Files
larksuite-cli/shortcuts/apps/apps_init_test.go
raistlin042 2c703f2fce feat: apps support multi dev modes (#1175)
* feat: add fullstack app-type and --message to apps +create (#1)

* feat: accept fullstack app-type and require --message for it

* feat: inject message into fullstack create request body

* refactor: align fullstack message injection with existing body-build style

* docs: document fullstack app-type and --message for apps +create

* docs: keep scene numbering consistent in lark-apps-create reference

* docs: add HTML/fullstack intent routing to lark-apps SKILL.md

* docs: cover fullstack in lark-apps skill description and clarify HTML flow step

* test: assert fullstack in allow-list error and reject wrong-cased fullstack

* feat: drop --message from apps +create (#4)

* feat: drop --message from apps +create

* docs: drop --message and document agent-generated name/description for apps +create

* feat: add apps local key-value file storage (#5)

* feat: add Miaoda app git credential support (#9)

* fix: remove APIError detail field dependency

* docs(apps): expand lark-apps skill for local-dev & cloud-chat workflows (#3)

Reframe lark-apps from an HTML-publish skill into a full Miaoda app dev
tool covering three paths: local fullstack dev, HTML hosting, and cloud
session dev. Builds on the fullstack create change already on this branch.

- SKILL.md: 3-path routing table; mental models (code via native git,
  develop/main branch model, DB via +db-* through Miaoda, env auto-pulled
  by `npm dev run`, auto-managed credentials); command index for the new
  verbs; ambiguous-input fallback (infer app type from need, ask local vs
  cloud instead of assuming; default HTML when no signal)
- add local-dev and cloud-dev playbooks
- create: keep HTML/fullstack + required --message; add local/cloud scene
  routing and --enable-multi-env-db
- list: usable by agents with --filter; app_id resolution order
  (user-provided / .spark/meta.json / +list --filter)

Co-authored-by: wangjiangwen-gif <286006750+wangjiangwen-gif@users.noreply.github.com>
Co-authored-by: raistlin042 <lvxinsheng@bytedance.com>

* feat(apps): add 4 db CLI commands (table-list / table-schema / sql / dev-init)

妙搭 data CLI 4 条命令,复用存量 OpenAPI URL + 1 个新增 dev-init:
- +db-table-list  → GET /apps/{id}/tables(游标分页,AppTable 含预估行数/占用空间)
- +db-table-schema → GET /apps/{id}/tables/{name}(默认结构化 schema;--format pretty 出建表 DDL)
- +db-sql         → POST /apps/{id}/sql_commands(?transactional=false DBA 模式)
- +db-dev-init    → POST /apps/{id}/db_dev_init(单库→online/dev,不可逆,high-risk-write)

要点:
- sql result 兼容两种 wire 形态(结构化 [{sql_type,data,record_count}] 与 legacy ["rows-json"])
- 多语句失败:server 返 code:0 + ERROR 哨兵,CLI 升级成 typed api_error(exit 非 0),
  detail 带 statement_index/completed/rolled_back,防止 agent 误判 ok:true 假成功
- pretty 渲染对齐 miaoda:列间两空格、CJK 双宽、size 友好格式(KB/MB/GB)
- 单测 + e2e dry-run 全覆盖;BOE 真机 e2e 验证通过(25 PASS)
- SKILL.md 注册 4 条命令 + 4 篇 reference

注:内含的 BOE 联调专用 env 覆盖(LARK_CLI_OPEN_API_BASE / LARK_CLI_X_TT_ENV,
internal/cmdutil + internal/envvars)未包含在本次提交,仅本地联调用。

Change-Id: I0fe4458086708a93941e2dee852fa6a10b53bd4a

* docs(lark-apps): db 能力补进 SKILL.md description 的 WHEN 段

按 skill 质量规范(description 三段式 WHAT+WHEN+NOT,加载前唯一可见信息),
原 WHEN 仅"连数据库调试"含糊覆盖 db。补成「查看或操作应用数据库(看表结构 /
跑 SQL / 初始化 dev 环境)」,让 +db-table-schema / +db-sql / +db-dev-init
类查询能精确触发,净增 ~12 字无膨胀。

Change-Id: Id52819fa7d6b8ed0c1f174bf5946d55da7b893d7

* Feat/apps env pull (#11)

* feat: add apps env-pull shortcut

* fix: support array env_vars response in apps env-pull

* fix(apps): improve env-pull merge and expiry output

* feat: add keyword/scope/app-type query to apps +list and unhide it (#8)

* feat: switch apps +create --app-type enum to lowercase html/full_stack

* feat: add keyword/scope/app-type query to apps +list and unhide it

* docs: document apps +list query params and lowercase app_type enum

* test: update apps cli_e2e dry-run tests for lowercase app_type and +list filters

* docs: trim redundant app_type case-sensitivity note in create skill

* docs: single-source apps +list usage contract to SKILL.md

* feat: add apps publish shortcuts (publish/status/history/error-log) (#12)

* feat: add apps publish shared guard and NodeStatus mapping

* test: cover json.Number path in injectStatusName

* feat: add apps +publish shortcut

Implements the `apps +publish` command with dry-run preview (upstream
PSM path shown) and an Execute gated by ensurePublishWired() per the
not-yet-deployed OpenAPI gateway constraint (publishAPIWired=false).

* refactor: make apps publish path placeholders var to satisfy go vet

Declare the four publishXxxPath constants as var instead of const so
go vet's printf analyzer skips them while they are empty placeholders.
Revert the Execute path-build in apps_publish.go from strings.Replace
back to fmt.Sprintf (now safe because the format string is a var).

* feat: add apps +publish-history shortcut

* feat: add apps +publish-status shortcut

* feat: add apps +publish-error-log shortcut

* feat: register apps publish shortcuts

Add AppsPublish, AppsPublishHistory, AppsPublishStatus, AppsPublishErrorLog
to Shortcuts() and update count test from 6 → 10.

* docs: add skill references for apps publish shortcuts

* docs: surface apps publish shortcuts in lark-apps SKILL.md

* docs: clarify publish instance id is not an approval instance

* docs: nudge agent to run apps +publish --dry-run for release requests

* feat: update apps publish shortcuts to v1.0.381 release protocol

Rename concept instance→release across all 4 publish shortcuts and their
tests: NodeStatus→ReleaseStatus enum, --instance-id→--release-id flag,
pipelineTaskID→releaseID response field, errorJobs→errorLogs, and
upstream HTTP path consts→RPC method name consts (PSM lark.apaas.devops
v1.0.381). Dry-run now shows psm+rpc_method instead of an HTTP path.

* docs: update apps publish skill docs to v1.0.381 release protocol

* fix: soften apps publish unavailable hint to user-facing language

* feat: update apps publish to v1.0.385 string status + --status filter

- Remove obsolete int-enum machinery (releaseStatusName/toInt/injectStatusName)
  and their encoding/json + fmt imports from apps_publish_common.go
- +publish Execute now returns status string alongside release_id
- +publish-history gains --status Enum flag (publishing/finished/failed);
  buildHistoryBody gains status param, table column status_name→status
- +publish-status Execute drops injectStatusName, pretty prints out["status"]
- +publish-error-log shapeErrorLog is string passthrough (no status_name)
- Unit tests updated: delete 3 obsolete common tests, update history/error-log

* docs: update apps publish docs to v1.0.385 string status + --status filter

* feat: wire apps publish shortcuts to final gateway paths (guard stays until deploy)

Replace RPC-name placeholders with real OpenAPI paths (publishCreate/Get/ErrorLog/ListPath consts). Switch DryRun to idiomatic HTTP form (POST/GET + real URL + body/params). Fix body/query placement: publish body has no app_id (path-only); history switches from POST body to GET query with snake page_token. Fix Execute response reads to snake_case fields (release_id, created_at, updated_at, error_logs). publishAPIWired stays false; 1-line flip activates live calls.

* docs: update apps publish docs to final gateway paths

Replace RPC/PSM dry-run example with real HTTP form (POST/GET /open-apis/spark/v1/apps/:app_id/releases[/:release_id[/error_logs]]).
Fix all response field names to snake_case (release_id, created_at, updated_at, error_log).
Note --status/--limit/--page-token as HTTP query params in publish-history.

* feat: enable apps publish gateway calls (remove not-deployed guard)

* docs: remove not-deployed transition notes from apps publish docs

* feat: use spark:app:publish scope for apps +publish

* feat(apps): add +init shortcut to initialize Miaoda app repo (#6)

* feat(apps): add command runner and credential redaction for +init

* fix(apps): make credential redaction scheme matching case-insensitive

* feat(apps): add +init shortcut declaration, validation, and dry-run

* feat(apps): implement +init orchestration (credential-init, clone, checkout, conditional push)

* fix(apps): redact full userinfo when repo URL contains literal @

* docs(apps): add +init skill reference

* fix(apps): declare explicit empty Scopes on +init shortcut

* fix(apps): consume repository_url from +git-credential-init in +init

* feat(apps): add +init template flag and absolute-path dir resolution

* refactor(apps): use shared charcheck for +init --dir validation

* feat(apps): add meta.json, steering, and empty-repo helpers for +init

* feat(apps): add +init npx scaffold orchestration (init/upgrade branches)

* feat(apps): wire +init scaffold, already-initialized short-circuit, npx dep check

* docs(apps): document +init npx scaffold, --template, --dir, already-initialized

* docs(apps): correct stale +git-credential-init unreleased note in +init ref

* fix(apps): reject all control chars in +init --dir

* feat(apps): add +init progress logging and optional --template resolver

* refactor(apps): inline constant in +init scaffold progress log

* docs(apps): document +init optional --template and stderr progress contract

* feat(apps): treat README-only repo as empty and commit with --no-verify in +init

* docs(apps): explain README-seed match and --no-verify rationale in +init

* docs(apps): document README-seed empty detection and commit --no-verify

* feat(apps): add session conversation lifecycle shortcuts (#13)

* feat(apps): add +session-create shortcut

* fix(apps): remove unused sessionPath helper, assert empty +session-create body

* feat(apps): add +session-list shortcut

* feat(apps): add +session-read shortcut

* feat(apps): add +session-stop shortcut

* feat(apps): add +chat shortcut

* feat(apps): register session lifecycle shortcuts

* docs(apps): add session conversation skill reference

* docs(apps): clarify fullstack session_id source and fallback

* style(apps): gofmt apps_session_create.go

* docs(apps): add conversation/session triggers to skill routing description

* docs(apps): add conversation flow guidance (when to reuse vs new session, per-step user prompts)

* docs(apps): slim session reference per skill quality standard (4047->1726 tok)

* docs(apps): tighten session additions in SKILL.md (4394->4145 tok)

* fix(apps): align +chat with v7.8 contract (async, no turn_id in response)

* fix(apps): update +chat path to .../sessions/{id}/chat (backend endpoint change)

* docs(apps): align SKILL.md session command shape with v7.8 contract

* style(apps): gofmt apps_db_table_schema_dryrun_test.go

Go 1.19+ gofmt 文档注释列表缩进新规则(普通缩进 → tab 对齐),
修复 fast-gate CI 的 gofmt 卡点。

Change-Id: Ic246a659e016d9d6216182199ef300ae6f00ef9d

* feat(apps): split +init commit, plainer wording, align skill branches (#14)

* refactor(apps): plainer +init progress/help wording, keep scaffold key

* refactor(apps): add porcelain change classifier for +init commit split

* feat(apps): split +init empty-repo commit into code + config, reword subjects

* refactor(apps): scaffold-kind constants and pathspec assertions for +init split

* docs(apps): use +init in Path A; align app-repo branch to sprint/default

* docs(apps): align local-dev playbook to sprint/default + origin remote

* docs(apps): document +init two-commit split and plainer init wording

* docs(apps): require asking clone dir before +init, no assumed path

* fix(apps): stage +init commits by exact paths to avoid gitignore error

* refactor(apps): lowercase miaoda in +init commit subjects

* test(apps): cover +init upgrade path with real git

* fix: harden app git credential handling (#16)

* fix: harden git credential refresh fallback (#18)

* fix(apps): validate env-pull key names before writing to .env.local (#17)

* fix(apps): validate env-pull key names before writing to .env.local

S2 (medium-low) from security review: env-pull wrote server-returned
env KEYs to .env.local without validation. A compromised or MITM'd
backend could inject arbitrary lines via keys containing newlines.

