Add db migration and DNS dmarc entries

tests/test_analyzer.py

@@ -41,6 +41,11 @@ def _report(
     dkim_aligned: bool | None = None,
     report_time: datetime | None = None,
     org_name: str = "google.com",
+    policy_p: str | None = None,
+    policy_sp: str | None = None,
+    policy_pct: int | None = None,
+    disposition: str = "none",
+    reason_type: str | None = None,
 ) -> Report:
     dkim_aligned = dmarc_pass if dkim_aligned is None else dkim_aligned
     report_time = report_time or datetime.now(timezone.utc)
@@ -52,6 +57,9 @@ def _report(
         domain="tukutoi.com",
         date_begin=report_time - timedelta(hours=1),
         date_end=report_time,
+        policy_p=policy_p,
+        policy_sp=policy_sp,
+        policy_pct=policy_pct,
     )
     session.add(report)
     session.flush()
@@ -60,7 +68,7 @@ def _report(
             report=report,
             source_ip=source_ip,
             count=count,
-            disposition="none",
+            disposition=disposition,
             policy_dkim="pass" if dkim_aligned else "fail",
             policy_spf="pass" if spf_aligned else "fail",
             dkim_aligned=dkim_aligned,
@@ -70,6 +78,7 @@ def _report(
             known_sender_id="mailcow" if known else None,
             known_sender_name="mailcow outbound" if known else None,
             is_known_sender=known,
+            reason_type=reason_type,
         )
     )
     session.commit()
@@ -175,3 +184,28 @@ def test_missing_reporter_gap_does_not_create_alert():
     alerts = analyze_report(session, settings, report)
 
     assert not any(alert.type == "missing_reporter" for alert, _, _ in alerts)
+
+
+def test_alert_details_include_published_policy_and_receiver_action():
+    session = _session()
+    report = _report(
+        session,
+        source_ip="203.0.113.91",
+        count=25,
+        known=False,
+        dmarc_pass=False,
+        policy_p="reject",
+        policy_sp="quarantine",
+        policy_pct=100,
+        disposition="reject",
+    )
+
+    alerts = analyze_report(session, _settings(), report)
+
+    alert = next(alert for alert, _, _ in alerts if alert.type == "unknown_source_failed_both")
+    details = json.loads(alert.details_json)
+    assert details["published_policy"]["p"] == "reject"
+    assert details["published_policy"]["effective"] == "reject"
+    assert details["published_policy"]["effective_source"] == "p"
+    assert details["receiver_action"]["disposition"] == "reject"
+    assert "Published DMARC policy was p=reject; pct=100" in alert.summary