3365bfd5ba
* feat(mcp): add workspace root validation to prevent path traversal - Add workspaceRoot field to Service for restricting file operations - Add WithWorkspaceRoot() option for configuring the workspace directory - Add validatePath() helper to check paths are within workspace - Apply validation to all file operation handlers - Default to current working directory for security - Add comprehensive tests for path validation Closes #82 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: move CLI commands from pkg/ to internal/cmd/ - Move 18 CLI command packages to internal/cmd/ (not externally importable) - Keep 16 library packages in pkg/ (externally importable) - Update all import paths throughout codebase - Cleaner separation between CLI logic and reusable libraries CLI commands moved: ai, ci, dev, docs, doctor, gitcmd, go, monitor, php, pkgcmd, qa, sdk, security, setup, test, updater, vm, workspace Libraries remaining: agentic, build, cache, cli, container, devops, errors, framework, git, i18n, io, log, mcp, process, release, repos Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor(mcp): use pkg/io Medium for sandboxed file operations Replace manual path validation with pkg/io.Medium for all file operations. This delegates security (path traversal, symlink bypass) to the sandboxed local.Medium implementation. Changes: - Add io.NewSandboxed() for creating sandboxed Medium instances - Refactor MCP Service to use io.Medium instead of direct os.* calls - Remove validatePath and resolvePathWithSymlinks functions - Update tests to verify Medium-based behaviour Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: correct import path and workflow references - Fix pkg/io/io.go import from core-gui to core - Update CI workflows to use internal/cmd/updater path Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(security): address CodeRabbit review issues for path validation - pkg/io/local: add symlink resolution and boundary-aware containment - Reject absolute paths in sandboxed Medium - Use filepath.EvalSymlinks to prevent symlink bypass attacks - Fix prefix check to prevent /tmp/root matching /tmp/root2 - pkg/mcp: fix resolvePath to validate and return errors - Changed resolvePath from (string) to (string, error) - Update deleteFile, renameFile, listDirectory, fileExists to handle errors - Changed New() to return (*Service, error) instead of *Service - Properly propagate option errors instead of silently discarding - pkg/io: wrap errors with E() helper for consistent context - Copy() and MockMedium.Read() now use coreerr.E() - tests: rename to use _Good/_Bad/_Ugly suffixes per coding guidelines - Fix hardcoded /tmp in TestPath to use t.TempDir() - Add TestResolvePath_Bad_SymlinkTraversal test Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * style: fix gofmt formatting Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * style: fix gofmt formatting across all files Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
257 lines
6.3 KiB
Go
257 lines
6.3 KiB
Go
package php
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
)
|
|
|
|
func TestLoadCoolifyConfig_Good(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
envContent string
|
|
wantURL string
|
|
wantToken string
|
|
wantAppID string
|
|
wantStaging string
|
|
}{
|
|
{
|
|
name: "all values set",
|
|
envContent: `COOLIFY_URL=https://coolify.example.com
|
|
COOLIFY_TOKEN=secret-token
|
|
COOLIFY_APP_ID=app-123
|
|
COOLIFY_STAGING_APP_ID=staging-456`,
|
|
wantURL: "https://coolify.example.com",
|
|
wantToken: "secret-token",
|
|
wantAppID: "app-123",
|
|
wantStaging: "staging-456",
|
|
},
|
|
{
|
|
name: "quoted values",
|
|
envContent: `COOLIFY_URL="https://coolify.example.com"
|
|
COOLIFY_TOKEN='secret-token'
|
|
COOLIFY_APP_ID="app-123"`,
|
|
wantURL: "https://coolify.example.com",
|
|
wantToken: "secret-token",
|
|
wantAppID: "app-123",
|
|
},
|
|
{
|
|
name: "with comments and blank lines",
|
|
envContent: `# Coolify configuration
|
|
COOLIFY_URL=https://coolify.example.com
|
|
|
|
# API token
|
|
COOLIFY_TOKEN=secret-token
|
|
COOLIFY_APP_ID=app-123
|
|
# COOLIFY_STAGING_APP_ID=not-this`,
|
|
wantURL: "https://coolify.example.com",
|
|
wantToken: "secret-token",
|
|
wantAppID: "app-123",
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
// Create temp directory
|
|
dir := t.TempDir()
|
|
envPath := filepath.Join(dir, ".env")
|
|
|
|
// Write .env file
|
|
if err := os.WriteFile(envPath, []byte(tt.envContent), 0644); err != nil {
|
|
t.Fatalf("failed to write .env: %v", err)
|
|
}
|
|
|
|
// Load config
|
|
config, err := LoadCoolifyConfig(dir)
|
|
if err != nil {
|
|
t.Fatalf("LoadCoolifyConfig() error = %v", err)
|
|
}
|
|
|
|
if config.URL != tt.wantURL {
|
|
t.Errorf("URL = %q, want %q", config.URL, tt.wantURL)
|
|
}
|
|
if config.Token != tt.wantToken {
|
|
