orchestrator

admin/orchestrator

Fork 0

Commit Graph

Author	SHA1	Message	Date
Dev Agent	1baae81165	test: reset webhook secret per-test to fix cross-file isolation (CI green) All checks were successful CI / test (push) Successful in 10s Details CI / test (pull_request) Successful in 10s Details Adds autouse fixture _reset_webhook_secrets to tests/conftest.py that resets the process-wide Pydantic settings singleton before every test: 1. gitea_webhook_secret / plane_webhook_secret → "" (HMAC disabled by default). Tests that deliberately test the 401 path (test_webhook_dedup.py:268,278) override this with their own monkeypatch which runs after autouse fixtures and wins for that test only. 2. db_path → os.environ["ORCH_DB_PATH"] (last written value after all test modules are imported). Without this, test_webhook_dedup.py (imported first alphabetically) seeds settings.db_path = dedup.db, while test_webhooks.py setup_db tries to remove test_orchestrator.db — leaving the DB dirty between tests that share a branch name and causing get_task_by_repo_branch() to return a stale row with the wrong stage. Per-test monkeypatches in test_webhook_dedup.setup_db still override it. Root cause: both leaks come from the same singleton settings being read once at import, before any per-test isolation runs. The autouse fixture is the correct per-test reset point for process-wide singletons. Result: pytest tests/ → 294 passed, 0 failed (was 10 failed/284 passed).	2026-06-05 00:00:01 +03:00
Dev Agent	7fd6529a35	test(conftest): mute Telegram in all tests to stop prod leakage A pytest run on prod was sending REAL Telegram messages to Slava: some tests (e.g. test_webhook_dedup advancing a stage) reach notify_stage_change -> send_telegram, which read the live .env token/chat_id and actually POSTed. Add an autouse fixture stubbing send_telegram to a no-op for every test. Patch the SOURCE src.notifications.send_telegram (covers all notify_* helpers and the many modules that do a local from .notifications import send_telegram inside functions) AND src.stage_engine.send_telegram (module-level binding, would not be intercepted by the source patch alone). webhooks/plane, launcher, queue_worker are patched defensively with raising=False. Verified: full suite run with FAKE telegram creds + an un-swallowable httpx.post trip-wire (BaseException, so send_telegram except Exception can not hide it) shows ZERO calls to api.telegram.org. Without the fixture the trip-wire fires, proving the guard is real.	2026-06-03 18:23:09 +03:00

Author

SHA1

Message

Date

Dev Agent

1baae81165

test: reset webhook secret per-test to fix cross-file isolation (CI green)

CI / test (push) Successful in 10s

Details

CI / test (pull_request) Successful in 10s

Details

Adds autouse fixture _reset_webhook_secrets to tests/conftest.py that
resets the process-wide Pydantic settings singleton before every test:

1. gitea_webhook_secret / plane_webhook_secret → "" (HMAC disabled by
   default). Tests that deliberately test the 401 path
   (test_webhook_dedup.py:268,278) override this with their own monkeypatch
   which runs after autouse fixtures and wins for that test only.

2. db_path → os.environ["ORCH_DB_PATH"] (last written value after all test
   modules are imported). Without this, test_webhook_dedup.py (imported
   first alphabetically) seeds settings.db_path = dedup.db, while
   test_webhooks.py setup_db tries to remove test_orchestrator.db — leaving
   the DB dirty between tests that share a branch name and causing
   get_task_by_repo_branch() to return a stale row with the wrong stage.
   Per-test monkeypatches in test_webhook_dedup.setup_db still override it.

Root cause: both leaks come from the same singleton settings being read once
at import, before any per-test isolation runs. The autouse fixture is the
correct per-test reset point for process-wide singletons.

Result: pytest tests/ → 294 passed, 0 failed (was 10 failed/284 passed).

2026-06-05 00:00:01 +03:00

Dev Agent

7fd6529a35

test(conftest): mute Telegram in all tests to stop prod leakage

A pytest run on prod was sending REAL Telegram messages to Slava: some tests
(e.g. test_webhook_dedup advancing a stage) reach notify_stage_change ->
send_telegram, which read the live .env token/chat_id and actually POSTed.

Add an autouse fixture stubbing send_telegram to a no-op for every test. Patch
the SOURCE src.notifications.send_telegram (covers all notify_* helpers and the
many modules that do a local from .notifications import send_telegram inside
functions) AND src.stage_engine.send_telegram (module-level binding, would not be
intercepted by the source patch alone). webhooks/plane, launcher, queue_worker are
patched defensively with raising=False.

Verified: full suite run with FAKE telegram creds + an un-swallowable httpx.post
trip-wire (BaseException, so send_telegram except Exception can not hide it) shows
ZERO calls to api.telegram.org. Without the fixture the trip-wire fires, proving
the guard is real.

2026-06-03 18:23:09 +03:00

2 Commits