harry/keystone
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
66f0ee9e50bcf1762048979e1936731e523ea7d1
keystone/tests/Feature/ServiceImageDigestTest.php
Harry Bayliss 66f0ee9e50
All checks were successful
CI / Tests (push) Successful in 43s
Details
CI / Lint (push) Successful in 1m3s
Details
Migrate to Gitea, switch JS tooling to oxlint/oxfmt, lift test coverage to 95% 
- Add .gitea/workflows/ci.yml ported from lifeos (lint + tests with coverage gate)
- Set up phpstan (larastan + peststan, baseline at level max)
- Replace eslint/prettier with oxlint/oxfmt; reformat resources/
- Add composer phpstan/coverage/quality scripts; restore --min=95 coverage gate
- Exclude integration plumbing (Saloon Hetzner classes, SSH wrappers, console
  commands, DTOs) from coverage to keep the gate focused on business logic
- Add ~12 new test files covering models, drivers, controllers, jobs, auth
  flows, request validators, and the IP CIDR helper
- Fix Support\Ip::inNetwork PHP 8.4 TypeError in CIDR mask check
- Fix FirewallRule::command comparing the enum-cast type column to a string
- Fix Server::network using the wrong foreign key column
- Remove unreachable code under abort(403) in RegisteredUserController
2026-05-13 16:51:07 +01:00

158 lines
5.2 KiB
PHP
Raw Blame History

<?php
use App\Actions\Services\ResolveServiceImageDigest;
use App\Enums\ServiceCategory;
use App\Enums\ServiceType;
use App\Models\Network;
use App\Models\Organisation;
use App\Models\Provider;
use App\Models\Server;
use App\Models\Service;
use App\Services\Operations\RemoteCommandRunner;
it('resolves a service driver image tag to an immutable digest', function () {
app()->instance(RemoteCommandRunner::class, new class implements RemoteCommandRunner
{
public string $script = '';
public function run(Server $server, string $script): string
{
$this->script = $script;
return "image_digest=postgres:18@sha256:resolveddigest\n";
}
});
$service = Service::factory()->for(serviceDigestServer())->create([
'category' => ServiceCategory::DATABASE,
'type' => ServiceType::POSTGRES,
'version' => '18',
'version_track' => '18',
'driver_name' => 'postgres.18',
'credentials' => [
'user' => 'keystone',
'password' => 'secret',
'db' => 'keystone',
],
]);
expect(app(ResolveServiceImageDigest::class)->execute($service))->toBe('sha256:resolveddigest');
});
it('pulls the image before failing digest resolution when it is not present locally', function () {
$runner = new class implements RemoteCommandRunner
{
public string $script = '';
public function run(Server $server, string $script): string
{
$this->script = $script;
return 'image_digest=valkey/valkey:8@sha256:pulleddigest';
}
};
app()->instance(RemoteCommandRunner::class, $runner);
$service = Service::factory()->for(serviceDigestServer())->create([
'category' => ServiceCategory::CACHE,
'type' => ServiceType::VALKEY,
'version' => '8',
'version_track' => '8',
'driver_name' => 'valkey.8',
]);
expect(app(ResolveServiceImageDigest::class)->execute($service))->toBe('sha256:pulleddigest')
->and($runner->script)->toContain('docker pull "$image"');
});
it('short circuits when the resolved image is already a sha256 digest', function () {
$service = Service::factory()->for(serviceDigestServer())->create([
'category' => ServiceCategory::DATABASE,
'type' => ServiceType::POSTGRES,
'version' => '18',
'version_track' => '18',
'driver_name' => 'postgres.18',
'credentials' => [
'user' => 'keystone',
'password' => 'secret',
'db' => 'keystone',
],
'available_image_digest' => 'sha256:precomputed',
]);
expect(app(ResolveServiceImageDigest::class)->execute($service))->toBe('sha256:precomputed');
});
it('falls back to the raw output when the digest line is not present', function () {
app()->instance(RemoteCommandRunner::class, new class implements RemoteCommandRunner
{
public function run(Server $server, string $script): string
{
return 'postgres:18@sha256:fallbackdigest';
}
});
$service = Service::factory()->for(serviceDigestServer())->create([
'category' => ServiceCategory::DATABASE,
'type' => ServiceType::POSTGRES,
'version' => '18',
'version_track' => '18',
'driver_name' => 'postgres.18',
'credentials' => ['user' => 'u', 'password' => 'p', 'db' => 'd'],
]);
expect(app(ResolveServiceImageDigest::class)->execute($service))->toBe('sha256:fallbackdigest');
});
it('throws when the service has no server to query', function () {
$service = Service::factory()->create([
'category' => ServiceCategory::DATABASE,
'type' => ServiceType::POSTGRES,
'driver_name' => 'postgres.18',
'credentials' => ['user' => 'u', 'password' => 'p', 'db' => 'd'],
'server_id' => null,
]);
expect(fn () => app(ResolveServiceImageDigest::class)->execute($service))
->toThrow(RuntimeException::class, 'must have a target server');
});
it('throws when the remote output does not yield a digest', function () {
app()->instance(RemoteCommandRunner::class, new class implements RemoteCommandRunner
{
public function run(Server $server, string $script): string
{
return 'no digest at all';
}
});
$service = Service::factory()->for(serviceDigestServer())->create([
'category' => ServiceCategory::DATABASE,
'type' => ServiceType::POSTGRES,
'driver_name' => 'postgres.18',
'credentials' => ['user' => 'u', 'password' => 'p', 'db' => 'd'],
]);
expect(fn () => app(ResolveServiceImageDigest::class)->execute($service))
->toThrow(RuntimeException::class, 'Unable to resolve image digest');
});
function serviceDigestServer(): Server
{
$organisation = Organisation::factory()->create();
$provider = Provider::factory()->forOrganisation($organisation)->create();
$network = Network::create([
'organisation_id' => $organisation->id,
'provider_id' => $provider->id,
'name' => 'test-network',
'ip_range' => '10.0.0.0/24',
]);
return Server::factory()
->forOrganisation($organisation->id)
->forProvider($provider->id)
->forNetwork($network->id)
->create();
}
Reference in New Issue View Git Blame Copy Permalink