tests/common/mod.rs at f1ec0ff1a8ec1152153461a8320e5d69a4bcea35 · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox
this repo has no description
bspds-sandbox / tests / common / mod.rs
at f1ec0ff1a8ec1152153461a8320e5d69a4bcea35 19 kB view raw
  1use aws_config::BehaviorVersion;
  2use aws_sdk_s3::Client as S3Client;
  3use aws_sdk_s3::config::Credentials;
  4use chrono::Utc;
  5use reqwest::{Client, StatusCode, header};
  6use serde_json::{Value, json};
  7use sqlx::postgres::PgPoolOptions;
  8#[allow(unused_imports)]
  9use std::collections::HashMap;
 10use std::sync::OnceLock;
 11#[allow(unused_imports)]
 12use std::time::Duration;
 13use tokio::net::TcpListener;
 14use tranquil_pds::state::AppState;
 15use wiremock::matchers::{method, path};
 16use wiremock::{Mock, MockServer, ResponseTemplate};
 17
 18static SERVER_URL: OnceLock<String> = OnceLock::new();
 19static APP_PORT: OnceLock<u16> = OnceLock::new();
 20static MOCK_APPVIEW: OnceLock<MockServer> = OnceLock::new();
 21
 22#[cfg(not(feature = "external-infra"))]
 23use testcontainers::core::ContainerPort;
 24#[cfg(not(feature = "external-infra"))]
 25use testcontainers::{ContainerAsync, GenericImage, ImageExt, runners::AsyncRunner};
 26#[cfg(not(feature = "external-infra"))]
 27use testcontainers_modules::postgres::Postgres;
 28#[cfg(not(feature = "external-infra"))]
 29static DB_CONTAINER: OnceLock<ContainerAsync<Postgres>> = OnceLock::new();
 30#[cfg(not(feature = "external-infra"))]
 31static S3_CONTAINER: OnceLock<ContainerAsync<GenericImage>> = OnceLock::new();
 32
 33#[allow(dead_code)]
 34pub const AUTH_TOKEN: &str = "test-token";
 35#[allow(dead_code)]
 36pub const BAD_AUTH_TOKEN: &str = "bad-token";
 37#[allow(dead_code)]
 38pub const AUTH_DID: &str = "did:plc:fake";
 39#[allow(dead_code)]
 40pub const TARGET_DID: &str = "did:plc:target";
 41
 42fn has_external_infra() -> bool {
 43    std::env::var("TRANQUIL_PDS_TEST_INFRA_READY").is_ok()
 44        || (std::env::var("DATABASE_URL").is_ok() && std::env::var("S3_ENDPOINT").is_ok())
 45}
 46#[cfg(test)]
 47#[ctor::dtor]
 48fn cleanup() {
 49    if has_external_infra() {
 50        return;
 51    }
 52    if std::env::var("XDG_RUNTIME_DIR").is_ok() {
 53        let _ = std::process::Command::new("podman")
 54            .args(&["rm", "-f", "--filter", "label=tranquil_pds_test=true"])
 55            .output();
 56    }
 57    let _ = std::process::Command::new("docker")
 58        .args(&[
 59            "container",
 60            "prune",
 61            "-f",
 62            "--filter",
 63            "label=tranquil_pds_test=true",
 64        ])
 65        .output();
 66}
 67
 68#[allow(dead_code)]
 69pub fn client() -> Client {
 70    Client::new()
 71}
 72
 73#[allow(dead_code)]
 74pub fn app_port() -> u16 {
 75    *APP_PORT.get().expect("APP_PORT not initialized")
 76}
 77
 78pub async fn base_url() -> &'static str {
 79    SERVER_URL.get_or_init(|| {
 80        let (tx, rx) = std::sync::mpsc::channel();
 81        std::thread::spawn(move || {
 82            unsafe {
 83                std::env::set_var("TRANQUIL_PDS_ALLOW_INSECURE_SECRETS", "1");
 84            }
 85            if std::env::var("DOCKER_HOST").is_err() {
 86                if let Ok(runtime_dir) = std::env::var("XDG_RUNTIME_DIR") {
 87                    let podman_sock = std::path::Path::new(&runtime_dir).join("podman/podman.sock");
 88                    if podman_sock.exists() {
 89                        unsafe {
 90                            std::env::set_var(
 91                                "DOCKER_HOST",
 92                                format!("unix://{}", podman_sock.display()),
 93                            );
 94                        }
 95                    }
 96                }
 97            }
 98            let rt = tokio::runtime::Runtime::new().unwrap();
 99            rt.block_on(async move {
100                if has_external_infra() {
101                    let url = setup_with_external_infra().await;
102                    tx.send(url).unwrap();
103                } else {
104                    let url = setup_with_testcontainers().await;
105                    tx.send(url).unwrap();
