs TWO deliberately different contract sub-types against the same company through the IDENTICAL engine: - public tender (procurement: pentest report, references, support SLA, SBOM) -> delta 4 - private OEM spec (Lastenheft: CSMS, functional safety, SUMS, ASPICE) -> delta 3 The two deltas are completely DISJOINT (no shared missing capability), proving the contracts are genuinely different — yet there is no per-contract code: assess_transition treats each as a plain Required set, exactly like a regulation or a certification. Evidence-Relevance is target-relative even between two contracts (TISAX worth more to the automotive OEM than to the generic tender). Conclusion: "Contract" as a requirement source is now covered by >=2 diverse cases, so the later selector can treat any contract uniformly. Synthetic company + synthetic contracts (NO real names). Non-runtime -> no deploy. 5 tests pass.
58 lines
2.0 KiB
Python
58 lines
2.0 KiB
Python
"""Customer Mission #4 — a second, different contract target (no tender-special-logic).
|
|
|
|
Pins what Mission #4 guards: TWO structurally different contract sub-types (a public tender and a
|
|
private OEM Lastenheft) run through the identical engine and produce DIFFERENT, non-overlapping deltas
|
|
with no per-contract code. That is the evidence that the later Scope→Journey selector can treat any
|
|
contract as a plain Required set — no tender-shaped special case baked in.
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
import os
|
|
import subprocess
|
|
import sys
|
|
|
|
|
|
def _run():
|
|
root = os.path.join(os.path.dirname(__file__), "..")
|
|
r = subprocess.run(
|
|
[sys.executable, "reference_scenarios/mission_second_contract.py"],
|
|
cwd=root, env={**os.environ, "PYTHONPATH": "."}, capture_output=True, text=True,
|
|
)
|
|
assert r.returncode == 0, r.stderr
|
|
return r.stdout
|
|
|
|
|
|
def test_runs_end_to_end():
|
|
out = _run()
|
|
assert "Customer Mission #4" in out
|
|
assert "kein Contract-Spezialfall" in out
|
|
|
|
|
|
def test_two_distinct_contract_types_one_engine():
|
|
out = _run()
|
|
assert "public tender" in out and "private OEM spec" in out
|
|
assert "keinen Contract-spezifischen Codepfad" in out
|
|
|
|
|
|
def test_contracts_produce_different_deltas():
|
|
out = _run()
|
|
# the two contracts must be genuinely different: their deltas do not overlap
|
|
assert "**Beiden gemeinsam:** —" in out
|
|
# each carries its own distinctive missing capabilities
|
|
assert "penetration_test_evidence" in out # tender-only
|
|
assert "functional_safety_evidence" in out # OEM-only
|
|
|
|
|
|
def test_evidence_relevance_differs_between_contracts():
|
|
out = _run()
|
|
# TISAX is worth more against the automotive OEM spec than the generic tender
|
|
assert "**TISAX** | hoch (4) | hoch (6) |" in out
|
|
assert "Relevanz ist eine Funktion des Ziels" in out
|
|
|
|
|
|
def test_no_real_company_names():
|
|
out = _run().lower()
|
|
for name in ["eto", "owis", "winterhalter"]:
|
|
assert name not in out
|