keystone/tests/Feature/ProvisionScriptTest.php

<?php

use App\Models\Provider;
use App\Models\Server;
use Illuminate\Support\Facades\File;

it('renders the v1 provisioning script with docker compose and management keys', function () {
    File::ensureDirectoryExists(storage_path('app/private/ssh'));
    File::put(storage_path('app/private/ssh/id_ed25519.pub'), 'ssh-ed25519 keystone-public-key');

    $organisation = \App\Models\Organisation::factory()->create();
    $provider = Provider::factory()->forOrganisation($organisation)->create();
    $network = $organisation->networks()->create([
        'name' => 'keystone',
        'external_id' => 'net-12345',
        'provider_id' => $provider->id,
        'ip_range' => fake()->ipv4().'/24',
    ]);
    $server = Server::factory()->create([
        'organisation_id' => $organisation->id,
        'provider_id' => $provider->id,
        'network_id' => $network->id,
    ]);

    $response = $this->get(route('provision-script', [
        'sudo_password' => 'secret-password',
        'hostname' => 'keystone-test',
        'server_id' => $server->id,
    ]));

    $response->assertOk();
    expect($response->content())
        ->toContain('docker-compose-plugin')
        ->toContain('fail2ban')
        ->toContain('ufw --force enable')
        ->toContain('PasswordAuthentication no')
        ->toContain('ssh-ed25519 keystone-public-key')
        ->toContain('chmod 600 /home/keystone/.ssh/id_ed25519')
        ->not->toContain('[!hostname!]')
        ->not->toContain('[!sudo_password!]')
        ->not->toContain('[!server_id!]')
        ->not->toContain('[!keystonepublickey!]');
});