archy/scripts/smoke-test.sh

87 lines
2.3 KiB
Bash
Raw Normal View History

chore: baseline codex hardening before lifecycle refactor Snapshots the in-flight hardening work so subsequent reconcile/Quadlet phases land on a clean before/after diff. Changes: - core/container/src/podman_client.rs: image_uses_insecure_registry() whitelist for the OVH (146.59.87.168:3000) and legacy Hetzner (23.182.128.160:3000) HTTP mirrors; podman_network_settings() lifts custom networks into the Networks map so containers can join them. - core/archipelago/src/container/prod_orchestrator.rs: ensure_container_network() creates per-manifest networks on demand; apply_data_uid() now goes through host_sudo for mkdir -p + chown so bind-mount roots get created and chowned without password prompts. - core/archipelago/src/api/rpc/package/{install,update,stacks}.rs: podman pull adds --tls-verify=false only for whitelisted registries. - core/archipelago/src/bootstrap.rs: removes stale dev-mode systemd override on startup (live nodes carried it from old installers). - core/archipelago/src/config.rs: ignore ARCHIPELAGO_DEV_MODE in prod binaries — it had been silently rerouting volumes to /tmp. - apps/bitcoin-{core,knots}/manifest.yml: locate bitcoind at runtime so image-layout differences don't break entrypoint. - scripts/app-catalog-image-smoke-test.py: production catalog/image smoke test that probes a target node before users click Install. - .gitignore: cover .codex, .pnpm-store, __pycache__, *.bak. Removes filebrowser.rs.bak and two stale catalog.json.bak files (verified identical to live counterparts). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 08:52:29 -04:00
#!/bin/bash
# Smoke test for Archipelago — verifies critical endpoints
# Usage: ./scripts/smoke-test.sh [host]
# Exit 0 if all pass, exit 1 on any failure.
set -euo pipefail
HOST="${1:-192.168.1.198}"
PASS=0
FAIL=0
FAILURES=""
check() {
local name="$1" cmd="$2"
if eval "$cmd" >/dev/null 2>&1; then
echo "$name"
PASS=$((PASS + 1))
else
echo "$name"
FAIL=$((FAIL + 1))
FAILURES="$FAILURES\n - $name"
fi
}
echo "=== Archipelago Smoke Test ==="
echo "Target: $HOST"
echo ""
# 1. Health endpoint
check "GET /health returns OK" \
"curl -sf http://${HOST}/health | grep -q '\"status\"'"
# 2. Login via RPC
SESSION=$(curl -sf -X POST "http://${HOST}/rpc/v1" \
-H 'Content-Type: application/json' \
-d '{"method":"auth.login","params":{"password":"'"${TEST_PASSWORD:-password123}"'"}}' \
-c - 2>/dev/null | grep session | awk '{print $NF}' || echo "")
if [ -n "$SESSION" ]; then
echo " ✓ Login via RPC"
PASS=$((PASS + 1))
else
echo " ✗ Login via RPC"
FAIL=$((FAIL + 1))
FAILURES="$FAILURES\n - Login via RPC"
fi
# 3. Authenticated RPC call
check "server.get-info returns JSON" \
"curl -sf -X POST http://${HOST}/rpc/v1 \
-H 'Content-Type: application/json' \
-b 'session=${SESSION}' \
-d '{\"method\":\"server.get-info\"}' | grep -q '\"result\"'"
# 4. Container list
check "container.list returns JSON" \
"curl -sf -X POST http://${HOST}/rpc/v1 \
-H 'Content-Type: application/json' \
-b 'session=${SESSION}' \
-d '{\"method\":\"container.list\"}' | grep -q '\"result\"'"
# 5. WebSocket upgrade
check "WebSocket upgrade (101)" \
"curl -sf -o /dev/null -w '%{http_code}' \
-H 'Upgrade: websocket' -H 'Connection: Upgrade' \
-H 'Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==' \
-H 'Sec-WebSocket-Version: 13' \
http://${HOST}/ws/db | grep -q '101'"
# 6. Static assets served
check "Frontend index.html served" \
"curl -sf http://${HOST}/ | grep -q '<div id=\"app\"'"
# 7. Onboarding check (unauthenticated)
check "auth.isOnboardingComplete RPC" \
"curl -sf -X POST http://${HOST}/rpc/v1 \
-H 'Content-Type: application/json' \
-d '{\"method\":\"auth.isOnboardingComplete\"}' | grep -q '\"result\"'"
echo ""
echo "=== Results: $PASS passed, $FAIL failed ==="
if [ $FAIL -gt 0 ]; then
echo -e "Failures:$FAILURES"
exit 1
fi
exit 0