106                }
107                std::future::pending::<()>().await;
108            });
109        });
110        rx.recv().expect("Failed to start test server")
111    })
112}
113
114async fn setup_with_external_infra() -> String {
115    let database_url =
116        std::env::var("DATABASE_URL").expect("DATABASE_URL must be set when using external infra");
117    let s3_endpoint =
118        std::env::var("S3_ENDPOINT").expect("S3_ENDPOINT must be set when using external infra");
119    unsafe {
120        std::env::set_var(
121            "S3_BUCKET",
122            std::env::var("S3_BUCKET").unwrap_or_else(|_| "test-bucket".to_string()),
123        );
124        std::env::set_var(
125            "AWS_ACCESS_KEY_ID",
126            std::env::var("AWS_ACCESS_KEY_ID").unwrap_or_else(|_| "minioadmin".to_string()),
127        );
128        std::env::set_var(
129            "AWS_SECRET_ACCESS_KEY",
130            std::env::var("AWS_SECRET_ACCESS_KEY").unwrap_or_else(|_| "minioadmin".to_string()),
131        );
132        std::env::set_var(
133            "AWS_REGION",
134            std::env::var("AWS_REGION").unwrap_or_else(|_| "us-east-1".to_string()),
135        );
136        std::env::set_var("S3_ENDPOINT", &s3_endpoint);
137    }
138    let mock_server = MockServer::start().await;
139    setup_mock_appview(&mock_server).await;
140    let mock_uri = mock_server.uri();
141    let mock_host = mock_uri.strip_prefix("http://").unwrap_or(&mock_uri);
142    let mock_did = format!("did:web:{}", mock_host.replace(':', "%3A"));
143    setup_mock_did_document(&mock_server, &mock_did, &mock_uri).await;
144    MOCK_APPVIEW.set(mock_server).ok();
145    spawn_app(database_url).await
146}
147
148#[cfg(not(feature = "external-infra"))]
149async fn setup_with_testcontainers() -> String {
150    let s3_container = GenericImage::new("minio/minio", "latest")
151        .with_exposed_port(ContainerPort::Tcp(9000))
152        .with_env_var("MINIO_ROOT_USER", "minioadmin")
153        .with_env_var("MINIO_ROOT_PASSWORD", "minioadmin")
154        .with_cmd(vec!["server".to_string(), "/data".to_string()])
155        .with_label("tranquil_pds_test", "true")
156        .start()
157        .await
158        .expect("Failed to start MinIO");
159    let s3_port = s3_container
160        .get_host_port_ipv4(9000)
161        .await
162        .expect("Failed to get S3 port");
163    let s3_endpoint = format!("http://127.0.0.1:{}", s3_port);
164    unsafe {
165        std::env::set_var("S3_BUCKET", "test-bucket");
166        std::env::set_var("AWS_ACCESS_KEY_ID", "minioadmin");
167        std::env::set_var("AWS_SECRET_ACCESS_KEY", "minioadmin");
168        std::env::set_var("AWS_REGION", "us-east-1");
169        std::env::set_var("S3_ENDPOINT", &s3_endpoint);
170    }
171    let sdk_config = aws_config::defaults(BehaviorVersion::latest())
172        .region("us-east-1")
173        .endpoint_url(&s3_endpoint)
174        .credentials_provider(Credentials::new(
175            "minioadmin",
176            "minioadmin",
177            None,
178            None,
179            "test",
180        ))
181        .load()
182        .await;
183    let s3_config = aws_sdk_s3::config::Builder::from(&sdk_config)
184        .force_path_style(true)
185        .build();
186    let s3_client = S3Client::from_conf(s3_config);
187    let _ = s3_client.create_bucket().bucket("test-bucket").send().await;
188    let mock_server = MockServer::start().await;
189    setup_mock_appview(&mock_server).await;
190    let mock_uri = mock_server.uri();
191    let mock_host = mock_uri.strip_prefix("http://").unwrap_or(&mock_uri);
192    let mock_did = format!("did:web:{}", mock_host.replace(':', "%3A"));
193    setup_mock_did_document(&mock_server, &mock_did, &mock_uri).await;
194    MOCK_APPVIEW.set(mock_server).ok();
195    S3_CONTAINER.set(s3_container).ok();
196    let container = Postgres::default()
197        .with_tag("18-alpine")
198        .with_label("tranquil_pds_test", "true")
199        .start()
200        .await
201        .expect("Failed to start Postgres");
202    let connection_string = format!(
203        "postgres://postgres:postgres@127.0.0.1:{}",
