testdata: convert .json to .hujson with header comments

Rename all 594 test data files from .json to .hujson and add descriptive header comments to each file documenting what policy rules are under test and what outcome is expected. Update test loaders in all 5 _test.go files to parse HuJSON via hujson.Parse/Standardize/Pack before json.Unmarshal. Add cross-dependency warning to via_compat_test.go documenting that GRANT-V29/V30/V31/V36 are shared with TestGrantsCompat. Add .gitignore exemption for testdata HuJSON files.
2026-04-28 03:27:15 +02:00 · 2026-03-30 17:08:26 +00:00
parent f693cc0851
commit 30dce30a9d
600 changed files with 3493 additions and 18 deletions
--- a/hscontrol/policy/v2/testdata/ssh_results/SSH-D5.hujson
+++ b/hscontrol/policy/v2/testdata/ssh_results/SSH-D5.hujson
@@ -0,0 +1,136 @@
+// SSH-D5
+//
+// SSH:  accept: src=['autogroup:member'] dst=['tag:server'] users=['localpart:*@passkey', 'root', 'autogroup:nonroot']
+//
+// Expected: SSH rules on 4 of 5 nodes
+{
+  "test_id": "SSH-D5",
+  "policy_file": "ssh_policies/ssh_d5.json",
+  "ssh_section": [
+    {
+      "action": "accept",
+      "src": ["autogroup:member"],
+      "dst": ["tag:server"],
+      "users": ["localpart:*@passkey", "root", "autogroup:nonroot"]
+    }
+  ],
+  "nodes": {
+    "user1": {
+      "rules": [
+        {
+          "principals": [{ "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }],
+          "sshUsers": { "*": "=", "root": "root" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        },
+        {
+          "principals": [{ "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }],
+          "sshUsers": { "kratail2tid": "kratail2tid" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        }
+      ]
+    },
+    "user-kris": {
+      "rules": [
+        {
+          "principals": [{ "nodeIP": "100.110.121.96" }, { "nodeIP": "fd7a:115c:a1e0::1737:7960" }],
+          "sshUsers": { "*": "=", "root": "root" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        }
+      ]
+    },
+    "user-mon": {
+      "rules": [
+        {
+          "principals": [{ "nodeIP": "100.103.90.82" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" }],
+          "sshUsers": { "*": "=", "root": "root" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        },
+        {
+          "principals": [{ "nodeIP": "100.103.90.82" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" }],
+          "sshUsers": { "monitorpasskeykradalby": "monitorpasskeykradalby" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        }
+      ]
+    },
+    "tagged-server": {
+      "rules": [
+        {
+          "principals": [{ "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }],
+          "sshUsers": { "*": "=", "root": "root" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        },
+        {
+          "principals": [{ "nodeIP": "100.90.199.68" }, { "nodeIP": "fd7a:115c:a1e0::2d01:c747" }],
+          "sshUsers": { "kratail2tid": "kratail2tid" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        },
+        {
+          "principals": [{ "nodeIP": "100.110.121.96" }, { "nodeIP": "fd7a:115c:a1e0::1737:7960" }],
+          "sshUsers": { "*": "=", "root": "root" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        },
+        {
+          "principals": [{ "nodeIP": "100.103.90.82" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" }],
+          "sshUsers": { "*": "=", "root": "root" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        },
+        {
+          "principals": [{ "nodeIP": "100.103.90.82" }, { "nodeIP": "fd7a:115c:a1e0::9e37:5a52" }],
+          "sshUsers": { "monitorpasskeykradalby": "monitorpasskeykradalby" },
+          "action": {
+            "accept": true,
+            "allowAgentForwarding": true,
+            "allowLocalPortForwarding": true,
+            "allowRemotePortForwarding": true
+          }
+        }
+      ]
+    },
+    "tagged-prod": { "rules": [] }
+  }
+}