4debdc1449
* feat: add security logging and fix framework regressions This commit implements comprehensive security event logging and resolves critical regressions in the core framework. Security Logging: - Enhanced `pkg/log` with a `Security` level and helper. - Added `log.Username()` to consistently identify the executing user. - Instrumented GitHub CLI auth, Agentic configuration, filesystem sandbox, MCP handlers, and MCP TCP transport with security logs. - Added `SecurityStyle` to the CLI for consistent visual representation of security events. UniFi Security (CodeQL): - Refactored `pkg/unifi` to remove hardcoded `InsecureSkipVerify`, resolving a high-severity alert. - Added a `--verify-tls` flag and configuration option to control TLS verification. - Updated command handlers to support the new verification parameter. Framework Fixes: - Restored original signatures for `MustServiceFor`, `Config()`, and `Display()` in `pkg/framework/core`, which had been corrupted during a merge. - Fixed `pkg/framework/framework.go` and `pkg/framework/core/runtime_pkg.go` to match the restored signatures. - These fixes resolve project-wide compilation errors caused by the signature mismatches. I encountered significant blockers due to a corrupted state of the `dev` branch after a merge, which introduced breaking changes in the core framework's DI system. I had to manually reconcile these signatures with the expected usage across the codebase to restore build stability. * feat(mcp): add RAG tools (query, ingest, collections) Add vector database tools to the MCP server for RAG operations: - rag_query: Search for relevant documentation using semantic similarity - rag_ingest: Ingest files or directories into the vector database - rag_collections: List available collections Uses existing internal/cmd/rag exports (QueryDocs, IngestDirectory, IngestFile) and pkg/rag for Qdrant client access. Default collection is "hostuk-docs" with topK=5 for queries. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(mcp): add metrics tools (record, query) Add MCP tools for recording and querying AI/security metrics events. The metrics_record tool writes events to daily JSONL files, and the metrics_query tool provides aggregated statistics by type, repo, and agent. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: add 'core mcp serve' command Add CLI command to start the MCP server for AI tool integration. - Create internal/cmd/mcpcmd package with serve subcommand - Support --workspace flag for directory restriction - Handle SIGINT/SIGTERM for clean shutdown - Register in full.go build variant Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(ws): add WebSocket hub package for real-time streaming Add pkg/ws package implementing a hub pattern for WebSocket connections: - Hub manages client connections, broadcasts, and channel subscriptions - Client struct represents connected WebSocket clients - Message types: process_output, process_status, event, error, ping/pong - Channel-based subscription system (subscribe/unsubscribe) - SendProcessOutput and SendProcessStatus for process streaming integration - Full test coverage including concurrency tests Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(mcp): add process management and WebSocket MCP tools Add MCP tools for process management: - process_start: Start a new external process - process_stop: Gracefully stop a running process - process_kill: Force kill a process - process_list: List all managed processes - process_output: Get captured process output - process_input: Send input to process stdin Add MCP tools for WebSocket: - ws_start: Start WebSocket server for real-time streaming - ws_info: Get hub statistics (clients, channels) Update Service struct with optional process.Service and ws.Hub fields, new WithProcessService and WithWSHub options, getter methods, and Shutdown method for cleanup. