core/cli
8
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions 1
cli/pkg/php/quality_test.go

518 lines
14 KiB
Go
Raw Normal View History

test: increase coverage to 63.8% across packages Coverage improvements: - pkg/build: 89.4% - pkg/release: 86.7% (from 36.7%) - pkg/container: 85.7% - pkg/php: 62.1% (from 26%) - pkg/devops: 56.7% (from 33.1%) - pkg/release/publishers: 54.7% Also: - Add GEMINI.md for Gemini agent guidance - Update .gitignore to exclude coverage files - Remove stray core.go at root - Add core go cov command for coverage reports Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 14:28:23 +00:00
package php
import (
"os"
"path/filepath"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestDetectFormatter_Good(t *testing.T) {
t.Run("detects pint.json", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "pint.json"), []byte("{}"), 0644)
require.NoError(t, err)
formatter, found := DetectFormatter(dir)
assert.True(t, found)
assert.Equal(t, FormatterPint, formatter)
})
t.Run("detects vendor binary", func(t *testing.T) {
dir := t.TempDir()
binDir := filepath.Join(dir, "vendor", "bin")
err := os.MkdirAll(binDir, 0755)
require.NoError(t, err)
err = os.WriteFile(filepath.Join(binDir, "pint"), []byte(""), 0755)
require.NoError(t, err)
formatter, found := DetectFormatter(dir)
assert.True(t, found)
assert.Equal(t, FormatterPint, formatter)
})
}
func TestDetectFormatter_Bad(t *testing.T) {
t.Run("no formatter", func(t *testing.T) {
dir := t.TempDir()
_, found := DetectFormatter(dir)
assert.False(t, found)
})
}
func TestDetectAnalyser_Good(t *testing.T) {
t.Run("detects phpstan.neon", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "phpstan.neon"), []byte(""), 0644)
require.NoError(t, err)
analyser, found := DetectAnalyser(dir)
assert.True(t, found)
assert.Equal(t, AnalyserPHPStan, analyser)
})
t.Run("detects phpstan.neon.dist", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "phpstan.neon.dist"), []byte(""), 0644)
require.NoError(t, err)
analyser, found := DetectAnalyser(dir)
assert.True(t, found)
assert.Equal(t, AnalyserPHPStan, analyser)
})
t.Run("detects larastan", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "phpstan.neon"), []byte(""), 0644)
require.NoError(t, err)
larastanDir := filepath.Join(dir, "vendor", "larastan", "larastan")
err = os.MkdirAll(larastanDir, 0755)
require.NoError(t, err)
analyser, found := DetectAnalyser(dir)
assert.True(t, found)
assert.Equal(t, AnalyserLarastan, analyser)
})
t.Run("detects nunomaduro/larastan", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "phpstan.neon"), []byte(""), 0644)
require.NoError(t, err)
larastanDir := filepath.Join(dir, "vendor", "nunomaduro", "larastan")
err = os.MkdirAll(larastanDir, 0755)
require.NoError(t, err)
analyser, found := DetectAnalyser(dir)
assert.True(t, found)
assert.Equal(t, AnalyserLarastan, analyser)
})
}
func TestBuildPintCommand_Good(t *testing.T) {
t.Run("basic command", func(t *testing.T) {
dir := t.TempDir()
opts := FormatOptions{Dir: dir}
cmd, args := buildPintCommand(opts)
assert.Equal(t, "pint", cmd)
assert.Contains(t, args, "--test")
})
t.Run("fix enabled", func(t *testing.T) {
dir := t.TempDir()
opts := FormatOptions{Dir: dir, Fix: true}
_, args := buildPintCommand(opts)
assert.NotContains(t, args, "--test")
})
t.Run("diff enabled", func(t *testing.T) {
dir := t.TempDir()
opts := FormatOptions{Dir: dir, Diff: true}
_, args := buildPintCommand(opts)
assert.Contains(t, args, "--diff")
})
t.Run("with specific paths", func(t *testing.T) {
dir := t.TempDir()
paths := []string{"app", "tests"}
opts := FormatOptions{Dir: dir, Paths: paths}
_, args := buildPintCommand(opts)
assert.Equal(t, paths, args[len(args)-2:])
})
t.Run("uses vendor binary if exists", func(t *testing.T) {
dir := t.TempDir()
