stacklok
Test use case Secret Push Protection check
Write an integration test covering the code path that goes from Minder receiving a webhook event to Minder opening a PR.
The test should cover
- webhook handler
- transmission of the event through watermill from the handler to the executor (preferably via Postgres)
- execution of the desired ingestion engine
- execution of the desired evaluation engine
- execution of the desired remediation engine
The test should check that a PR comment with the expected content is created.
Acceptance criteria
Given a profile test exists
Given profile test has a rule of type secret_push_protection
Given remediate is disabled in profile test
When I receive a webhook event about a repository
Then a record exists in history with status failed
Given a profile test exists
Given profile test has a rule of type secret_push_protection
Given remediate is enabled in profile test
When I receive a webhook event about a repository
Then a record exists in history with status failed
Then request is made to enable Secret Push Protection
