recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
97418c822e3777fa802dd323beaa41617841a398
cc-ci/tests/bluesky-pds/PARITY.md
autonomic-bot 3f6f10e239 fix(2): F2-8 — bluesky-pds account+post round-trip via goat CLI + atproto XRPC (Adversary cold) 
Per REVIEW-2 ## Q3/Q4 partial checkpoint, F2-8: 'goat CLI in container / account state cleanup'
was the §7.1-prohibited 'needs X' excuse class (same shape as F2-4). The recipe-maintainer
corpus literally calls the goat CLI via abra app run — it works fine.

Added tests/bluesky-pds/functional/test_account_and_post.py:
- goat pds describe → assert did:web:<live_app> in output (PDS self-identifies correctly).
- goat pds admin account create with UUID-suffixed handle + email + per-run password (class-B);
  parse new account's did:plc:<id>.
- POST /xrpc/com.atproto.server.createSession with the new handle+password → accessJwt.
- POST /xrpc/com.atproto.repo.createRecord (collection=app.bsky.feed.post) with a UUID-marker
  text → returns at://<did>/app.bsky.feed.post/<rkey>.
- GET /xrpc/com.atproto.repo.getRecord with that rkey → assert value.text == marker (round-trip).
- Best-effort goat account delete cleanup in finally.

This is the §4.3 prescribed test in full (create account + create post + fetch back + delete).
Cold-verifiable: ssh cc-ci 'RECIPE=bluesky-pds STAGES=install,custom cc-ci-run runner/run_recipe_ci.py'
  install + 4 functional tests (health_check + describe_server + session_auth + account_and_post)
  all PASS, deploy-count=1.

PARITY.md updated to show goat_account.py as ported.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-28 16:28:45 +01:00

2.9 KiB
Raw Blame History

Parity — bluesky-pds

Phase-2 P2 mapping table.

recipe-maintainer file cc-ci file what's verified status
(no health_check.py in the recipe-maintainer corpus) tests/bluesky-pds/functional/test_health_check.py GETs /xrpc/_health (the PDS health endpoint); asserts 200 + JSON with version field. Phase-2 health_check aligned with the parity-port convention. Phase-2 health_check
recipe-info/bluesky-pds/tests/goat_account.py tests/bluesky-pds/functional/test_account_and_post.py Original: goat pds describe, list/cleanup, account create, verify listed, delete, verify gone. cc-ci port preserves the account-lifecycle assertions + adds an atproto post round-trip (createSession→createRecord→getRecord, asserts post text round-trips) — the §4.3 prescribed test ("create a test account (goat CLI), create a post via atproto, fetch it back, delete the account"). F2-8 closed. ported

Recipe-specific tests (Phase-2 P3, ≥2 beyond parity)

bluesky-pds is an atproto Personal Data Server — its characteristic behavior is the public XRPC API + the well-known atproto-did server identifier. Two new functional tests:

cc-ci file what's verified rationale
tests/bluesky-pds/functional/test_describe_server.py GETs /xrpc/com.atproto.server.describeServer (the public atproto endpoint that advertises the PDS's available account creation policy); asserts 200 + JSON envelope with at least availableUserDomains (array; the PDS's hosting domains) or inviteCodeRequired (bool). Proves the atproto XRPC API is alive AND the PDS-specific configuration is being served (not just a generic 200). Non-vacuous: a PDS that boots but can't serve its server description is broken.
tests/bluesky-pds/functional/test_session_auth.py GETs /xrpc/com.atproto.server.getSession (no auth); asserts 401 + a JSON XRPC error envelope with an error field. Proves the PDS's atproto auth contract is enforced. Non-vacuous: 200 = anonymous leak (security bug); 404 = route missing; 5xx = backend broken — only 401 + a proper XRPC error envelope indicates a correctly-wired PDS. (An earlier draft tried /.well-known/atproto-did but that endpoint is only published when the bare DOMAIN is registered as a server-DID, which the recipe doesn't auto-configure.)

Two specific tests + parity health_check = ≥2 floor met. Backup data-integrity is N/A unless the recipe declares backupbot.backup=true labels (Phase-1d auto-detect handles the skip).

Playwright (P6)

bluesky-pds has no first-party browser UI — the recipe is an atproto PDS that other apps (bsky.app, atproto clients) consume. So P6 is N/A; HTTP/XRPC functional tests are the canonical surface.

Non-ports

goat_account.py is deferred (operational complexity; needs goat CLI + account state cleanup across runs). Logged here per §7.1; will lift if/when the goat-CLI path is wrapped into the harness.