Commit 2612cc6
authored
[Repo Assist] fix(config): add promotion-label and demotion-label fields to AllowOnlyPolicy (#4928)
🤖 *This PR was created by Repo Assist, an automated AI assistant.*
## Summary
Fixes a compliance regression introduced in commit `662a784` where
`promotion_label` and `demotion_label` were added to the Rust WASM
guard's `AllowOnlyPolicy` but the Go config layer was never updated.
**Without this fix**, any operator using:
```json
{"allow-only": {"repos": "public", "min-integrity": "unapproved", "promotion-label": "agent-approved", "demotion-label": "agent-blocked"}}
```
...via `--guard-policy-json`, `MCP_GATEWAY_GUARD_POLICY_JSON`, or a
config file would receive:
```
allow-only contains unsupported field "promotion-label"
```
and the gateway would refuse to start. The feature added in `662a784`
was entirely inaccessible.
## Changes
- **`internal/config/guard_policy.go`**: Add
`PromotionLabel`/`DemotionLabel` to `AllowOnlyPolicy` struct,
`UnmarshalJSON` switch cases, `MarshalJSON` serialized struct, and
`NormalizedGuardPolicy`
- **`internal/config/guard_policy_validation.go`**: Pass through
`PromotionLabel`/`DemotionLabel` in `NormalizeGuardPolicy`
- **`internal/config/guard_policy_test.go`**: Add 6 test cases covering
round-trip parsing, both fields combined, empty-field behaviour, and
`ParseGuardPolicyJSON` acceptance
## Test Status
The Go module proxy (`proxy.golang.org`) is blocked by the network
firewall in this environment, preventing `go test` execution. The
changes are syntactically verified with `gofmt -l` (clean) and follow
the established pattern used by all other `AllowOnlyPolicy` fields
(`DisapprovalIntegrity`, `EndorserMinIntegrity`, etc.).
Closes #4920
> [!WARNING]
> **3 files changed
Lines changed: 98 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
47 | 47 | | |
48 | 48 | | |
49 | 49 | | |
| 50 | + | |
| 51 | + | |
50 | 52 | | |
51 | 53 | | |
52 | 54 | | |
| |||
61 | 63 | | |
62 | 64 | | |
63 | 65 | | |
| 66 | + | |
| 67 | + | |
64 | 68 | | |
65 | 69 | | |
66 | 70 | | |
| |||
168 | 172 | | |
169 | 173 | | |
170 | 174 | | |
| 175 | + | |
| 176 | + | |
| 177 | + | |
| 178 | + | |
| 179 | + | |
| 180 | + | |
| 181 | + | |
| 182 | + | |
171 | 183 | | |
172 | 184 | | |
173 | 185 | | |
| |||
195 | 207 | | |
196 | 208 | | |
197 | 209 | | |
| 210 | + | |
| 211 | + | |
198 | 212 | | |
199 | 213 | | |
200 | 214 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1140 | 1140 | | |
1141 | 1141 | | |
1142 | 1142 | | |
| 1143 | + | |
| 1144 | + | |
| 1145 | + | |
| 1146 | + | |
| 1147 | + | |
| 1148 | + | |
| 1149 | + | |
| 1150 | + | |
| 1151 | + | |
| 1152 | + | |
| 1153 | + | |
| 1154 | + | |
| 1155 | + | |
| 1156 | + | |
| 1157 | + | |
| 1158 | + | |
| 1159 | + | |
| 1160 | + | |
| 1161 | + | |
| 1162 | + | |
| 1163 | + | |
| 1164 | + | |
| 1165 | + | |
| 1166 | + | |
| 1167 | + | |
| 1168 | + | |
| 1169 | + | |
| 1170 | + | |
| 1171 | + | |
| 1172 | + | |
| 1173 | + | |
| 1174 | + | |
| 1175 | + | |
| 1176 | + | |
| 1177 | + | |
| 1178 | + | |
| 1179 | + | |
| 1180 | + | |
| 1181 | + | |
| 1182 | + | |
| 1183 | + | |
| 1184 | + | |
| 1185 | + | |
| 1186 | + | |
| 1187 | + | |
| 1188 | + | |
| 1189 | + | |
| 1190 | + | |
| 1191 | + | |
| 1192 | + | |
| 1193 | + | |
| 1194 | + | |
| 1195 | + | |
| 1196 | + | |
| 1197 | + | |
| 1198 | + | |
| 1199 | + | |
| 1200 | + | |
| 1201 | + | |
| 1202 | + | |
| 1203 | + | |
| 1204 | + | |
| 1205 | + | |
| 1206 | + | |
| 1207 | + | |
| 1208 | + | |
| 1209 | + | |
| 1210 | + | |
| 1211 | + | |
| 1212 | + | |
| 1213 | + | |
| 1214 | + | |
| 1215 | + | |
| 1216 | + | |
| 1217 | + | |
| 1218 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
206 | 206 | | |
207 | 207 | | |
208 | 208 | | |
| 209 | + | |
| 210 | + | |
| 211 | + | |
| 212 | + | |
| 213 | + | |
| 214 | + | |
| 215 | + | |
| 216 | + | |
209 | 217 | | |
210 | 218 | | |
211 | 219 | | |
| |||
0 commit comments