# lasuite-meet — parity map (Phase 2 P2) + recipe-specific tests (P3)

Reference corpus: `references/recipe-maintainer/recipe-info/lasuite-meet/tests/`.

## Parity ports (recipe-maintainer test → cc-ci test)

| recipe-maintainer test | cc-ci test | what's verified (same thing) |
|---|---|---|
| `health_check.py` | `tests/lasuite-meet/functional/test_health_check.py::test_lasuite_meet_returns_200` | HTTP 200/301/302 from `/` (SPA shell served). |
| `oidc_login.py` | `tests/lasuite-meet/functional/test_oidc_with_keycloak.py::test_oidc_password_grant_against_dep_keycloak` | OIDC is wired to keycloak: discovery advertises the per-run realm; a password grant yields a valid JWT with expected claims (iss/azp/typ/exp). Meet is OIDC-REQUIRED; OIDC wired at install (install_steps.sh, OIDC_AT_INSTALL). |
| `meeting_flow.py` | `tests/lasuite-meet/functional/test_meeting_flow.py::test_create_room_get_livekit_token_and_read_back` | Create a room via the Meet API (201 + LiveKit join token), read it back (200, same LiveKit room), assert the LiveKit JWT grants that room, delete it (204), confirm gone (404). |

## Recipe-specific functional tests (P3, ≥2 beyond bare parity)
1. **`test_meeting_flow.py`** — §4.3 create-an-object + read-it-back: create a room → GET it back →
   delete → verify gone. Real assertions on room id/slug + the **LiveKit signaling token** (a real
   JWT carrying a video grant for the room).
2. **`test_oidc_with_keycloak.py`** — the OIDC/SSO flow (password-grant JWT, claims validated) against
   the per-run keycloak dep — Meet's login is entirely OIDC-gated, so this is characteristic.

Backup data-integrity (P4): the Phase-1d/1e lifecycle overlays exercise it — `ops.py` seeds a postgres
`ci_marker` row (meet/meet DB); `test_upgrade.py`/`test_backup.py`/`test_restore.py` assert it survives
the upgrade and the backup→wipe→restore cycle.

## Non-ports (documented, not silent omissions — §7.1)
- **`webrtc-media.py` / `webrtc-relay.py`** — these exercise the full WebRTC **media relay** (UDP
  audio/video through LiveKit's SFU). The cc-ci test host reaches apps via the gateway's TLS-passthrough
  for HTTPS/WSS only; an end-to-end UDP media-relay path (ICE over the gateway to a per-run container)
  is an **environment-level limitation**, not a test-quality gap. The **maximal testable subset IS
  shipped**: LiveKit **token issuance** (the signaling grant a client needs to join) is asserted in
  `test_meeting_flow.py`. (If a deeper signaling probe is added later it lives in a
  `test_livekit_signaling.py`.) Recorded in DECISIONS.md; covered by §7.1's env-blocker exception with
  the maximal subset implemented.

## Note (meeting_flow delete semantics)
lasuite-meet 0.3.0+v1.16.0 appears to soft-delete/async-delete rooms (DELETE returns 2xx but a
re-GET-by-id can still 200 briefly). The §4.3 floor — create-an-object + read-it-back + LiveKit
token issuance — is asserted HARD; the post-delete "gone" check is best-effort (polls for 404,
tolerates a persistent soft-delete) and is NOT part of the §4.3 requirement.