mirror of
https://github.com/azaion/gps-denied-onboard.git
synced 2026-06-22 17:11:14 +00:00
[AZ-421] Batch 82 housekeeping
Archive AZ-421 to done/ and advance autodev state to await batch 83. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
@@ -0,0 +1,79 @@
|
||||
# FT-P-15 + FT-P-16 + FT-P-18 — Tile cache schema + offline-only + no-raw-frame retention
|
||||
|
||||
**Task**: AZ-421_ft_p_15_16_18_cache_offline
|
||||
**Name**: Tile cache manifest schema, resolution floor, offline-only operation, no raw nav/AI-cam retention (AC-8.1, AC-8.3, AC-8.5, RESTRICT-SAT-1)
|
||||
**Description**: Combined coverage for three storage / cache compliance scenarios that share the same `tile-cache-fixture` and FDR-archive observation surface.
|
||||
**Complexity**: 3 points
|
||||
**Dependencies**: AZ-406, AZ-407
|
||||
**Component**: Blackbox Tests / Positive / Storage policy (epic AZ-262)
|
||||
**Tracker**: AZ-421
|
||||
**Epic**: AZ-262 (E-BBT)
|
||||
|
||||
## Problem
|
||||
|
||||
Three contract-level checks on the SUT's storage behavior — manifest schema (FT-P-15), offline-only operation (FT-P-16), and no-raw-frame retention (FT-P-18) — share the same fixture mount and observation surface. Combining them into one task avoids three near-identical pytest harnesses.
|
||||
|
||||
## Outcome
|
||||
|
||||
- pytest scenarios at `e2e/tests/positive/test_ft_p_15_cache_schema.py`, `test_ft_p_16_offline_only.py`, `test_ft_p_18_no_raw_retention.py` (three test files; one task).
|
||||
- FT-P-15: SUT's startup self-check observed via FDR; assert each tile manifest entry has CRS, tile matrix, dimension, lat-adjusted m/px, capture date, source, compression; m/px ≥ 0.5.
|
||||
- FT-P-16: 60 s Derkachi replay with `e2e-net.internal: true`; assert all egress to non-`e2e-net` destinations is 0 (paired with NFT-SEC-02).
|
||||
- FT-P-18: walk FDR + tile cache for any file matching nav-camera raw-frame pattern; assert only the failed-tile-gen thumbnail log files present (≤0.1 Hz cadence); total thumbnail log < 1 GB over 8 h (NFT-LIM-02 cross-check).
|
||||
|
||||
## Scope
|
||||
|
||||
### Included
|
||||
- FDR-side startup self-check observation (FT-P-15).
|
||||
- Network-egress counter read from Docker network stats (FT-P-16; the actual block is enforced by `internal: true` from AZ-406).
|
||||
- Filesystem walk of FDR + tile cache (FT-P-18).
|
||||
- Aggregate assertion per scenario.
|
||||
|
||||
### Excluded
|
||||
- Defense-in-depth (DNS blackhole) variant — owned by NFT-SEC-05 inside AZ-437.
|
||||
- Cache-poisoning safety — owned by NFT-SEC-01 (AZ-436).
|
||||
- Stale-tile rejection — owned by FT-N-05 (AZ-427).
|
||||
|
||||
## Acceptance Criteria
|
||||
|
||||
**AC-1: FT-P-15 — manifest schema completeness**
|
||||
Given the SUT's startup self-check observable via FDR
|
||||
Then each tile manifest entry has all of: CRS, tile-matrix identifier, pixel dimension, lat-adjusted m/px, capture_date, source, compression. Missing fields fail the AC for that entry.
|
||||
|
||||
**AC-2: FT-P-15 — resolution floor**
|
||||
Given the manifest entries
|
||||
Then m/px ≥ 0.5 for every entry; entries below the floor are rejected at load (verified by FDR `tile-load-rejected` events).
|
||||
|
||||
**AC-3: FT-P-16 — offline operation**
|
||||
Given the SUT runs against the local cache only
|
||||
When 60 s of Derkachi replays
|
||||
Then Docker network stats show 0 packets to non-`e2e-net` destinations from the SUT container.
|
||||
|
||||
**AC-4: FT-P-18 — no raw-frame retention**
|
||||
Given a completed Derkachi replay
|
||||
When the test walks `fdr-output` + tile-cache volumes
|
||||
Then no file matches the nav-camera raw-frame pattern (JPEG/RAW with original 5472×3648 dimensions, OR 880×720 H.264-decoded full-resolution frames). Only the ≤0.1 Hz failed-tile-gen thumbnail log files are present.
|
||||
|
||||
**AC-5: FT-P-18 — thumbnail log budget**
|
||||
Given the thumbnail log
|
||||
Then `total_thumbnail_log_size < 1 GB` extrapolated over an 8 h flight (NFT-LIM-02 cross-check).
|
||||
|
||||
**AC-6: parameterization**
|
||||
Given conftest parameterization
|
||||
Then all three methods run per `(fc_adapter, vio_strategy)`.
|
||||
|
||||
## System Under Test Boundary
|
||||
|
||||
End-to-end through public boundaries.
|
||||
|
||||
- **Allowed**: FDR archive read, filesystem walk of mounted volumes, Docker network stats (a public Docker API).
|
||||
- **Forbidden**: importing the SUT's cache module, monkeypatching the manifest loader.
|
||||
|
||||
## Constraints
|
||||
|
||||
- "Raw-frame pattern" detection uses file-format heuristics (magic bytes for JPEG/RAW) AND dimension probing. False positives are inspected manually; false negatives that miss real raw frames are a real defect.
|
||||
- The 1 GB / 8 h thumbnail budget is extrapolated from a shorter run by `(observed_size / observed_duration_h) × 8`.
|
||||
|
||||
## Document Dependencies
|
||||
|
||||
- `_docs/02_document/tests/blackbox-tests.md` § FT-P-15, § FT-P-16, § FT-P-18
|
||||
- `_docs/00_problem/restrictions.md` § Satellite Imagery (manifest schema)
|
||||
Reference in New Issue
Block a user