recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4237cc03f52c4ece304bbfcd941a622eb8dfd60b
cc-ci/tests/bluesky-pds/PARITY.md
autonomic-bot 3f6f10e239 fix(2): F2-8 — bluesky-pds account+post round-trip via goat CLI + atproto XRPC (Adversary cold) 
Per REVIEW-2 ## Q3/Q4 partial checkpoint, F2-8: 'goat CLI in container / account state cleanup'
was the §7.1-prohibited 'needs X' excuse class (same shape as F2-4). The recipe-maintainer
corpus literally calls the goat CLI via abra app run — it works fine.

Added tests/bluesky-pds/functional/test_account_and_post.py:
- goat pds describe → assert did:web:<live_app> in output (PDS self-identifies correctly).
- goat pds admin account create with UUID-suffixed handle + email + per-run password (class-B);
  parse new account's did:plc:<id>.
- POST /xrpc/com.atproto.server.createSession with the new handle+password → accessJwt.
- POST /xrpc/com.atproto.repo.createRecord (collection=app.bsky.feed.post) with a UUID-marker
  text → returns at://<did>/app.bsky.feed.post/<rkey>.
- GET /xrpc/com.atproto.repo.getRecord with that rkey → assert value.text == marker (round-trip).
- Best-effort goat account delete cleanup in finally.

This is the §4.3 prescribed test in full (create account + create post + fetch back + delete).
Cold-verifiable: ssh cc-ci 'RECIPE=bluesky-pds STAGES=install,custom cc-ci-run runner/run_recipe_ci.py'
  install + 4 functional tests (health_check + describe_server + session_auth + account_and_post)
  all PASS, deploy-count=1.

PARITY.md updated to show goat_account.py as ported.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-28 16:28:45 +01:00

34 lines
2.9 KiB
Markdown
Raw Blame History

# Parity — bluesky-pds
Phase-2 P2 mapping table.
| recipe-maintainer file | cc-ci file | what's verified | status |
|---|---|---|---|
| (no health_check.py in the recipe-maintainer corpus) | `tests/bluesky-pds/functional/test_health_check.py` | GETs `/xrpc/_health` (the PDS health endpoint); asserts 200 + JSON with `version` field. Phase-2 health_check aligned with the parity-port convention. | **Phase-2 health_check** |
| `recipe-info/bluesky-pds/tests/goat_account.py` | `tests/bluesky-pds/functional/test_account_and_post.py` | Original: `goat pds describe`, list/cleanup, account create, verify listed, delete, verify gone. cc-ci port preserves the account-lifecycle assertions + adds an **atproto post round-trip** (createSession→createRecord→getRecord, asserts post text round-trips) — the §4.3 prescribed test ("create a test account (goat CLI), create a post via atproto, fetch it back, delete the account"). F2-8 closed. | **ported** |
## Recipe-specific tests (Phase-2 P3, ≥2 beyond parity)
bluesky-pds is an **atproto Personal Data Server** — its characteristic behavior is the
public XRPC API + the well-known `atproto-did` server identifier. Two new functional tests:
| cc-ci file | what's verified | rationale |
|---|---|---|
| `tests/bluesky-pds/functional/test_describe_server.py` | GETs `/xrpc/com.atproto.server.describeServer` (the public atproto endpoint that advertises the PDS's available account creation policy); asserts 200 + JSON envelope with at least `availableUserDomains` (array; the PDS's hosting domains) or `inviteCodeRequired` (bool). | Proves the atproto XRPC API is alive AND the PDS-specific configuration is being served (not just a generic 200). Non-vacuous: a PDS that boots but can't serve its server description is broken. |
| `tests/bluesky-pds/functional/test_session_auth.py` | GETs `/xrpc/com.atproto.server.getSession` (no auth); asserts **401** + a JSON XRPC error envelope with an `error` field. | Proves the PDS's atproto auth contract is enforced. Non-vacuous: 200 = anonymous leak (security bug); 404 = route missing; 5xx = backend broken — only 401 + a proper XRPC error envelope indicates a correctly-wired PDS. (An earlier draft tried `/.well-known/atproto-did` but that endpoint is only published when the bare DOMAIN is registered as a server-DID, which the recipe doesn't auto-configure.) |
Two specific tests + parity health_check = ≥2 floor met. Backup data-integrity is N/A unless the
recipe declares `backupbot.backup=true` labels (Phase-1d auto-detect handles the skip).
## Playwright (P6)
bluesky-pds has **no first-party browser UI** — the recipe is an atproto PDS that other apps
(bsky.app, atproto clients) consume. So P6 is N/A; HTTP/XRPC functional tests are the canonical
surface.
## Non-ports
`goat_account.py` is deferred (operational complexity; needs goat CLI + account state cleanup
across runs). Logged here per §7.1; will lift if/when the goat-CLI path is wrapped into the
harness.
Reference in New Issue View Git Blame Copy Permalink