actions/code-review
2
0
Fork 0
Code Pull Requests Actions Releases 2 Activity
Files
f047b4473e6d7c0f2caa7983e8af92e888fe19cc
code-review/app/preflight.test.js
T
Jeffery 9d780788e9
AI / 計算版本號 (pull_request) Successful in 4s
Details
AI / Code Review (pull_request) Failing after 1m42s
Details
test: 補齊 runPreflight 測試並 triage preflight findings 
triage 6 筆 review findings:1 筆修正、5 筆移入 exclusions。

修正(Maya, warning):runPreflight 僅測過 env 缺失早退,缺成功路徑與
各失敗點覆蓋。將其驗證步驟改為可注入的 deps 參數(預設沿用原函式,
行為不變),並補上完整成功、comment 略過、各失敗點早停、workspace
傳遞共 8 個測試。

移入 exclusions(誤報,保留原文):
- Rex critical:GITEA_SKIP_TLS_VERIFY 為預設開啟驗證的 opt-in 設定,
  與既有 gitea.js 排除一致,非漏洞
- Leo warning:verifyLLM 內聚清楚,拆分屬主觀重構
- Zara warning:每把 key 30s timeout 為刻意的可靠性下限,僅失敗時累積
- Rex info:axios 錯誤訊息不含認證標頭/內容
- Aria info:預設參數引用 config 常數為刻意且利於測試的 pattern

