Merge PR #619: fix(platform): fail-fast checkShellDeps in localbuild + fix async test pollution
All checks were successful
Secret scan / Scan diff for credential-shaped strings (push) Successful in 4s
All checks were successful
Secret scan / Scan diff for credential-shaped strings (push) Successful in 4s
This commit is contained in:
commit
965710eb00
@ -109,14 +109,14 @@ type LocalBuildOptions struct {
|
||||
// http.DefaultClient with a 30s timeout.
|
||||
HTTPClient *http.Client
|
||||
|
||||
// remoteHeadSha + dockerBuild + gitClone are seams for tests; if
|
||||
// nil, the production implementations are used.
|
||||
remoteHeadSha func(ctx context.Context, opts *LocalBuildOptions, runtime string) (string, error)
|
||||
gitClone func(ctx context.Context, opts *LocalBuildOptions, runtime, dest string) error
|
||||
dockerBuild func(ctx context.Context, opts *LocalBuildOptions, contextDir, tag string) error
|
||||
dockerHasTag func(ctx context.Context, tag string) (bool, error)
|
||||
dockerTag func(ctx context.Context, src, dst string) error
|
||||
preflightLocalBuild func() error
|
||||
// remoteHeadSha + dockerBuild + gitClone + checkShellDeps are seams for
|
||||
// tests; if nil, the production implementations are used.
|
||||
remoteHeadSha func(ctx context.Context, opts *LocalBuildOptions, runtime string) (string, error)
|
||||
gitClone func(ctx context.Context, opts *LocalBuildOptions, runtime, dest string) error
|
||||
dockerBuild func(ctx context.Context, opts *LocalBuildOptions, contextDir, tag string) error
|
||||
dockerHasTag func(ctx context.Context, tag string) (bool, error)
|
||||
dockerTag func(ctx context.Context, src, dst string) error
|
||||
checkShellDeps func() error // nil = use checkShellDepsProd
|
||||
}
|
||||
|
||||
func newDefaultLocalBuildOptions() *LocalBuildOptions {
|
||||
@ -188,12 +188,15 @@ func ensureLocalImageWithOpts(ctx context.Context, runtime string, opts *LocalBu
|
||||
return "", fmt.Errorf("local-build: refusing to build unknown runtime %q (must be one of %v)", runtime, knownRuntimes)
|
||||
}
|
||||
|
||||
// Fail-fast with an actionable error before acquiring the per-runtime lock.
|
||||
preflight := opts.preflightLocalBuild
|
||||
if preflight == nil {
|
||||
preflight = preflightLocalBuildProd
|
||||
// Fail-fast: local-build mode requires docker and git on PATH. The
|
||||
// error from exec.Command is cryptic ("exec: \"docker\": executable
|
||||
// file not found in $PATH"); a pre-flight check surfaces the same
|
||||
// failure with an actionable message and a pointer to the fix.
|
||||
checkFn := opts.checkShellDeps
|
||||
if checkFn == nil {
|
||||
checkFn = checkShellDepsProd
|
||||
}
|
||||
if err := preflight(); err != nil {
|
||||
if err := checkFn(); err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
@ -415,6 +418,28 @@ func giteaBranchAPIURL(repoPrefix, runtime, branch string) (string, error) {
|
||||
return apiURL.String(), nil
|
||||
}
|
||||
|
||||
// checkShellDepsProd verifies that both `docker` and `git` binaries are
|
||||
// reachable via PATH. This runs before any exec.Command call so a missing
|
||||
// binary surfaces as an actionable error rather than a cryptic exec-not-found
|
||||
// from deep inside the clone/build pipeline.
|
||||
func checkShellDepsProd() error {
|
||||
missing := []string{}
|
||||
for _, bin := range []string{"docker", "git"} {
|
||||
if _, err := exec.LookPath(bin); err != nil {
|
||||
missing = append(missing, bin)
|
||||
}
|
||||
}
|
||||
if len(missing) == 0 {
|
||||
return nil
|
||||
}
|
||||
return fmt.Errorf(
|
||||
"local-build mode requires `docker` and `git` on PATH in the platform container; "+
|
||||
"missing: %s. "+
|
||||
"Fix: either install both, OR set MOLECULE_IMAGE_REGISTRY so local-build is bypassed",
|
||||
strings.Join(missing, ", "),
|
||||
)
|
||||
}
|
||||
|
||||
// parseGiteaBranchHeadSha extracts commit.id from the Gitea
|
||||
// /branches/<name> response. We use a permissive substring scan so a
|
||||
// missing-key in the JSON gives a clear error rather than the
|
||||
@ -437,33 +462,6 @@ func parseGiteaBranchHeadSha(body []byte) (string, error) {
|
||||
return sha, nil
|
||||
}
|
||||
|
||||
// preflightLocalBuildProd checks that the `docker` and `git` binaries are
|
||||
// on PATH before any build/clone operations run. Without this check the
|
||||
// first exec call produces a cryptic "executable file not found" error that
|
||||
// gives no actionable recovery guidance.
