@crewhaus/federation-discovery 0.1.0 → 0.1.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@crewhaus/federation-discovery",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "type": "module",
   "description": "Federation peer lookup: DNS SRV + .well-known/crewhaus.json with TTL caching (Section 34)",
   "main": "src/index.ts",
@@ -12,13 +12,13 @@
     "test": "bun test src"
   },
   "dependencies": {
-    "@crewhaus/errors": "0.0.0"
+    "@crewhaus/errors": "0.1.2"
   },
   "license": "Apache-2.0",
   "author": {
     "name": "Max Meier",
-    "email": "max@studiomax.io",
-    "url": "https://studiomax.io"
+    "email": "max@crewhaus.ai",
+    "url": "https://crewhaus.ai"
   },
   "repository": {
     "type": "git",
@@ -30,12 +30,7 @@
     "url": "https://github.com/crewhaus/factory/issues"
   },
   "publishConfig": {
-    "access": "restricted"
+    "access": "public"
   },
-  "files": [
-    "src",
-    "README.md",
-    "LICENSE",
-    "NOTICE"
-  ]
+  "files": ["src", "README.md", "LICENSE", "NOTICE"]
 }

package/src/index.test.ts

@@ -1,4 +1,4 @@
-import { describe, expect, test } from "bun:test";
+import { describe, expect, spyOn, test } from "bun:test";
 
