-
Notifications
You must be signed in to change notification settings - Fork 8
feat(client): rewrite as a unified, session-scoped rssCloud/WebSub test harness #39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
3 commits
Select commit
Hold shift + click to select a range
5d77296
feat(client): rewrite as a unified, session-scoped rssCloud/WebSub te…
andrewshell 0905561
fix(client): address review findings from the session-harness rewrite
andrewshell 46f6042
fix(client): cap the live-socket session exemption and scope browser …
andrewshell File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -7,7 +7,7 @@ packages/*/coverage | |
| .turbo | ||
| **/xunit | ||
| .nyc_output | ||
| .env | ||
| **/.env | ||
| .DS_Store | ||
| Procfile | ||
| tunnel.sh | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| # rssCloud test harness — environment template. | ||
| # | ||
| # Copy to apps/client/.env (gitignored) and adjust: | ||
| # cp apps/client/.env.example apps/client/.env | ||
| # | ||
| # The harness reads .env from its own directory (apps/client) via dotenv, so | ||
| # this file must live here, not at the repo root. `pnpm client` runs from here. | ||
| # | ||
| # The values below are tuned for LOCAL DEVELOPMENT alongside the rssCloud hub | ||
| # (apps/server), which listens on http://localhost:5337 by default. | ||
|
|
||
| # --- Harness identity ------------------------------------------------------- | ||
| # The hostname/port this harness advertises for its own callbacks and test | ||
| # feeds. Keep PORT matching whatever you actually run it on. | ||
| DOMAIN=localhost | ||
| PORT=9000 | ||
|
|
||
| # --- Default hub / WebSub target -------------------------------------------- | ||
| # Where actions go when the UI's server/hub override field is left blank. | ||
| # Overridden per-action at runtime by that field — this is just the default | ||
| # (e.g. for testing this repo's own hub locally). | ||
| HUB_SERVER_URL=http://localhost:5337 | ||
|
|
||
| # --- SSRF egress guard: allow loopback for local dev ------------------------ | ||
| # The egress guard is ALWAYS ON and refuses loopback/private targets by | ||
| # default (feed discovery, and every pleaseNotify/ping/hub.* call this harness | ||
| # makes). For local dev the harness must reach the hub on loopback. | ||
| # | ||
| # >>> PRODUCTION: delete this line before deploying publicly. This harness is | ||
| # >>> meant to hit arbitrary third-party feeds/hubs when deployed live — | ||
| # >>> loopback exemptions have no place there. | ||
| CLIENT_FETCH_ALLOW_CIDRS=127.0.0.0/8,::1/128 | ||
|
|
||
| # --- Optional overrides (defaults shown; uncomment to change) -------------- | ||
| # REQUEST_TIMEOUT=4000 # outbound fetch timeout (ms), SSRF-guarded | ||
| # SESSION_CALLBACK_IDLE_MS=3600000 # 1h — incoming callbacks 404 past this idle window | ||
| # SESSION_GC_IDLE_MS=86400000 # 24h — a session is fully evicted from memory past this | ||
| # SESSION_GC_INTERVAL_MS=900000 # 15m — how often the GC sweep runs |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| FROM node:22 AS base | ||
|
|
||
| RUN corepack enable | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./ | ||
| COPY apps/client/package.json apps/client/ | ||
| COPY packages/xml-rpc/package.json packages/xml-rpc/ | ||
| COPY packages/core/package.json packages/core/ | ||
|
|
||
| # Build the workspace packages (TS → CJS/ESM dist) the harness consumes. | ||
| FROM base AS build | ||
|
|
||
| COPY packages/xml-rpc packages/xml-rpc | ||
| COPY packages/core packages/core | ||
| RUN pnpm install --frozen-lockfile --filter "@rsscloud/core..." | ||
| RUN pnpm --filter "@rsscloud/core..." run build | ||
|
|
||
| FROM base AS dependencies | ||
|
|
||
| RUN pnpm install --frozen-lockfile --filter "@rsscloud/client-app..." --prod --ignore-scripts | ||
|
|
||
| FROM dependencies AS runtime | ||
|
|
||
| COPY --chown=node:node apps/client apps/client | ||
| COPY --from=build --chown=node:node /app/packages/xml-rpc/dist packages/xml-rpc/dist | ||
| COPY --from=build --chown=node:node /app/packages/core/dist packages/core/dist | ||
|
|
||
| WORKDIR /app/apps/client | ||
|
|
||
| # Default listen port (config.js's PORT default). Documentation only — | ||
| # override PORT at runtime and publish the matching port if you change it. | ||
| # This harness holds no persistent state to volume-mount: sessions live only | ||
| # in memory for the process lifetime. | ||
| EXPOSE 9000 | ||
|
|
||
| # node:22 ships a pre-created, unprivileged `node` user (uid 1000) for | ||
| # exactly this purpose — the app never writes to disk, so it only ever needs | ||
| # read access to what was just copied in. | ||
| USER node | ||
|
|
||
| CMD ["node", "--use_strict", "index.js"] | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| // Isolated from client.test.js: HUB_SERVER_URL must be set before config.js | ||
| // (required transitively by client.js) reads process.env, and config.js is a | ||
| // module-level singleton — this can only be exercised in its own process, | ||
| // which `node --test` already gives each file. | ||
| process.env.HUB_SERVER_URL = 'http://hub.example.org:8080'; | ||
|
|
||
| const test = require('node:test'); | ||
| const assert = require('node:assert/strict'); | ||
| const { createApp } = require('./client'); | ||
| const request = require('supertest'); | ||
|
|
||
| test('the served test feed\'s <cloud> element derives domain/port from HUB_SERVER_URL', async() => { | ||
| const app = createApp(); | ||
|
|
||
| await request(app).get('/s/cloud-config-session'); | ||
| const res = await request(app).get('/s/cloud-config-session/rss-01.xml'); | ||
|
|
||
| assert.match(res.text, /<cloud domain="hub\.example\.org" port="8080"/); | ||
| }); |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.