recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(cfold): canonicalize custom test layout
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
autonomic-bot
2026-06-12 16:08:18 +00:00
parent 87928a9096
commit 44e02425ab
110 changed files with 306 additions and 241 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
tests/ghost/functional/_ghost.py
View File

@ -1,117 +0,0 @@
"""Shared ghost test helper — a cookie-aware Ghost Admin API client.
Ghost's Admin API authenticates a human session via a cookie (`ghost-admin-api-session`) set by
`POST /ghost/api/admin/session/`, and enforces a CSRF check requiring the `Origin` header to match
the site's configured `url` on state-changing requests. The shared `runner/harness/http` helpers are
deliberately cookie-less (stateless status+json), so this helper builds a stdlib
`urllib` opener with an `HTTPCookieProcessor` so the session cookie persists across
setup → login → create → read within the test process.
Auth path (version-independent — no `/v3/`/`/v5/` in the URL; Ghost negotiates the API version, and
the recipe under test may be any 5.x/6.x):
1. `POST /authentication/setup/` — creates the owner on a FRESH deploy (idempotent: a re-run finds
"setup already completed" and we ignore it).
2. `POST /session/` — establishes the admin session cookie (always done, so the client is
authenticated whether or not THIS process ran setup).
3. `POST /posts/?source=html` / `GET /posts/<id>/` — create + read back.
Admin credentials are class-B run-scoped (deterministic within a run; the whole app — DB + secrets —
is destroyed at teardown). Password is ≥10 chars per Ghost's setup requirement.
"""
from __future__ import annotations
import http.cookiejar
import json
import ssl
import urllib.error
import urllib.request
# Per-run *.ci.commoninternet.net domains use the operator wildcard cert via Traefik file provider;
# the real-cert check is done once in the generic install assertion, so content/API calls skip the
# chain check (same rationale as runner/harness/http._CTX).
_CTX = ssl.create_default_context()
_CTX.check_hostname = False
_CTX.verify_mode = ssl.CERT_NONE
ADMIN_NAME = "CCCI Admin"
ADMIN_EMAIL = "ccci-admin@ccci.example.com"
ADMIN_PW = "Ccci-Test-Pw-2026!" # >=10 chars (Ghost setup requirement)
BLOG_TITLE = "CCCI Test Blog"
def _json(raw: bytes) -> object | None:
try:
return json.loads(raw)
except (json.JSONDecodeError, ValueError):
return None
class GhostAdmin:
def __init__(self, domain: str):
self.base = f"https://{domain}/ghost/api/admin"
self.origin = f"https://{domain}"
self._jar = http.cookiejar.CookieJar()
self._opener = urllib.request.build_opener(
urllib.request.HTTPCookieProcessor(self._jar),
urllib.request.HTTPSHandler(context=_CTX),
)
def req(self, method: str, path: str, body: dict | None = None, timeout: int = 60):
url = f"{self.base}{path}"
data = json.dumps(body).encode() if body is not None else None
req = urllib.request.Request(url, data=data, method=method)
if data is not None:
req.add_header("Content-Type", "application/json")
# CSRF: Ghost requires Origin to match the configured site url on state-changing requests.
req.add_header("Origin", self.origin)
try:
with self._opener.open(req, timeout=timeout) as resp:
return resp.getcode(), _json(resp.read())
except urllib.error.HTTPError as e:
return e.code, _json(e.read())
except Exception as e: # noqa: BLE001 — transport-level: surface as status 0
return 0, {"transport_error": str(e)}
def ensure_authenticated(self) -> None:
# Ensure the owner exists (fresh deploy → 201; already set up → 4xx, ignored).
self.req(
"POST",
"/authentication/setup/",
{
"setup": [
{
"name": ADMIN_NAME,
"email": ADMIN_EMAIL,
"password": ADMIN_PW,
"blogTitle": BLOG_TITLE,
}
]
},
)
# Always establish a fresh admin session (cookie persists in self._jar).
status, body = self.req(
"POST", "/session/", {"username": ADMIN_EMAIL, "password": ADMIN_PW}
)
assert status in (
200,
201,
), f"ghost admin session login failed: HTTP {status}, body={body!r}"
def create_post(self, title: str, html: str) -> dict:
status, body = self.req(
"POST",
"/posts/?source=html",
{"posts": [{"title": title, "html": html, "status": "published"}]},
)
assert status in (200, 201), f"create post failed: HTTP {status}, body={body!r}"
posts = (body or {}).get("posts") or []
assert posts and posts[0].get("id"), f"create post returned no id: {body!r}"
return posts[0]
def get_post(self, post_id: str) -> dict:
status, body = self.req("GET", f"/posts/{post_id}/?formats=html")
assert status == 200, f"read post failed: HTTP {status}, body={body!r}"
posts = (body or {}).get("posts") or []
assert posts, f"read post returned empty: {body!r}"
return posts[0]

