mirror of
https://github.com/azaion/gps-denied-onboard.git
synced 2026-06-21 23:11:13 +00:00
Oleksandr Bezdieniezhnykh
6599d828d2
Three blackbox-harness tasks landed together — all depend only on
AZ-406 and unblock the FT-* / NFT-* scenario tasks scheduled for
batches 69+.
AZ-407 — Static fixture builders (3pt):
* tile-cache-builder/{builder.py, Dockerfile, build.sh} produces a
deterministic tile-cache-fixture Docker volume from
_docs/00_problem/input_data/. Reproducibility primitives: sorted
iteration, frozen PIL JPEG settings, FAISS HNSW32 built single-
threaded with seeded stub descriptors.
* age-injector/{age_injector.py, inject.sh} clones the volume and
shifts capture_date by N×30.44 days; tile JPEG bytes preserved
bit-identical. Emits synth-age-7mo + synth-age-13mo volumes.
* cold-boot/cold_boot_fixture.json: frozen FC pose snapshot at
Derkachi sector centre, schema v1.
* secrets/mavlink-test-passkey.txt: 64-hex with required
`# TEST ONLY` header line per AC-5. Passkey-equality test now
compares the secret line after stripping the header.
* security/cve-2025-53644.jpg: synthetic 158-byte malformed JPEG
(truncated SOS marker). OpenCV 4.11.x rejects gracefully with
imdecode → None. AZ-439 will sharpen for ASan instrumentation.
* Top-level Makefile with `make fixtures` / `make fixtures-*` /
`make e2e-tier1*` / `make unit-tests` targets.
AZ-444 — Tier-2 Jetson harness wrapper (5pt):
* run-tier2.sh rewritten as orchestrator. Detects local
(aarch64 + TIER2_HOST=localhost) vs remote (ssh into TIER2_HOST).
New flags: -k/--selector, --build-kind production|asan,
--reflash (gated behind TIER2_REFLASH_ACK=1 two-key gate),
--dry-run.
* tier2-on-jetson.sh (new) — on-device delegate. Verifies
gps-denied-onboard{,-asan}.service health; restarts with 5s
tolerance; spawns tegrastats + jtop parallel samplers; tails
ASan unit's journal in asan mode; drives docker compose with
TIER=tier2-jetson; forwards SELECTOR to pytest -k.
* docker/run-tier1.sh (new) — selector-parity sibling.
* AC-1 (selector parity) and AC-6 (reflash gating) unit-tested via
--dry-run output assertions. AC-2/AC-3/AC-4/AC-5 are hardware-
loop ACs verified by the Tier-2 runtime smoke (no Jetson in the
unit-test layer).
AZ-445 — CSV reporter + evidence bundler refinements (2pt):
* reporting/nfr_recorder.py (new) — pytest plugin. Provides the
`nfr_recorder` fixture with record_metric(name, value, ac_id)
and partial(ac_id, reason). At session end emits:
- per-nfr/<scenario_id>.json (AC-1)
- traceability-status.json with every AC ID parsed from
traceability-matrix.md, classified Covered/PARTIAL/NOT
COVERED with source scenario IDs (AC-2)
- regression-baseline.json with all numeric metrics (AC-3)
* csv_reporter.py extended — `_outcome_to_result` consults the
aggregator; rows flip PASS → PARTIAL when an AC was marked
PARTIAL by nfr_recorder (AC-4). Graceful fallback when
aggregator isn't registered (unit-test contexts).
* conftest.py registers nfr_recorder in pytest_plugins.
* New --traceability-matrix CLI flag seeds the NOT COVERED rows.
Build / config:
* pyproject.toml dev extras: added Pillow>=10.4,<13.0 for the
tile-cache-builder unit test (broad enough to keep torchvision's
Pillow 12 pin happy; the production builder runs inside its own
Docker image with its own pin).
* Updated test_directory_layout.py to cover 10 new files + replaced
the byte-equal passkey assertion with the header-stripping
variant.