findings.json 清空(全部已修正或排除)。app/ 測試 112 pass。

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-16 13:49:30 +08:00

264 lines
9.1 KiB
JavaScript
Raw Blame History

import { describe, it, afterEach, mock } from 'node:test';
import assert from 'node:assert/strict';
import axios from 'axios';
import { checkRequiredEnv, verifyGiteaToken, verifyCommentToken, verifyLLM, runPreflight } from './preflight.js';
const LLM_ENV_KEYS = [
'OPENAI_API_KEY', 'OPENAI_BASE_URL', 'OPENAI_MODEL',
'CLAUDE_API_KEY', 'CLAUDE_BASE_URL', 'CLAUDE_MODEL',
'GEMINI_API_KEY', 'GEMINI_BASE_URL', 'GEMINI_MODEL',
'OLLAMA_BASE_URL', 'OLLAMA_MODEL',
'AMAZONQ_API_KEY', 'AMAZONQ_BASE_URL', 'AMAZONQ_MODEL',
];
function clearLLMEnv() {
for (const k of LLM_ENV_KEYS) delete process.env[k];
}
afterEach(() => {
mock.restoreAll();
clearLLMEnv();
});
describe('checkRequiredEnv', () => {
it('reports all three missing when nothing provided', () => {
const result = checkRequiredEnv({ token: '', repo: '', pr: '' });
assert.equal(result.ok, false);
assert.deepEqual(result.missing, ['GITEA_TOKEN', 'GITEA_REPOSITORY', 'PR_NUMBER']);
});
it('reports only the missing ones', () => {
const result = checkRequiredEnv({ token: 't', repo: '', pr: '5' });
assert.equal(result.ok, false);
assert.deepEqual(result.missing, ['GITEA_REPOSITORY']);
});
it('ok when all provided', () => {
const result = checkRequiredEnv({ token: 't', repo: 'owner/repo', pr: '5' });
assert.equal(result.ok, true);
assert.deepEqual(result.missing, []);
});
});
describe('verifyGiteaToken', () => {
it('ok when repo endpoint returns successfully', async () => {
let capturedUrl, capturedOpts;
mock.method(axios, 'get', async (url, opts) => {
capturedUrl = url;
capturedOpts = opts;
return { data: { full_name: 'owner/repo' } };
});
const result = await verifyGiteaToken('tok', 'owner/repo');
assert.equal(result.ok, true);
assert.ok(capturedUrl.includes('/api/v1/repos/owner/repo'));
assert.equal(capturedOpts.headers['Authorization'], 'token tok');
});
it('fails with HTTP status when token is invalid', async () => {
mock.method(axios, 'get', async () => {
const e = new Error('Unauthorized');
e.response = { status: 401 };
throw e;
});
const result = await verifyGiteaToken('bad', 'owner/repo');
assert.equal(result.ok, false);
assert.match(result.error, /HTTP 401/);
});
});
describe('verifyCommentToken', () => {
it('skips when no comment token provided', async () => {
const result = await verifyCommentToken('');
assert.deepEqual(result, { ok: true, skipped: true });
});
it('ok when /user returns successfully', async () => {
let capturedUrl, capturedOpts;
mock.method(axios, 'get', async (url, opts) => {
capturedUrl = url;
capturedOpts = opts;
return { data: { login: 'bot' } };
});
const result = await verifyCommentToken('ctok');
assert.equal(result.ok, true);
assert.ok(capturedUrl.endsWith('/api/v1/user'));
assert.equal(capturedOpts.headers['Authorization'], 'token ctok');
});
it('fails when comment token is invalid', async () => {
mock.method(axios, 'get', async () => {
const e = new Error('Unauthorized');
e.response = { status: 401 };
throw e;
});
const result = await verifyCommentToken('bad');
assert.equal(result.ok, false);
assert.match(result.error, /HTTP 401/);
});
});
describe('verifyLLM', () => {
it('fails when no provider/key configured', async () => {
clearLLMEnv();
const result = await verifyLLM();
assert.equal(result.ok, false);
assert.match(result.error, /未設定/);
});
it('ok when an OpenAI-compatible key authenticates', async () => {
clearLLMEnv();
process.env.OPENAI_API_KEY = 'k1,k2';
let capturedUrl, capturedPayload, capturedHeaders;
mock.method(axios, 'post', async (url, payload, opts) => {
capturedUrl = url;
capturedPayload = payload;
capturedHeaders = opts.headers;
return { data: { choices: [{ message: { content: 'ok' } }] } };
});
const result = await verifyLLM();
assert.equal(result.ok, true);
assert.equal(result.provider, 'openai');
assert.equal(result.keyIndex, 1);
assert.equal(result.total, 2);
assert.ok(capturedUrl.endsWith('/chat/completions'));
assert.equal(capturedPayload.max_tokens, 1);
assert.equal(capturedHeaders['Authorization'], 'Bearer k1');
});
it('tries the next key when the first one fails', async () => {
clearLLMEnv();
process.env.OPENAI_API_KEY = 'bad,good';
let calls = 0;
mock.method(axios, 'post', async (_url, _payload, opts) => {
calls += 1;
if (opts.headers['Authorization'] === 'Bearer bad') throw new Error('401');
return { data: { choices: [{ message: { content: 'ok' } }] } };
});
const result = await verifyLLM();
assert.equal(result.ok, true);
assert.equal(result.keyIndex, 2);
assert.equal(calls, 2);
});
it('fails when all keys fail', async () => {
clearLLMEnv();
process.env.OPENAI_API_KEY = 'k1,k2';
mock.method(axios, 'post', async () => { throw new Error('401'); });
const result = await verifyLLM();
assert.equal(result.ok, false);
assert.match(result.error, /所有 2 把 openai API Key 驗證失敗/);
});
it('sets anthropic-version header for claude', async () => {
clearLLMEnv();
process.env.CLAUDE_API_KEY = 'ck';
let capturedHeaders;
mock.method(axios, 'post', async (_url, _payload, opts) => {
capturedHeaders = opts.headers;
return { data: { choices: [{ message: { content: 'ok' } }] } };
});
const result = await verifyLLM();
assert.equal(result.ok, true);
assert.equal(result.provider, 'claude');
assert.equal(capturedHeaders['anthropic-version'], '2023-06-01');
});
it('checks base URL connectivity for ollama (no key)', async () => {
clearLLMEnv();
process.env.OLLAMA_BASE_URL = 'http://ollama.local/v1';
let capturedUrl;
mock.method(axios, 'get', async (url) => {
capturedUrl = url;
return { data: { data: [] } };
});
const result = await verifyLLM();
assert.equal(result.ok, true);
assert.equal(result.provider, 'ollama');
assert.ok(capturedUrl.endsWith('/models'));
});
it('fails when ollama base URL is unreachable', async () => {
clearLLMEnv();
process.env.OLLAMA_BASE_URL = 'http://ollama.local/v1';
mock.method(axios, 'get', async () => { throw new Error('ECONNREFUSED'); });
const result = await verifyLLM();
assert.equal(result.ok, false);
assert.match(result.error, /無法連線/);
});
});
describe('runPreflight', () => {
// Stub deps that all succeed; individual tests override one to fail.
function makeDeps(overrides = {}) {
return {
checkEnv: () => ({ ok: true, missing: [] }),
verifyToken: async () => ({ ok: true }),
verifyComment: async () => ({ ok: true }),
verifyRemote: () => ({ ok: true }),
verifyLLMFn: async () => ({ ok: true, provider: 'openai', keyIndex: 1, total: 1 }),
...overrides,
};
}
it('returns false and stops early when required env is missing', async () => {
// Config constants default to empty in the test environment, so the
// required-env check fails before any network call is attempted.
const result = await runPreflight();
assert.equal(result, false);
});
it('returns true when every verification step succeeds', async () => {
const result = await runPreflight('/ws', makeDeps());
assert.equal(result, true);
});
it('returns true when the comment token check is skipped', async () => {
const result = await runPreflight('/ws', makeDeps({
verifyComment: async () => ({ ok: true, skipped: true }),
}));
assert.equal(result, true);
});
it('returns false when the Gitea token check fails', async () => {
let remoteCalled = false;
const result = await runPreflight('/ws', makeDeps({
verifyToken: async () => ({ ok: false, error: 'HTTP 401' }),
verifyRemote: () => { remoteCalled = true; return { ok: true }; },
}));
assert.equal(result, false);
assert.equal(remoteCalled, false, 'should stop before later checks');
});
it('returns false when the comment token check fails', async () => {
const result = await runPreflight('/ws', makeDeps({
verifyComment: async () => ({ ok: false, error: 'HTTP 401' }),
}));
assert.equal(result, false);
});
it('returns false when git remote access fails', async () => {
let llmCalled = false;
const result = await runPreflight('/ws', makeDeps({
verifyRemote: () => ({ ok: false, error: 'auth failed' }),
verifyLLMFn: async () => { llmCalled = true; return { ok: true }; },
}));
assert.equal(result, false);
assert.equal(llmCalled, false, 'should stop before the LLM check');
});
it('returns false when LLM verification fails', async () => {
const result = await runPreflight('/ws', makeDeps({
verifyLLMFn: async () => ({ ok: false, error: '所有 key 驗證失敗' }),
}));
assert.equal(result, false);
});
it('passes the workspace through to the remote-access check', async () => {
let captured;
await runPreflight('/custom/ws', makeDeps({
verifyRemote: (ws) => { captured = ws; return { ok: true }; },
}));
assert.equal(captured, '/custom/ws');
});
});
View Git Blame Copy Permalink