67
tests/ghost/functional/test_admin_redirect.py
View File

@ -1,67 +0,0 @@
"""ghost — recipe-specific functional test (Phase 2 P3).
Ghost's admin UI lives at `/ghost/`. On a fresh deploy with no owner yet, /ghost/ redirects
(302) to the setup wizard at `/ghost/#/setup`. On a deployment with an owner already set up,
/ghost/ shows the login form (200 with a login HTML). Either way, GET /ghost/ should NOT
return 404 — that would indicate the admin route is not wired.
This test asserts /ghost/ returns 200 or 302 (admin route exists), and the response is HTML
that references Ghost's admin client (the /ghost-assets/ path or 'ghost' in the response body).
Non-vacuous: a misrouted nginx returns 404; a wedged ghost-server returns 502/504; only a
correctly-wired Ghost serves the admin SPA shell or its setup redirect.
"""
from __future__ import annotations
import os
import ssl
import sys
import urllib.request
sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..", "..", "runner"))
from harness import http as harness_http # noqa: E402
def _get_html(url: str) -> tuple[int, str]:
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
req = urllib.request.Request(url, method="GET")
try:
with urllib.request.urlopen(req, timeout=15, context=ctx) as r:
return r.status, r.read().decode(errors="replace")
except urllib.error.HTTPError as e:
# urllib doesn't auto-follow 302 by default but might raise — handle anyway
try:
body = e.read().decode(errors="replace")
except Exception: # noqa: BLE001
body = ""
return e.code, body
except Exception: # noqa: BLE001
return 0, ""
def test_ghost_admin_route_is_wired(live_app):
"""GET /ghost/ → 200 or 302; body references Ghost admin (or redirects to /ghost/#/setup)."""
url = f"https://{live_app}/ghost/"
def _ready():
s, body = _get_html(url)
if s in (200, 302) and ("ghost" in body.lower() or s == 302):
return (s, body)
return None
status_body = harness_http.assert_converges(
_ready,
f"GET {url} returns Ghost admin (200) or setup redirect (302)",
max_wait=60,
interval=3,
)
status, body = status_body
assert status in (200, 302), f"unexpected status: {status}"
if status == 200:
# The admin SPA references /ghost-assets/ or contains "ghost" in title/body
assert (
"ghost" in body.lower()
), f"GET {url} 200 but body has no Ghost markers: {body[:200]!r}"