204        container
205            .get_host_port_ipv4(5432)
206            .await
207            .expect("Failed to get port")
208    );
209    DB_CONTAINER.set(container).ok();
210    spawn_app(connection_string).await
211}
212
213#[cfg(feature = "external-infra")]
214async fn setup_with_testcontainers() -> String {
215    panic!(
216        "Testcontainers disabled with external-infra feature. Set DATABASE_URL and S3_ENDPOINT."
217    );
218}
219
220async fn setup_mock_did_document(mock_server: &MockServer, did: &str, service_endpoint: &str) {
221    Mock::given(method("GET"))
222        .and(path("/.well-known/did.json"))
223        .respond_with(ResponseTemplate::new(200).set_body_json(json!({
224            "id": did,
225            "service": [{
226                "id": "#atproto_appview",
227                "type": "AtprotoAppView",
228                "serviceEndpoint": service_endpoint
229            }]
230        })))
231        .mount(mock_server)
232        .await;
233}
234
235async fn setup_mock_appview(_mock_server: &MockServer) {}
236
237async fn spawn_app(database_url: String) -> String {
238    use tranquil_pds::rate_limit::RateLimiters;
239    let pool = PgPoolOptions::new()
240        .max_connections(50)
241        .connect(&database_url)
242        .await
243        .expect("Failed to connect to Postgres. Make sure the database is running.");
244    sqlx::migrate!("./migrations")
245        .run(&pool)
246        .await
247        .expect("Failed to run migrations");
248    let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
249    let addr = listener.local_addr().unwrap();
250    APP_PORT.set(addr.port()).ok();
251    unsafe {
252        std::env::set_var("PDS_HOSTNAME", addr.to_string());
253    }
254    let rate_limiters = RateLimiters::new()
255        .with_login_limit(10000)
256        .with_account_creation_limit(10000)
257        .with_password_reset_limit(10000)
258        .with_email_update_limit(10000)
259        .with_oauth_authorize_limit(10000)
260        .with_oauth_token_limit(10000);
261    let state = AppState::new(pool).await.with_rate_limiters(rate_limiters);
262    tranquil_pds::sync::listener::start_sequencer_listener(state.clone()).await;
263    let app = tranquil_pds::app(state);
264    tokio::spawn(async move {
265        axum::serve(listener, app).await.unwrap();
266    });
267    format!("http://{}", addr)
268}
269
270#[allow(dead_code)]
271pub async fn get_db_connection_string() -> String {
272    base_url().await;
273    if has_external_infra() {
274        std::env::var("DATABASE_URL").expect("DATABASE_URL not set")
275    } else {
276        #[cfg(not(feature = "external-infra"))]
277        {
278            let container = DB_CONTAINER.get().expect("DB container not initialized");
279            let port = container
280                .get_host_port_ipv4(5432)
281                .await
282                .expect("Failed to get port");
283            format!("postgres://postgres:postgres@127.0.0.1:{}/postgres", port)
284        }
285        #[cfg(feature = "external-infra")]
286        {
287            panic!("DATABASE_URL must be set with external-infra feature");
288        }
289    }
290}
291
292#[allow(dead_code)]
293pub async fn verify_new_account(client: &Client, did: &str) -> String {
294    let conn_str = get_db_connection_string().await;
295    let pool = sqlx::postgres::PgPoolOptions::new()
296        .max_connections(2)
297        .connect(&conn_str)
298        .await
299        .expect("Failed to connect to test database");
300    let body_text: String = sqlx::query_scalar!(
301        "SELECT body FROM comms_queue WHERE user_id = (SELECT id FROM users WHERE did = $1) AND comms_type = 'email_verification' ORDER BY created_at DESC LIMIT 1",
302        did
303    )
304    .fetch_one(&pool)
305    .await
306    .expect("Failed to get verification code");
307
308    let lines: Vec<&str> = body_text.lines().collect();
309    let verification_code = lines
310        .iter()
311        .enumerate()
312        .find(|(_, line)| line.contains("verification code is:") || line.contains("code is:"))
