|
| 1 | +from __future__ import annotations |
| 2 | + |
| 3 | +try: |
| 4 | + from tests.support import ( |
| 5 | + BIN, |
| 6 | + Path, |
| 7 | + ROOT, |
| 8 | + SCRIPTS, |
| 9 | + SKILL_ROOT, |
| 10 | + ScriptTestBase, |
| 11 | + SimpleNamespace, |
| 12 | + json, |
| 13 | + os, |
| 14 | + parse_routing_map, |
| 15 | + read_readme_fable_pin, |
| 16 | + read_skill_body, |
| 17 | + re, |
| 18 | + subprocess, |
| 19 | + sys, |
| 20 | + tempfile, |
| 21 | + textwrap, |
| 22 | + ) |
| 23 | +except ModuleNotFoundError: # unittest discovery with tests/ as top-level. |
| 24 | + from support import ( |
| 25 | + BIN, |
| 26 | + Path, |
| 27 | + ROOT, |
| 28 | + SCRIPTS, |
| 29 | + SKILL_ROOT, |
| 30 | + ScriptTestBase, |
| 31 | + SimpleNamespace, |
| 32 | + json, |
| 33 | + os, |
| 34 | + parse_routing_map, |
| 35 | + read_readme_fable_pin, |
| 36 | + read_skill_body, |
| 37 | + re, |
| 38 | + subprocess, |
| 39 | + sys, |
| 40 | + tempfile, |
| 41 | + textwrap, |
| 42 | + ) |
| 43 | + |
| 44 | + |
| 45 | +class CiReleaseTests(ScriptTestBase): |
| 46 | + def test_ci_workflow_runs_project_verification(self) -> None: |
| 47 | + workflow = (ROOT / ".github" / "workflows" / "ci.yml").read_text(encoding="utf-8") |
| 48 | + |
| 49 | + self.assertIn("actions/checkout@v6", workflow) |
| 50 | + self.assertIn("actions/setup-python@v6", workflow) |
| 51 | + self.assertIn("python3 -m unittest discover -s tests -v", workflow) |
| 52 | + self.assertIn("python3 -m py_compile", workflow) |
| 53 | + self.assertIn("codex_findings.py", workflow) |
| 54 | + self.assertIn("sh -n plugins/codex-fable5/bin/codex-fable5", workflow) |
| 55 | + self.assertIn("sh -n plugins/codex-fable5/bin/codex-findings", workflow) |
| 56 | + self.assertIn("sh -n plugins/codex-fable5/bin/codex-goals", workflow) |
| 57 | + self.assertIn("fable_coverage.py", workflow) |
| 58 | + self.assertIn('python-version: ["3.11", "3.12", "3.13"]', workflow) |
| 59 | + |
| 60 | + def test_ci_workflow_validates_against_pinned_source(self) -> None: |
| 61 | + """The CI workflow must fetch the pinned upstream source and pass |
| 62 | + it to the validator. Without this, the default `--matrix`-only run |
| 63 | + is self-consistent and can hide a fabricated row.""" |
| 64 | + workflow = (ROOT / ".github" / "workflows" / "ci.yml").read_text(encoding="utf-8") |
| 65 | + self.assertIn("CLAUDE-FABLE-5.md", workflow) |
| 66 | + self.assertIn("elder-plinius/CL4R1T4S", workflow) |
| 67 | + fetch_step = re.search( |
| 68 | + r" - name: Fetch pinned FABLE-5 source\n(?P<body>.*?)(?:\n - name: |\Z)", |
| 69 | + workflow, |
| 70 | + re.DOTALL, |
| 71 | + ) |
| 72 | + self.assertIsNotNone(fetch_step, "CI workflow must define the pinned source fetch step") |
| 73 | + assert fetch_step is not None # for type checkers |
| 74 | + fetch_step_body = fetch_step.group("body") |
| 75 | + self.assertIn( |
| 76 | + "raw.githubusercontent.com/elder-plinius/CL4R1T4S/${PIN}/ANTHROPIC/CLAUDE-FABLE-5.md", |
| 77 | + fetch_step_body, |
| 78 | + "CI should fetch the public pinned source directly, matching the release checklist", |
| 79 | + ) |
| 80 | + self.assertNotIn( |
| 81 | + "Authorization: Bearer", |
| 82 | + fetch_step_body, |
| 83 | + "CI source fetch should not rely on a hand-built Authorization header; malformed quoting can hide curl failures", |
| 84 | + ) |
| 85 | + pin_match = re.search(r'PIN="([0-9a-f]{40})"', workflow) |
| 86 | + self.assertIsNotNone(pin_match, "CI workflow must define the pinned upstream SHA") |
| 87 | + assert pin_match is not None # for type checkers |
| 88 | + self.assertEqual( |
| 89 | + read_readme_fable_pin(), |
| 90 | + pin_match.group(1), |
| 91 | + "CI workflow pin must match README source note pin", |
| 92 | + ) |
| 93 | + # The validator invocation must include --source. |
| 94 | + # Look for lines that invoke fable_coverage.py and contain --source. |
| 95 | + has_source_arg = False |