- Add envKeyPattern regex to validate keys match [A-Za-z_][A-Za-z0-9_]*
- extractEnvPullVars now returns skippedKeys for invalid key names
- Invalid keys are skipped (not hard-fail) so remaining valid keys
  are still pulled
- writeEnvPullPretty prints a warning listing skipped keys

* fix(skills): correct npm script syntax from 'npm dev run' to 'npm run dev'

* fix(skills): align env-pull guidance with implementation

🤖 Generated with [Aiden x Claude Code]

* test(apps): cover storage/git-credential error paths and fix tz-flaky env-pull tests (#19)

The coverage and unit-test CI jobs failed on two timezone-dependent
assertions in apps_env_pull_test.go: the code renders the database
expiry via time.Local() while the tests hard-coded a CST literal, so
they failed under CI's UTC. Compute the expected string from the same
timestamp with Local() instead, making the assertions timezone-agnostic.

Also add unit tests for the error branches codecov flagged as uncovered,
taking storage.go and git_credential.go to 100%:
- storage Read/Write/Delete/List filesystem-error paths
- +git-credential-remove ConfigWarning output (pretty and JSON)
- gitCredentialLocalError nil passthrough

* fix(apps): silence +init forbidigo, npx app sync -y --prefer-online (#20)

* fix(apps): add Subtype to env-pull error literals (#21)

typed_error_completeness lint requires all errs.XxxError literals to
set Problem.Subtype. Add the missing field to 11 error constructions:
- ValidationError (user input checks): SubtypeInvalidArgument
- ValidationError (API response parsing): SubtypeInvalidResponse
- InternalError (filesystem ops): SubtypeUnknown

* feat(apps): inject FORCE_DB_BRANCH=dev in env-pull output (#23)

* feat(apps): inject FORCE_DB_BRANCH=dev in env-pull output

Always write FORCE_DB_BRANCH="dev" into the resolved .env.local after
extracting upstream env_vars, so downstream tooling pinning the dev
database branch does not need a separate manual edit. Existing local
values are overwritten in place via the canonical merge path.

* docs(skills): document apps +env-pull in lark-apps skill

Add the env-pull entry to the lark-apps SKILL index and ship the
matching reference doc covering args, merge semantics, return shape,
error envelope subtypes, and dry-run behavior so AI agents can route
to it without reading the Go source.

* feat(apps): surface is_published and online_url in +list pretty view (#22)

* docs: refactor lark-apps skill per quality spec (#24)

Slim SKILL.md and references against the lark-cli skill quality spec
while preserving domain knowledge and safety guardrails.

- Compress SKILL.md (drop the MUST-read prelude, full command-index
  tables, and content already owned by lark-shared: auth, scope,
  exit-10, risk policy, _notice); add version field; zero CRITICAL
  markers.
- Defer flag enumeration in references to `--help`; convert
  narration-inducing prohibitions into positive defaults; de-duplicate
  the per-file error.hint relay into a single resident SKILL.md rule.
- Fix stale facts found against shortcuts/apps source: drop the
  non-existent +create --message and --enable-multi-env-db flags,
  +list --filter (now --keyword), +db-multi-env-init (now
  +db-dev-init), and the removed html-publish cwd hard-reject.
- Keep all safety guardrails: db-dev-init irreversibility/exit-10,
  db-sql non-transactional multi-statement, git-credential token
  handling, html-publish credential scan, access-scope confirmation.
- Restore intent lost during slimming: release_id is not an approval
  instance (do not route to lark-approval); resolve access-scope
  targets via contact/im; ask the user before publishing as a
  side-effect; distinguish developing an existing app locally
  (+init) from creating a new one (+create).

* test(apps): supplement shortcuts/apps unit-test coverage to 88% (#25)

* test(apps): cover db-table-list numeric/byte formatting helpers

* test(apps): cover db-sql cell/code/dml/error render helpers

* test(apps): cover env-pull newline/expiry/extract-vars helpers

* test(apps): cover db-sql render branches and env-pull expiry edge case

* test(apps): cover init empty-dir/meta/ls-files error branches

* test(apps): cover env-pull target/read/parent-dir error branches

* test(apps): cover stage-and-commit and commit-push error branches

* test(apps): cover access-scope target split and JSON validation

* test(apps): cover html-publish decode error and scaffold sync failure

* test(apps): cover apps-update body field combinations

* test(apps): cover access-scope body build branches

* feat(apps): pass --local to npx skills sync in +init (#26)

* feat(apps): pass --local to all npx miaoda-cli calls in +init

* feat(apps): pass --local only to npx skills sync in +init

* docs(apps): surface +publish and +init dir-choice in local-dev flow (#27)

* docs(apps): surface +publish as deploy action in skill routing

* docs(apps): add explicit deploy-after-local-edit section to local-dev

* docs(apps): promote +init dir-choice instruction to a domain rule

* docs(apps): make dev-method a signal-driven entry gate before routing (#28)

* docs(apps): restore three-path overview line in apps skill intro (#29)

* feat(apps): add executable Examples to shortcut --help and error hints (#30)

* test(apps): guard every shortcut has a help Example and no PII

* feat(apps): add help Examples to all 24 apps shortcuts

* feat(apps): add actionable hints to high-impact error paths

* test(apps): cover withAppsHint set-if-empty hint behavior

* feat(apps): use concrete enum value in access-scope-set Example

* docs(apps): clarify db-sql/db-table-list json default output behavior

两处仅补充注释,不改逻辑:
- +db-sql: data.results 在 json 默认路径原样透出全部行,CLI 不二次截断;
  server 对单条 SELECT 有 1000 行硬上限、超出直接返报错,非无界 token 黑洞。
- +db-table-list: json 默认透出含每表完整 columns[] 系产品设计(list 接口本就
  返回列定义,json 消费方一次拿全量、免逐表再调 +db-table-schema),pretty 仅摘计数。

Change-Id: I1a49de8defc4428bfe1e774e4fd7adb45e59e3af

* feat(apps): command-layer AI-friendliness governance (P0+P1) (#32)

* fix(apps): normalize --app-type case to align with server

* refactor(apps): migrate CallAPI to CallAPITyped for typed errors and retryable

* feat(apps): trim icon_url and created_at from +list default output

* feat(apps): add actionable hints to high-impact error paths

* feat(apps): add 2-3 help Examples to +chat and +access-scope-set

* docs(apps): add --jq filter tips to list/db commands

* docs(apps): sync +list reference with trimmed output fields

* test(apps): assert error hints and messages carry no secrets or PII

* fix(apps): prefix --jq tips with .data. so they run against the response envelope

* test(apps): expect --app-type uppercase normalization in create dry-run E2E (#33)

* fix(apps): scaffold via @latest miaoda-cli instead of @alpha (#34)

* feat(apps): rework lark-apps triggering, routing & confirm policy (#35)

* feat(apps): results-oriented triggering, pre-auth floors, terminal URL

Widen description WHEN to cover app-building openers (CRM/审批/HTML page)
with no Miaoda signal word, WHAT still anchored to 妙搭应用开发与托管.
Add a pre-authorization rule (auth words skip confirm) with two non-exempt
floors: destructive DDL (DROP/TRUNCATE/ALTER drop|modify column) dry-run,
and first public-URL publish (+publish/+html-publish) when no auth word.
Exempt html app_type from the local-vs-cloud dev-method gate, and scope
that gate to new-app creation only (existing-app ops route directly).
Require an accessible URL as the end-to-end terminal step.

* feat(apps): apply eval-fix behavior contracts across reference docs

init/local-dev: end-to-end default-directory escape hatch; end-to-end
new-build starts with +create. db-sql: additive DDL direct-exec when
authorized, destructive DDL stays dry-run. local-dev/publish-status:
return online_url via +list as the full_stack publish terminal step.
cloud-dev: generation != shareable URL, +publish handoff, background
until-poll snippet (sleep N && cmd intercepted; deprecate ScheduleWakeup),
multi-turn publish precondition. publish/publish-error-log: transient
failure (EAI_AGAIN/ETIMEDOUT/registry) discrimination, retry cap 2,
honest receipt. env-pull: first-launch fallback. local-dev/db-dev-init:
new full_stack ships dual DB, skip +db-dev-init.

* refactor(apps): apply review feedback — semantic criteria, drop overfit/unverified content

Per line-by-line review of the eval-fix changes:
- Entry routing reframed to objective/semantic criteria (new-vs-existing =
  'can an existing app be identified'; dev-method = who-writes-code
  preference), replacing keyword/example matching.
- db-sql DDL gate restated by effect (data-loss / reversibility), not a
  keyword list.
- Pre-authorization judged by expressed intent (not a word list); single
  non-exempt floor (destructive/irreversible DB dry-run); confirm policy in
  its own section, error.hint in 'failure handling'.
- init.md slimmed to command facts (directory choice owned by local-dev,
  no init<->local-dev cycle); local-dev defers new-vs-existing to the entry.
- Reverted unverified/redundant/runtime-coupled additions: cloud-dev
  session-read preview-URL claim + background-poll snippet + queued_count
  precondition; publish transient-retry/ScheduleWakeup; env-pull first-launch;
  db-dev-init positive restatement; SKILL terminal-URL mandate.
- Fixed dangling section references after the rename.