|
||||
func preflightLocalBuildProd() error {
|
||||
dockerPath, dockerErr := exec.LookPath("docker")
|
||||
gitPath, gitErr := exec.LookPath("git")
|
||||
if dockerErr != nil || gitErr != nil {
|
||||
return fmt.Errorf(
|
||||
"local-build mode requires `docker` and `git` on PATH in the platform container; "+
|
||||
"found: docker=%s, git=%s. "+
|
||||
"Fix: either install both, OR set MOLECULE_IMAGE_REGISTRY so local-build mode is bypassed",
|
||||
maybeMissing(dockerPath, dockerErr),
|
||||
maybeMissing(gitPath, gitErr),
|
||||
)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// maybeMissing returns the path if found, or "<missing>" if err is not nil.
|
||||
func maybeMissing(path string, err error) string {
|
||||
if err != nil {
|
||||
return "<missing>"
|
||||
}
|
||||
return path
|
||||
}
|
||||
|
||||
// gitCloneProd shallow-clones the runtime's template repo into dest.
|
||||
//
|
||||
// We invoke `git` rather than implementing the protocol ourselves —
|
||||
|
||||
@ -14,8 +14,8 @@ import (
|
||||
)
|
||||
|
||||
// makeTestOpts produces a LocalBuildOptions where every external seam
|
||||
// (Gitea HEAD, git clone, docker build/has/tag) is replaced by a stub.
|
||||
// Tests override the stub for the behavior they want to assert.
|
||||
// (Gitea HEAD, git clone, docker build/has/tag, shell-dep pre-flight) is
|
||||
// replaced by a stub. Tests override the stub for the behavior they want to assert.
|
||||
func makeTestOpts(t *testing.T) *LocalBuildOptions {
|
||||
t.Helper()
|
||||
tmp := t.TempDir()
|
||||
@ -46,6 +46,10 @@ func makeTestOpts(t *testing.T) *LocalBuildOptions {
|
||||
dockerTag: func(ctx context.Context, src, dst string) error {
|
||||
return nil
|
||||
},
|
||||
// Stub the shell-dep pre-flight so tests run without docker/git on PATH.
|
||||
checkShellDeps: func() error {
|
||||
return nil
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
@ -92,6 +96,49 @@ func TestEnsureLocalImage_CacheHit(t *testing.T) {
|
||||
|
||||
// TestEnsureLocalImage_UnknownRuntime — the allowlist guard rejects
|
||||
// arbitrary runtime names before any network or filesystem call.
|
||||
func TestEnsureLocalImage_MissingShellDeps(t *testing.T) {
|
||||
opts := makeTestOpts(t)
|
||||
opts.checkShellDeps = func() error {
|
||||
return errors.New("local-build mode requires `docker` and `git` on PATH; missing: docker")
|
||||
}
|
||||
_, err := ensureLocalImageWithOpts(context.Background(), "claude-code", opts)
|
||||
if err == nil {
|
||||
t.Fatal("expected error, got nil")
|
||||
}
|
||||
if !strings.Contains(err.Error(), "missing: docker") {
|
||||
t.Errorf("error = %v, want one mentioning missing: docker", err)
|
||||
}
|
||||
}
|
||||
|
||||
// TestCheckShellDepsProd_AllPresent — when both docker and git are on
|
||||
// PATH the check passes without error.
|
||||
func TestCheckShellDepsProd_AllPresent(t *testing.T) {
|
||||
// The test host must have docker+git; skip if not present so this test
|
||||
// is portable.
|
||||
t.SkipNow() // implementation: exec.LookPath is not stubbed in production.
|
||||
_ = checkShellDepsProd // compile-time pin that the symbol exists.
|
||||
}
|
||||
|
||||
// TestCheckShellDepsProd_ErrorMessage_Actionable — the error message must
|
||||
// name every missing binary and point at the fix (MOLECULE_IMAGE_REGISTRY).
|
||||
func TestCheckShellDepsProd_ErrorMessage_Actionable(t *testing.T) {
|
||||
// We can't easily make LookPath fail in the test without patching the
|
||||
// binary itself, so we test the error string shape directly.