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(webview): add browser automation package via Chrome DevTools Protocol Add pkg/webview package for browser automation: - webview.go: Main interface with Connect, Navigate, Click, Type, QuerySelector, Screenshot, Evaluate - cdp.go: Chrome DevTools Protocol WebSocket client implementation - actions.go: DOM action types (Click, Type, Hover, Scroll, etc.) and ActionSequence builder - console.go: Console message capture and filtering with ConsoleWatcher and ExceptionWatcher - angular.go: Angular-specific helpers for router navigation, component access, and Zone.js stability Add MCP tools for webview: - webview_connect/disconnect: Connection management - webview_navigate: Page navigation - webview_click/type/query/wait: DOM interaction - webview_console: Console output capture - webview_eval: JavaScript execution - webview_screenshot: Screenshot capture Add documentation: - docs/mcp/angular-testing.md: Guide for Angular application testing Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: document new packages and BugSETI application - Update CLAUDE.md with documentation for: - pkg/ws (WebSocket hub for real-time streaming) - pkg/webview (Browser automation via CDP) - pkg/mcp (MCP server tools: process, ws, webview) - BugSETI application overview - Add comprehensive README for BugSETI with: - Installation and configuration guide - Usage workflow documentation - Architecture overview - Contributing guidelines Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat(bugseti): add BugSETI system tray app with auto-update BugSETI - Distributed Bug Fixing like SETI@home but for code Features: - System tray app with Wails v3 - GitHub issue fetching with label filters - Issue queue with priority management - AI context seeding via seed-agent-developer skill - Automated PR submission flow - Stats tracking and leaderboard - Cross-platform notifications - Self-updating with stable/beta/nightly channels Includes: - cmd/bugseti: Main application with Angular frontend - internal/bugseti: Core services (fetcher, queue, seeder, submit, config, stats, notify) - internal/bugseti/updater: Auto-update system (checker, downloader, installer) - .github/workflows/bugseti-release.yml: CI/CD for all platforms Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: resolve import cycle and code duplication - Remove pkg/log import from pkg/io/local to break import cycle (pkg/log/rotation.go imports pkg/io, creating circular dependency) - Use stderr logging for security events in sandbox escape detection - Remove unused sync/atomic import from core.go - Fix duplicate LogSecurity function declarations in cli/log.go - Update workspace/service.go Crypt() call to match interface Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: update tests for new function signatures and format code - Update core_test.go: Config(), Display() now panic instead of returning error - Update runtime_pkg_test.go: sr.Config() now panics instead of returning error - Update MustServiceFor tests to use assert.Panics - Format BugSETI, MCP tools, and webview packages with gofmt Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Snider <631881+Snider@users.noreply.github.com> Co-authored-by: Claude <developers@lethean.io> Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
211 lines
5.7 KiB
Go
211 lines
5.7 KiB
Go
package testcmd
|
|
|
|
import (
|
|
"bufio"
|
|
"fmt"
|
|
"path/filepath"
|
|
"regexp"
|
|
"sort"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"github.com/host-uk/core/pkg/i18n"
|
|
)
|
|
|
|
type packageCoverage struct {
|
|
name string
|
|
coverage float64
|
|
hasCov bool
|
|
}
|
|
|
|
type testResults struct {
|
|
packages []packageCoverage
|
|
passed int
|
|
failed int
|
|
skipped int
|
|
totalCov float64
|
|
covCount int
|
|
failedPkgs []string
|
|
}
|
|
|
|
func parseTestOutput(output string) testResults {
|
|
results := testResults{}
|
|
|
|
// Regex patterns - handle both timed and cached test results
|
|
// Example: ok github.com/host-uk/core/pkg/crypt 0.015s coverage: 91.2% of statements
|
|
// Example: ok github.com/host-uk/core/pkg/crypt (cached) coverage: 91.2% of statements
|
|
okPattern := regexp.MustCompile(`^ok\s+(\S+)\s+(?:[\d.]+s|\(cached\))(?:\s+coverage:\s+([\d.]+)%)?`)
|
|
failPattern := regexp.MustCompile(`^FAIL\s+(\S+)`)
|
|
skipPattern := regexp.MustCompile(`^\?\s+(\S+)\s+\[no test files\]`)
|
|
coverPattern := regexp.MustCompile(`coverage:\s+([\d.]+)%`)
|
|
|
|
scanner := bufio.NewScanner(strings.NewReader(output))
|
|
for scanner.Scan() {
|
|
line := scanner.Text()
|
|
|
|
if matches := okPattern.FindStringSubmatch(line); matches != nil {
|
|
pkg := packageCoverage{name: matches[1]}
|
|
if len(matches) > 2 && matches[2] != "" {
|
|
cov, _ := strconv.ParseFloat(matches[2], 64)
|
|
pkg.coverage = cov
|
|
pkg.hasCov = true
|
|
results.totalCov += cov
|
|
results.covCount++
|
|
}
|
|
results.packages = append(results.packages, pkg)
|
|
results.passed++
|
|
} else if matches := failPattern.FindStringSubmatch(line); matches != nil {
|
|
results.failed++
|
|
results.failedPkgs = append(results.failedPkgs, matches[1])
