alldigital/PSA
2
0
Fork 0
Code Issues Pull Requests Actions 13 Packages Projects Releases Wiki Activity
PSA/scripts/test-guard-no-tracked-env-backups.mjs
Hermes 284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Details
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Details
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
Details
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
Details
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Details
Integration Tests / Check for relevant changes (push) Waiting to run
Details
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Details
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Details
Mobile checks / Mobile unit tests (push) Waiting to run
Details
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Details
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Details
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Details
Temporal Readiness / fast-readiness (push) Waiting to run
Details
Temporal Readiness / docker-parity (push) Waiting to run
Details
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Details
Unit Tests / Skipped-test budget (push) Waiting to run
Details
Unit Tests / Nx affected unit tests (push) Waiting to run
Details
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Details
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Details
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
Details
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Details
Initial import of AlgaPSA codebase from PSA server 
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz

Source: /opt/alga-psa on psa.joliet.tech
2026-06-22 16:12:17 -05:00

70 lines
2.3 KiB
JavaScript
Raw Blame History

#!/usr/bin/env node
import { execFileSync } from 'node:child_process';
import { mkdtempSync, writeFileSync } from 'node:fs';
import { tmpdir } from 'node:os';
import { join } from 'node:path';
const run = (cmd, args, opts = {}) => execFileSync(cmd, args, { stdio: 'pipe', ...opts }).toString('utf8');
const guardScriptPath = new URL('./guard-no-tracked-env-backups.mjs', import.meta.url);
const initRepo = () => {
const dir = mkdtempSync(join(tmpdir(), 'alga-env-backup-guard-'));
run('git', ['init'], { cwd: dir });
// Avoid requiring global git config in CI environments.
run('git', ['config', 'user.email', 'test@example.com'], { cwd: dir });
run('git', ['config', 'user.name', 'Test'], { cwd: dir });
return dir;
};
const runGuard = (cwd) => {
execFileSync(process.execPath, [guardScriptPath.pathname], { cwd, stdio: 'pipe' });
};
const expectPass = (cwd) => {
try {
runGuard(cwd);
} catch (error) {
const stderr = error?.stderr?.toString?.('utf8') ?? '';
throw new Error(`Expected guard to pass but it failed. stderr=${stderr}`);
}
};
const expectFail = (cwd, expectedStderrIncludes) => {
try {
runGuard(cwd);
throw new Error('Expected guard to fail but it passed.');
} catch (error) {
const code = error?.status;
const stderr = error?.stderr?.toString?.('utf8') ?? '';
if (code !== 1) {
throw new Error(`Expected exit code 1, got ${code}. stderr=${stderr}`);
}
for (const text of expectedStderrIncludes) {
if (!stderr.includes(text)) {
throw new Error(`Expected stderr to include ${JSON.stringify(text)}. stderr=${stderr}`);
}
}
}
};
const main = () => {
// Empty repo: should pass.
const emptyRepo = initRepo();
writeFileSync(join(emptyRepo, 'README.md'), '# test\n', 'utf8');
run('git', ['add', 'README.md'], { cwd: emptyRepo });
run('git', ['commit', '-m', 'init'], { cwd: emptyRepo });
expectPass(emptyRepo);
// Repo with tracked env backup: should fail.
const badRepo = initRepo();
const offender = '.env.local.bak.20260213';
writeFileSync(join(badRepo, offender), 'SECRET=oops\n', 'utf8');
run('git', ['add', offender], { cwd: badRepo });
run('git', ['commit', '-m', 'add offender'], { cwd: badRepo });
expectFail(badRepo, ['Tracked env-backup files detected', offender]);
};
main();
Reference in New Issue View Git Blame Copy Permalink