t.Errorf("Token = %q, want %q", config.Token, tt.wantToken)
|
|
}
|
|
if config.AppID != tt.wantAppID {
|
|
t.Errorf("AppID = %q, want %q", config.AppID, tt.wantAppID)
|
|
}
|
|
if tt.wantStaging != "" && config.StagingAppID != tt.wantStaging {
|
|
t.Errorf("StagingAppID = %q, want %q", config.StagingAppID, tt.wantStaging)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestLoadCoolifyConfig_Bad(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
envContent string
|
|
wantErr string
|
|
}{
|
|
{
|
|
name: "missing URL",
|
|
envContent: "COOLIFY_TOKEN=secret",
|
|
wantErr: "COOLIFY_URL is not set",
|
|
},
|
|
{
|
|
name: "missing token",
|
|
envContent: "COOLIFY_URL=https://coolify.example.com",
|
|
wantErr: "COOLIFY_TOKEN is not set",
|
|
},
|
|
{
|
|
name: "empty values",
|
|
envContent: "COOLIFY_URL=\nCOOLIFY_TOKEN=",
|
|
wantErr: "COOLIFY_URL is not set",
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
// Create temp directory
|
|
dir := t.TempDir()
|
|
envPath := filepath.Join(dir, ".env")
|
|
|
|
// Write .env file
|
|
if err := os.WriteFile(envPath, []byte(tt.envContent), 0644); err != nil {
|
|
t.Fatalf("failed to write .env: %v", err)
|
|
}
|
|
|
|
// Load config
|
|
_, err := LoadCoolifyConfig(dir)
|
|
if err == nil {
|
|
t.Fatal("LoadCoolifyConfig() expected error, got nil")
|
|
}
|
|
|
|
if err.Error() != tt.wantErr {
|
|
t.Errorf("error = %q, want %q", err.Error(), tt.wantErr)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestGetAppIDForEnvironment_Good(t *testing.T) {
|
|
config := &CoolifyConfig{
|
|
URL: "https://coolify.example.com",
|
|
Token: "token",
|
|
AppID: "prod-123",
|
|
StagingAppID: "staging-456",
|
|
}
|
|
|
|
tests := []struct {
|
|
name string
|
|
env Environment
|
|
wantID string
|
|
}{
|
|
{
|
|
name: "production environment",
|
|
env: EnvProduction,
|
|
wantID: "prod-123",
|
|
},
|
|
{
|
|
name: "staging environment",
|
|
env: EnvStaging,
|
|
wantID: "staging-456",
|
|
},
|
|
{
|
|
name: "empty defaults to production",
|
|
env: "",
|
|
wantID: "prod-123",
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
id := getAppIDForEnvironment(config, tt.env)
|
|
if id != tt.wantID {
|
|
t.Errorf("getAppIDForEnvironment() = %q, want %q", id, tt.wantID)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestGetAppIDForEnvironment_FallbackToProduction(t *testing.T) {
|
|
config := &CoolifyConfig{
|
|
URL: "https://coolify.example.com",
|
|
Token: "token",
|
|
AppID: "prod-123",
|
|
// No staging app ID
|
|
}
|
|
|
|
// Staging should fall back to production
|
|
id := getAppIDForEnvironment(config, EnvStaging)
|
|
if id != "prod-123" {
|
|
t.Errorf("getAppIDForEnvironment(EnvStaging) = %q, want %q (should fallback)", id, "prod-123")
|
|
}
|
|
}
|
|
|
|
func TestIsDeploymentComplete_Good(t *testing.T) {
|
|
completeStatuses := []string{"finished", "success", "failed", "error", "cancelled"}
|
|
for _, status := range completeStatuses {
|
|
if !IsDeploymentComplete(status) {
|
|
t.Errorf("IsDeploymentComplete(%q) = false, want true", status)
|
|
}
|
|
}
|
|
|
|
incompleteStatuses := []string{"queued", "building", "deploying", "pending", "rolling_back"}
|
|
for _, status := range incompleteStatuses {
|
|
if IsDeploymentComplete(status) {
|
|
t.Errorf("IsDeploymentComplete(%q) = true, want false", status)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestIsDeploymentSuccessful_Good(t *testing.T) {
|
|
successStatuses := []string{"finished", "success"}
|
|
for _, status := range successStatuses {
|
|
if !IsDeploymentSuccessful(status) {
|
|
t.Errorf("IsDeploymentSuccessful(%q) = false, want true", status)
|
|
}
|
|
}
|
|
|
|
failedStatuses := []string{"failed", "error", "cancelled", "queued", "building"}
|
|
for _, status := range failedStatuses {
|
|
if IsDeploymentSuccessful(status) {
|
|
t.Errorf("IsDeploymentSuccessful(%q) = true, want false", status)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestNewCoolifyClient_Good(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
baseURL string
|
|
wantBaseURL string
|
|
}{
|
|
{
|
|
name: "URL without trailing slash",
|
|
baseURL: "https://coolify.example.com",
|
|
wantBaseURL: "https://coolify.example.com",
|
|
},
|
|
{
|
|
name: "URL with trailing slash",
|
|
baseURL: "https://coolify.example.com/",
|
|
wantBaseURL: "https://coolify.example.com",
|
|
},
|
|
{
|
|
name: "URL with api path",
|
|
baseURL: "https://coolify.example.com/api/",
|
|
wantBaseURL: "https://coolify.example.com/api",
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
client := NewCoolifyClient(tt.baseURL, "token")
|
|
if client.BaseURL != tt.wantBaseURL {
|
|
t.Errorf("BaseURL = %q, want %q", client.BaseURL, tt.wantBaseURL)
|
|
}
|
|
if client.Token != "token" {
|
|
t.Errorf("Token = %q, want %q", client.Token, "token")
|
|
}
|
|
if client.HTTPClient == nil {
|
|
t.Error("HTTPClient is nil")
|
|
}
|
|
})
|
|
}
|
|
}
|