from __future__ import annotations import json import sys from pathlib import Path import pytest ROOT = Path(__file__).resolve().parents[1] sys.path.insert(0, str(ROOT / "scripts")) from ssl_check import ConfigError, load_targets # noqa: E402 from ssl_discovery import build_lld # noqa: E402 def write_config(tmp_path: Path, data: object) -> Path: config = tmp_path / "ssl_targets.json" config.write_text(json.dumps(data), encoding="utf-8") return config def test_valid_config_is_normalized_and_deduplicated(tmp_path: Path) -> None: config = write_config( tmp_path, [ { "name": "Example", "host": "example.test", "port": 443, "owner": "ops", "profile": "relaxed", }, { "name": "Duplicate", "host": "example.test", "port": 443, "owner": "ops", "profile": "relaxed", }, ], ) targets = load_targets(config) assert len(targets) == 1 assert targets[0]["expected_hostname"] == "example.test" assert targets[0]["timeout"] == 10.0 def test_invalid_profile_fails(tmp_path: Path) -> None: config = write_config( tmp_path, [ { "name": "Example", "host": "example.test", "port": 443, "owner": "ops", "profile": "wild-west", } ], ) with pytest.raises(ConfigError): load_targets(config) def test_invalid_port_fails(tmp_path: Path) -> None: config = write_config( tmp_path, [ { "name": "Example", "host": "example.test", "port": 70000, "owner": "ops", "profile": "relaxed", } ], ) with pytest.raises(ConfigError): load_targets(config) def test_discovery_output_contains_lld_macros(tmp_path: Path) -> None: config = write_config( tmp_path, [ { "name": "Example", "host": "example.test", "port": 443, "owner": "ops", "profile": "internal", } ], ) discovery = build_lld(load_targets(config)) assert "data" in discovery assert discovery["data"][0]["{#SSL_NAME}"] == "Example" assert discovery["data"][0]["{#SSL_HOST}"] == "example.test" assert discovery["data"][0]["{#SSL_PORT}"] == "443" assert discovery["data"][0]["{#SSL_OWNER}"] == "ops" assert discovery["data"][0]["{#SSL_PROFILE}"] == "internal"