binDir := filepath.Join(dir, "vendor", "bin")
err := os.MkdirAll(binDir, 0755)
require.NoError(t, err)
pintPath := filepath.Join(binDir, "pint")
err = os.WriteFile(pintPath, []byte(""), 0755)
require.NoError(t, err)
opts := FormatOptions{Dir: dir}
cmd, _ := buildPintCommand(opts)
assert.Equal(t, pintPath, cmd)
})
}
func TestBuildPHPStanCommand_Good(t *testing.T) {
t.Run("basic command", func(t *testing.T) {
dir := t.TempDir()
opts := AnalyseOptions{Dir: dir}
cmd, args := buildPHPStanCommand(opts)
assert.Equal(t, "phpstan", cmd)
assert.Equal(t, []string{"analyse"}, args)
})
t.Run("with level", func(t *testing.T) {
dir := t.TempDir()
opts := AnalyseOptions{Dir: dir, Level: 5}
_, args := buildPHPStanCommand(opts)
assert.Contains(t, args, "--level")
assert.Contains(t, args, "5")
})
t.Run("with memory limit", func(t *testing.T) {
dir := t.TempDir()
opts := AnalyseOptions{Dir: dir, Memory: "2G"}
_, args := buildPHPStanCommand(opts)
assert.Contains(t, args, "--memory-limit")
assert.Contains(t, args, "2G")
})
t.Run("uses vendor binary if exists", func(t *testing.T) {
dir := t.TempDir()
binDir := filepath.Join(dir, "vendor", "bin")
err := os.MkdirAll(binDir, 0755)
require.NoError(t, err)
phpstanPath := filepath.Join(binDir, "phpstan")
err = os.WriteFile(phpstanPath, []byte(""), 0755)
require.NoError(t, err)
opts := AnalyseOptions{Dir: dir}
cmd, _ := buildPHPStanCommand(opts)
assert.Equal(t, phpstanPath, cmd)
})
}
feat(php): add quality commands and split cmd/php for maintainability Add new PHP quality commands: - psalm: Psalm static analysis with auto-fix support - audit: Security audit for composer and npm dependencies - security: Filesystem security checks (.env exposure, permissions) - qa: Full QA pipeline with quick/standard/full stages - rector: Automated code refactoring with dry-run - infection: Mutation testing Split cmd/php/php.go (2k+ lines) into logical files: - php.go: Styles and command registration - php_dev.go: dev, logs, stop, status, ssl - php_build.go: build, serve, shell - php_quality.go: test, fmt, analyse, psalm, audit, security, qa, rector, infection - php_packages.go: packages link/unlink/update/list - php_deploy.go: deploy commands QA pipeline improvements: - Suppress tool output noise in pipeline mode - Show actionable "To fix:" suggestions with commands Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 23:58:03 +00:00
// =============================================================================
// Psalm Detection Tests
// =============================================================================
func TestDetectPsalm_Good(t *testing.T) {
t.Run("detects psalm.xml", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "psalm.xml"), []byte(""), 0644)
require.NoError(t, err)
// Also need vendor binary for it to return true
binDir := filepath.Join(dir, "vendor", "bin")
err = os.MkdirAll(binDir, 0755)
require.NoError(t, err)
err = os.WriteFile(filepath.Join(binDir, "psalm"), []byte(""), 0755)
require.NoError(t, err)
psalmType, found := DetectPsalm(dir)
assert.True(t, found)
assert.Equal(t, PsalmStandard, psalmType)
})
t.Run("detects psalm.xml.dist", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "psalm.xml.dist"), []byte(""), 0644)
require.NoError(t, err)
binDir := filepath.Join(dir, "vendor", "bin")
err = os.MkdirAll(binDir, 0755)
require.NoError(t, err)
err = os.WriteFile(filepath.Join(binDir, "psalm"), []byte(""), 0755)
require.NoError(t, err)
_, found := DetectPsalm(dir)
assert.True(t, found)
})
t.Run("detects vendor binary only", func(t *testing.T) {
dir := t.TempDir()
binDir := filepath.Join(dir, "vendor", "bin")
err := os.MkdirAll(binDir, 0755)
require.NoError(t, err)
err = os.WriteFile(filepath.Join(binDir, "psalm"), []byte(""), 0755)
require.NoError(t, err)
_, found := DetectPsalm(dir)
