Files
copilotkit--copilotkit/showcase/scripts/verify-deploy.drivers.dashboard.ts
T
2026-07-13 12:58:18 +08:00

202 lines
7.9 KiB
TypeScript

import type { ProbeTarget } from "./verify-deploy";
import type { ProbeOutcome } from "./verify-deploy.drivers";
import type { FetchLike } from "./verify-deploy.drivers.baseline";
import { probeBaseline } from "./verify-deploy.drivers.baseline";
const DRIVER_LABEL = "dashboard";
const DEFAULT_TIMEOUT_MS = 30_000;
/**
* Production sentinels the dashboard's runtime-config reader emits when a
* required env var is unset on the Railway service. When either of these
* lands in the injected `window.__SHOWCASE_CONFIG__`, the dashboard renders
* with dead Demo/Code/hover-preview links (shellUrl) or dead Status-tab
* live-readers (pocketbaseUrl) — a 200 that is NOT healthy.
*
* These MUST stay in sync with the SSOT in
* `showcase/shell-dashboard/src/lib/runtime-config.ts:39-40`
* (`PROD_INVALID_POCKETBASE_URL` / `PROD_INVALID_SHELL_URL`). That module
* imports `next/cache`, so it cannot be cleanly imported into the scripts
* tsconfig (the scripts typecheck has no Next types and `include` is scoped
* to this directory); we mirror the literals here with this pointer instead
* of pulling Next into the verify-deploy toolchain.
*/
const PROD_INVALID_SHELL_URL = "about:blank#shell-url-missing";
const PROD_INVALID_POCKETBASE_URL = "http://pocketbase.invalid";
function isAbortError(e: unknown): boolean {
if (!e || typeof e !== "object") return false;
return (e as { name?: unknown }).name === "AbortError";
}
/**
* Extract the inlined runtime config from the dashboard's HTML. The root
* layout (`shell-dashboard/src/app/layout.tsx`) injects an inline
* `<script id="__showcase_config__">` whose body is
* `window.__SHOWCASE_CONFIG__={...};`.
*
* We match by the SCRIPT-TAG BOUNDARY (`id="__showcase_config__"` open tag →
* `</script>` close) and then strip the `window.__SHOWCASE_CONFIG__=` prefix
* and trailing `;`, rather than char-class-matching the JSON body. A body
* char-class like `\{[^<]*?\}` truncates at the first `};` that appears inside
* a value and fails entirely on trailing-whitespace / newline / missing-semi
* drift in the injection — and a silent no-match there would let a
* format-drifted-but-present config slip through as "block absent → pass".
* Anchoring on the tag boundary means any present-but-unparseable block
* fails LOUD (throws) instead.
*
* Returns the parsed config object, or `undefined` ONLY when the script tag
* is genuinely not present on the page (some renders may omit it) — in that
* case the probe must NOT false-fail. A present-but-malformed block (bad
* JSON, or a parseable non-object) THROWS so the verifier can never silently
* PASS on a wiring bug.
*/
function extractInjectedConfig(
html: string,
): Record<string, unknown> | undefined {
// Match the inline config script by its id, capturing the tag body up to
// the closing </script>. `[\s\S]` so the body may span newlines.
const tagMatch = html.match(
/<script[^>]*\bid=["']__showcase_config__["'][^>]*>([\s\S]*?)<\/script>/i,
);
// Tag genuinely absent — do not false-fail.
if (!tagMatch) return undefined;
const body = tagMatch[1].trim();
// Strip the `window.__SHOWCASE_CONFIG__=` assignment prefix and the trailing
// `;`. Tolerate surrounding whitespace from formatter/minifier drift.
const assignMatch = body.match(
/^window\.__SHOWCASE_CONFIG__\s*=\s*([\s\S]*?);?\s*$/,
);
if (!assignMatch) {
// The tag is present but its body is not the expected assignment — a
// wiring/format-drift bug. Fail loud rather than silent-pass.
throw new Error(
"__SHOWCASE_CONFIG__ script present but body is not the expected " +
"`window.__SHOWCASE_CONFIG__=<json>;` assignment",
);
}
let parsed: unknown;
try {
parsed = JSON.parse(assignMatch[1]);
} catch {
// A malformed config block is itself a wiring bug; fail loud so we don't
// silently pass.
throw new Error("__SHOWCASE_CONFIG__ present but not valid JSON");
}
if (parsed === null || typeof parsed !== "object" || Array.isArray(parsed)) {
// Parseable but NOT a config object (null / array / scalar) — a
// format-drift bug. Throw like the JSON-parse branch so a parseable
// non-object can never silently PASS.
throw new Error(
"__SHOWCASE_CONFIG__ present but did not parse to a config object",
);
}
return parsed as Record<string, unknown>;
}
/**
* After a green baseline, fetch `/` and assert the injected runtime config
* is not carrying a production "env unset" sentinel. Returns an error
* string on a sentinel hit (or on a malformed config block); `undefined`
* when the config is healthy OR the block is simply absent.