* fix(apps): scope pre-authorization to hands-off intent, not 'wants a result' (#36)

Follow-up to #35. The merged pre-authorization rule treated 'wanting the
final result' as authorization, so '先在本地跑起来让我看看' was read as
pre-authorized and the agent silently picked a clone directory without
asking. Re-state the criterion as the user's hands-off intent (explicit
waiver, or an end-to-end directive), judged uniformly across the flow
(directory/clone, publish) — not a per-decision carve-out. Merely wanting
a result or asking to review is not authorization.

* docs: clarify apps cloud dev publish state

* fix(apps): require commit+push before publish, clarify deploy flow (#38)

* fix(apps): require committing changes before publish in local-dev flow

* fix(apps): make commit+push mandatory before publish in agent rules

* fix(apps): scope selective-add caveat to incremental deploy, not new-app flow

* fix(apps): make pre-publish commit conditional on local changes

* fix(apps): tighten pre-publish commit wording in agent rules

* fix(apps): cloud-dev does not auto-deploy, add explicit publish step

* docs(apps): document +chat init vs incremental turn cost (#39)

First +chat on a not-initialized app runs full design+gen server-side
(~20-50 min); chat on an already-initialized app is incremental and
finishes in minutes. Surface this in the +chat Go comment as a pointer
and put the init-state check + matching polling cadence (5-10s vs
60-120s) in the lark-apps cloud-dev skill reference as the canonical
source. Cloud-side init check uses +session-read committed-version
info or +list is_published:true.

* docs(apps): document +chat init vs incremental turn cost (#40)

First +chat on a not-initialized app runs full design+gen server-side
(~20-50 min); chat on an already-initialized app is incremental and
finishes in minutes. Surface this in the +chat Go comment as a pointer
and put the init-state check + matching polling cadence (5-10s vs
60-120s) in the lark-apps cloud-dev skill reference as the canonical
source. Cloud-side init check uses +session-read committed-version
info or +list is_published:true.

* feat(apps): surface online_url/error_logs in +publish-status output (#41)

* refactor(apps): extract shared release error-log table helper

* fix(apps): keep error-log table byte-identical for null error_logs

* feat(apps): surface online_url/error_logs in +publish-status output

* docs(apps): read online_url/error_logs from +publish-status in publish flow

* docs(apps): align local/cloud dev publish flow with +publish-status fields

* refactor(apps): rename +db-dev-init→+db-env-create, trim db-table-list columns

- +db-env-create(原 +db-dev-init):新增 --env 参数(调用方传入,目前只支持 dev),
  --sync-data 改为 true/false 取值;服务端 URL 仍走 db_dev_init。
- +db-table-list:json 默认用白名单投影(dbTableListItem)只输出产品要求字段,
  每表 columns[] 折算成 column_count、不再透出完整列定义(与 +db-table-schema 重复且放大
  token);要完整列定义/索引/约束用 +db-table-schema。
- 同步对齐 db 相关 skill 文档(命令名、column_count、env-create 参数)。
- 单测 + cli_e2e dry-run 全绿。

Change-Id: I116ab11807679f8f06ed18221f705bab426d015c

* refactor(apps): rename +db-table-schema → +db-table-get

动词对齐 +db-table-list(list/get)。仅命令名 + 标识符 + 文档改名,行为/输出/URL 不变:
- AppsDBTableSchema→AppsDBTableGet,文件/测试/cli_e2e test 重命名
- buildDBTableSchemaParams→buildDBTableGetParams
- +db-sql / +db-table-list 里的交叉引用 hint、skill 文档同步

Change-Id: I36dfb8fd0d2613492a57dc7815bc58414c145480

* feat: auto-pull env vars after apps +init (#42)

* test: route apps +env-pull to its own fake-runner key

* feat(apps): add +env-pull envelope parsers for +init

* feat(apps): add pullEnv helper invoking sibling +env-pull

* feat(apps): +init auto-runs +env-pull after push (non-fatal)

* docs(apps): clarify db-sql --query @path is relative-only, use stdin for absolute paths

@path 受 lark-cli 全局文件安全策略约束,只接受 cwd 内相对路径;绝对路径 / cwd 不固定
场景改用 stdin(--query - < /abs/file.sql),无需先 cd。

Change-Id: Ib3453810cfc9303d72b4facf3493ad9688eeffd3

* docs(apps): refine db-sql --query path guidance wording

以 agent 视角重写:@ 仅接受工作目录内相对路径,绝对路径/越界路径被拒(CLI 文件访问统一约束);
工作目录外的文件经 stdin 传入。

Change-Id: Ic7db00934b3571368eb704451f4ce1776463806d

* feat(apps): make +db-sql high-risk-write (require --yes)

+db-sql 可含 DML/DDL,统一升级为 high-risk-write:框架对所有执行强制 --yes 确认关卡
(--dry-run 预览豁免),无 --yes 返 confirmation_required / exit 10。
- Risk: write → high-risk-write(去掉自定义门禁,直接用框架机制)
- skill 文档:命令骨架标注 --yes 要求;Agent 规则改为「执行需 --yes,只读可直接带、
  破坏性先 dry-run 确认再带」
- 单测所有执行调用补 --yes

Change-Id: I57e78832b35fa170a485774e6fb7289109d678c3

* docs(apps): clarify app_ (Miaoda) vs cli_ (Feishu) app id (#46)

* 优化云端开发skill,明确执行模型,参数解释 (#44)

Co-authored-by: fushengdong.1 <fushengdong.1@bytedance.com>

* refactor: rename apps publish commands to release and session-get (#45)

* refactor(apps): drop +publish-error-log, rename release path constants

* refactor(apps): rename +publish to +release-create

* refactor(apps): rename +publish-history to +release-list, unify pagination to --page-size

* refactor(apps): rename +publish-status to +release-get

Renames apps +publish-status → +release-get (AppsPublishStatus → AppsReleaseGet),
updates --release-id desc to reference +release-create, and fixes the Execute
error hint to point at +release-list instead of +publish-history.

* refactor(apps): rename +session-read to +session-get

* docs(apps): rename publish references to release, +session-read to +session-get

* refactor(apps): clean up residual publish/session-read references

Fix six leftover references missed in Tasks 1-6: +publish-history in
jq-tip test wantCmds map and common_test hint fixture (×3), +session-read
in apps_chat.go comment+output string (×2), apps_session_stop.go flag
desc (×1), apps_chat_test.go comment (×1), and +publish-status in
lark-apps-list.md agent rule prose (×1).

* docs(apps): clarify release-get link contract and session-get vs session-list

* docs(apps): generalize release-list page-size rule to N records

* feat(apps): rename +list --scope flag to --ownership (#47)

* feat(apps): rename +list --scope flag to --ownership

* test(apps): update +list cli_e2e dry-run for --ownership rename

* docs(apps): document +list --ownership flag

* feat(apps): align +release commands with new release API format (#48)

* feat(apps): align +release-create scope to spark:app:write

* feat(apps): raise +release-list --page-size documented max to 500

* feat(apps): show commit_id in +release-get pretty output

* docs(apps): update release reference docs for page-size 500 and commit_id

* test(apps): cover empty commit_id in +release-get pretty output

* docs: align lark apps cloud dev release flow

* feat(apps): redesign +db-sql → +db-execute (--sql/--file, default env dev)

按 db 子域命令最终设计重做执行入口:
- 命令 +db-sql → +db-execute(动词收尾,对齐 +db-table-list/-get)
- --query 拆为 --sql(内联/stdin)与 --file(.sql 文件路径),二选一互斥;
  --file 在 Validate 阶段读出归一化到 --sql
- 默认 --env online → dev(打生产库需显式 --env online)
- 文件/标识符/注册/测试/cli_e2e/skill 文档全部对齐重命名
- 新增测试:--sql/--file 互斥、--file 读取、默认 env=dev

不在本次范围:--transaction/--no-transaction(服务端 transactional 实为路径切换、
非真事务,需 dataloom 侧先支持真事务开关)、--max-rows/--timeout 等后续项。

Change-Id: I50c06faf83527471446e2a6651ccb51f6eedd6ff

* docs(apps): clearer --env online wording for +db-execute

把口语化的「打生产库需显式」改为「需要操作线上环境数据库时,显式指定 --env online」;
flag desc 同步去掉 hit production 措辞。

Change-Id: Iee82fccf17e08bddb4b760c3970a416746b10c4c

* docs(apps): drop 'ad-hoc' jargon from +db-execute description

中文文档/英文 description 去掉术语 ad-hoc;SELECT/DML/DDL 已表意,含义不丢。

Change-Id: Ie2cccc5fc3491fe5f57190a87b93ecd70405b156

* docs(apps): trim +db-execute when-to-use and --file path wording

- 何时用去掉「(查询 / 临时数据修复 / 应急 DDL)」枚举
- --file 路径说明去掉 .. /符号链接/统一约束 的技术化描述,改为「相对路径,
  否则用 --sql - < 文件路径」的产品化口吻

Change-Id: Ie70e57895c78650230b6942b03d90a2d95c937f2

* docs(apps): note --file rejects absolute/cwd-escaping paths

简短补回 --file 的路径约束(绝对路径 / 经 ..、符号链接越界会被拒),去掉冗余评注。

Change-Id: I549893c82cafbe97529e08dcbc3ee5496927da18

* fix(apps): replace t.Chdir with os.Chdir in db-execute test (Go 1.23 compat)

t.Chdir 是 Go 1.24 API,但 go.mod 为 go 1.23.0,CI(Go 1.23)报
"t.Chdir undefined"。改用 os.Chdir + t.Cleanup 还原,1.23 兼容。

Change-Id: I550611773e5088275be1c4344d4f8269610ce74a

* feat(apps): refine +init description and refresh env on re-init

* fix(apps): treat accessible-link requests as publish intent (#53)

* refactor(apps): +db-env-create --sync-data string-enum → Type:bool

原实现用 string + Enum["true","false"] + == "true" 模拟 bool,啰嗦且非惯用。
改为 Type:bool(rctx.Bool):传 --sync-data 即开启、省略为 false。
同步更新测试、cli_e2e dry-run、skill 文档。

Change-Id: I3068e0577fa20a7cbaf414ca9af3d197f6ae8049

* fix(apps): declare --app-type as strict lowercase enum (#55)

* docs(apps): front-load routing, dedupe, and trim lark-apps skill (#56)

* docs(apps): front-load intent-routing table and dedupe skill body

* docs(apps): dedupe publish guardrail and polling rules in cloud-dev

* docs(apps): trim env-pull implementation detail to behavior contract

* docs(apps): add +env-pull routing entry in SKILL.md

* docs(apps): fix create.md cross-ref to actual SKILL.md section name

* feat(apps): add error.hint to command failures and a consistency gate (#57)

* feat(apps): add appIDListHint const and wrap 4 pure app-id command failure paths

Adds shared `appIDListHint` recovery hint to common.go and wraps the
CallAPITyped failure branch of session-create, session-list, update, and
release-list to surface an actionable next-step hint on 4xx errors.
Includes httpmock unit tests in apps_hints_more_test.go (TDD: red→green).

