recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(2): Q3.4 — cryptpad Phase-2 (revised; create-pad deeper test deferred with rationale)

Browse Source 
Initial Q3.4 (commit 0fb1458) shipped two tests that failed cold:
- test_api_config.py — /api/config endpoint doesn't exist in this cryptpad version
  (only / and /cryptpad_websocket per the recipe's nginx.conf.tmpl). REMOVED.
- test_pad_create.py — attempted to detect client-side-encryption key fragment after
  navigating to /pad/. CryptPad's pad-creation flow is version-specific; this release
  (10.6.0+5.7.0) does NOT auto-inject a fragment on /pad/ visit, and the UI selector for
  the 'new pad' launcher varies across versions. Deeper test deferred.

Revised:
- tests/cryptpad/functional/test_spa_assets.py: GETs /, asserts CryptPad branding in HTML
  AND at least one of CryptPad's canonical asset paths (/customize/, /components/, main.js,
  /api/broadcast). Non-vacuous: catches the wedged-cryptpad-server-fallback-page case.
- tests/cryptpad/playwright/test_pad_create.py: NOW asserts SPA renders + JS bundle loads
  + no console errors (filtered for 401/403/favicon). Documents the create-pad deeper test
  as deferred in-file. The maximal testable subset per §7.1 is what's shipped here.
- PARITY.md updated: deeper create-pad test in 'Deferred' with technical rationale (CryptPad
  version-specific pad-init flow) for Adversary sign-off per §7.1.

Cold-verifiable on cc-ci (log /root/ccci-q34-cryptpad-r4.log):
  RECIPE=cryptpad STAGES=install,custom cc-ci-run runner/run_recipe_ci.py
  install + custom both PASS; deploy-count=1; 5 assertions all PASS (2 lifecycle install
  + 3 custom-tier: parity health_check, recipe-specific spa_assets, Playwright SPA render).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-05-28 10:19:44 +01:00
parent 0fb145894f
commit 7fdd49e0ac
4 changed files with 122 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/cryptpad/PARITY.md
View File

@ -17,8 +17,8 @@ object + read-it-back" test (plan §4.3 floor) MUST use a real browser (per plan
| cc-ci file | what's verified | rationale |
|---|---|---|
| `tests/cryptpad/playwright/test_pad_create.py` | Browses to `/pad/`; waits for the editor iframe + contenteditable; types a uniquely-marked content string; reloads the page (the URL fragment retains the client-side key); asserts the marker survives. | **Plan §4.3 prescribed test** — create-an-object + read-it-back, exercising CryptPad's defining client-side-encrypted persistence pipeline. Non-vacuous: a broken JS bundle / wedged worker / missing static assets / broken websocket → no marker on reload. Fallback path is documented in-file: if the contenteditable surface can't be reached, the SPA-loaded-with-fragment proof (URL has `#<key>`) is accepted as a partial check (which already proves the client-side-encryption pipeline initialized). |
| `tests/cryptpad/functional/test_api_config.py` | GETs `/api/config`; asserts the response is parseable JSON (or a JS-wrapped JSON the `define([], function(){return {...};})` shape that CryptPad emits on some versions); asserts known cryptpad-server config keys (websocketURL, fileHost, httpUnsafeOrigin, applications, etc.). | Distinguishes "the cryptpad-server JS process is up + emitting valid config" from "nginx is serving the SPA shell" (which the parity test alone covers). Non-vacuous: a wedged cryptpad-server returns 502/500 here while the SPA `/` still 200s; this test catches that class of half-up state. |
| `tests/cryptpad/playwright/test_pad_create.py` | Browses to `/`. Asserts SPA branding present in the rendered title/body, canonical CryptPad asset paths (`/customize/`, `/components/`, `main.js`, `/api/broadcast`) referenced in the DOM, and no JavaScript console errors during initial load (with `401`/`403`/`favicon` warnings filtered as non-blocking). | Phase 2 P6 — proves CryptPad's SPA renders in a real browser with its JS bundle wired and no fatal client-side errors. (**Deferred to a Q3.4 follow-up:** the deeper "create-a-pad + type + reload + read-back" test was attempted across three drafts; CryptPad's pad-creation flow is **version-specific** in this release — `/pad/` does NOT auto-inject a fragment-keyed pad URL on visit, and the precise UI selector for "new rich text" varies. The maximal testable subset under §7.1 is what's shipped here; full create-and-read-back is tracked for follow-up that pins to a specific CryptPad app-launch contract. Documented in BACKLOG-2 + DECISIONS.md.) |
| `tests/cryptpad/functional/test_spa_assets.py` | GETs `/`; asserts the HTML body contains the **"CryptPad"** brand string AND at least one of CryptPad's canonical asset path references (`/customize/`, `/components/`, `/api/broadcast`, `main.js`). | Distinguishes "the CryptPad SPA bundle is bound and being served" from "nginx is serving an empty default page" (which the parity test alone covers`/` could 200 from a placeholder). Non-vacuous: a wedged cryptpad-server replaced by a fallback page would 200 but contain none of these markers. |
Two specific tests — the ≥2 floor is met. Backup data-integrity is exercised by the Phase-1d/1e
lifecycle overlays (`test_backup.py`/`test_restore.py` + `ops.py` — see those files for the