assert.True(t, found)
})
}
func TestDetectPsalm_Bad(t *testing.T) {
t.Run("no psalm", func(t *testing.T) {
dir := t.TempDir()
_, found := DetectPsalm(dir)
assert.False(t, found)
})
}
// =============================================================================
// Rector Detection Tests
// =============================================================================
func TestDetectRector_Good(t *testing.T) {
t.Run("detects rector.php", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "rector.php"), []byte("<?php"), 0644)
require.NoError(t, err)
found := DetectRector(dir)
assert.True(t, found)
})
t.Run("detects vendor binary", func(t *testing.T) {
dir := t.TempDir()
binDir := filepath.Join(dir, "vendor", "bin")
err := os.MkdirAll(binDir, 0755)
require.NoError(t, err)
err = os.WriteFile(filepath.Join(binDir, "rector"), []byte(""), 0755)
require.NoError(t, err)
found := DetectRector(dir)
assert.True(t, found)
})
}
func TestDetectRector_Bad(t *testing.T) {
t.Run("no rector", func(t *testing.T) {
dir := t.TempDir()
found := DetectRector(dir)
assert.False(t, found)
})
}
// =============================================================================
// Infection Detection Tests
// =============================================================================
func TestDetectInfection_Good(t *testing.T) {
t.Run("detects infection.json", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "infection.json"), []byte("{}"), 0644)
require.NoError(t, err)
found := DetectInfection(dir)
assert.True(t, found)
})
t.Run("detects infection.json5", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "infection.json5"), []byte("{}"), 0644)
require.NoError(t, err)
found := DetectInfection(dir)
assert.True(t, found)
})
t.Run("detects vendor binary", func(t *testing.T) {
dir := t.TempDir()
binDir := filepath.Join(dir, "vendor", "bin")
err := os.MkdirAll(binDir, 0755)
require.NoError(t, err)
err = os.WriteFile(filepath.Join(binDir, "infection"), []byte(""), 0755)
require.NoError(t, err)
found := DetectInfection(dir)
assert.True(t, found)
})
}
func TestDetectInfection_Bad(t *testing.T) {
t.Run("no infection", func(t *testing.T) {
dir := t.TempDir()
found := DetectInfection(dir)
assert.False(t, found)
})
}
// =============================================================================
// QA Pipeline Tests
// =============================================================================
func TestGetQAStages_Good(t *testing.T) {
t.Run("default stages", func(t *testing.T) {
opts := QAOptions{}
stages := GetQAStages(opts)
assert.Equal(t, []QAStage{QAStageQuick, QAStageStandard}, stages)
})
t.Run("quick only", func(t *testing.T) {
opts := QAOptions{Quick: true}
stages := GetQAStages(opts)
assert.Equal(t, []QAStage{QAStageQuick}, stages)
})
t.Run("full stages", func(t *testing.T) {
opts := QAOptions{Full: true}
stages := GetQAStages(opts)
assert.Equal(t, []QAStage{QAStageQuick, QAStageStandard, QAStageFull}, stages)
})
}
func TestGetQAChecks_Good(t *testing.T) {
t.Run("quick stage checks", func(t *testing.T) {
dir := t.TempDir()
checks := GetQAChecks(dir, QAStageQuick)
assert.Contains(t, checks, "audit")
assert.Contains(t, checks, "fmt")
assert.Contains(t, checks, "analyse")
})
t.Run("standard stage includes test", func(t *testing.T) {
dir := t.TempDir()
checks := GetQAChecks(dir, QAStageStandard)
assert.Contains(t, checks, "test")
})
t.Run("standard stage includes psalm if available", func(t *testing.T) {
dir := t.TempDir()
binDir := filepath.Join(dir, "vendor", "bin")
err := os.MkdirAll(binDir, 0755)
require.NoError(t, err)
err = os.WriteFile(filepath.Join(binDir, "psalm"), []byte(""), 0755)
require.NoError(t, err)
checks := GetQAChecks(dir, QAStageStandard)
assert.Contains(t, checks, "psalm")
})
t.Run("full stage includes rector if available", func(t *testing.T) {