* feat(apps): add sessionStopHint and createHint for session-stop and create commands

Adds per-command recovery hints with specific guidance: sessionStopHint
points at +session-list and +session-get; createHint explains valid
--app-type values and permission failure. Wraps the CallAPITyped failure
branch in both commands.

* feat(apps): add recovery hints for db-env-create, db-table-get, db-table-list

Adds dbEnvCreateHint, dbTableGetHint, and dbTableListHint with actionable
cross-command guidance (e.g. pointing at +db-table-list for env conflicts,
+db-env-create for missing dev env). Wraps only the CallAPITyped failure
branch; requireAppID validation errors are left untouched.

* refactor(apps): make session-stop hint runnable and align hint test names

* test(apps): guard withAppsHint upstream-wins contract and new hint leak safety

* test(apps): add help-skill command consistency gate

---------

Co-authored-by: linchao5102 <linchao.5102@bytedance.com>
Co-authored-by: Wang <wangjiangwen@bytedance.com>
Co-authored-by: wangjiangwen-gif <286006750+wangjiangwen-gif@users.noreply.github.com>
Co-authored-by: 陈兴炀 <chenxingyang.1019@bytedance.com>
Co-authored-by: aihao-git <aihao.0331@bytedance.com>
Co-authored-by: bali <bali@bytedance.com>
Co-authored-by: hunnnnngry <chenxi.xichen@bytedance.com>
Co-authored-by: shengdongyc <1135978761fsd@gmail.com>
Co-authored-by: fushengdong.1 <fushengdong.1@bytedance.com>
2026-06-10 21:45:45 +08:00

