0473d295af
Establish how versions are assigned, bumped, and checked across the
five things that actually change for users: the product itself, the
Rhai SDK, the HTTP API, the database schema, and the inter-service
wire (reserved for cluster mode). Crates ship in lockstep — drift
between picloud-shared and picloud-manager-core is fiction since
they always release together — but surfaces are versioned and
checked at their natural boundaries.
* docs/versioning.md is the authoritative reference: what gets a
version, the per-surface compatibility rules, how each surface
bump cascades to the product version (loose pre-1.0, strict
post-1.0), and the five enforcement mechanisms (lockstep at
compile time, /version at runtime, golden SDK contract tests,
migration replay, CI guardrail).
* shared::version exposes four constants — PRODUCT_VERSION (from
CARGO_PKG_VERSION), SDK_VERSION ("1.0"), API_VERSION (1),
WIRE_VERSION (1). Scripts read SDK_VERSION as ctx.sdk_version
and can feature-detect against it.
* Workspace inheritance: `[workspace.package] version = "0.2.0"`
is the single point of truth; every crate uses
`version.workspace = true`. dashboard/package.json mirrors.
* Routes move to /api/v1/* — both control plane
(/api/v1/admin/*) and data plane (/api/v1/execute/{id}).
Picloud composes them via a single `/api/v{API_VERSION}` nest,
so the next major is a copy-paste-and-bump. Caddyfile (dev and
prod) routes /api/v1/* to picloud and 404s any other /api/*
so old clients fail loudly instead of getting the SPA shell.
Dashboard client + integration tests updated.
* /healthz remains a plain "ok" string (k8s probes); /version is
the new JSON endpoint returning every surface version in one
place — product, sdk, api, schema (from
manager-core::migrations::latest_version), wire.
* Reasonable bump rationale: API path changes are breaking by
definition, so 0.1.0 → 0.2.0 (pre-1.0 license to bump minor on
any breaking change). SDK starts at 1.0 because scripts depend
on it more strictly than the product depends on its internals;
we'd rather promise SDK stability early than pull the rug.
Verified live:
* /healthz → "ok" (plain text)
* /version → {product:"0.2.0",sdk:"1.0",api:1,schema:1,wire:1}
* /api/v1/admin/scripts → 200
* /api/admin/scripts → 404 with error JSON (sunset major)
* Script can read ctx.sdk_version → "1.0"
* All 14 integration tests pass against new paths
* 11 executor-core unit tests pass (added one for sdk_version
exposure with the major.minor format invariant)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
172 lines
4.9 KiB
Rust
172 lines
4.9 KiB
Rust
use std::collections::BTreeMap;
|
|
|
|
use picloud_executor_core::{Engine, ExecError, ExecRequest, InvocationType, Limits, LogLevel};
|
|
use picloud_shared::{ExecutionId, RequestId, ScriptId};
|
|
use serde_json::json;
|
|
|
|
fn req(body: serde_json::Value) -> ExecRequest {
|
|
ExecRequest {
|
|
execution_id: ExecutionId::new(),
|
|
request_id: RequestId::new(),
|
|
script_id: ScriptId::new(),
|
|
script_name: "test".into(),
|
|
invocation_type: InvocationType::Http,
|
|
path: "/test".into(),
|
|
headers: BTreeMap::new(),
|
|
body,
|
|
}
|
|
}
|
|
|
|
fn engine() -> Engine {
|
|
Engine::new(Limits::default())
|
|
}
|
|
|
|
#[test]
|
|
fn validate_accepts_well_formed_script() {
|
|
engine()
|
|
.validate("let x = 1; #{ statusCode: 200, body: x }")
|
|
.expect("valid script should validate");
|
|
}
|
|
|
|
#[test]
|
|
fn validate_rejects_syntax_errors() {
|
|
let err = engine()
|
|
.validate("this is not rhai @@@")
|
|
.expect_err("invalid script should not validate");
|
|
assert!(matches!(err, ExecError::Parse(_)));
|
|
}
|
|
|
|
#[test]
|
|
fn returns_unwrapped_value_as_200_body() {
|
|
let resp = engine()
|
|
.execute("42", req(json!(null)))
|
|