dir := t.TempDir()
err := os.WriteFile(filepath.Join(dir, "rector.php"), []byte("<?php"), 0644)
require.NoError(t, err)
checks := GetQAChecks(dir, QAStageFull)
assert.Contains(t, checks, "rector")
})
}
// =============================================================================
// Security Checks Tests
// =============================================================================
func TestRunEnvSecurityChecks_Good(t *testing.T) {
t.Run("detects debug mode enabled", func(t *testing.T) {
dir := t.TempDir()
envContent := "APP_DEBUG=true\nAPP_KEY=base64:abcdefghijklmnopqrstuvwxyz123456\n"
err := os.WriteFile(filepath.Join(dir, ".env"), []byte(envContent), 0644)
require.NoError(t, err)
checks := runEnvSecurityChecks(dir)
var debugCheck *SecurityCheck
for i := range checks {
if checks[i].ID == "debug_mode" {
debugCheck = &checks[i]
break
}
}
require.NotNil(t, debugCheck)
assert.False(t, debugCheck.Passed)
assert.Equal(t, "critical", debugCheck.Severity)
})
t.Run("passes with debug disabled", func(t *testing.T) {
dir := t.TempDir()
envContent := "APP_DEBUG=false\nAPP_KEY=base64:abcdefghijklmnopqrstuvwxyz123456\n"
err := os.WriteFile(filepath.Join(dir, ".env"), []byte(envContent), 0644)
require.NoError(t, err)
checks := runEnvSecurityChecks(dir)
var debugCheck *SecurityCheck
for i := range checks {
if checks[i].ID == "debug_mode" {
debugCheck = &checks[i]
break
}
}
require.NotNil(t, debugCheck)
assert.True(t, debugCheck.Passed)
})
t.Run("detects weak app key", func(t *testing.T) {
dir := t.TempDir()
envContent := "APP_KEY=short\n"
err := os.WriteFile(filepath.Join(dir, ".env"), []byte(envContent), 0644)
require.NoError(t, err)
checks := runEnvSecurityChecks(dir)
var keyCheck *SecurityCheck
for i := range checks {
if checks[i].ID == "app_key_set" {
keyCheck = &checks[i]
break
}
}
require.NotNil(t, keyCheck)
assert.False(t, keyCheck.Passed)
})
t.Run("detects non-https app url", func(t *testing.T) {
dir := t.TempDir()
envContent := "APP_URL=http://example.com\n"
err := os.WriteFile(filepath.Join(dir, ".env"), []byte(envContent), 0644)
require.NoError(t, err)
checks := runEnvSecurityChecks(dir)
var urlCheck *SecurityCheck
for i := range checks {
if checks[i].ID == "https_enforced" {
urlCheck = &checks[i]
break
}
}
require.NotNil(t, urlCheck)
assert.False(t, urlCheck.Passed)
})
}
func TestRunFilesystemSecurityChecks_Good(t *testing.T) {
t.Run("detects .env in public", func(t *testing.T) {
dir := t.TempDir()
publicDir := filepath.Join(dir, "public")
err := os.MkdirAll(publicDir, 0755)
require.NoError(t, err)
err = os.WriteFile(filepath.Join(publicDir, ".env"), []byte(""), 0644)
require.NoError(t, err)
checks := runFilesystemSecurityChecks(dir)
found := false
for _, check := range checks {
if check.ID == "env_not_public" && !check.Passed {
found = true
break
}
}
assert.True(t, found, "should detect .env in public directory")
})
t.Run("detects .git in public", func(t *testing.T) {
dir := t.TempDir()
gitDir := filepath.Join(dir, "public", ".git")
err := os.MkdirAll(gitDir, 0755)
require.NoError(t, err)
checks := runFilesystemSecurityChecks(dir)
found := false
for _, check := range checks {
if check.ID == "git_not_public" && !check.Passed {
found = true
break
}
}
assert.True(t, found, "should detect .git in public directory")
})
t.Run("passes with clean public directory", func(t *testing.T) {
dir := t.TempDir()
publicDir := filepath.Join(dir, "public")
err := os.MkdirAll(publicDir, 0755)
require.NoError(t, err)
// Add only safe files
err = os.WriteFile(filepath.Join(publicDir, "index.php"), []byte("<?php"), 0644)
require.NoError(t, err)
checks := runFilesystemSecurityChecks(dir)
assert.Empty(t, checks, "should not report issues for clean public directory")
})
}
Reference in a new issue Copy permalink