1469 lines
52 KiB
Go

// Copyright (c) 2026 Lark Technologies Pte. Ltd.
// SPDX-License-Identifier: MIT
package apps
import (
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"os"
"os/exec"
"path/filepath"
"strings"
"testing"
"github.com/spf13/cobra"
"github.com/larksuite/cli/internal/cmdutil"
"github.com/larksuite/cli/internal/core"
"github.com/larksuite/cli/shortcuts/common"
)
// testRuntimeWithDir builds a *common.RuntimeContext whose backing cobra command
// has string flags "dir" (=dirFlag) and "template" (=defaultTemplate) registered,
// mirroring how +init reads them at runtime via rctx.Str.
func testRuntimeWithDir(t *testing.T, dirFlag string) *common.RuntimeContext {
t.Helper()
cmd := &cobra.Command{Use: "init"}
cmd.Flags().String("dir", dirFlag, "")
cmd.Flags().String("template", defaultTemplate, "")
return common.TestNewRuntimeContext(cmd, nil)
}
// testRuntimeWithTemplate builds a *common.RuntimeContext with "dir" and
// "template" string flags registered, mirroring +init's runtime flag set. The
// template flag is registered with an empty default (matching the real flag,
// which no longer carries Default: defaultTemplate); pass tpl="" to model an
// omitted --template and a non-empty tpl to model an explicit one.
func testRuntimeWithTemplate(t *testing.T, dirFlag, tpl string) *common.RuntimeContext {
t.Helper()
cmd := &cobra.Command{Use: "init"}
cmd.Flags().String("dir", dirFlag, "")
cmd.Flags().String("template", tpl, "")
return common.TestNewRuntimeContext(cmd, nil)
}
func TestResolveTemplate(t *testing.T) {
if got := resolveTemplate(testRuntimeWithTemplate(t, "", "foo"), "app_x"); got != "foo" {
t.Errorf("explicit --template = %q, want foo", got)
}
if got := resolveTemplate(testRuntimeWithTemplate(t, "", ""), "app_x"); got != defaultTemplate {
t.Errorf("omitted --template = %q, want fallback %q", got, defaultTemplate)
}
// Whitespace-only --template is treated as omitted -> fallback.
if got := resolveTemplate(testRuntimeWithTemplate(t, "", " "), "app_x"); got != defaultTemplate {
t.Errorf("whitespace --template = %q, want fallback %q", got, defaultTemplate)
}
}
func TestResolveTargetPath(t *testing.T) {
got, err := resolveTargetPath(testRuntimeWithDir(t, ""), "app_x")
if err != nil {
t.Fatalf("unexpected: %v", err)
}
want, _ := filepath.Abs(filepath.Join(".", "app_x"))
if got != want {
t.Errorf("default dir = %q, want %q", got, want)
}
abs := t.TempDir() + "/work"
if got, err := resolveTargetPath(testRuntimeWithDir(t, abs), "app_x"); err != nil || got != filepath.Clean(abs) {
t.Errorf("absolute --dir = %q, err=%v; want %q", got, err, filepath.Clean(abs))
}
for _, bad := range []string{"bad\tdir", "bad\ndir", "bad\x01dir", "a\rb"} {
if _, err := resolveTargetPath(testRuntimeWithDir(t, bad), "app_x"); err == nil {
t.Errorf("control char %q in --dir should be rejected", bad)
}
}
}
func TestEnsureEmptyDir_SymlinkRejected(t *testing.T) {
base := t.TempDir()
target := filepath.Join(base, "real")
if err := os.Mkdir(target, 0o755); err != nil {
t.Fatal(err)
}
link := filepath.Join(base, "link")
if err := os.Symlink(target, link); err != nil {
t.Skipf("symlink unsupported: %v", err)
}
if err := ensureEmptyDir(link); err == nil {
t.Error("symlink target must be rejected")
}
}
func TestIsAlreadyInitialized(t *testing.T) {
dir := t.TempDir()
if isAlreadyInitialized(dir) {
t.Error("empty dir must not be already-initialized")
}
if err := os.MkdirAll(filepath.Join(dir, ".spark"), 0o755); err != nil {
t.Fatal(err)
}
if err := os.WriteFile(filepath.Join(dir, ".spark", "meta.json"), []byte(`{"app_id":"app_y"}`), 0o644); err != nil {
t.Fatal(err)
}
if !isAlreadyInitialized(dir) {
t.Error("dir with .spark/meta.json must be already-initialized (regardless of app_id)")
}
}
func TestAppsInit_Declaration(t *testing.T) {
if AppsInit.Command != "+init" {
t.Errorf("Command = %q, want +init", AppsInit.Command)
}
if AppsInit.Service != appsService {
t.Errorf("Service = %q, want %q", AppsInit.Service, appsService)
}
if AppsInit.Risk != "write" {
t.Errorf("Risk = %q, want write", AppsInit.Risk)
}
if !AppsInit.HasFormat {
t.Error("HasFormat = false, want true")
}
}
func TestDefaultCloneDir(t *testing.T) {
got := defaultCloneDir("app_xyz")
if got != filepath.Join(".", "app_xyz") {
t.Errorf("defaultCloneDir = %q, want ./app_xyz", got)
}
}
// --- pure-function tests ---
func TestParseRepoURL(t *testing.T) {
url, err := parseRepoURLFromEnvelope(`{"ok":true,"data":{"repository_url":"http://u:t@h/app_x.git"}}`)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if url != "http://u:t@h/app_x.git" {
t.Errorf("got %q", url)
}
}
func TestParseRepoURL_Errors(t *testing.T) {
for _, in := range []string{`not json`, `{"ok":false,"data":{}}`, `{"ok":true,"data":{}}`, `{"ok":true,"data":{"repository_url":""}}`} {
if _, err := parseRepoURLFromEnvelope(in); err == nil {
t.Errorf("expected error for %q", in)
}
}
}
func TestValidateRepoURLScheme(t *testing.T) {
for _, ok := range []string{"http://h/r.git", "https://h/r.git"} {
if err := validateRepoURLScheme(ok); err != nil {
t.Errorf("%q should be valid: %v", ok, err)
}
}
for _, bad := range []string{"ext::sh -c id", "file:///etc/passwd", "ssh://h/r", "-oProxyCommand=x", "git@h:r"} {
if err := validateRepoURLScheme(bad); err == nil {
t.Errorf("%q should be rejected", bad)
}
}
}
// --- orchestration test helpers ---
func withFakeRunner(t *testing.T, f *fakeCommandRunner) {
t.Helper()
orig := initRunner
initRunner = f
t.Cleanup(func() { initRunner = orig })
}
func credInitOK(repoURL string) fakeCallResult {
return fakeCallResult{stdout: `{"ok":true,"data":{"repository_url":"` + repoURL + `"}}`}
}
// relCloneDir returns a relative, cwd-contained, not-yet-existing directory
// name suitable for --dir. SafeInputPath rejects absolute paths (so
// t.TempDir() cannot be used directly) and requires the path stay under cwd.
// The fake runner never creates the dir, so ensureEmptyDir sees a missing path
// and passes. Cleanup removes it in case anything materializes it.
func relCloneDir(t *testing.T) string {
t.Helper()
cwd, err := os.Getwd()
if err != nil {
t.Fatalf("getwd: %v", err)
}
rel := "init-clone-" + strings.ReplaceAll(t.Name(), "/", "_")
t.Cleanup(func() { os.RemoveAll(filepath.Join(cwd, rel)) })
return rel
}
// parseEnvelopeData parses the JSON envelope's data object from stdout.
func parseEnvelopeData(t *testing.T, stdout *bytes.Buffer) map[string]interface{} {
t.Helper()
var env struct {
Data map[string]interface{} `json:"data"`
}
if err := json.Unmarshal(stdout.Bytes(), &env); err != nil {
t.Fatalf("decode envelope: %v (raw=%q)", err, stdout.String())
}
return env.Data
}
// findCall returns the recorded call whose name (element[1]) and first arg
// (element[2]) match, or nil if none.
func findCall(calls [][]string, name, firstArg string) []string {
for _, c := range calls {
if len(c) >= 3 && c[1] == name && c[2] == firstArg {
return c
}
}
return nil
}
// findCallArg returns the first recorded call whose name (element[1]) matches
// and whose args contain the given ordered subsequence anywhere after the name.
func findCallArg(calls [][]string, name string, wantArgs ...string) []string {
for _, c := range calls {
if len(c) < 2 || c[1] != name {
continue
}
args := c[2:]
i := 0
for _, a := range args {
if i < len(wantArgs) && a == wantArgs[i] {
i++
}
}
if i == len(wantArgs) {
return c
}
}
return nil
}
func containsAll(call []string, subs ...string) bool {
set := map[string]bool{}
for _, c := range call {
set[c] = true
}
for _, s := range subs {
if !set[s] {
return false
}
}
return true
}
// --- orchestration tests ---
func TestRunScaffold_EmptyRepo(t *testing.T) {
// Both a truly empty tree and a tree carrying only the seed README.md count
// as empty and must take the `app init` path.
for _, ls := range []string{"", "README.md\n"} {
t.Run("ls="+ls, func(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{"git ls-files": {stdout: ls}}}
withFakeRunner(t, f)
kind, err := runScaffold(context.Background(), t.TempDir(), "app_x", "nestjs-react-fullstack")
if err != nil || kind != "init" {
t.Fatalf("ls=%q kind=%q err=%v, want init", ls, kind, err)
}
c := findCall(f.calls, "npx", "-y")
if c == nil || !containsAll(c, "-y", "--prefer-online", miaodaCLIPkg, "app", "init", "--template", "nestjs-react-fullstack", "--app-id", "app_x") {
t.Errorf("app init not invoked with expected args: %v", f.calls)
}
if c != nil && containsAll(c, "--local") {
t.Errorf("app init must NOT carry --local: %v", c)
}
})
}
}
func TestRunScaffold_NonEmpty_SyncsWhenNoSteering(t *testing.T) {
dir := t.TempDir() // no steering dir, no meta.json
f := &fakeCommandRunner{results: map[string]fakeCallResult{"git ls-files": {stdout: "src/x.ts\n"}}}
withFakeRunner(t, f)
kind, err := runScaffold(context.Background(), dir, "app_x", "nestjs-react-fullstack")
if err != nil || kind != "upgrade" {
t.Fatalf("kind=%q err=%v, want upgrade", kind, err)
}
if c := findCallArg(f.calls, "npx", "app", "sync"); c == nil || !containsAll(c, "-y", "--prefer-online") {
t.Error("app sync not invoked with --prefer-online")
} else if containsAll(c, "--local") {
t.Errorf("app sync must NOT carry --local: %v", c)
}
if c := findCallArg(f.calls, "npx", "skills", "sync"); c == nil || !containsAll(c, "-y", "--prefer-online", "--local") {
t.Error("skills sync should run with --prefer-online and --local when steering dir absent")
}
}
func TestRunScaffold_NonEmpty_SkipsSyncWhenSteeringExists(t *testing.T) {
dir := t.TempDir()
os.MkdirAll(filepath.Join(dir, steeringRelPath), 0o755)
f := &fakeCommandRunner{results: map[string]fakeCallResult{"git ls-files": {stdout: "src/x.ts\n"}}}
withFakeRunner(t, f)
if _, err := runScaffold(context.Background(), dir, "app_x", "nestjs-react-fullstack"); err != nil {
t.Fatal(err)
}
if findCallArg(f.calls, "npx", "skills", "sync") != nil {
t.Error("skills sync must be skipped when steering dir exists")
}
}
func TestRunScaffold_AppInitFailure(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"git ls-files": {stdout: ""},
"npx -y": {stderr: "boom", err: errors.New("exit 1")},
}}
withFakeRunner(t, f)
if _, err := runScaffold(context.Background(), t.TempDir(), "app_x", "nestjs-react-fullstack"); err == nil {
t.Error("app init failure must propagate")
}
}
func TestAppsInit_EmptyRepo_EndToEnd(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""}, // empty repo -> app init
"git status": {stdout: " M src/app.ts\n"}, // scaffold produced changes
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("unexpected: %v", err)
}
data := parseEnvelopeData(t, stdout)
if data["scaffold"] != "init" {
t.Errorf("scaffold=%v, want init", data["scaffold"])
}
if data["committed"] != true || data["pushed"] != true {
t.Errorf("committed/pushed = %v/%v, want true/true", data["committed"], data["pushed"])
}
if _, ok := data["npx_skipped"]; ok {
t.Error("npx_skipped must be removed")
}
// --template is omitted here, so resolveTemplate falls back to
// defaultTemplate and `app init` must still receive --template nestjs-react-fullstack.
c := findCall(f.calls, "npx", "-y")
if c == nil {
t.Error("npx scaffold not invoked")
} else if !containsAll(c, "-y", "--prefer-online", miaodaCLIPkg, "app", "init", "--template", defaultTemplate, "--app-id", "app_x") {
t.Errorf("app init missing expected --template fallback args: %v", c)
} else if containsAll(c, "--local") {
t.Errorf("app init must NOT carry --local: %v", c)
}
}
func TestAppsInit_AlreadyInitialized_ShortCircuit(t *testing.T) {
dir := relCloneDir(t)
abs, err := filepath.Abs(dir)
if err != nil {
t.Fatal(err)
}