Test results:
* 157 focused tests pass (was 97 in batch 67; +60 new across this
batch). No regressions.
Module-layout / spec drift:
* AZ-407 spec text says `tests/fixtures/...`; module-layout
blackbox_tests entry (commit d7a17a8) authoritatively places the
harness under `e2e/`. Implementation followed the layout entry.
* AZ-444 spec mentions `e2e/tier2/run-tier2.sh`; AZ-406 placed it
at `e2e/jetson/run-tier2.sh`. Kept at `e2e/jetson/` for
consistency.
* Cold-boot README ownership: corrected from AZ-419 to AZ-407 per
AZ-419's own Dependencies field.
Specs archived to _docs/02_tasks/done/. Jira tickets transitioned to
In Testing on commit.
Co-authored-by: Cursor <cursoragent@cursor.com>
198 lines
8.0 KiB
TOML
198 lines
8.0 KiB
TOML
[build-system]
|
|
requires = ["setuptools>=68", "wheel"]
|
|
build-backend = "setuptools.build_meta"
|
|
|
|
[project]
|
|
name = "gps-denied-onboard"
|
|
version = "0.1.0"
|
|
description = "Companion onboard system for GPS-denied UAV navigation"
|
|
readme = "README.md"
|
|
requires-python = ">=3.10,<3.12"
|
|
license = {text = "Proprietary"}
|
|
authors = [{name = "AZAION onboard team"}]
