Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e140477c0bd62d20ebdcca7c7b5543a2612dc880
breakpilot-compliance/backend-compliance/tests/test_scanner_mcp_client.py
T
Benjamin Admin e140477c0b
CI / nodejs-build (push) Successful in 3m12s
Details
CI / test-go (push) Has been skipped
Details
CI / iace-gt-coverage (push) Has been skipped
Details
CI / test-python-backend (push) Successful in 39s
Details
CI / test-python-document-crawler (push) Has been skipped
Details
CI / test-python-dsms-gateway (push) Has been skipped
Details
CI / detect-changes (push) Successful in 15s
Details
CI / branch-name (push) Has been skipped
Details
CI / guardrail-integrity (push) Has been skipped
Details
CI / secret-scan (push) Has been skipped
Details
CI / dep-audit (push) Has been skipped
Details
CI / sbom-scan (push) Has been skipped
Details
CI / build-sha-integrity (push) Successful in 12s
Details
CI / validate-canonical-controls (push) Successful in 12s
Details
CI / loc-budget (push) Successful in 25s
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
feat(cra): Pull-Flow — Findings vom Scanner-MCP ziehen + assessen 
(2) Wir als MCP-Client zum compliance-scanner-agent:
- scanner_mcp_client.fetch_findings(): streamablehttp_client + ClientSession →
  list_findings, parst JSON-Text zu Finding-Dicts. Config via SCANNER_MCP_URL/
  SCANNER_MCP_TOKEN (unset = leer → UI behält Demo). Transport lazy-importiert.
- POST /v1/cra/assess-from-scanner: rohe Scanner-Dicts → toleranter Mapper
  (behält scan_type/cvss_score/file_path) → assess + Breadth.
- Tests: parse_findings_text + no-config-Pfad.

Live-Verdrahtung der UI folgt, sobald ihr Endpoint+Token stehen (dann nur Env
setzen + useCRA auf /assess-from-scanner zeigen).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-15 19:05:44 +02:00

30 lines
965 B
Python
Raw Blame History

"""Pull-flow client: parse the scanner's list_findings result + safe no-config path."""
import asyncio
from compliance.services.scanner_mcp_client import fetch_findings, parse_findings_text
def test_parse_plain_array():
out = parse_findings_text('[{"_id":"a","title":"x"},{"_id":"b"}]')
assert len(out) == 2
assert out[0]["_id"] == "a"
def test_parse_wrapped_findings_key():
assert parse_findings_text('{"findings":[{"_id":"a"}]}') == [{"_id": "a"}]
def test_parse_wrapped_results_key():
assert parse_findings_text('{"results":[{"_id":"a"}]}') == [{"_id": "a"}]
def test_parse_garbage_returns_empty():
assert parse_findings_text("not json") == []
assert parse_findings_text("") == []
assert parse_findings_text('{"x":1}') == []
def test_fetch_findings_no_url_returns_empty():
# Unconfigured + no override -> [] (no MCP lib needed; transport is lazy-imported).
assert asyncio.run(fetch_findings(base_url="")) == []
Reference in New Issue View Git Blame Copy Permalink