 import {
   FederationDiscoveryError,
@@ -210,3 +210,235 @@ describe("discoverDeployment top-level helper", () => {
     });
   });
 });
+
+describe("default fetcher (no injected wellKnownFetcher)", () => {
+  test("uses globalThis.fetch with GET + Accept: application/json and parses the response", async () => {
+    const fetchSpy = spyOn(globalThis, "fetch").mockResolvedValue(
+      new Response(JSON.stringify(goodPayload), { status: 200 }),
+    );
+    try {
+      const rec = await discoverDeployment("deployment-b.example");
+      expect(rec.endpoint).toBe(goodPayload.endpoint);
+      expect(rec.publicKeyFingerprint).toBe(HEX64);
+      expect(fetchSpy).toHaveBeenCalledTimes(1);
+      const [url, init] = fetchSpy.mock.calls[0] as [string, RequestInit];
+      expect(url).toBe("https://deployment-b.example/.well-known/crewhaus.json");
+      expect(init.method).toBe("GET");
+      expect((init.headers as Record<string, string>)["Accept"]).toBe("application/json");
+    } finally {
+      fetchSpy.mockRestore();
+    }
+  });
+
+  test("propagates a non-200 status from the real-fetch path as a FederationDiscoveryError", async () => {
+    const fetchSpy = spyOn(globalThis, "fetch").mockResolvedValue(
+      new Response("nope", { status: 404 }),
+    );
+    try {
+      await expect(discoverDeployment("deployment-b.example")).rejects.toThrow(/returned 404/);
+    } finally {
+      fetchSpy.mockRestore();
+    }
+  });
+});
+
+describe("parsing branches", () => {
+  test("accepts snake_case field aliases (supported_shapes / public_key_fingerprint)", async () => {
+    const d = createDiscovery({
+      wellKnownFetcher: fetcherReturning({
+        endpoint: "https://snake.example",
+        version: "crewhaus.federation.v1",
+        supported_shapes: ["cli"],
+        public_key_fingerprint: HEX64,
+      }),
+    });
+    const rec = await d.discover("snake.example");
+    expect(rec.supportedShapes).toEqual(["cli"]);
+    expect(rec.publicKeyFingerprint).toBe(HEX64);
+  });
+
+  test("drops non-string entries from supportedShapes and defaults a missing list to []", async () => {
+    const withMixed = createDiscovery({
+      wellKnownFetcher: fetcherReturning({ ...goodPayload, supportedShapes: ["cli", 7, null] }),
+    });
+    expect((await withMixed.discover("mixed.example")).supportedShapes).toEqual(["cli"]);
+
+    const withNone = createDiscovery({
+      wellKnownFetcher: fetcherReturning({
+        endpoint: "https://noshapes.example",
+        version: "crewhaus.federation.v1",
+        publicKeyFingerprint: HEX64,
+      }),
+    });
+    expect((await withNone.discover("noshapes.example")).supportedShapes).toEqual([]);
+  });
+
+  test("rejects a non-object peer record (JSON primitive)", async () => {
+    // A bare JSON number/string is `typeof !== "object"`, so it hits the
+    // top-level guard. (Arrays are `typeof === "object"` and fall through to
+    // the endpoint+version check instead.)
+    const num = createDiscovery({ wellKnownFetcher: fetcherReturning(42) });
+    await expect(num.discover("num.example")).rejects.toThrow(/is not an object/);
+
+    const nul = createDiscovery({ wellKnownFetcher: fetcherReturning(null) });
+    await expect(nul.discover("null.example")).rejects.toThrow(/is not an object/);
+  });
+
+  test("normalizes an upper-case fingerprint to lower-case", async () => {
+    const d = createDiscovery({
+      wellKnownFetcher: fetcherReturning({ ...goodPayload, publicKeyFingerprint: "A".repeat(64) }),
+    });
+    expect((await d.discover("upper.example")).publicKeyFingerprint).toBe(HEX64);
+  });
+
+  test("allows http://localhost when allowInsecureLocalhost is set", async () => {
+    const d = createDiscovery({
+      allowInsecureLocalhost: true,
+      wellKnownFetcher: fetcherReturning({
+        ...goodPayload,
+        endpoint: "http://localhost:8443",
+      }),
+    });
+    expect((await d.discover("local.example")).endpoint).toBe("http://localhost:8443");
+  });
+
+  test("still rejects http://localhost when allowInsecureLocalhost is NOT set", async () => {
+    const d = createDiscovery({
+      wellKnownFetcher: fetcherReturning({ ...goodPayload, endpoint: "http://localhost:8443" }),
+    });
+    await expect(d.discover("local.example")).rejects.toThrow(/must be https/);
+  });
+});
+
+describe("SRV edge cases", () => {
+  test("SRV returns zero records → falls through to direct .well-known", async () => {
+    const srv: SrvResolver = async () => ({ records: [], ttl: 60 });
+    const seen: string[] = [];
+    const d = createDiscovery({
+      srvDomain: "internal.crewhaus",
+      srvResolver: srv,
+      wellKnownFetcher: async (url) => {
+        seen.push(url);
+        return { status: 200, body: JSON.stringify(goodPayload) };
+      },
+    });
+    const rec = await d.discover("deployment-b.example");
+    expect(rec.endpoint).toBe(goodPayload.endpoint);
+    // Direct fetch used the deployment URL, not an SRV-derived one.
+    expect(seen).toEqual(["https://deployment-b.example/.well-known/crewhaus.json"]);
+  });
+
+  test("SRV hit whose well-known is bad falls through to the direct .well-known", async () => {
+    const srv: SrvResolver = async () => ({
+      records: [{ priority: 10, weight: 5, port: 8443, name: "fed.deployment-b.example" }],
+      ttl: 60,
+    });
+    const seen: string[] = [];
+    const d = createDiscovery({
+      srvDomain: "internal.crewhaus",
+      srvResolver: srv,
+      wellKnownFetcher: async (url) => {
+        seen.push(url);
+        // First call (SRV endpoint) 404s; second call (direct) succeeds.
+        if (url.startsWith("https://fed.deployment-b.example:8443")) {
+          return { status: 404, body: "" };
+        }
+        return { status: 200, body: JSON.stringify(goodPayload) };
+      },
+    });
+    const rec = await d.discover("deployment-b.example");
+    expect(seen[0]).toBe("https://fed.deployment-b.example:8443/.well-known/crewhaus.json");
+    expect(seen[1]).toBe("https://deployment-b.example/.well-known/crewhaus.json");
+    expect(rec.endpoint).toBe(goodPayload.endpoint);
+  });
+
+  test("SRV sorts by priority then by descending weight", async () => {
+    const srv: SrvResolver = async () => ({
+      records: [
+        { priority: 20, weight: 99, port: 1, name: "low-priority.example" },
+        { priority: 10, weight: 1, port: 2, name: "lo-weight.example" },
+        { priority: 10, weight: 50, port: 8443, name: "winner.example" },
+      ],
+      ttl: 60,
+    });
+    const seen: string[] = [];
+    const d = createDiscovery({
+      srvDomain: "internal.crewhaus",
+      srvResolver: srv,
+      wellKnownFetcher: async (url) => {
+        seen.push(url);
+        return { status: 200, body: JSON.stringify(goodPayload) };
+      },
+    });
+    const rec = await d.discover("deployment-b");
+    expect(seen[0]).toBe("https://winner.example:8443/.well-known/crewhaus.json");
+    expect(rec.endpoint).toBe("https://winner.example:8443");
+  });
+
+  test("srvDomain set but no srvResolver → skips SRV entirely", async () => {
+    const seen: string[] = [];
+    const d = createDiscovery({
+      srvDomain: "internal.crewhaus",
+      wellKnownFetcher: async (url) => {
+        seen.push(url);
+        return { status: 200, body: JSON.stringify(goodPayload) };
+      },
+    });
+    const rec = await d.discover("deployment-b.example");
+    expect(seen).toEqual(["https://deployment-b.example/.well-known/crewhaus.json"]);
+    expect(rec.endpoint).toBe(goodPayload.endpoint);
+  });
+});
+
+describe("error semantics", () => {
+  test("non-FederationDiscoveryError from the fetcher is wrapped with its cause preserved", async () => {
+    const boom = new TypeError("socket hang up");
+    const d = createDiscovery({
+      wellKnownFetcher: async () => {
+        throw boom;
+      },
+    });
+    let caught: unknown;
+    try {
+      await d.discover("deployment-b.example");
+    } catch (e) {
+      caught = e;
+    }
+    expect(caught).toBeInstanceOf(FederationDiscoveryError);
+    expect((caught as FederationDiscoveryError).message).toMatch(/peer discovery failed/);
+    expect((caught as FederationDiscoveryError).message).toMatch(/socket hang up/);
+    expect((caught as FederationDiscoveryError).cause).toBe(boom);
+    expect((caught as FederationDiscoveryError).code).toBe("config");
+  });
+
+  test("cacheStats exposes per-deployment expiry timestamps", async () => {
+    const clock = 1_000;
+    const d = createDiscovery({
+      now: () => clock,
+      wellKnownFetcher: fetcherReturning(goodPayload),
+    });
+    await d.discover("deployment-b.example");
+    const stats = d.cacheStats();
+    expect(stats.entries).toBe(1);
+    expect(stats.expirations).toEqual([
+      { deployment: "deployment-b.example", expiresAt: 1_000 + 60_000 },
+    ]);
+  });
+
+  test("an expired entry is evicted and re-resolved (covers stale-branch delete)", async () => {
+    let clock = 0;
+    let calls = 0;
+    const d = createDiscovery({
+      now: () => clock,
+      wellKnownFetcher: async () => {
+        calls++;
+        return { status: 200, body: JSON.stringify(goodPayload) };
+      },
+    });
+    await d.discover("deployment-b.example");
+    expect(calls).toBe(1);
+    clock += 60_001; // past the 60s record TTL
+    await d.discover("deployment-b.example");
+    expect(calls).toBe(2);
+  });
+});