if err := os.MkdirAll(filepath.Join(dir, ".spark"), 0o755); err != nil {
t.Fatal(err)
}
if err := os.WriteFile(filepath.Join(dir, metaRelPath), []byte(`{"app_id":"whatever"}`), 0o644); err != nil {
t.Fatal(err)
}
f := &fakeCommandRunner{results: map[string]fakeCallResult{"env-pull": envPullOK(filepath.Join(abs, ".env.local"))}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("unexpected: %v", err)
}
data := parseEnvelopeData(t, stdout)
if data["scaffold"] != "already_initialized" {
t.Errorf("scaffold=%v, want already_initialized", data["scaffold"])
}
// short-circuit must still skip clone/checkout/scaffold/commit ...
for _, c := range f.calls {
if containsAll(c, "git", "clone") || containsAll(c, "git", "checkout") || containsAll(c, "git", "status") {
t.Errorf("short-circuit must not run git clone/checkout/status; got %v", f.calls)
}
}
// ... but now refreshes local env exactly once.
envPullCalls := 0
for _, c := range f.calls {
if containsAll(c, "+env-pull") {
envPullCalls++
}
}
if envPullCalls != 1 {
t.Errorf("short-circuit must call +env-pull exactly once; got %d (%v)", envPullCalls, f.calls)
}
}
func TestAppsInit_HappyPathCleanTree(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""}, // empty repo -> app init scaffold
"git status": {}, // clean tree after scaffold -> no commit/push
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
data := parseEnvelopeData(t, stdout)
if data["committed"] != false {
t.Errorf("committed = %v, want false", data["committed"])
}
if data["pushed"] != false {
t.Errorf("pushed = %v, want false", data["pushed"])
}
if data["scaffold"] != "init" {
t.Errorf("scaffold = %v, want init", data["scaffold"])
}
if _, ok := data["npx_skipped"]; ok {
t.Error("npx_skipped must be removed")
}
if data["repository_url"] != "http://***@h/app_x.git" {
t.Errorf("repository_url = %v, want redacted http://***@h/app_x.git", data["repository_url"])
}
clone := findCall(f.calls, "git", "clone")
if clone == nil {
t.Fatalf("git clone not recorded; calls=%v", f.calls)
}
// clone == [dir, "git", "clone", "--", repoURL, dir]; "--" must precede the URL.
found := false
for i := 0; i+1 < len(clone); i++ {
if clone[i] == "--" && strings.HasPrefix(clone[i+1], "http") {
found = true
break
}
}
if !found {
t.Errorf("git clone args missing \"--\" immediately before URL: %v", clone)
}
}
func TestAppsInit_DirtyTreeCommitPush(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: "src/x.ts\n"}, // non-empty repo -> app sync scaffold
"git status": {stdout: " M file.txt"},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if findCall(f.calls, "git", "add") == nil {
t.Errorf("git add not recorded; calls=%v", f.calls)
}
if commit := findCall(f.calls, "git", "commit"); commit == nil {
t.Errorf("git commit not recorded; calls=%v", f.calls)
} else if !containsAll(commit, "--no-verify") {
t.Errorf("git commit missing --no-verify; got %v", commit)
}
if findCall(f.calls, "git", "push") == nil {
t.Errorf("git push not recorded; calls=%v", f.calls)
}
data := parseEnvelopeData(t, stdout)
if data["committed"] != true {
t.Errorf("committed = %v, want true", data["committed"])
}
if data["pushed"] != true {
t.Errorf("pushed = %v, want true", data["pushed"])
}
if data["scaffold"] != "upgrade" {
t.Errorf("scaffold = %v, want upgrade", data["scaffold"])
}
}
func TestAppsInit_CredentialInitFailure(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": {stderr: "boom", err: errors.New("exit 1")},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout)
if err == nil {
t.Fatalf("expected error, got nil")
}
if strings.Contains(err.Error(), ":t@") {
t.Errorf("error leaks token: %v", err)
}
}
func TestAppsInit_BadRepoURLScheme(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("ext::sh -c id"),
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout)
if err == nil {
t.Fatalf("expected error, got nil")
}
if findCall(f.calls, "git", "clone") != nil {
t.Errorf("git clone should not be recorded for bad scheme; calls=%v", f.calls)
}
}
func TestAppsInit_CloneFailure(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/r.git"),
"git clone": {stderr: "fatal: unable to access 'http://u:t@h/r.git'", err: errors.New("exit 128")},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout)
if err == nil {
t.Fatalf("expected error, got nil")
}
if strings.Contains(err.Error(), "u:t@") {
t.Errorf("error leaks credentials: %v", err)
}
if !strings.Contains(err.Error(), "***") {
t.Errorf("error should be redacted with ***: %v", err)
}
}
func TestAppsInit_PushFailure(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""},
"git status": {stdout: " M file.txt"},
"git push": {err: errors.New("exit 1")},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout)
if err == nil {
t.Fatalf("expected error, got nil")
}
}
func TestAppsInit_DirNonEmpty(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
// Create a non-empty directory under cwd (SafeInputPath requires relative,
// cwd-contained paths), then pass it as --dir.
cwd, err := os.Getwd()
if err != nil {
t.Fatalf("getwd: %v", err)
}
nonEmpty, err := os.MkdirTemp(cwd, "init-nonempty-")
if err != nil {
t.Fatalf("mkdirtemp: %v", err)
}
t.Cleanup(func() { os.RemoveAll(nonEmpty) })
if err := os.WriteFile(filepath.Join(nonEmpty, "x.txt"), []byte("x"), 0o644); err != nil {
t.Fatalf("write: %v", err)
}
err = runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", filepath.Base(nonEmpty), "--as", "user"}, factory, stdout)
if err == nil {
t.Fatalf("expected validation error, got nil")
}
if len(f.calls) != 0 {
t.Errorf("no runner calls expected before dir rejection; calls=%v", f.calls)
}
}
func TestAppsInit_AsPassthrough(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""},
"git status": {},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
// AppsInit.AuthTypes is ["user"], so the framework rejects --as bot. Use
// --as user and assert it is forwarded to the self-invoked credential-init.
err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
var cred []string
for _, c := range f.calls {
if len(c) >= 3 && c[2] == "apps" {
cred = c
break
}
}
if cred == nil {
t.Fatalf("credential-init call not recorded; calls=%v", f.calls)
}
hasAs, hasUser := false, false
for _, a := range cred {
if a == "--as" {
hasAs = true
}
if a == "user" {
hasUser = true
}
}
if !hasAs || !hasUser {
t.Errorf("credential-init args missing --as user: %v", cred)
}
}
func TestEnsureMetaAppID(t *testing.T) {
// no meta.json -> no-op, must not create
dir := t.TempDir()
if err := ensureMetaAppID(dir, "app_x"); err != nil {
t.Fatalf("missing meta should be no-op: %v", err)
}
if _, err := os.Stat(filepath.Join(dir, metaRelPath)); !os.IsNotExist(err) {
t.Error("must not create meta.json when absent")
}
// exists without app_id -> add, preserve other fields
dir2 := t.TempDir()
os.MkdirAll(filepath.Join(dir2, ".spark"), 0o755)
os.WriteFile(filepath.Join(dir2, metaRelPath), []byte(`{"name":"keep"}`), 0o644)
if err := ensureMetaAppID(dir2, "app_x"); err != nil {
t.Fatal(err)
}
var m map[string]interface{}
b, _ := os.ReadFile(filepath.Join(dir2, metaRelPath))
json.Unmarshal(b, &m)
if m["app_id"] != "app_x" || m["name"] != "keep" {
t.Errorf("merge failed: %v", m)
}
// exists with app_id -> untouched
dir3 := t.TempDir()
os.MkdirAll(filepath.Join(dir3, ".spark"), 0o755)
os.WriteFile(filepath.Join(dir3, metaRelPath), []byte(`{"app_id":"orig"}`), 0o644)
if err := ensureMetaAppID(dir3, "app_x"); err != nil {
t.Fatal(err)
}
b, _ = os.ReadFile(filepath.Join(dir3, metaRelPath))
m = nil
json.Unmarshal(b, &m)
if m["app_id"] != "orig" {
t.Errorf("existing app_id overwritten: %v", m)
}
}
func TestHasSteeringSkills(t *testing.T) {
dir := t.TempDir()
if hasSteeringSkills(dir) {
t.Error("absent steering dir -> false")
}
os.MkdirAll(filepath.Join(dir, steeringRelPath), 0o755)
if !hasSteeringSkills(dir) {
t.Error("present steering dir -> true")
}
}
func TestIsEmptyRepo(t *testing.T) {
cases := []struct {
name, ls string
want bool
}{
{"zero files", "", true},
{"only README.md", "README.md\n", true},
{"README + business file", "README.md\nsrc/x.ts\n", false},
{"business file only", "src/x.ts\n", false},
}
for _, c := range cases {
t.Run(c.name, func(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{"git ls-files": {stdout: c.ls}}}
withFakeRunner(t, f)
got, err := isEmptyRepo(context.Background(), t.TempDir())
if err != nil || got != c.want {
t.Errorf("ls=%q -> empty=%v err=%v, want %v", c.ls, got, err, c.want)
}
})
}
}
// newAppsExecuteFactoryWithStderr mirrors newAppsExecuteFactory but also returns
// the stderr buffer, so tests can assert on the +init progress log lines that
// initLogf writes to IO().ErrOut.
func newAppsExecuteFactoryWithStderr(t *testing.T) (*cmdutil.Factory, *bytes.Buffer, *bytes.Buffer) {
t.Helper()
t.Setenv("HOME", t.TempDir())
t.Setenv("LARKSUITE_CLI_CONFIG_DIR", t.TempDir())
cfg := &core.CliConfig{
AppID: "test-app-" + strings.ToLower(t.Name()),
AppSecret: "test-secret",
Brand: core.BrandFeishu,
UserOpenId: "ou_test",
}
factory, stdout, stderr, _ := cmdutil.TestFactory(t, cfg)
return factory, stdout, stderr
}
func TestAppsInit_Req1_Wording(t *testing.T) {
var tmpl *common.Flag
for i := range AppsInit.Flags {
if AppsInit.Flags[i].Name == "template" {
tmpl = &AppsInit.Flags[i]
}
}
if tmpl == nil {
t.Fatal("--template flag missing")
}
if strings.Contains(strings.ToLower(tmpl.Desc), "scaffold") {
t.Errorf("--template Desc still mentions scaffold: %q", tmpl.Desc)
}
if !strings.Contains(strings.ToLower(tmpl.Desc), "code-init") {
t.Errorf("--template Desc should use code-init wording: %q", tmpl.Desc)
}
// The --dry-run output is a flat object (DryRunAPI marshals to top-level keys
// description/scaffold/api/...), NOT wrapped in {"data":...}, so parse stdout
// directly rather than via parseEnvelopeData.
factory, stdout, _ := newAppsExecuteFactoryWithStderr(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--as", "user", "--dry-run"}, factory, stdout); err != nil {
t.Fatalf("dry-run err=%v", err)
}
var data map[string]interface{}
if err := json.Unmarshal(stdout.Bytes(), &data); err != nil {
t.Fatalf("decode dry-run output: %v (raw=%q)", err, stdout.String())
}
desc, _ := data["description"].(string)
if strings.Contains(strings.ToLower(desc), "scaffold") {
t.Errorf("dry-run description still mentions scaffold: %q", desc)
}
scaffold, ok := data["scaffold"].(string)
if !ok {
t.Error("dry-run must keep machine-contract key `scaffold`")
} else if !strings.Contains(scaffold, "skills sync --local") {
t.Errorf("dry-run scaffold string must show --local on skills sync: %q", scaffold)
} else if strings.Contains(scaffold, "app init --template nestjs-react-fullstack --app-id app_x --local") ||
strings.Contains(scaffold, "app sync --local") {
t.Errorf("dry-run scaffold string must NOT show --local on app init / app sync: %q", scaffold)
}
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""},
"git status": {},
}}
withFakeRunner(t, f)
factory2, stdout2, stderr2 := newAppsExecuteFactoryWithStderr(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory2, stdout2); err != nil {
t.Fatalf("run err=%v", err)
}
if strings.Contains(stderr2.String(), "Scaffolding") {
t.Errorf("progress log still says Scaffolding: %q", stderr2.String())
}
if !strings.Contains(stderr2.String(), "Initializing app code") {
t.Errorf("progress log should say 'Initializing app code': %q", stderr2.String())
}
}
func TestClassifyPorcelain(t *testing.T) {
cases := []struct {
name, status string
wantAppCode, wantConfig bool
}{
{"empty", "", false, false},
{"app code only", " M src/x.ts\n?? package.json\n", true, false},