|
|
} else if matches := skipPattern.FindStringSubmatch(line); matches != nil {
|
|
results.skipped++
|
|
} else if matches := coverPattern.FindStringSubmatch(line); matches != nil {
|
|
// Catch any additional coverage lines
|
|
cov, _ := strconv.ParseFloat(matches[1], 64)
|
|
if cov > 0 {
|
|
// Find the last package without coverage and update it
|
|
for i := len(results.packages) - 1; i >= 0; i-- {
|
|
if !results.packages[i].hasCov {
|
|
results.packages[i].coverage = cov
|
|
results.packages[i].hasCov = true
|
|
results.totalCov += cov
|
|
results.covCount++
|
|
break
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return results
|
|
}
|
|
|
|
func printTestSummary(results testResults, showCoverage bool) {
|
|
// Print pass/fail summary
|
|
total := results.passed + results.failed
|
|
if total > 0 {
|
|
fmt.Printf(" %s %s", testPassStyle.Render("✓"), i18n.T("i18n.count.passed", results.passed))
|
|
if results.failed > 0 {
|
|
fmt.Printf(" %s %s", testFailStyle.Render("✗"), i18n.T("i18n.count.failed", results.failed))
|
|
}
|
|
if results.skipped > 0 {
|
|
fmt.Printf(" %s %s", testSkipStyle.Render("○"), i18n.T("i18n.count.skipped", results.skipped))
|
|
}
|
|
fmt.Println()
|
|
}
|
|
|
|
// Print failed packages
|
|
if len(results.failedPkgs) > 0 {
|
|
fmt.Printf("\n %s\n", i18n.T("cmd.test.failed_packages"))
|
|
for _, pkg := range results.failedPkgs {
|
|
fmt.Printf(" %s %s\n", testFailStyle.Render("✗"), pkg)
|
|
}
|
|
}
|
|
|
|
// Print coverage
|
|
if showCoverage {
|
|
printCoverageSummary(results)
|
|
} else if results.covCount > 0 {
|
|
avgCov := results.totalCov / float64(results.covCount)
|
|
fmt.Printf("\n %s %s\n", i18n.Label("coverage"), formatCoverage(avgCov))
|
|
}
|
|
}
|
|
|
|
func printCoverageSummary(results testResults) {
|
|
if len(results.packages) == 0 {
|
|
return
|
|
}
|
|
|
|
fmt.Printf("\n %s\n", testHeaderStyle.Render(i18n.T("cmd.test.coverage_by_package")))
|
|
|
|
// Sort packages by name
|
|
sort.Slice(results.packages, func(i, j int) bool {
|
|
return results.packages[i].name < results.packages[j].name
|
|
})
|
|
|
|
// Find max package name length for alignment
|
|
maxLen := 0
|
|
for _, pkg := range results.packages {
|
|
name := shortenPackageName(pkg.name)
|
|
if len(name) > maxLen {
|
|
maxLen = len(name)
|
|
}
|
|
}
|
|
|
|
// Print each package
|
|
for _, pkg := range results.packages {
|
|
if !pkg.hasCov {
|
|
continue
|
|
}
|
|
name := shortenPackageName(pkg.name)
|
|
padLen := maxLen - len(name) + 2
|
|
if padLen < 0 {
|
|
padLen = 2
|
|
}
|
|
padding := strings.Repeat(" ", padLen)
|
|
fmt.Printf(" %s%s%s\n", name, padding, formatCoverage(pkg.coverage))
|
|
}
|
|
|
|
// Print average
|
|
if results.covCount > 0 {
|
|
avgCov := results.totalCov / float64(results.covCount)
|
|
avgLabel := i18n.T("cmd.test.label.average")
|
|
padLen := maxLen - len(avgLabel) + 2
|
|
if padLen < 0 {
|
|
padLen = 2
|
|
}
|
|
padding := strings.Repeat(" ", padLen)
|
|
fmt.Printf("\n %s%s%s\n", testHeaderStyle.Render(avgLabel), padding, formatCoverage(avgCov))
|
|
}
|
|
}
|
|
|
|
func formatCoverage(cov float64) string {
|
|
s := fmt.Sprintf("%.1f%%", cov)
|
|
if cov >= 80 {
|
|
return testCovHighStyle.Render(s)
|
|
} else if cov >= 50 {
|
|
return testCovMedStyle.Render(s)
|
|
}
|
|
return testCovLowStyle.Render(s)
|
|
}
|
|
|
|
func shortenPackageName(name string) string {
|
|
// Remove common prefixes
|
|
prefixes := []string{
|
|
"github.com/host-uk/core/",
|
|
"github.com/host-uk/",
|
|
}
|
|
for _, prefix := range prefixes {
|
|
if strings.HasPrefix(name, prefix) {
|
|
return strings.TrimPrefix(name, prefix)
|
|
}
|
|
}
|
|
return filepath.Base(name)
|
|
}
|
|
|
|
func printJSONResults(results testResults, exitCode int) {
|
|
// Simple JSON output for agents
|
|
fmt.Printf("{\n")
|
|
fmt.Printf(" \"passed\": %d,\n", results.passed)
|
|
fmt.Printf(" \"failed\": %d,\n", results.failed)
|
|
fmt.Printf(" \"skipped\": %d,\n", results.skipped)
|
|
if results.covCount > 0 {
|
|
avgCov := results.totalCov / float64(results.covCount)
|
|
fmt.Printf(" \"coverage\": %.1f,\n", avgCov)
|
|
}
|
|
fmt.Printf(" \"exit_code\": %d,\n", exitCode)
|
|
if len(results.failedPkgs) > 0 {
|
|
fmt.Printf(" \"failed_packages\": [\n")
|
|
for i, pkg := range results.failedPkgs {
|
|
comma := ","
|
|
if i == len(results.failedPkgs)-1 {
|
|
comma = ""
|
|
}
|
|
fmt.Printf(" %q%s\n", pkg, comma)
|
|
}
|
|
fmt.Printf(" ]\n")
|
|
} else {
|
|
fmt.Printf(" \"failed_packages\": []\n")
|
|
}
|
|
fmt.Printf("}\n")
|
|
}
|