"""TC-09: self-hosting safety — the Docker client is read-only by construction.

The client exposes ONLY read methods (list/inspect), its single request
primitive hard-codes the ``GET`` HTTP method, and the source carries no
mutating Docker verb (start/stop/restart/kill/exec/POST). ``classify_container``
is a pure status mapper.
"""
import inspect as _inspect

from watchdog.collectors import containers as cmod


def test_request_primitive_is_get_only(monkeypatch):
    captured = {}

    class _FakeConn:
        def __init__(self, *a, **k):
            pass

        def request(self, method, path):
            captured["method"] = method
            captured["path"] = path

        def getresponse(self):
            class _R:
                status = 200

                def read(self_inner):
                    return b"[]"

            return _R()

        def close(self):
            pass

    monkeypatch.setattr(cmod, "_UnixHTTPConnection", _FakeConn)
    reader = cmod.DockerSockReader("/var/run/docker.sock")
    reader.list_containers()
    assert captured["method"] == "GET"
    reader.inspect("orchestrator")
    assert captured["method"] == "GET"


def test_no_mutating_verbs_in_source():
    src = _inspect.getsource(cmod)
    lowered = src.lower()
    # No write/control verbs should appear as Docker actions in this module.
    for verb in ("/start", "/stop", "/restart", "/kill", "/exec", "\"post\"", "'post'"):
        assert verb not in lowered, f"mutating verb leaked into containers.py: {verb}"


def test_reader_exposes_only_read_methods():
    public = [
        n for n in dir(cmod.DockerSockReader)
        if not n.startswith("_")
    ]
    assert set(public) == {"list_containers", "inspect"}


def test_classify_container_pure_mapping():
    assert cmod.classify_container({"State": {"Status": "running"}}) == "running"
    assert cmod.classify_container({"State": {"Status": "exited"}}) == "exited"
    assert cmod.classify_container(
        {"State": {"Status": "running", "Health": {"Status": "unhealthy"}}}
    ) == "unhealthy"
    assert cmod.classify_container(
        {"State": {"Status": "running", "Health": {"Status": "healthy"}}}
    ) == "healthy"
    assert cmod.classify_container(None) == "unknown"
    assert cmod.classify_container({}) == "unknown"


def test_container_alarm_semantics():
    assert cmod.container_alarm("running") is False
    assert cmod.container_alarm("healthy") is False
    assert cmod.container_alarm("exited") is True
    assert cmod.container_alarm("restarting") is True
    assert cmod.container_alarm("unhealthy") is True
    assert cmod.container_alarm("unknown") is True