{"config only", "?? .spark/meta.json\n?? .agent/skills/steering/x.md\n", false, true},
{"both", " M src/x.ts\n?? .spark/meta.json\n", true, true},
{"rename to config", "R old.txt -> .spark/meta.json\n", false, true},
{"rename to app code", "R .spark/old -> src/new.ts\n", true, false},
{"quoted config path", "?? \".spark/with space.json\"\n", false, true},
{"spark prefix lookalike not config", "?? .sparkrc\n", true, false},
{"exact .spark dir", "?? .spark\n", false, true},
}
for _, c := range cases {
t.Run(c.name, func(t *testing.T) {
gotApp, gotCfg := classifyPorcelain(c.status)
if (len(gotApp) > 0) != c.wantAppCode || (len(gotCfg) > 0) != c.wantConfig {
t.Errorf("classifyPorcelain(%q) = (app=%v,cfg=%v), want app=%v cfg=%v",
c.status, gotApp, gotCfg, c.wantAppCode, c.wantConfig)
}
})
}
}
// commitMessages returns the -m messages of all recorded `git commit` calls.
func commitMessages(calls [][]string) []string {
var msgs []string
for _, c := range calls {
if len(c) >= 3 && c[1] == "git" && c[2] == "commit" {
for i := 3; i+1 < len(c); i++ {
if c[i] == "-m" {
msgs = append(msgs, c[i+1])
}
}
}
}
return msgs
}
func TestAppsInit_EmptyRepo_TwoCommits(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""},
"git status": {stdout: " A src/app.ts\n A .spark/meta.json\n A .agent/skills/steering/x.md\n"},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("unexpected: %v", err)
}
msgs := commitMessages(f.calls)
want := []string{"chore: initialize app project code", "chore: initialize miaoda app config"}
if len(msgs) != 2 || msgs[0] != want[0] || msgs[1] != want[1] {
t.Fatalf("commit messages = %v, want %v", msgs, want)
}
// The split's core invariant: each commit stages its own group's exact
// porcelain paths (no :(exclude) magic, no explicitly-named ignored dirs —
// see TestCommitAndPushIfDirty_RealGit_IgnoredAgentDir). The app-code commit
// stages src/app.ts and not .spark/meta.json; the config commit, the reverse.
appAdd := findCallArg(f.calls, "git", "add", "-A", "--", "src/app.ts")
if appAdd == nil {
t.Errorf("app-code git add missing src/app.ts; calls=%v", f.calls)
} else if containsAll(appAdd, ".spark/meta.json") {
t.Errorf("app-code commit must not stage config paths; got %v", appAdd)
}
cfgAdd := findCallArg(f.calls, "git", "add", "-A", "--", ".spark/meta.json")
if cfgAdd == nil {
t.Errorf("config git add missing .spark/meta.json; calls=%v", f.calls)
} else if containsAll(cfgAdd, "src/app.ts") {
t.Errorf("config commit must not stage app code; got %v", cfgAdd)
}
data := parseEnvelopeData(t, stdout)
if data["committed"] != true || data["pushed"] != true {
t.Errorf("committed/pushed = %v/%v, want true/true", data["committed"], data["pushed"])
}
}
func TestAppsInit_EmptyRepo_AppCodeOnly_SingleCommit(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""},
"git status": {stdout: " A src/app.ts\n"},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("unexpected: %v", err)
}
msgs := commitMessages(f.calls)
if len(msgs) != 1 || msgs[0] != "chore: initialize app project code" {
t.Fatalf("commit messages = %v, want one app-code commit", msgs)
}
}
func TestAppsInit_EmptyRepo_ConfigOnly_SingleCommit(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""},
"git status": {stdout: " A .spark/meta.json\n"},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("unexpected: %v", err)
}
msgs := commitMessages(f.calls)
if len(msgs) != 1 || msgs[0] != "chore: initialize miaoda app config" {
t.Fatalf("commit messages = %v, want one config commit", msgs)
}
}
func TestAppsInit_NonEmpty_SingleInitCommit(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: "src/x.ts\n"},
"git status": {stdout: " M file.txt\n M .spark/meta.json\n"},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("unexpected: %v", err)
}
msgs := commitMessages(f.calls)
if len(msgs) != 1 || msgs[0] != "chore: initialize miaoda app repository" {
t.Fatalf("commit messages = %v, want one upgrade commit", msgs)
}
for _, c := range f.calls {
if len(c) >= 3 && c[1] == "git" && c[2] == "commit" && !containsAll(c, "--no-verify") {
t.Errorf("commit missing --no-verify: %v", c)
}
}
}
// gitMust runs a git command in dir with a real binary, failing the test on error.
func gitMust(t *testing.T, dir string, args ...string) string {
t.Helper()
cmd := exec.Command("git", args...)
cmd.Dir = dir
out, err := cmd.CombinedOutput()
if err != nil {
t.Fatalf("git %v in %s failed: %v\n%s", args, dir, err, out)
}
return string(out)
}
// TestCommitAndPushIfDirty_RealGit_IgnoredAgentDir exercises the empty-repo
// commit split against a REAL git repo whose scaffold gitignores .agent. This
// reproduces the production failure where `git add -- .spark .agent` errored on
// the ignored .agent path; the fix stages the config remainder with ".".
func TestCommitAndPushIfDirty_RealGit_IgnoredAgentDir(t *testing.T) {
if _, err := exec.LookPath("git"); err != nil {
t.Skip("git not available")
}
// Bare remote so `git push origin sprint/default` succeeds.
remote := t.TempDir()
gitMust(t, remote, "init", "--bare", "-q", "--initial-branch", defaultInitBranch)
dir := t.TempDir()
gitMust(t, dir, "init", "-q", "--initial-branch", defaultInitBranch)
gitMust(t, dir, "config", "user.email", "t@example.com")
gitMust(t, dir, "config", "user.name", "Test")
gitMust(t, dir, "remote", "add", "origin", remote)
// Scaffold: app code + .spark config + an IGNORED .agent dir.
mustWrite(t, filepath.Join(dir, ".gitignore"), ".agent\n")
if err := os.MkdirAll(filepath.Join(dir, "src"), 0o755); err != nil {
t.Fatal(err)
}
mustWrite(t, filepath.Join(dir, "src", "x.ts"), "export const x = 1\n")
if err := os.MkdirAll(filepath.Join(dir, ".spark"), 0o755); err != nil {
t.Fatal(err)
}
mustWrite(t, filepath.Join(dir, ".spark", "meta.json"), `{"app_id":"app_x"}`)
if err := os.MkdirAll(filepath.Join(dir, ".agent"), 0o755); err != nil {
t.Fatal(err)
}
mustWrite(t, filepath.Join(dir, ".agent", "skill.md"), "ignored\n")
// Use the real exec runner (not the fake) so gitignore semantics apply.
orig := initRunner
initRunner = execCommandRunner{}
t.Cleanup(func() { initRunner = orig })
committed, pushed, err := commitAndPushIfDirty(context.Background(), dir, scaffoldKindInit)
if err != nil {
t.Fatalf("commitAndPushIfDirty returned error: %v", err)
}
if !committed || !pushed {
t.Fatalf("committed=%v pushed=%v, want true/true", committed, pushed)
}
// Two commits, newest first: config then app code.
subjects := strings.Split(strings.TrimSpace(gitMust(t, dir, "log", "--format=%s", "-2")), "\n")
want := []string{commitMsgAppConfig, commitMsgAppCode}
if len(subjects) != 2 || subjects[0] != want[0] || subjects[1] != want[1] {
t.Fatalf("commit subjects = %v, want %v", subjects, want)
}
// .agent must NOT be tracked; .spark and src must be.
tracked := gitMust(t, dir, "ls-files")
if strings.Contains(tracked, ".agent") {
t.Errorf("ignored .agent must not be committed; tracked=%q", tracked)
}
if !strings.Contains(tracked, ".spark/meta.json") {
t.Errorf(".spark/meta.json should be committed; tracked=%q", tracked)
}
if !strings.Contains(tracked, "src/x.ts") {
t.Errorf("src/x.ts should be committed; tracked=%q", tracked)
}
}
func mustWrite(t *testing.T, path, content string) {
t.Helper()
if err := os.WriteFile(path, []byte(content), 0o644); err != nil {
t.Fatal(err)
}
}
func envPullOK(envFile string) fakeCallResult {
return fakeCallResult{stdout: `{"ok":true,"data":{"env_file":"` + envFile + `"}}`}
}
// testRuntimeForEnvPull builds a minimal RuntimeContext exposing the --as flag,
// which is all pullEnv reads.
func testRuntimeForEnvPull(t *testing.T, as string) *common.RuntimeContext {
t.Helper()
cmd := &cobra.Command{Use: "init"}
cmd.Flags().String("as", as, "")
return common.TestNewRuntimeContext(cmd, nil)
}
func TestPullEnv(t *testing.T) {
// success: stdout envelope parsed; subprocess invoked with expected args
f := &fakeCommandRunner{results: map[string]fakeCallResult{"env-pull": envPullOK("/abs/app_x/.env.local")}}
withFakeRunner(t, f)
rctx := testRuntimeForEnvPull(t, "")
envFile, reason := pullEnv(context.Background(), rctx, "app_x", "/abs/app_x")
if reason != "" || envFile != "/abs/app_x/.env.local" {
t.Fatalf("success: envFile=%q reason=%q", envFile, reason)
}
// findCallArg matches c[1] against name; for self-invocations c[1] is the
// test binary path (unknown at compile time), so search the args slice
// directly for the expected ordered subsequence.
var c []string
for _, call := range f.calls {
if findCallArg([][]string{call}, call[1], "apps", "+env-pull", "--app-id", "app_x", "--project-path", "/abs/app_x", "--format", "json") != nil {
c = call
break
}
}
if c == nil {
t.Errorf("+env-pull not invoked with expected args: %v", f.calls)
}
// failure: non-zero exit + stderr error envelope -> reason, env_file empty
f2 := &fakeCommandRunner{results: map[string]fakeCallResult{"env-pull": {
stderr: `{"ok":false,"error":{"type":"missing_scope","message":"need spark:app:read"}}`,
err: fmt.Errorf("exit status 2"),
}}}
withFakeRunner(t, f2)
envFile2, reason2 := pullEnv(context.Background(), testRuntimeForEnvPull(t, ""), "app_x", "/abs/app_x")
if envFile2 != "" || reason2 != "missing_scope: need spark:app:read" {
t.Fatalf("failure: envFile=%q reason=%q", envFile2, reason2)
}
}
// TestCommitAndPushIfDirty_RealGit_NonEmptyUpgrade pins down that the non-empty
// (upgrade) path is unaffected by the commit-split / exact-path changes: it must
// stay a SINGLE commit using `git add -A -- .`, which silently skips a gitignored
// .agent (no ignored-path error), with the upgrade subject.
func TestCommitAndPushIfDirty_RealGit_NonEmptyUpgrade(t *testing.T) {
if _, err := exec.LookPath("git"); err != nil {
t.Skip("git not available")
}
remote := t.TempDir()
gitMust(t, remote, "init", "--bare", "-q", "--initial-branch", defaultInitBranch)
dir := t.TempDir()
gitMust(t, dir, "init", "-q", "--initial-branch", defaultInitBranch)
gitMust(t, dir, "config", "user.email", "t@example.com")
gitMust(t, dir, "config", "user.name", "Test")
gitMust(t, dir, "remote", "add", "origin", remote)
// Existing (non-empty) repo: a committed baseline with .agent already ignored.
mustWrite(t, filepath.Join(dir, ".gitignore"), ".agent\n")
if err := os.MkdirAll(filepath.Join(dir, "src"), 0o755); err != nil {
t.Fatal(err)
}
mustWrite(t, filepath.Join(dir, "src", "old.ts"), "export const old = 0\n")
gitMust(t, dir, "add", "-A")
gitMust(t, dir, "commit", "-q", "-m", "baseline")
baseline := strings.TrimSpace(gitMust(t, dir, "rev-parse", "HEAD"))
// Simulate `app sync`: a modified app file, a patched .spark config, and an
// IGNORED .agent dir produced by `skills sync`.
mustWrite(t, filepath.Join(dir, "src", "old.ts"), "export const old = 1\n")
if err := os.MkdirAll(filepath.Join(dir, ".spark"), 0o755); err != nil {
t.Fatal(err)
}
mustWrite(t, filepath.Join(dir, ".spark", "meta.json"), `{"app_id":"app_x"}`)
if err := os.MkdirAll(filepath.Join(dir, ".agent"), 0o755); err != nil {
t.Fatal(err)
}
mustWrite(t, filepath.Join(dir, ".agent", "skill.md"), "ignored\n")
orig := initRunner
initRunner = execCommandRunner{}
t.Cleanup(func() { initRunner = orig })
committed, pushed, err := commitAndPushIfDirty(context.Background(), dir, scaffoldKindUpgrade)
if err != nil {
t.Fatalf("commitAndPushIfDirty returned error: %v", err)
}
if !committed || !pushed {
t.Fatalf("committed=%v pushed=%v, want true/true", committed, pushed)
}
// Exactly ONE commit added, with the upgrade subject (not a split).
added := strings.TrimSpace(gitMust(t, dir, "rev-list", "--count", baseline+"..HEAD"))
if added != "1" {
t.Fatalf("upgrade path added %s commits, want exactly 1 (no split)", added)
