github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 18:24:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(tui): dedupe mode-specific exec secret fixtures

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-07 17:38:36 +00:00
parent e60b28fd1f
commit 66de964c59
1 changed files with 103 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
src/tui/gateway-chat.test.ts
View File

@@ -21,6 +21,67 @@ async function fileExists(filePath: string): Promise<boolean> {
} }
} }
type ModeExecProviderFixture = {
tokenMarker: string;
passwordMarker: string;
providers: {
tokenProvider: {
source: "exec";
command: string;
args: string[];
allowInsecurePath: true;
};
passwordProvider: {
source: "exec";
command: string;
args: string[];
allowInsecurePath: true;
};
};
};
async function withModeExecProviderFixture(
label: string,
run: (fixture: ModeExecProviderFixture) => Promise<void>,
) {
const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), `openclaw-tui-mode-${label}-`));
const tokenMarker = path.join(tempDir, "token-provider-ran");
const passwordMarker = path.join(tempDir, "password-provider-ran");
const tokenExecProgram = [
"const fs=require('node:fs');",
`fs.writeFileSync(${JSON.stringify(tokenMarker)},'1');`,
"process.stdout.write(JSON.stringify({ protocolVersion: 1, values: { TOKEN_SECRET: 'token-from-exec' } }));", // pragma: allowlist secret
].join("");
const passwordExecProgram = [
"const fs=require('node:fs');",
`fs.writeFileSync(${JSON.stringify(passwordMarker)},'1');`,
"process.stdout.write(JSON.stringify({ protocolVersion: 1, values: { PASSWORD_SECRET: 'password-from-exec' } }));", // pragma: allowlist secret
].join("");
try {
await run({
tokenMarker,
passwordMarker,
providers: {
tokenProvider: {
source: "exec",
command: process.execPath,
args: ["-e", tokenExecProgram],
allowInsecurePath: true,
},
passwordProvider: {
source: "exec",
command: process.execPath,
args: ["-e", passwordExecProgram],
allowInsecurePath: true,
},
},
});
} finally {
await fs.rm(tempDir, { recursive: true, force: true });
}
}
describe("resolveGatewayConnection", () => { describe("resolveGatewayConnection", () => {
let envSnapshot: ReturnType<typeof captureEnv>; let envSnapshot: ReturnType<typeof captureEnv>;
@@ -259,36 +320,12 @@ describe("resolveGatewayConnection", () => {
}); });
it("resolves only token SecretRef when gateway.auth.mode is token", async () => { it("resolves only token SecretRef when gateway.auth.mode is token", async () => {
const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-tui-mode-token-")); await withModeExecProviderFixture(
const tokenMarker = path.join(tempDir, "token-provider-ran"); "token",
const passwordMarker = path.join(tempDir, "password-provider-ran"); async ({ tokenMarker, passwordMarker, providers }) => {
const tokenExecProgram = [
"const fs=require('node:fs');",
`fs.writeFileSync(${JSON.stringify(tokenMarker)},'1');`,
"process.stdout.write(JSON.stringify({ protocolVersion: 1, values: { TOKEN_SECRET: 'token-from-exec' } }));", // pragma: allowlist secret
].join("");
const passwordExecProgram = [
"const fs=require('node:fs');",
`fs.writeFileSync(${JSON.stringify(passwordMarker)},'1');`,
"process.stdout.write(JSON.stringify({ protocolVersion: 1, values: { PASSWORD_SECRET: 'password-from-exec' } }));", // pragma: allowlist secret
].join("");
loadConfig.mockReturnValue({ loadConfig.mockReturnValue({
secrets: { secrets: {
providers: { providers,
tokenProvider: {
source: "exec",
command: process.execPath,
args: ["-e", tokenExecProgram],
allowInsecurePath: true,
},
passwordProvider: {
source: "exec",
command: process.execPath,
args: ["-e", passwordExecProgram],
allowInsecurePath: true,
},
},
}, },
gateway: { gateway: {
mode: "local", mode: "local",
@@ -300,48 +337,22 @@ describe("resolveGatewayConnection", () => {
}, },
}); });
try {
const result = await resolveGatewayConnection({}); const result = await resolveGatewayConnection({});
expect(result.token).toBe("token-from-exec"); expect(result.token).toBe("token-from-exec");
expect(result.password).toBeUndefined(); expect(result.password).toBeUndefined();
expect(await fileExists(tokenMarker)).toBe(true); expect(await fileExists(tokenMarker)).toBe(true);
expect(await fileExists(passwordMarker)).toBe(false); expect(await fileExists(passwordMarker)).toBe(false);
} finally { },
await fs.rm(tempDir, { recursive: true, force: true }); );
}
}); });
it("resolves only password SecretRef when gateway.auth.mode is password", async () => { it("resolves only password SecretRef when gateway.auth.mode is password", async () => {
const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-tui-mode-password-")); await withModeExecProviderFixture(
const tokenMarker = path.join(tempDir, "token-provider-ran"); "password",
const passwordMarker = path.join(tempDir, "password-provider-ran"); async ({ tokenMarker, passwordMarker, providers }) => {
const tokenExecProgram = [
"const fs=require('node:fs');",
`fs.writeFileSync(${JSON.stringify(tokenMarker)},'1');`,
"process.stdout.write(JSON.stringify({ protocolVersion: 1, values: { TOKEN_SECRET: 'token-from-exec' } }));", // pragma: allowlist secret
].join("");
const passwordExecProgram = [
"const fs=require('node:fs');",
`fs.writeFileSync(${JSON.stringify(passwordMarker)},'1');`,
"process.stdout.write(JSON.stringify({ protocolVersion: 1, values: { PASSWORD_SECRET: 'password-from-exec' } }));", // pragma: allowlist secret
].join("");
loadConfig.mockReturnValue({ loadConfig.mockReturnValue({
secrets: { secrets: {
providers: { providers,
tokenProvider: {
source: "exec",
command: process.execPath,
args: ["-e", tokenExecProgram],
allowInsecurePath: true,
},
passwordProvider: {
source: "exec",
command: process.execPath,
args: ["-e", passwordExecProgram],
allowInsecurePath: true,
},
},
}, },
gateway: { gateway: {
mode: "local", mode: "local",
@@ -353,14 +364,12 @@ describe("resolveGatewayConnection", () => {
}, },
}); });
try {
const result = await resolveGatewayConnection({}); const result = await resolveGatewayConnection({});
expect(result.password).toBe("password-from-exec"); expect(result.password).toBe("password-from-exec");
expect(result.token).toBeUndefined(); expect(result.token).toBeUndefined();
expect(await fileExists(tokenMarker)).toBe(false); expect(await fileExists(tokenMarker)).toBe(false);
expect(await fileExists(passwordMarker)).toBe(true); expect(await fileExists(passwordMarker)).toBe(true);
} finally { },
await fs.rm(tempDir, { recursive: true, force: true }); );
}
}); });
}); });