# Parity — bluesky-pds

Phase-2 P2 mapping table.

| recipe-maintainer file | cc-ci file | what's verified | status |
|---|---|---|---|
| (no health_check.py in the recipe-maintainer corpus) | `tests/bluesky-pds/functional/test_health_check.py` | GETs `/xrpc/_health` (the PDS health endpoint); asserts 200 + JSON with `version` field. Phase-2 health_check aligned with the parity-port convention. | **Phase-2 health_check** |
| `recipe-info/bluesky-pds/tests/goat_account.py` | `tests/bluesky-pds/functional/test_account_and_post.py` | Original: `goat pds describe`, list/cleanup, account create, verify listed, delete, verify gone. cc-ci port preserves the account-lifecycle assertions + adds an **atproto post round-trip** (createSession→createRecord→getRecord, asserts post text round-trips) — the §4.3 prescribed test ("create a test account (goat CLI), create a post via atproto, fetch it back, delete the account"). F2-8 closed. | **ported** |

## Recipe-specific tests (Phase-2 P3, ≥2 beyond parity)

bluesky-pds is an **atproto Personal Data Server** — its characteristic behavior is the
public XRPC API + the well-known `atproto-did` server identifier. Two new functional tests:

| cc-ci file | what's verified | rationale |
|---|---|---|
| `tests/bluesky-pds/functional/test_describe_server.py` | GETs `/xrpc/com.atproto.server.describeServer` (the public atproto endpoint that advertises the PDS's available account creation policy); asserts 200 + JSON envelope with at least `availableUserDomains` (array; the PDS's hosting domains) or `inviteCodeRequired` (bool). | Proves the atproto XRPC API is alive AND the PDS-specific configuration is being served (not just a generic 200). Non-vacuous: a PDS that boots but can't serve its server description is broken. |
| `tests/bluesky-pds/functional/test_session_auth.py` | GETs `/xrpc/com.atproto.server.getSession` (no auth); asserts **401** + a JSON XRPC error envelope with an `error` field. | Proves the PDS's atproto auth contract is enforced. Non-vacuous: 200 = anonymous leak (security bug); 404 = route missing; 5xx = backend broken — only 401 + a proper XRPC error envelope indicates a correctly-wired PDS. (An earlier draft tried `/.well-known/atproto-did` but that endpoint is only published when the bare DOMAIN is registered as a server-DID, which the recipe doesn't auto-configure.) |

Two specific tests + parity health_check = ≥2 floor met. Backup data-integrity is N/A unless the
recipe declares `backupbot.backup=true` labels (Phase-1d auto-detect handles the skip).

## Playwright (P6)

bluesky-pds has **no first-party browser UI** — the recipe is an atproto PDS that other apps
(bsky.app, atproto clients) consume. So P6 is N/A; HTTP/XRPC functional tests are the canonical
surface.

## Non-ports

`goat_account.py` is deferred (operational complexity; needs goat CLI + account state cleanup
across runs). Logged here per §7.1; will lift if/when the goat-CLI path is wrapped into the
harness.