test(cli): check setup errors + report all admin refusals
Address review: fail fast on store.Open/key-loader errors in test setup; use t.Errorf+continue so every admin command is checked, not just the first. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -27,9 +27,18 @@ func TestAgentKeyCannotRunAdminCommands(t *testing.T) {
|
|||||||
t.Setenv("EMCLI_KEY", b64AgentKey())
|
t.Setenv("EMCLI_KEY", b64AgentKey())
|
||||||
t.Setenv("EMCLI_DB", db)
|
t.Setenv("EMCLI_DB", db)
|
||||||
|
|
||||||
st, _ := store.Open(db)
|
st, err := store.Open(db)
|
||||||
ak, _ := crypto.AdminKeyFromEnv()
|
if err != nil {
|
||||||
gk, _ := crypto.AgentKeyFromEnv()
|
t.Fatalf("store.Open: %v", err)
|
||||||
|
}
|
||||||
|
ak, err := crypto.AdminKeyFromEnv()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("AdminKeyFromEnv: %v", err)
|
||||||
|
}
|
||||||
|
gk, err := crypto.AgentKeyFromEnv()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("AgentKeyFromEnv: %v", err)
|
||||||
|
}
|
||||||
if err := st.InitKeys(ak, gk); err != nil {
|
if err := st.InitKeys(ak, gk); err != nil {
|
||||||
t.Fatalf("InitKeys: %v", err)
|
t.Fatalf("InitKeys: %v", err)
|
||||||
}
|
}
|
||||||
@@ -47,7 +56,8 @@ func TestAgentKeyCannotRunAdminCommands(t *testing.T) {
|
|||||||
for _, args := range adminAttempts {
|
for _, args := range adminAttempts {
|
||||||
code, out, errOut := run(t, args...)
|
code, out, errOut := run(t, args...)
|
||||||
if code == 0 {
|
if code == 0 {
|
||||||
t.Fatalf("admin command %v must be refused with only EMCLI_KEY (out=%q err=%q)", args, out, errOut)
|
t.Errorf("admin command %v must be refused with only EMCLI_KEY (out=%q err=%q)", args, out, errOut)
|
||||||
|
continue
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if !bytes.Equal(before, dbBytes(t, db)) {
|
if !bytes.Equal(before, dbBytes(t, db)) {
|
||||||
|
|||||||
Reference in New Issue
Block a user