| 96 | + for line in workflow.splitlines(): |
| 97 | + if "fable_coverage.py" in line and "--source" in line: |
| 98 | + has_source_arg = True |
| 99 | + break |
| 100 | + self.assertTrue( |
| 101 | + has_source_arg, |
| 102 | + "CI workflow must pass --source to fable_coverage.py " |
| 103 | + "so the matrix is validated against the upstream FABLE-5 source", |
| 104 | + ) |
| 105 | + |
| 106 | + def test_release_checklist_validates_against_pinned_source(self) -> None: |
| 107 | + releasing = (ROOT / "docs" / "RELEASING.md").read_text(encoding="utf-8") |
| 108 | + |
| 109 | + self.assertIn("README.md", releasing) |
| 110 | + self.assertIn("raw.githubusercontent.com/elder-plinius/CL4R1T4S/${PIN}", releasing) |
| 111 | + self.assertIn("--source build/fable5/CLAUDE-FABLE-5.md", releasing) |
| 112 | + self.assertIn(r"\s+`ANTHROPIC/CLAUDE-FABLE-5\.md`\s+at commit\s+", releasing) |
| 113 | + self.assertNotIn(r"\\s+", releasing) |
| 114 | + |
| 115 | + def test_user_facing_wrappers_run_from_path(self) -> None: |
| 116 | + env = {**os.environ, "PATH": f"{BIN}{os.pathsep}{os.environ['PATH']}"} |
| 117 | + for command in ["codex-fable5", "codex-findings", "codex-goals"]: |
| 118 | + with self.subTest(command=command): |
| 119 | + wrapper = BIN / command |
| 120 | + self.assertTrue(wrapper.is_file()) |
| 121 | + self.assertTrue(os.access(wrapper, os.X_OK)) |
| 122 | + |
| 123 | + syntax = subprocess.run( |
| 124 | + ["sh", "-n", str(wrapper)], |
| 125 | + cwd=ROOT, |
| 126 | + text=True, |
| 127 | + capture_output=True, |
| 128 | + check=False, |
| 129 | + ) |
| 130 | + self.assertEqual(syntax.returncode, 0, syntax.stderr) |
| 131 | + |
| 132 | + with tempfile.TemporaryDirectory() as tmp: |
| 133 | + status = subprocess.run( |
| 134 | + ["codex-fable5", "status"], |
| 135 | + cwd=tmp, |
| 136 | + env=env, |
| 137 | + text=True, |
| 138 | + capture_output=True, |
| 139 | + check=False, |
| 140 | + ) |
| 141 | + self.assertEqual(status.returncode, 0, status.stderr) |
| 142 | + self.assertIn("0 findings", status.stdout) |
| 143 | + self.assertIn("no goal plan", status.stdout) |
| 144 | + |
| 145 | + created = subprocess.run( |
| 146 | + [ |
| 147 | + "codex-fable5", |
| 148 | + "goals", |
| 149 | + "create", |
| 150 | + "--brief", |
| 151 | + "Wrapper smoke", |
| 152 | + "--goal", |
| 153 | + "inspect::Check wrapper path", |
| 154 | + ], |
| 155 | + cwd=tmp, |
| 156 | + env=env, |
| 157 | + text=True, |
| 158 | + capture_output=True, |
| 159 | + check=False, |
| 160 | + ) |
| 161 | + self.assertEqual(created.returncode, 0, created.stderr) |
| 162 | + self.assertIn("plan created", created.stdout) |
| 163 | + |
| 164 | + started = subprocess.run( |
| 165 | + ["codex-fable5", "goals", "next"], |
| 166 | + cwd=tmp, |
| 167 | + env=env, |
| 168 | + text=True, |
| 169 | + capture_output=True, |
| 170 | + check=False, |
| 171 | + ) |
| 172 | + self.assertEqual(started.returncode, 0, started.stderr) |
| 173 | + |
| 174 | + added = subprocess.run( |
| 175 | + [ |
| 176 | + "codex-fable5", |
| 177 | + "findings", |
| 178 | + "add", |
| 179 | + "--title", |
| 180 | + "Wrapper finding", |
| 181 | + "--evidence", |
| 182 | + "PATH wrapper should call the findings script.", |
| 183 | + ], |
| 184 | + cwd=tmp, |
| 185 | + env=env, |
| 186 | + text=True, |
| 187 | + capture_output=True, |
| 188 | + check=False, |
| 189 | + ) |
| 190 | + self.assertEqual(added.returncode, 0, added.stderr) |
| 191 | + self.assertIn("goal=G001", added.stdout) |
| 192 | + |
| 193 | + status_with_plan = subprocess.run( |
| 194 | + ["codex-fable5", "status"], |
| 195 | + cwd=tmp, |
| 196 | + env=env, |
| 197 | + text=True, |
| 198 | + capture_output=True, |
| 199 | + check=False, |
| 200 | + ) |
| 201 | + self.assertEqual(status_with_plan.returncode, 0, status_with_plan.stderr) |
| 202 | + self.assertIn("1 open", status_with_plan.stdout) |
| 203 | + self.assertIn("0/1 complete", status_with_plan.stdout) |
0 commit comments