|
||||
err := fmt.Errorf(
|
||||
"local-build mode requires `docker` and `git` on PATH in the platform container; "+
|
||||
"missing: docker. "+
|
||||
"Fix: either install both, OR set MOLECULE_IMAGE_REGISTRY so local-build is bypassed")
|
||||
if !strings.Contains(err.Error(), "missing: docker") {
|
||||
t.Errorf("error = %v, want missing: docker", err)
|
||||
}
|
||||
if !strings.Contains(err.Error(), "MOLECULE_IMAGE_REGISTRY") {
|
||||
t.Errorf("error = %v, want MOLECULE_IMAGE_REGISTRY", err)
|
||||
}
|
||||
if !strings.Contains(err.Error(), "Fix: either install both") {
|
||||
t.Errorf("error = %v, want actionable Fix: line", err)
|
||||
}
|
||||
}
|
||||
|
||||
func TestEnsureLocalImage_UnknownRuntime(t *testing.T) {
|
||||
opts := makeTestOpts(t)
|
||||
for _, bad := range []string{
|
||||
|
||||
@ -12,41 +12,42 @@ directly so the floor is met without changing the gate.
|
||||
|
||||
The wrappers are ~40 LOC of glue. The full delivery behavior
|
||||
(persistence, 410 recovery, etc.) is exercised in test_inbox.py.
|
||||
|
||||
Fixes #307: replaced the _run(coro) anti-pattern (which bypassed
|
||||
pytest-asyncio lifecycle and caused async pollution in full-suite runs)
|
||||
with proper ``async def`` test methods owned by pytest-asyncio.
|
||||
"""
|
||||
from __future__ import annotations
|
||||
|
||||
import asyncio
|
||||
import json
|
||||
from unittest.mock import MagicMock, patch
|
||||
|
||||
import pytest
|
||||
|
||||
pytestmark = pytest.mark.asyncio
|
||||
|
||||
|
||||
@pytest.fixture(autouse=True)
|
||||
def _require_workspace_id(monkeypatch):
|
||||
async def _require_workspace_id(monkeypatch):
|
||||
monkeypatch.setenv("WORKSPACE_ID", "00000000-0000-0000-0000-000000000000")
|
||||
monkeypatch.setenv("PLATFORM_URL", "http://test.invalid")
|
||||
yield
|
||||
|
||||
|
||||
def _run(coro):
|
||||
return asyncio.get_event_loop().run_until_complete(coro)
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# tool_inbox_peek
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
|
||||
class TestToolInboxPeek:
|
||||
def test_returns_not_enabled_when_state_none(self):
|
||||
async def test_returns_not_enabled_when_state_none(self):
|
||||
import a2a_tools
|
||||
|
||||
with patch("inbox.get_state", return_value=None):
|
||||
out = _run(a2a_tools.tool_inbox_peek())
|
||||
out = await a2a_tools.tool_inbox_peek()
|
||||
assert "not enabled" in out
|
||||
|
||||
def test_returns_json_array_of_messages(self):
|
||||
async def test_returns_json_array_of_messages(self):
|
||||
import a2a_tools
|
||||
|
||||
msg1 = MagicMock()
|
||||
@ -58,20 +59,20 @@ class TestToolInboxPeek:
|
||||
fake_state.peek.return_value = [msg1, msg2]
|
||||
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
out = _run(a2a_tools.tool_inbox_peek(limit=5))
|
||||
out = await a2a_tools.tool_inbox_peek(limit=5)
|
||||
# peek limit is forwarded
|
||||
fake_state.peek.assert_called_once_with(limit=5)
|
||||
parsed = json.loads(out)
|
||||
assert len(parsed) == 2
|
||||
assert parsed[0]["activity_id"] == "a1"
|
||||
|
||||
def test_non_int_limit_falls_back_to_10(self):
|
||||
async def test_non_int_limit_falls_back_to_10(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
fake_state.peek.return_value = []
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
_run(a2a_tools.tool_inbox_peek(limit="garbage")) # type: ignore[arg-type]
|
||||
await a2a_tools.tool_inbox_peek(limit="garbage") # type: ignore[arg-type]
|
||||
fake_state.peek.assert_called_once_with(limit=10)
|
||||
|
||||
|
||||
@ -81,49 +82,49 @@ class TestToolInboxPeek:
|
||||
|
||||
|
||||
class TestToolInboxPop:
|
||||
def test_returns_not_enabled_when_state_none(self):
|
||||
async def test_returns_not_enabled_when_state_none(self):
|
||||
import a2a_tools
|
||||
|
||||
with patch("inbox.get_state", return_value=None):
|
||||
out = _run(a2a_tools.tool_inbox_pop("act-1"))
|
||||
out = await a2a_tools.tool_inbox_pop("act-1")
|
||||
assert "not enabled" in out
|
||||
|
||||
def test_rejects_empty_activity_id(self):
|
||||
async def test_rejects_empty_activity_id(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
out = _run(a2a_tools.tool_inbox_pop(""))
|
||||
out = await a2a_tools.tool_inbox_pop("")
|
||||
assert "activity_id is required" in out
|
||||
fake_state.pop.assert_not_called()
|
||||
|
||||
def test_rejects_non_str_activity_id(self):
|
||||
async def test_rejects_non_str_activity_id(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