44
tests/ghost/functional/test_content_api.py
View File

@ -1,44 +0,0 @@
"""ghost — recipe-specific functional test (Phase 2 P3).
Ghost exposes a public JSON Content API at `/ghost/api/content/settings/` which returns the
site's public configuration (title, description, etc.) WITHOUT requiring an API key for the
basic settings endpoint. Some Ghost versions DO require a key here — accept either:
- 200 with JSON envelope: API alive + accessible.
- 401/403 with JSON error: API alive + correctly gating.
Distinguishes "ghost-server JS process is up + serving its API" from "a static page is served
at /" (which the parity test catches by 200).
A wedged Ghost backend returns 502/504 or 503. A misrouted nginx returns 404.
"""
from __future__ import annotations
import os
import sys
sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..", "..", "runner"))
from harness import http as harness_http # noqa: E402
def test_content_api_settings_endpoint(live_app):
"""GET /ghost/api/content/settings/ → 200 or 401/403; JSON shape."""
url = f"https://{live_app}/ghost/api/content/settings/"
status, body = harness_http.retry_http_get(
url, expect_status=(200, 400, 401, 403), max_wait=60, interval=3
)
assert status in (200, 400, 401, 403), (
f"GET {url} HTTP {status} (expected 200/401/403, NOT 404/5xx — 404=route missing, "
f"5xx=backend broken)"
)
# The API ALWAYS returns JSON (success or error envelope).
assert body is not None, f"GET {url} returned non-JSON body"
# On success: {"settings": {...}}. On error: {"errors": [...]}. Either shape is valid.
if status == 200:
assert (
isinstance(body, dict) and "settings" in body
), f"200 response missing 'settings' envelope: {body!r}"
else:
assert isinstance(body, dict) and (
"errors" in body or "message" in body or body
), f"error response not a proper Ghost error envelope: {body!r}"

16
tests/ghost/functional/test_health_check.py
View File

@ -1,16 +0,0 @@
"""ghost — Phase-2 health_check (recipe-maintainer corpus has no parity test)."""
from __future__ import annotations
import os
import sys
sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..", "..", "runner"))
from harness import http as harness_http # noqa: E402
def test_ghost_root_serves(live_app):
"""GET / → 200 (themed site)."""
url = f"https://{live_app}/"
status, _ = harness_http.retry_http_get(url, expect_status=200, max_wait=60, interval=3)
assert status == 200, f"GET {url} HTTP {status} (expected 200)"

59
tests/ghost/functional/test_post_roundtrip.py
View File

@ -1,59 +0,0 @@
"""ghost — Q4.4 recipe-specific functional test (plan §4.3: "create the app's primary object — a
post — and read it back").
Exercises Ghost's core publishing path end-to-end against the live per-run deploy, via the real
Admin API:
1. Wait for the Admin API to answer (the recipe's own healthcheck hits /ghost/api/admin/site/).
2. Bootstrap the owner on a fresh deploy + establish an admin session (_ghost.GhostAdmin).
3. POST /ghost/api/admin/posts/ to create a published post carrying a unique marker (title + body).
4. GET /ghost/api/admin/posts/<id>/ to read it back and assert the marker round-tripped intact.
NOT health-only: a Ghost whose DB/Admin-API/publishing path is broken fails here even though `/`
(themed front) and `/ghost/` (admin SPA shell) return 200. The marker is unique per run, so a stale
or echoed response cannot pass. This closes the DEFERRED.md ghost "create-a-post round-trip" item.
"""
from __future__ import annotations
import os
import sys
import uuid
sys.path.insert(0, os.path.dirname(__file__))
sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..", "..", "runner"))
import _ghost # noqa: E402
from harness import http as harness_http # noqa: E402
def test_create_post_roundtrip(live_app):
# 1) The Admin API (and its DB migrations) may settle slightly after the themed front is up —
# poll the recipe's own admin healthcheck endpoint before authenticating.
harness_http.retry_http_get(
f"https://{live_app}/ghost/api/admin/site/",
expect_status=200,
max_wait=120,
interval=10,
)
admin = _ghost.GhostAdmin(live_app)
admin.ensure_authenticated()
# 2-3) Create a published post with a unique marker in both title and body.
uniq = uuid.uuid4().hex[:10]
title = f"ccci-marker-{uniq}"
marker = f"ccci-body-marker-{uniq}-roundtrip"
created = admin.create_post(title, f"<p>{marker}</p>")
assert (
created.get("title") == title
), f"created post title mismatch: sent {title!r}, got {created.get('title')!r}"
# 4) Read it back by id and assert the post survived the round-trip (title always returned;
# html returned because we requested ?formats=html).
got = admin.get_post(created["id"])
assert (
got.get("title") == title
), f"post title did not round-trip: sent {title!r}, got {got.get('title')!r}"
html = got.get("html") or ""
assert (
marker in html
), f"post body did not round-trip: marker {marker!r} not in read-back html {html!r}"