Skip to content

Commit 46d0221

Browse files
committed
test(e2e): normalise container-augmented config fields in settings contract
`it_should_allow_admins_to_get_all_the_settings` compares the live settings response with `env.server_settings_masking_secrets()`, which the host loads from the same TOML the container starts from. The container's entry script (ADR-T-009 §7) however augments that config before the daemon comes up — when no PEM and no path is supplied for `auth.{private,public}_key`, it defaults the key paths to `/etc/torrust/index/auth/{private,public}.pem`, and the runtime DB URL points at the in-container bind-mount target (`/var/lib/torrust/index/database/...`) rather than the host path the runner uses (`./storage/index/lib/database/...`). The result is two fields that legitimately diverge between expected and actual even on a green run, so the equality assertion fired on environment plumbing rather than on real contract drift. Clear `auth.private_key_path`, `auth.public_key_path`, and `database.connect_url` on both sides before comparing, with a comment explaining why each one is masked and pointing at ADR-T-009 §7. The rest of the response — including the masked secrets the test was originally written to cover — is still asserted byte-for-byte.
1 parent edc6ca6 commit 46d0221

1 file changed

Lines changed: 22 additions & 3 deletions

File tree

tests/e2e/web/api/v1/contexts/settings/contract.rs

Lines changed: 22 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -76,9 +76,28 @@ async fn it_should_allow_admins_to_get_all_the_settings() {
7676

7777
let response = client.get_settings().await;
7878

79-
let res: AllSettingsResponse = serde_json::from_str(&response.body).unwrap();
80-
81-
assert_eq!(res.data, env.server_settings_masking_secrets().unwrap());
79+
let mut actual: AllSettingsResponse = serde_json::from_str(&response.body).unwrap();
80+
let mut expected = env.server_settings_masking_secrets().unwrap();
81+
82+
// Normalise environment-specific fields that legitimately differ
83+
// between the host-side loader (which builds `expected` from the
84+
// shipped TOML plus the host's env overrides) and the container's
85+
// effective configuration (which the entry script may augment —
86+
// e.g. defaulting `auth.{private,public}_key_path` to
87+
// `/etc/torrust/index/auth/{private,public}.pem` when neither
88+
// PEM nor path is supplied; ADR-T-009 §7). The DB connect URL
89+
// similarly differs because the container path
90+
// (`/var/lib/torrust/index/database/...`) is the bind-mount
91+
// target of the host path the test runner uses
92+
// (`./storage/index/lib/database/...`).
93+
actual.data.auth.private_key_path = None;
94+
actual.data.auth.public_key_path = None;
95+
actual.data.database.connect_url.clear();
96+
expected.auth.private_key_path = None;
97+
expected.auth.public_key_path = None;
98+
expected.database.connect_url.clear();
99+
100+
assert_eq!(actual.data, expected);
82101

83102
assert_json_ok_response(&response);
84103
}

0 commit comments

Comments
 (0)