313        .and_then(|(i, _)| lines.get(i + 1).map(|s| s.trim().to_string()))
314        .or_else(|| {
315            body_text
316                .split_whitespace()
317                .find(|word| word.contains('-') && word.chars().filter(|c| *c == '-').count() >= 3)
318                .map(|s| s.to_string())
319        })
320        .unwrap_or_else(|| body_text.clone());
321
322    let confirm_payload = json!({
323        "did": did,
324        "verificationCode": verification_code
325    });
326    let confirm_res = client
327        .post(format!(
328            "{}/xrpc/com.atproto.server.confirmSignup",
329            base_url().await
330        ))
331        .json(&confirm_payload)
332        .send()
333        .await
334        .expect("confirmSignup request failed");
335    assert_eq!(confirm_res.status(), StatusCode::OK, "confirmSignup failed");
336    let confirm_body: Value = confirm_res
337        .json()
338        .await
339        .expect("Invalid JSON from confirmSignup");
340    confirm_body["accessJwt"]
341        .as_str()
342        .expect("No accessJwt in confirmSignup response")
343        .to_string()
344}
345
346#[allow(dead_code)]
347pub async fn upload_test_blob(client: &Client, data: &'static str, mime: &'static str) -> Value {
348    let res = client
349        .post(format!(
350            "{}/xrpc/com.atproto.repo.uploadBlob",
351            base_url().await
352        ))
353        .header(header::CONTENT_TYPE, mime)
354        .bearer_auth(AUTH_TOKEN)
355        .body(data)
356        .send()
357        .await
358        .expect("Failed to send uploadBlob request");
359    assert_eq!(res.status(), StatusCode::OK, "Failed to upload blob");
360    let body: Value = res.json().await.expect("Blob upload response was not JSON");
361    body["blob"].clone()
362}
363
364#[allow(dead_code)]
365pub async fn create_test_post(
366    client: &Client,
367    text: &str,
368    reply_to: Option<Value>,
369) -> (String, String, String) {
370    let collection = "app.bsky.feed.post";
371    let mut record = json!({
372        "$type": collection,
373        "text": text,
374        "createdAt": Utc::now().to_rfc3339()
375    });
376    if let Some(reply_obj) = reply_to {
377        record["reply"] = reply_obj;
378    }
379    let payload = json!({
380        "repo": AUTH_DID,
381        "collection": collection,
382        "record": record
383    });
384    let res = client
385        .post(format!(
386            "{}/xrpc/com.atproto.repo.createRecord",
387            base_url().await
388        ))
389        .bearer_auth(AUTH_TOKEN)
390        .json(&payload)
391        .send()
392        .await
393        .expect("Failed to send createRecord");
394    assert_eq!(res.status(), StatusCode::OK, "Failed to create post record");
395    let body: Value = res
396        .json()
397        .await
398        .expect("createRecord response was not JSON");
399    let uri = body["uri"]
400        .as_str()
401        .expect("Response had no URI")
402        .to_string();
403    let cid = body["cid"]
404        .as_str()
405        .expect("Response had no CID")
406        .to_string();
407    let rkey = uri
408        .split('/')
409        .last()
410        .expect("URI was malformed")
411        .to_string();
412    (uri, cid, rkey)
413}
414
415#[allow(dead_code)]
416pub async fn create_account_and_login(client: &Client) -> (String, String) {
417    create_account_and_login_internal(client, false).await
418}
419
420#[allow(dead_code)]
421pub async fn create_admin_account_and_login(client: &Client) -> (String, String) {
422    create_account_and_login_internal(client, true).await
423}
424
425async fn create_account_and_login_internal(client: &Client, make_admin: bool) -> (String, String) {
426    let mut last_error = String::new();
427    for attempt in 0..3 {
428        if attempt > 0 {
429            tokio::time::sleep(Duration::from_millis(100 * (attempt as u64 + 1))).await;
430        }
431        let handle = format!("user_{}", uuid::Uuid::new_v4());
432        let payload = json!({
433            "handle": handle,
434            "email": format!("{}@example.com", handle),
435            "password": "Testpass123!"