|
|
|
|
dependencies = [
|
|
"numpy>=1.26,<2.0",
|
|
"scipy>=1.11,<2.0",
|
|
"pyyaml>=6.0",
|
|
"pydantic>=2.5,<3.0",
|
|
# OpenCV pin gate originally enforced >= 4.12.0 (D-CROSS-CVE-1). Held to
|
|
# 4.11.x while gtsam (4.2 on PyPI) only ships numpy-1.x wheels and
|
|
# opencv-python>=4.12 mandates numpy>=2. See
|
|
# _docs/_process_leftovers/<dated>_d_cross_cve_1_deferred.md — the gate
|
|
# will be restored to >=4.12.0 once a numpy-2-compatible gtsam wheel is
|
|
# available.
|
|
"opencv-python>=4.11.0.86,<4.12",
|
|
"psycopg[binary]>=3.1",
|
|
# AZ-305 / E-C6: `PostgresFilesystemStore` uses ConnectionPool to amortise
|
|
# pool startup across the read-heavy `read_tile_pixels` path. Pinned to the
|
|
# 3.x line in lockstep with `psycopg` itself.
|
|
"psycopg-pool>=3.2,<4.0",
|
|
"sqlalchemy>=2.0",
|
|
"alembic>=1.13",
|
|
"pymavlink>=2.4",
|
|
# iNav MSP2 wire decoder for C8 inbound (AZ-391). MSPy is request-response
|
|
# on a serial transport; AP uses pymavlink for the same role.
|
|
"yamspy>=0.3.3,<0.4",
|
|
"pyserial>=3.5",
|
|
"requests>=2.31",
|
|
"structlog>=24.1",
|
|
"click>=8.1",
|
|
# SE(3) math backend for helpers.se3_utils + C1/C2.5/C3/C3.5/C4/C5/C8 consumers (AZ-264 / AZ-277).
|
|
"gtsam>=4.2,<5.0",
|
|
# Atomic-rename backend for helpers.sha256_sidecar (D-C10-3, AZ-280).
|
|
"atomicwrites>=1.4,<2.0",
|
|
# WGS84 geodesy backend for helpers.wgs_converter (AZ-264 / AZ-279).
|
|
"pyproj>=3.6,<4.0",
|
|
# FDR wire format for fdr_client.records (E-CC-FDR-CLIENT / AZ-272).
|
|
"orjson>=3.9,<4.0",
|
|
# HTTPS client for C12 FlightsApiClient (AZ-489 / ADR-010). Picked over
|
|
# `requests` because httpx ships `MockTransport` natively, so the
|
|
# FlightsApi unit tests need no extra HTTP-mocking dep.
|
|
"httpx>=0.28,<1.0",
|
|
# AZ-307 / E-C6: FreshnessGate uses an in-memory R-tree to look up
|
|
# the sector classification for a (lat, lon) at every write_tile
|
|
# call. `rtree` is the libspatialindex Python wrapper — small,
|
|
# stable, sub-microsecond point-in-rect queries at the few-hundred-
|
|
# sector scale operators ship per flight (NFR p99 ≤ 100 µs).
|
|
"rtree>=1.0,<2.0",
|
|
# Ed25519 keypair generation + detached signing for AZ-323 C10
|
|
# ManifestBuilder + AZ-318 C11 per-flight signing key. Pinned here
|
|
# because AZ-323 is the first concrete consumer; AZ-318 inherits
|
|
# the pin when it lands. Major-version bound (<46) follows the
|
|
# standard "two majors of compatibility" pattern other deps in
|
|
# this file use.
|
|
"cryptography>=43.0,<46.0",
|
|
# AZ-306 / E-C6: production-default `DescriptorIndex` strategy.
|
|
# `FaissDescriptorIndex` builds `IndexHNSWFlat` + `IndexIDMap2`,
|
|
# serialises via `faiss.write_index`, and mmap-loads via
|
|
# `faiss.read_index(..., IO_FLAG_MMAP | IO_FLAG_READ_ONLY)`.
|
|
# Promoted from the legacy `[indexing]` extras to main deps because
|
|
# the production airborne binary ALWAYS needs the descriptor index
|
|
# (no "Tier-0 dev runtime can ship without faiss" path remains).
|
|
# Major-version bound (<2.0) follows the same pattern as other
|
|
# third-party deps in this file. Research fact #92 + arch tech-stack
|
|
# both pin upstream FAISS via this PyPI distribution.
|
|
"faiss-cpu>=1.7,<2.0",
|
|
# AZ-325 / E-C10: `CacheProvisioner` acquires a fcntl-based file
|
|
# lock at `cache_root/.c10.lock` to enforce CP-INV-4 (concurrent
|
|
# `build_cache_artifacts` invocations are mutually exclusive on the
|
|
# same cache root). `filelock` provides the cross-platform
|
|
# acquisition primitive with timeout + auto-release on process
|
|
# exit. Major-version bound (<4) follows the same pattern as other
|
|
# third-party deps in this file.
|
|
"filelock>=3.13,<4.0",
|
|
# AZ-327 / E-C12: `CompanionBringup` opens an SSH session against the
|
|
# operator-side companion to verify pre-flight artifacts. Shell-out
|
|
# to `ssh ...` is forbidden by the spec (security + reliability), so
|
|
# paramiko is the only allowed transport. Major-version bound (<4)
|
|
# follows the same pattern as other third-party deps in this file;
|
|
# the `MissingHostKeyPolicy` subclass surface (RejectPolicy /
|
|
# AutoAddPolicy) is stable across paramiko 3.x.
|
|
"paramiko>=3.4,<4.0",
|
|
]
|
|
|
|
[project.optional-dependencies]