}
if subj := strings.TrimSpace(gitMust(t, dir, "log", "--format=%s", "-1")); subj != commitMsgUpgrade {
t.Errorf("upgrade commit subject = %q, want %q", subj, commitMsgUpgrade)
}
// .agent stays ignored; the real changes are committed.
tracked := gitMust(t, dir, "ls-files")
if strings.Contains(tracked, ".agent") {
t.Errorf("ignored .agent must not be committed; tracked=%q", tracked)
}
if !strings.Contains(tracked, ".spark/meta.json") {
t.Errorf(".spark/meta.json should be committed; tracked=%q", tracked)
}
}
func TestEnsureEmptyDir_RejectsNonDirAndNonEmpty(t *testing.T) {
t.Run("non-existent is ok", func(t *testing.T) {
if err := ensureEmptyDir(filepath.Join(t.TempDir(), "nope")); err != nil {
t.Errorf("non-existent dir should be ok, got %v", err)
}
})
t.Run("file is rejected", func(t *testing.T) {
f := filepath.Join(t.TempDir(), "afile")
if err := os.WriteFile(f, []byte("x"), 0o644); err != nil {
t.Fatal(err)
}
if err := ensureEmptyDir(f); err == nil {
t.Error("a regular file must be rejected")
}
})
t.Run("non-empty dir is rejected", func(t *testing.T) {
dir := t.TempDir()
if err := os.WriteFile(filepath.Join(dir, "child"), []byte("x"), 0o644); err != nil {
t.Fatal(err)
}
if err := ensureEmptyDir(dir); err == nil {
t.Error("a non-empty dir must be rejected")
}
})
t.Run("empty dir is ok", func(t *testing.T) {
if err := ensureEmptyDir(t.TempDir()); err != nil {
t.Errorf("empty dir should be ok, got %v", err)
}
})
}
func TestParseEnvFileFromEnvelope(t *testing.T) {
got, err := parseEnvFileFromEnvelope(`{"ok":true,"data":{"env_file":"/abs/app_x/.env.local"}}`)
if err != nil || got != "/abs/app_x/.env.local" {
t.Fatalf("got %q err %v", got, err)
}
for _, in := range []string{``, `not json`, `{"ok":false,"data":{}}`, `{"ok":true,"data":{}}`, `{"ok":true,"data":{"env_file":""}}`} {
if _, err := parseEnvFileFromEnvelope(in); err == nil {
t.Errorf("expected error for %q", in)
}
}
}
func TestParseEnvPullErrorEnvelope(t *testing.T) {
cases := []struct{ in, want string }{
{`{"ok":false,"error":{"type":"missing_scope","message":"need spark:app:read"}}`, "missing_scope: need spark:app:read"},
{`{"ok":false,"error":{"message":"boom"}}`, "boom"},
{`not json`, ""},
{`{"ok":false,"error":{}}`, ""},
{``, ""},
}
for _, c := range cases {
if got := parseEnvPullErrorEnvelope(c.in); got != c.want {
t.Errorf("parseEnvPullErrorEnvelope(%q) = %q, want %q", c.in, got, c.want)
}
}
}
func TestEnsureMetaAppID_MalformedJSON(t *testing.T) {
dir := t.TempDir()
if err := os.MkdirAll(filepath.Join(dir, ".spark"), 0o755); err != nil {
t.Fatal(err)
}
if err := os.WriteFile(filepath.Join(dir, metaRelPath), []byte("{not json"), 0o644); err != nil {
t.Fatal(err)
}
if err := ensureMetaAppID(dir, "app_x"); err == nil {
t.Error("malformed meta.json must return a parse error")
}
}
func TestIsEmptyRepo_GitError(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"git ls-files": {err: errors.New("fatal: not a git repository")},
}}
withFakeRunner(t, f)
if _, err := isEmptyRepo(context.Background(), t.TempDir()); err == nil {
t.Error("git ls-files failure must surface as an error")
}
}
func TestRunScaffold_NonEmpty_SyncFailure(t *testing.T) {
// Non-empty repo takes the `app sync` path; make that npx call fail.
withFakeRunner(t, &fakeCommandRunner{results: map[string]fakeCallResult{
"git ls-files": {stdout: "src/x.ts\n"},
"npx -y": {err: errors.New("sync boom")},
}})
if _, err := runScaffold(context.Background(), t.TempDir(), "app_x", "tpl"); err == nil {
t.Error("npx app sync failure must surface as an error")
}
}
func TestStageAndCommit_Errors(t *testing.T) {
t.Run("git add fails", func(t *testing.T) {
withFakeRunner(t, &fakeCommandRunner{results: map[string]fakeCallResult{
"git add": {err: errors.New("boom")},
}})
if err := stageAndCommit(context.Background(), t.TempDir(), "msg", "."); err == nil {
t.Error("git add failure must surface as an error")
}
})
t.Run("git commit fails", func(t *testing.T) {
withFakeRunner(t, &fakeCommandRunner{results: map[string]fakeCallResult{
"git commit": {err: errors.New("boom")},
}})
if err := stageAndCommit(context.Background(), t.TempDir(), "msg", "."); err == nil {
t.Error("git commit failure must surface as an error")
}
})
}
func TestCommitAndPushIfDirty_Branches(t *testing.T) {
t.Run("clean tree is a no-op", func(t *testing.T) {
withFakeRunner(t, &fakeCommandRunner{results: map[string]fakeCallResult{
"git status": {stdout: " "},
}})
committed, pushed, err := commitAndPushIfDirty(context.Background(), t.TempDir(), scaffoldKindUpgrade)
if err != nil || committed || pushed {
t.Errorf("clean tree: got committed=%v pushed=%v err=%v, want false,false,nil", committed, pushed, err)
}
})
t.Run("status error", func(t *testing.T) {
withFakeRunner(t, &fakeCommandRunner{results: map[string]fakeCallResult{
"git status": {err: errors.New("boom")},
}})
if _, _, err := commitAndPushIfDirty(context.Background(), t.TempDir(), scaffoldKindUpgrade); err == nil {
t.Error("git status failure must surface as an error")
}
})
t.Run("upgrade path commits and pushes", func(t *testing.T) {
withFakeRunner(t, &fakeCommandRunner{results: map[string]fakeCallResult{
"git status": {stdout: " M src/app.ts\n"},
}})
committed, pushed, err := commitAndPushIfDirty(context.Background(), t.TempDir(), scaffoldKindUpgrade)
if err != nil || !committed || !pushed {
t.Errorf("dirty upgrade: got committed=%v pushed=%v err=%v, want true,true,nil", committed, pushed, err)
}
})
t.Run("push failure", func(t *testing.T) {
withFakeRunner(t, &fakeCommandRunner{results: map[string]fakeCallResult{
"git status": {stdout: " M src/app.ts\n"},
"git push": {err: errors.New("rejected")},
}})
committed, pushed, err := commitAndPushIfDirty(context.Background(), t.TempDir(), scaffoldKindUpgrade)
if err == nil || !committed || pushed {
t.Errorf("push failure: got committed=%v pushed=%v err=%v, want true,false,err", committed, pushed, err)
}
})
}
func TestAppsInit_EnvPull_Success(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""},
"git status": {},
"env-pull": envPullOK("/abs/app_x/.env.local"),
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("unexpected error: %v", err)
}
data := parseEnvelopeData(t, stdout)
if data["env_pulled"] != true {
t.Errorf("env_pulled = %v, want true", data["env_pulled"])
}
if data["env_file"] != "/abs/app_x/.env.local" {
t.Errorf("env_file = %v", data["env_file"])
}
// env-pull invoked with forwarded --as user and the expected flags
var ep []string
for _, c := range f.calls {
if containsAll(c, "+env-pull") {
ep = c
break
}
}
if ep == nil || !containsAll(ep, "--app-id", "app_x", "--project-path", "--as", "user", "--format", "json") {
t.Errorf("+env-pull not invoked with expected args: %v", f.calls)
}
}
func TestAppsInit_EnvPull_NonFatal(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"credential-init": credInitOK("http://u:t@h/app_x.git"),
"git clone": {},
"git checkout": {},
"git ls-files": {stdout: ""},
"git status": {},
"env-pull": {
stderr: `{"ok":false,"error":{"type":"missing_scope","message":"need spark:app:read"}}`,
err: fmt.Errorf("exit status 2"),
},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("env-pull failure must be non-fatal, got: %v", err)
}
data := parseEnvelopeData(t, stdout)
if data["env_pulled"] != false {
t.Errorf("env_pulled = %v, want false", data["env_pulled"])
}
if data["env_pull_error"] != "missing_scope: need spark:app:read" {
t.Errorf("env_pull_error = %v", data["env_pull_error"])
}
if _, ok := data["env_file"]; ok {
t.Errorf("env_file must be absent on failure: %v", data["env_file"])
}
msg, _ := data["message"].(string)
if !strings.Contains(msg, "+env-pull --app-id app_x") {
t.Errorf("message missing retry hint: %q", msg)
}
if strings.Contains(stdout.String(), "u:t@h") {
t.Errorf("raw credential leaked: %s", stdout.String())
}
}
func TestAppsInit_AlreadyInitialized_RunsEnvPull(t *testing.T) {
dir := relCloneDir(t)
abs, err := filepath.Abs(dir)
if err != nil {
t.Fatal(err)
}
if err := os.MkdirAll(filepath.Join(abs, ".spark"), 0o755); err != nil {
t.Fatal(err)
}
if err := os.WriteFile(filepath.Join(abs, metaRelPath), []byte(`{"app_id":"app_x"}`), 0o644); err != nil {
t.Fatal(err)
}
envFile := filepath.Join(abs, ".env.local")
f := &fakeCommandRunner{results: map[string]fakeCallResult{"env-pull": envPullOK(envFile)}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("unexpected error: %v", err)
}
called := false
for _, c := range f.calls {
if containsAll(c, "+env-pull") {
called = true
}
}
if !called {
t.Errorf("already-initialized path must call +env-pull: %v", f.calls)
}
data := parseEnvelopeData(t, stdout)
if data["scaffold"] != "already_initialized" {
t.Errorf("scaffold=%v, want already_initialized", data["scaffold"])
}
if data["env_pulled"] != true {
t.Errorf("env_pulled=%v, want true", data["env_pulled"])
}
if data["env_file"] != envFile {
t.Errorf("env_file=%v, want %v", data["env_file"], envFile)
}
if data["committed"] != false || data["pushed"] != false {
t.Errorf("committed/pushed must stay false: %v", data)
}
}
func TestAppsInit_AlreadyInitialized_EnvPullFailure_NonFatal(t *testing.T) {
dir := relCloneDir(t)
abs, err := filepath.Abs(dir)
if err != nil {
t.Fatal(err)
}
if err := os.MkdirAll(filepath.Join(abs, ".spark"), 0o755); err != nil {
t.Fatal(err)
}
if err := os.WriteFile(filepath.Join(abs, metaRelPath), []byte(`{"app_id":"app_x"}`), 0o644); err != nil {
t.Fatal(err)
}
f := &fakeCommandRunner{results: map[string]fakeCallResult{
"env-pull": {
stderr: `{"ok":false,"error":{"type":"missing_scope","message":"need spark:app:read"}}`,
err: fmt.Errorf("exit status 2"),
},
}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user"}, factory, stdout); err != nil {
t.Fatalf("env-pull failure must be non-fatal, got: %v", err)
}
data := parseEnvelopeData(t, stdout)
if data["scaffold"] != "already_initialized" {
t.Errorf("scaffold=%v, want already_initialized", data["scaffold"])
}
if data["env_pulled"] != false {
t.Errorf("env_pulled=%v, want false", data["env_pulled"])
}
if data["env_pull_error"] != "missing_scope: need spark:app:read" {
t.Errorf("env_pull_error=%v", data["env_pull_error"])
}
if _, ok := data["env_file"]; ok {
t.Errorf("env_file must be absent on failure: %v", data["env_file"])
}
msg, _ := data["message"].(string)
if !strings.Contains(msg, "+env-pull --app-id app_x") {
t.Errorf("message missing retry hint: %q", msg)
}
}
func TestAppsInit_DryRun_DescribesEnvPull(t *testing.T) {
f := &fakeCommandRunner{results: map[string]fakeCallResult{}}
withFakeRunner(t, f)
factory, stdout, _ := newAppsExecuteFactory(t)
dir := relCloneDir(t)
if err := runAppsShortcut(t, AppsInit, []string{"+init", "--app-id", "app_x", "--dir", dir, "--as", "user", "--dry-run"}, factory, stdout); err != nil {
t.Fatalf("unexpected error: %v", err)
}
var m map[string]interface{}
if err := json.Unmarshal(stdout.Bytes(), &m); err != nil {
t.Fatalf("decode dry-run: %v (raw=%q)", err, stdout.String())
}
ep, _ := m["env_pull"].(string)
if !strings.Contains(ep, "+env-pull") {
t.Errorf("dry-run missing env_pull step: %v", m)
}
for _, c := range f.calls {
if containsAll(c, "+env-pull") {
t.Errorf("dry-run must not execute +env-pull: %v", f.calls)
}
}
}
func TestAppsInit_Description_IsAboutCode(t *testing.T) {
if strings.Contains(strings.ToLower(AppsInit.Description), "local development repository") {
t.Errorf("Description should describe initializing app code, not a local dev repo: %q", AppsInit.Description)
}
if !strings.Contains(strings.ToLower(AppsInit.Description), "code") {
t.Errorf("Description should mention app code: %q", AppsInit.Description)
}
}