*/
async function checkRuntimeConfigSentinels(
host: string,
fetchImpl: FetchLike,
timeoutMs: number,
): Promise<string | undefined> {
const url = `https://${host}/`;
const controller = new AbortController();
const timer = setTimeout(() => controller.abort(), timeoutMs);
let res: Awaited<ReturnType<FetchLike>>;
try {
res = await fetchImpl(url, {
method: "GET",
headers: { "User-Agent": "verify-deploy" },
signal: controller.signal,
});
} catch (e: unknown) {
const msg = isAbortError(e)
? `timed out after ${timeoutMs}ms`
: e instanceof Error
? e.message
: String(e);
return `${DRIVER_LABEL}: runtime-config GET ${url} failed: ${msg}`;
} finally {
clearTimeout(timer);
}
let html: string;
try {
html = await res.text();
} catch (e: unknown) {
const msg = e instanceof Error ? e.message : String(e);
return `${DRIVER_LABEL}: runtime-config GET ${url} body read failed: ${msg}`;
}
let cfg: Record<string, unknown> | undefined;
try {
cfg = extractInjectedConfig(html);
} catch (e: unknown) {
const msg = e instanceof Error ? e.message : String(e);
return `${DRIVER_LABEL}: ${msg} at ${url}`;
}
// Block absent — do not false-fail (some renders omit it).
if (!cfg) return undefined;
if (cfg.shellUrl === PROD_INVALID_SHELL_URL) {
return (
`${DRIVER_LABEL}: injected __SHOWCASE_CONFIG__.shellUrl is the ` +
`"env unset" sentinel "${PROD_INVALID_SHELL_URL}" at ${url} — ` +
`Demo/Code/preview links are dead. Set SHELL_URL on the Railway service.`
);
}
if (cfg.pocketbaseUrl === PROD_INVALID_POCKETBASE_URL) {
return (
`${DRIVER_LABEL}: injected __SHOWCASE_CONFIG__.pocketbaseUrl is the ` +
`"env unset" sentinel "${PROD_INVALID_POCKETBASE_URL}" at ${url} — ` +
`Status-tab live-readers are dead. Set POCKETBASE_URL on the Railway service.`
);
}
return undefined;
}
/**
* Feature-level verifier for the `shell-dashboard` Next.js service.
*
* Baseline: Railway deployment-SUCCESS + HTTP 200 on `/`.
*
* Driver-specific layer: after a green baseline, fetch `/`, parse the
* injected `window.__SHOWCASE_CONFIG__`, and FAIL if it carries a
* production "env unset" sentinel (`shellUrl === about:blank#shell-url-missing`
* or `pocketbaseUrl === http://pocketbase.invalid`). This catches the
* "200 but every Demo/Code/preview link is dead" case that a naked HTTP
* probe misses — the exact failure that shipped to staging when SHELL_URL
* was unset on the Railway service.
*/
export async function probeDashboard(
target: ProbeTarget,
): Promise<ProbeOutcome> {
const baseline = await probeBaseline(target, {
driverLabel: DRIVER_LABEL,
healthcheckPath: "/",
});
if (!baseline.ok) return baseline;
// Reuse the same fetch impl/timeout policy as the baseline. Production
// callers use the real `globalThis.fetch`; tests inject a seam by passing
// a custom `globalThis.fetch` stub (the baseline's `fetchImpl` opt is not
// threaded here since `probeDashboard`'s public signature takes only a
// target — mirror that for the config check).
const sentinelErr = await checkRuntimeConfigSentinels(
target.host,
globalThis.fetch as unknown as FetchLike,
DEFAULT_TIMEOUT_MS,
);
if (sentinelErr) return { ok: false, error: sentinelErr };
return { ok: true };
}