436        });
437        let res = match client
438            .post(format!(
439                "{}/xrpc/com.atproto.server.createAccount",
440                base_url().await
441            ))
442            .json(&payload)
443            .send()
444            .await
445        {
446            Ok(r) => r,
447            Err(e) => {
448                last_error = format!("Request failed: {}", e);
449                continue;
450            }
451        };
452        if res.status() == StatusCode::OK {
453            let body: Value = res.json().await.expect("Invalid JSON");
454            let did = body["did"].as_str().expect("No did").to_string();
455            let conn_str = get_db_connection_string().await;
456            let pool = sqlx::postgres::PgPoolOptions::new()
457                .max_connections(2)
458                .connect(&conn_str)
459                .await
460                .expect("Failed to connect to test database");
461            if make_admin {
462                sqlx::query!("UPDATE users SET is_admin = TRUE WHERE did = $1", &did)
463                    .execute(&pool)
464                    .await
465                    .expect("Failed to mark user as admin");
466            }
467            if let Some(access_jwt) = body["accessJwt"].as_str() {
468                return (access_jwt.to_string(), did);
469            }
470            let body_text: String = sqlx::query_scalar!(
471                "SELECT body FROM comms_queue WHERE user_id = (SELECT id FROM users WHERE did = $1) AND comms_type = 'email_verification' ORDER BY created_at DESC LIMIT 1",
472                &did
473            )
474            .fetch_one(&pool)
475            .await
476            .expect("Failed to get verification from comms_queue");
477            let lines: Vec<&str> = body_text.lines().collect();
478            let verification_code = lines
479                .iter()
480                .enumerate()
481                .find(|(_, line)| {
482                    line.contains("verification code is:") || line.contains("code is:")
483                })
484                .and_then(|(i, _)| lines.get(i + 1).map(|s| s.trim().to_string()))
485                .or_else(|| {
486                    body_text
487                        .split_whitespace()
488                        .find(|word| {
489                            word.contains('-') && word.chars().filter(|c| *c == '-').count() >= 3
490                        })
491                        .map(|s| s.to_string())
492                })
493                .unwrap_or_else(|| body_text.clone());
494
495            let confirm_payload = json!({
496                "did": did,
497                "verificationCode": verification_code
498            });
499            let confirm_res = client
500                .post(format!(
501                    "{}/xrpc/com.atproto.server.confirmSignup",
502                    base_url().await
503                ))
504                .json(&confirm_payload)
505                .send()
506                .await
507                .expect("confirmSignup request failed");
508            if confirm_res.status() == StatusCode::OK {
509                let confirm_body: Value = confirm_res
510                    .json()
511                    .await
512                    .expect("Invalid JSON from confirmSignup");
513                let access_jwt = confirm_body["accessJwt"]
514                    .as_str()
515                    .expect("No accessJwt in confirmSignup response")
516                    .to_string();
517                return (access_jwt, did);
518            }
519            last_error = format!("confirmSignup failed: {:?}", confirm_res.text().await);
520            continue;
521        }
522        last_error = format!("Status {}: {:?}", res.status(), res.text().await);
523    }
524    panic!("Failed to create account after 3 attempts: {}", last_error);
525}