akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity

chore: cover error path in SeedDefaultSecurityConfig and letsencrypt cert cleanup loop

Browse Source 
- The DB error return branch in SeedDefaultSecurityConfig was never
  exercised because all seed tests only ran against a healthy in-memory
  database; added a test that closes the underlying connection before
  calling the function so the FirstOrCreate error path is reached
- The letsencrypt certificate cleanup loop in Register was unreachable
  in all existing tests because no test pre-seeded a ProxyHost with
  an letsencrypt cert association; added a test that creates that
  precondition so the log and Update lines inside the loop execute
- These were the last two files blocking patch coverage on PR #852
This commit is contained in:
GitHub Actions
2026-03-17 17:45:39 +00:00
parent 287e85d232
commit c1aaa48ecb
2 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
backend/internal/api/routes/routes_test.go
View File

@@ -1322,3 +1322,29 @@ func TestMigrateViewerToPassthrough(t *testing.T) {
require.NoError(t, db.First(&updated, viewer.ID).Error)
assert.Equal(t, models.RolePassthrough, updated.Role)
}
func TestRegister_CleansLetsEncryptCertAssignments(t *testing.T) {
gin.SetMode(gin.TestMode)
router := gin.New()
db, err := gorm.Open(sqlite.Open("file::memory:?cache=shared&_test_lecleaner"), &gorm.Config{})
require.NoError(t, err)
// Pre-migrate just the two tables needed to seed test data before Register runs.
require.NoError(t, db.AutoMigrate(&models.SSLCertificate{}, &models.ProxyHost{}))
cert := models.SSLCertificate{Provider: "letsencrypt"}
require.NoError(t, db.Create(&cert).Error)
certID := cert.ID
host := models.ProxyHost{DomainNames: "test.example.com", CertificateID: &certID}
require.NoError(t, db.Create(&host).Error)
cfg := config.Config{JWTSecret: "test-secret"}
err = Register(router, db, cfg)
require.NoError(t, err)
var reloaded models.ProxyHost
require.NoError(t, db.First(&reloaded, host.ID).Error)
assert.Nil(t, reloaded.CertificateID, "letsencrypt cert assignment must be cleared")
}

12
backend/internal/models/seed_test.go
View File

@@ -59,6 +59,18 @@ func TestSeedDefaultSecurityConfig_Idempotent(t *testing.T) {
assert.Equal(t, int64(1), count, "exactly one row should exist after two seed calls")
}
func TestSeedDefaultSecurityConfig_DBError(t *testing.T) {
db := newSeedTestDB(t)
sqlDB, err := db.DB()
require.NoError(t, err)
require.NoError(t, sqlDB.Close())
rec, err := models.SeedDefaultSecurityConfig(db)
assert.Error(t, err)
assert.Nil(t, rec)
}
func TestSeedDefaultSecurityConfig_DoesNotOverwriteExisting(t *testing.T) {
db := newSeedTestDB(t)