test: share daemon cli service helpers

2026-04-26 16:06:16 +00:00 · 2026-03-14 00:10:44 +00:00
parent 68a507ab31
commit c90b10b02f
2 changed files with 84 additions and 93 deletions
--- a/src/daemon/service-audit.test.ts
+++ b/src/daemon/service-audit.test.ts
@@ -6,6 +6,53 @@ import {
 } from "./service-audit.js";
 import { buildMinimalServicePath } from "./service-env.js";

+function hasIssue(
+  audit: Awaited<ReturnType<typeof auditGatewayServiceConfig>>,
+  code: (typeof SERVICE_AUDIT_CODES)[keyof typeof SERVICE_AUDIT_CODES],
+) {
+  return audit.issues.some((issue) => issue.code === code);
+}
+
+function createGatewayAudit({
+  expectedGatewayToken,
+  path = "/usr/local/bin:/usr/bin:/bin",
+  serviceToken,
+  environmentValueSources,
+}: {
+  expectedGatewayToken?: string;
+  path?: string;
+  serviceToken?: string;
+  environmentValueSources?: Record<string, string>;
+} = {}) {
+  return auditGatewayServiceConfig({
+    env: { HOME: "/tmp" },
+    platform: "linux",
+    expectedGatewayToken,
+    command: {
+      programArguments: ["/usr/bin/node", "gateway"],
+      environment: {
+        PATH: path,
+        ...(serviceToken ? { OPENCLAW_GATEWAY_TOKEN: serviceToken } : {}),
+      },
+      ...(environmentValueSources ? { environmentValueSources } : {}),
+    },
+  });
+}
+
+function expectTokenAudit(
+  audit: Awaited<ReturnType<typeof auditGatewayServiceConfig>>,
+  {
+    embedded,
+    mismatch,
+  }: {
+    embedded: boolean;
+    mismatch: boolean;
+  },
+) {
+  expect(hasIssue(audit, SERVICE_AUDIT_CODES.gatewayTokenEmbedded)).toBe(embedded);
+  expect(hasIssue(audit, SERVICE_AUDIT_CODES.gatewayTokenMismatch)).toBe(mismatch);
+}
+
 describe("auditGatewayServiceConfig", () => {
  it("flags bun runtime", async () => {
    const audit = await auditGatewayServiceConfig({
@@ -66,89 +113,37 @@ describe("auditGatewayServiceConfig", () => {
  });

  it("flags gateway token mismatch when service token is stale", async () => {
-    const audit = await auditGatewayServiceConfig({
-      env: { HOME: "/tmp" },
-      platform: "linux",
+    const audit = await createGatewayAudit({
      expectedGatewayToken: "new-token",
-      command: {
-        programArguments: ["/usr/bin/node", "gateway"],
-        environment: {
-          PATH: "/usr/local/bin:/usr/bin:/bin",
-          OPENCLAW_GATEWAY_TOKEN: "old-token",
-        },
-      },
+      serviceToken: "old-token",
    });
-    expect(
-      audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenEmbedded),
-    ).toBe(true);
-    expect(
-      audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenMismatch),
-    ).toBe(true);
+    expectTokenAudit(audit, { embedded: true, mismatch: true });
  });

  it("flags embedded service token even when it matches config token", async () => {
-    const audit = await auditGatewayServiceConfig({
-      env: { HOME: "/tmp" },
-      platform: "linux",
+    const audit = await createGatewayAudit({
      expectedGatewayToken: "new-token",
-      command: {
-        programArguments: ["/usr/bin/node", "gateway"],
-        environment: {
-          PATH: "/usr/local/bin:/usr/bin:/bin",
-          OPENCLAW_GATEWAY_TOKEN: "new-token",
-        },
-      },
+      serviceToken: "new-token",
    });
-    expect(
-      audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenEmbedded),
-    ).toBe(true);
-    expect(
-      audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenMismatch),
-    ).toBe(false);
+    expectTokenAudit(audit, { embedded: true, mismatch: false });
  });

  it("does not flag token issues when service token is not embedded", async () => {
-    const audit = await auditGatewayServiceConfig({
-      env: { HOME: "/tmp" },
-      platform: "linux",
+    const audit = await createGatewayAudit({
      expectedGatewayToken: "new-token",
-      command: {
-        programArguments: ["/usr/bin/node", "gateway"],
-        environment: {
-          PATH: "/usr/local/bin:/usr/bin:/bin",
-        },
-      },
    });
-    expect(
-      audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenEmbedded),
-    ).toBe(false);
-    expect(
-      audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenMismatch),
-    ).toBe(false);
+    expectTokenAudit(audit, { embedded: false, mismatch: false });
  });

  it("does not treat EnvironmentFile-backed tokens as embedded", async () => {
-    const audit = await auditGatewayServiceConfig({
-      env: { HOME: "/tmp" },
-      platform: "linux",
+    const audit = await createGatewayAudit({
      expectedGatewayToken: "new-token",
-      command: {
-        programArguments: ["/usr/bin/node", "gateway"],
-        environment: {
-          PATH: "/usr/local/bin:/usr/bin:/bin",
-          OPENCLAW_GATEWAY_TOKEN: "old-token",
-        },
-        environmentValueSources: {
-          OPENCLAW_GATEWAY_TOKEN: "file",
-        },
+      serviceToken: "old-token",
+      environmentValueSources: {
+        OPENCLAW_GATEWAY_TOKEN: "file",
      },
    });
-    expect(
-      audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenEmbedded),
-    ).toBe(false);
-    expect(
-      audit.issues.some((issue) => issue.code === SERVICE_AUDIT_CODES.gatewayTokenMismatch),
-    ).toBe(false);
+    expectTokenAudit(audit, { embedded: false, mismatch: false });
  });
 });