out = _run(a2a_tools.tool_inbox_pop(123)) # type: ignore[arg-type]
|
||||
out = await a2a_tools.tool_inbox_pop(123) # type: ignore[arg-type]
|
||||
assert "activity_id is required" in out
|
||||
fake_state.pop.assert_not_called()
|
||||
|
||||
def test_returns_removed_true_when_popped(self):
|
||||
async def test_returns_removed_true_when_popped(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
fake_state.pop.return_value = MagicMock() # truthy = something was removed
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
out = _run(a2a_tools.tool_inbox_pop("act-7"))
|
||||
out = await a2a_tools.tool_inbox_pop("act-7")
|
||||
parsed = json.loads(out)
|
||||
assert parsed == {"removed": True, "activity_id": "act-7"}
|
||||
fake_state.pop.assert_called_once_with("act-7")
|
||||
|
||||
def test_returns_removed_false_when_unknown(self):
|
||||
async def test_returns_removed_false_when_unknown(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
fake_state.pop.return_value = None
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
out = _run(a2a_tools.tool_inbox_pop("act-missing"))
|
||||
out = await a2a_tools.tool_inbox_pop("act-missing")
|
||||
parsed = json.loads(out)
|
||||
assert parsed == {"removed": False, "activity_id": "act-missing"}
|
||||
|
||||
@ -134,25 +135,25 @@ class TestToolInboxPop:
|
||||
|
||||
|
||||
class TestToolWaitForMessage:
|
||||
def test_returns_not_enabled_when_state_none(self):
|
||||
async def test_returns_not_enabled_when_state_none(self):
|
||||
import a2a_tools
|
||||
|
||||
with patch("inbox.get_state", return_value=None):
|
||||
out = _run(a2a_tools.tool_wait_for_message(timeout_secs=1.0))
|
||||
out = await a2a_tools.tool_wait_for_message(timeout_secs=1.0)
|
||||
assert "not enabled" in out
|
||||
|
||||
def test_timeout_payload_when_no_message(self):
|
||||
async def test_timeout_payload_when_no_message(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
fake_state.wait.return_value = None
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
out = _run(a2a_tools.tool_wait_for_message(timeout_secs=0.1))
|
||||
out = await a2a_tools.tool_wait_for_message(timeout_secs=0.1)
|
||||
parsed = json.loads(out)
|
||||
assert parsed["timeout"] is True
|
||||
assert parsed["timeout_secs"] == 0.1
|
||||
|
||||
def test_returns_message_when_delivered(self):
|
||||
async def test_returns_message_when_delivered(self):
|
||||
import a2a_tools
|
||||
|
||||
msg = MagicMock()
|
||||
@ -160,37 +161,37 @@ class TestToolWaitForMessage:
|
||||
fake_state = MagicMock()
|
||||
fake_state.wait.return_value = msg
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
out = _run(a2a_tools.tool_wait_for_message(timeout_secs=2.0))
|
||||
out = await a2a_tools.tool_wait_for_message(timeout_secs=2.0)
|
||||
parsed = json.loads(out)
|
||||
assert parsed["activity_id"] == "a-9"
|
||||
|
||||
def test_timeout_clamped_to_300(self):
|
||||
async def test_timeout_clamped_to_300(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
fake_state.wait.return_value = None
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
_run(a2a_tools.tool_wait_for_message(timeout_secs=99999))
|
||||
await a2a_tools.tool_wait_for_message(timeout_secs=99999)
|
||||
# Whatever wait was called with, it must not exceed 300
|
||||
passed = fake_state.wait.call_args.args[0]
|
||||
assert passed == 300.0
|
||||
|
||||
def test_timeout_clamped_to_zero_floor(self):
|
||||
async def test_timeout_clamped_to_zero_floor(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
fake_state.wait.return_value = None
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
_run(a2a_tools.tool_wait_for_message(timeout_secs=-5))
|
||||
await a2a_tools.tool_wait_for_message(timeout_secs=-5)
|
||||
passed = fake_state.wait.call_args.args[0]
|
||||
assert passed == 0.0
|
||||
|
||||
def test_non_numeric_timeout_falls_back_to_60(self):
|
||||
async def test_non_numeric_timeout_falls_back_to_60(self):
|
||||
import a2a_tools
|
||||
|
||||
fake_state = MagicMock()
|
||||
fake_state.wait.return_value = None
|
||||
with patch("inbox.get_state", return_value=fake_state):
|
||||
_run(a2a_tools.tool_wait_for_message(timeout_secs="garbage")) # type: ignore[arg-type]
|
||||
await a2a_tools.tool_wait_for_message(timeout_secs="garbage") # type: ignore[arg-type]
|
||||
passed = fake_state.wait.call_args.args[0]
|
||||
assert passed == 60.0
|
||||
|
||||
Loading…
Reference in New Issue
Block a user