.expect("should execute");
|
|
assert_eq!(resp.status_code, 200);
|
|
assert_eq!(resp.body, json!(42));
|
|
assert!(resp.headers.is_empty());
|
|
}
|
|
|
|
#[test]
|
|
fn returns_structured_response_when_status_code_present() {
|
|
let src = r#"
|
|
#{ statusCode: 201,
|
|
headers: #{ "x-test": "hello" },
|
|
body: #{ ok: true, msg: "created" } }
|
|
"#;
|
|
let resp = engine().execute(src, req(json!(null))).unwrap();
|
|
assert_eq!(resp.status_code, 201);
|
|
assert_eq!(
|
|
resp.headers.get("x-test").map(String::as_str),
|
|
Some("hello")
|
|
);
|
|
assert_eq!(resp.body, json!({ "ok": true, "msg": "created" }));
|
|
}
|
|
|
|
#[test]
|
|
fn ctx_exposes_request_data() {
|
|
let src = r"
|
|
#{ statusCode: 200,
|
|
body: #{
|
|
path: ctx.request.path,
|
|
name: ctx.script_name,
|
|
amount: ctx.request.body.amount
|
|
} }
|
|
";
|
|
let r = ExecRequest {
|
|
path: "/payments".into(),
|
|
body: json!({ "amount": 1234 }),
|
|
script_name: "payments".into(),
|
|
..req(json!(null))
|
|
};
|
|
let resp = engine().execute(src, r).unwrap();
|
|
assert_eq!(
|
|
resp.body,
|
|
json!({ "path": "/payments", "name": "payments", "amount": 1234 })
|
|
);
|
|
}
|
|
|
|
#[test]
|
|
fn captures_log_calls() {
|
|
let src = r#"
|
|
log::info("starting");
|
|
log::warn("watch out", #{ count: 3 });
|
|
log::error("oops");
|
|
log::trace("deep diagnostic");
|
|
42
|
|
"#;
|
|
let resp = engine().execute(src, req(json!(null))).unwrap();
|
|
assert_eq!(resp.logs.len(), 4);
|
|
|
|
let levels: Vec<_> = resp.logs.iter().map(|l| l.level).collect();
|
|
assert_eq!(
|
|
levels,
|
|
vec![
|
|
LogLevel::Info,
|
|
LogLevel::Warn,
|
|
LogLevel::Error,
|
|
LogLevel::Trace
|
|
]
|
|
);
|
|
assert_eq!(resp.logs[0].message, "starting");
|
|
assert_eq!(resp.logs[1].data, Some(json!({ "count": 3 })));
|
|
}
|
|
|
|
#[test]
|
|
fn enforces_operation_budget() {
|
|
let limits = Limits {
|
|
max_operations: 1_000,
|
|
..Limits::default()
|
|
};
|
|
let engine = Engine::new(limits);
|
|
// 10_000 iterations vastly exceeds 1_000 ops.
|
|
let src = r"let n = 0; for i in 0..10000 { n += 1; } n";
|
|
let err = engine
|
|
.execute(src, req(json!(null)))
|
|
.expect_err("should exceed budget");
|
|
assert!(matches!(err, ExecError::OperationBudgetExceeded));
|
|
}
|
|
|
|
#[test]
|
|
fn runtime_error_is_mapped_to_runtime_variant() {
|
|
let err = engine()
|
|
.execute("1 / 0", req(json!(null)))
|
|
.expect_err("division by zero should error");
|
|
assert!(matches!(err, ExecError::Runtime(_)));
|
|
}
|
|
|
|
#[test]
|
|
fn module_import_is_blocked() {
|
|
let err = engine()
|
|
.execute(r#"import "evil" as e; 1"#, req(json!(null)))
|
|
.expect_err("imports should be blocked");
|
|
// Module-not-found is reported as a runtime error via DummyModuleResolver.
|
|
assert!(matches!(err, ExecError::Runtime(_) | ExecError::Parse(_)));
|
|
}
|
|
|
|
#[test]
|
|
fn ctx_exposes_sdk_version() {
|
|
let resp = engine()
|
|
.execute("ctx.sdk_version", req(json!(null)))
|
|
.unwrap();
|
|
// Whatever it is, it must look like "MAJOR.MINOR" — that's the
|
|
// contract scripts feature-detect against.
|
|
let v = resp.body.as_str().expect("sdk_version is a string");
|
|
let parts: Vec<&str> = v.split('.').collect();
|
|
assert_eq!(parts.len(), 2, "expected major.minor, got {v:?}");
|
|
assert!(parts[0].parse::<u32>().is_ok(), "major not numeric: {v:?}");
|
|
assert!(parts[1].parse::<u32>().is_ok(), "minor not numeric: {v:?}");
|
|
}
|
|
|
|
#[test]
|
|
fn body_passes_through_nested_json_round_trip() {
|
|
let src = "#{ statusCode: 200, body: ctx.request.body }";
|
|
let body = json!({
|
|
"deep": {
|
|
"list": [1, "two", 3.5, null, true, { "k": "v" }],
|
|
"count": 6
|
|
}
|
|
});
|
|
let resp = engine().execute(src, req(body.clone())).unwrap();
|
|
assert_eq!(resp.body, body);
|
|
}
|