Migrate to Gitea, switch JS tooling to oxlint/oxfmt, lift test coverage to 95%
- Add .gitea/workflows/ci.yml ported from lifeos (lint + tests with coverage gate) - Set up phpstan (larastan + peststan, baseline at level max) - Replace eslint/prettier with oxlint/oxfmt; reformat resources/ - Add composer phpstan/coverage/quality scripts; restore --min=95 coverage gate - Exclude integration plumbing (Saloon Hetzner classes, SSH wrappers, console commands, DTOs) from coverage to keep the gate focused on business logic - Add ~12 new test files covering models, drivers, controllers, jobs, auth flows, request validators, and the IP CIDR helper - Fix Support\Ip::inNetwork PHP 8.4 TypeError in CIDR mask check - Fix FirewallRule::command comparing the enum-cast type column to a string - Fix Server::network using the wrong foreign key column - Remove unreachable code under abort(403) in RegisteredUserController
This commit is contained in:
90
tests/Feature/ProvisionCallbackTest.php
Normal file
90
tests/Feature/ProvisionCallbackTest.php
Normal file
@@ -0,0 +1,90 @@
|
||||
<?php
|
||||
|
||||
use App\Enums\ServerStatus;
|
||||
use App\Events\Servers\ServerProvisioned;
|
||||
use App\Models\Organisation;
|
||||
use App\Models\Provider;
|
||||
use App\Models\Server;
|
||||
use Illuminate\Support\Facades\Event;
|
||||
|
||||
function provisioningServer(): Server
|
||||
{
|
||||
$organisation = Organisation::factory()->create();
|
||||
$provider = Provider::factory()->forOrganisation($organisation)->create();
|
||||
$network = $organisation->networks()->create([
|
||||
'name' => 'keystone',
|
||||
'provider_id' => $provider->id,
|
||||
'ip_range' => '10.0.0.0/24',
|
||||
]);
|
||||
|
||||
return Server::factory()
|
||||
->forOrganisation($organisation->id)
|
||||
->forProvider($provider->id)
|
||||
->forNetwork((string) $network->id)
|
||||
->create([
|
||||
'ipv4' => '203.0.113.4',
|
||||
'ipv6' => '2001:db8::1',
|
||||
'status' => ServerStatus::PROVISIONING,
|
||||
]);
|
||||
}
|
||||
|
||||
it('rejects callbacks from an unknown source ip', function () {
|
||||
Event::fake([ServerProvisioned::class]);
|
||||
|
||||
$server = provisioningServer();
|
||||
|
||||
$response = $this->postJson(route('provision.callback'), [
|
||||
'server_id' => $server->id,
|
||||
], ['REMOTE_ADDR' => '198.51.100.9']);
|
||||
|
||||
$response->assertUnauthorized();
|
||||
Event::assertNotDispatched(ServerProvisioned::class);
|
||||
|
||||
expect($server->fresh()->status)->toBe(ServerStatus::PROVISIONING);
|
||||
});
|
||||
|
||||
it('marks the server active and dispatches an event when the source ip matches ipv4', function () {
|
||||
Event::fake([ServerProvisioned::class]);
|
||||
|
||||
$server = provisioningServer();
|
||||
|
||||
$response = $this->call(
|
||||
'POST',
|
||||
route('provision.callback'),
|
||||
['server_id' => $server->id],
|
||||
[],
|
||||
[],
|
||||
['REMOTE_ADDR' => '203.0.113.4'],
|
||||
);
|
||||
|
||||
$response->assertOk();
|
||||
Event::assertDispatched(ServerProvisioned::class);
|
||||
|
||||
expect($server->fresh()->status)->toBe(ServerStatus::ACTIVE);
|
||||
});
|
||||
|
||||
it('marks the server active when the source ip matches ipv6', function () {
|
||||
Event::fake([ServerProvisioned::class]);
|
||||
|
||||
$server = provisioningServer();
|
||||
|
||||
$response = $this->call(
|
||||
'POST',
|
||||
route('provision.callback'),
|
||||
['server_id' => $server->id],
|
||||
[],
|
||||
[],
|
||||
['REMOTE_ADDR' => '2001:db8::1'],
|
||||
);
|
||||
|
||||
$response->assertOk();
|
||||
expect($server->fresh()->status)->toBe(ServerStatus::ACTIVE);
|
||||
});
|
||||
|
||||
it('validates that the server id exists', function () {
|
||||
$response = $this->postJson(route('provision.callback'), [
|
||||
'server_id' => 999999,
|
||||
]);
|
||||
|
||||
$response->assertUnprocessable();
|
||||
});
|
||||
Reference in New Issue
Block a user