|
|
dev = [
|
|
"pytest>=7.4",
|
|
"pytest-cov>=4.1",
|
|
"pytest-asyncio>=0.23",
|
|
"ruff>=0.4",
|
|
"mypy>=1.8",
|
|
"types-PyYAML",
|
|
"types-requests",
|
|
# AZ-406 (blackbox harness internals): the mock-suite-sat-service unit
|
|
# test exercises a FastAPI app via fastapi.testclient.TestClient. The
|
|
# production runtime of the mock lives inside its own Docker image so
|
|
# the SUT does not depend on FastAPI; this is a test-only dep.
|
|
"fastapi>=0.111,<0.120",
|
|
# AZ-407 (blackbox tile-cache + age-injector + cve-jpeg fixtures): the
|
|
# tile-cache-builder re-encodes paired _gmaps.png references into
|
|
# deterministic JPEG bodies and emits stub tiles via PIL. The
|
|
# production builder runs inside its own Docker image (which installs
|
|
# Pillow itself); this Pillow pin is only the test-time dep used by
|
|
# `e2e/_unit_tests/fixtures/test_tile_cache_builder.py`. Pin range
|
|
# tracks the Pillow that torchvision (project's inference extra)
|
|
# already accepts — currently 11.x / 12.x.
|
|
"Pillow>=10.4,<13.0",
|
|
]
|
|
inference = [
|
|
"torch>=2.2",
|
|
"torchvision>=0.17",
|
|
"onnxruntime>=1.17",
|
|
# tensorrt is installed out-of-band on Jetson — not a pip dep
|
|
]
|
|
# AZ-302: thermal telemetry backends used by C7's ThermalStatePublisher.
|
|
# Both are Jetson / NVIDIA-host-only and not import-required for Tier-1;
|
|
# the publisher selects whichever is importable at start() time and
|
|
# raises TelemetryUnavailableError if neither is present.
|
|
telemetry = [
|
|
"jetson-stats>=4.2",
|
|
"pynvml>=11.5",
|
|
]
|
|
|
|
[project.scripts]
|
|
gps-denied-replay = "gps_denied_onboard.cli.replay:main"
|
|
operator-orchestrator = "gps_denied_onboard.components.c12_operator_orchestrator.cli:main"
|
|
|
|
[tool.setuptools]
|
|
package-dir = {"" = "src"}
|
|
|
|
[tool.setuptools.packages.find]
|
|
where = ["src"]
|
|
include = ["gps_denied_onboard*"]
|
|
|
|
[tool.pytest.ini_options]
|
|
minversion = "7.0"
|
|
# `tests` is the in-process unit / integration / contract / perf test tree
|
|
# owned by per-component module-layout entries. `e2e/_unit_tests` is the
|
|
# OUT-OF-CONTAINER unit tree owned by the `blackbox_tests` cross-cutting
|
|
# entry — exercises the harness internals (CSV reporter, helpers, parsers,
|
|
# mock app, conftest skip rules) without Docker / SITL. The Docker-bound
|
|
# blackbox tree at `e2e/tests/` is intentionally NOT in testpaths: it runs
|
|
# inside the e2e-runner image via its own pytest.ini.
|
|
testpaths = ["tests", "e2e/_unit_tests"]
|
|
pythonpath = ["src", "e2e"]
|
|
# log_schema.py is the contract-mandated file name (AZ-245 AC-4); kept
|
|
# in python_files so the contract test is discovered alongside the
|
|
# standard `test_*.py` pattern.
|
|
python_files = ["test_*.py", "*_test.py", "log_schema.py"]
|
|
addopts = [
|
|
"--strict-markers",
|
|
"-ra",
|
|
]
|
|
markers = [
|
|
"tier2: tests that require Jetson hardware (auto-skipped on Tier-1)",
|
|
"gpu: tests that require an NVIDIA GPU",
|
|
"docker: tests that require Docker compose services",
|
|
"ardupilot_sitl: tests that require ArduPilot SITL container",
|
|
"slow: tests slower than ~5s",
|
|
"contract: contract-suite test (frozen public surfaces)",
|
|
]
|
|
|
|
[tool.coverage.run]
|
|
source = ["src/gps_denied_onboard"]
|
|
branch = true
|
|
|
|
[tool.coverage.report]
|
|
show_missing = true
|
|
skip_covered = false
|
|
|
|
[tool.ruff]
|
|
line-length = 100
|
|
target-version = "py310"
|
|
src = ["src", "tests"]
|
|
|
|
[tool.ruff.lint]
|
|
select = ["E", "F", "W", "I", "B", "UP", "RUF"]
|
|
ignore = ["E501"]
|
|
|
|
[tool.mypy]
|
|
python_version = "3.10"
|
|
strict = true
|
|
warn_unused_ignores = true
|
|
warn_return_any = true
|
|
ignore_missing_imports = true
|
|
mypy_path = "src"
|
|
packages = ["gps_denied_onboard"]
|