@sk8metal/michi-cli 0.3.0 → 0.5.0

package/scripts/utils/__tests__/project-meta.test.ts

@@ -0,0 +1,192 @@
+/**
+ * project-meta.test.ts
+ * プロジェクトメタデータユーティリティのテスト
+ */
+
+import { describe, it, expect, beforeEach, afterEach } from 'vitest';
+import { mkdirSync, writeFileSync, rmSync, existsSync } from 'fs';
+import { join } from 'path';
+import { loadProjectMeta, getRepositoryInfo } from '../project-meta.js';
+
+describe('project-meta', () => {
+  const testRoot = join(process.cwd(), '.test-tmp-project-meta');
+
+  beforeEach(() => {
+    if (existsSync(testRoot)) {
+      rmSync(testRoot, { recursive: true, force: true });
+    }
+    mkdirSync(testRoot, { recursive: true });
+  });
+
+  afterEach(() => {
+    if (existsSync(testRoot)) {
+      rmSync(testRoot, { recursive: true, force: true });
+    }
+  });
+
+  describe('loadProjectMeta', () => {
+    it('正しいproject.jsonを読み込める', () => {
+      const kiroDir = join(testRoot, '.kiro');
+      mkdirSync(kiroDir, { recursive: true });
+
+      const projectMeta = {
+        projectId: 'test-project',
+        projectName: 'Test Project',
+        jiraProjectKey: 'TEST',
+        confluenceLabels: ['label1', 'label2'],
+        status: 'active' as const,
+        team: ['member1'],
+        stakeholders: ['stakeholder1'],
+        repository: 'https://github.com/owner/repo.git',
+      };
+
+      writeFileSync(join(kiroDir, 'project.json'), JSON.stringify(projectMeta, null, 2));
+
+      const result = loadProjectMeta(testRoot);
+
+      expect(result).toEqual(projectMeta);
+    });
+
+    it('project.jsonが存在しない場合はエラー', () => {
+      expect(() => loadProjectMeta(testRoot)).toThrow('Project metadata not found');
+    });
+
+    it('.kiroディレクトリが存在しない場合はエラー', () => {
+      expect(() => loadProjectMeta(testRoot)).toThrow('Project metadata not found');
+    });
+
+    it('不正なJSON形式の場合はエラー', () => {
+      const kiroDir = join(testRoot, '.kiro');
+      mkdirSync(kiroDir, { recursive: true });
+      writeFileSync(join(kiroDir, 'project.json'), 'invalid json');
+
+      expect(() => loadProjectMeta(testRoot)).toThrow('Invalid JSON');
+    });
+
+    it('必須フィールド projectName が欠けている場合はエラー', () => {
+      const kiroDir = join(testRoot, '.kiro');
+      mkdirSync(kiroDir, { recursive: true });
+
+      const invalidMeta = {
+        projectId: 'test-project',
+        // projectName missing
+        jiraProjectKey: 'TEST',
+        confluenceLabels: ['label1'],
+        status: 'active',
+        team: [],
+        stakeholders: [],
+        repository: 'https://github.com/owner/repo.git',
+      };
+
+      writeFileSync(join(kiroDir, 'project.json'), JSON.stringify(invalidMeta));
+
+      expect(() => loadProjectMeta(testRoot)).toThrow('Required field missing');
+    });
+
+    it('必須フィールド confluenceLabels が欠けている場合はエラー', () => {
+      const kiroDir = join(testRoot, '.kiro');
+      mkdirSync(kiroDir, { recursive: true });
+
+      const invalidMeta = {
+        projectId: 'test-project',
+        projectName: 'Test Project',
+        jiraProjectKey: 'TEST',
+        // confluenceLabels missing
+        status: 'active',
+        team: [],
+        stakeholders: [],
+        repository: 'https://github.com/owner/repo.git',
+      };
+
+      writeFileSync(join(kiroDir, 'project.json'), JSON.stringify(invalidMeta));
+
+      expect(() => loadProjectMeta(testRoot)).toThrow('Required field missing');
+    });
+  });
+
+  describe('getRepositoryInfo', () => {
+    const createValidProjectMeta = (repository: string) => ({
+      projectId: 'test-project',
+      projectName: 'Test Project',
+      jiraProjectKey: 'TEST',
+      confluenceLabels: ['label1'],
+      status: 'active' as const,
+      team: [],
+      stakeholders: [],
+      repository,
+    });
+
+    beforeEach(() => {
+      const kiroDir = join(testRoot, '.kiro');
+      mkdirSync(kiroDir, { recursive: true });
+    });
+
+    it('HTTPS URL (.git付き) から owner/repo を抽出できる', () => {
+      const projectMeta = createValidProjectMeta('https://github.com/owner/repo.git');
+      writeFileSync(join(testRoot, '.kiro/project.json'), JSON.stringify(projectMeta));
+
+      const result = getRepositoryInfo(testRoot);
+      expect(result).toBe('owner/repo');
+    });
+
+    it('HTTPS URL (.gitなし) から owner/repo を抽出できる', () => {
+      const projectMeta = createValidProjectMeta('https://github.com/owner/repo');
+      writeFileSync(join(testRoot, '.kiro/project.json'), JSON.stringify(projectMeta));
+
+      const result = getRepositoryInfo(testRoot);
+      expect(result).toBe('owner/repo');
+    });
+
+    it('SSH URL (.git付き) から owner/repo を抽出できる', () => {
+      const projectMeta = createValidProjectMeta('git@github.com:owner/repo.git');
+      writeFileSync(join(testRoot, '.kiro/project.json'), JSON.stringify(projectMeta));
+
+      const result = getRepositoryInfo(testRoot);
+      expect(result).toBe('owner/repo');
+    });
+
+    it('SSH URL (.gitなし) から owner/repo を抽出できる', () => {
+      const projectMeta = createValidProjectMeta('git@github.com:owner/repo');
+      writeFileSync(join(testRoot, '.kiro/project.json'), JSON.stringify(projectMeta));
+
+      const result = getRepositoryInfo(testRoot);
+      expect(result).toBe('owner/repo');
+    });
+
+    it('repository フィールドが存在しない場合はエラー', () => {
+      const projectMeta = {
+        projectId: 'test-project',
+        projectName: 'Test Project',
+        jiraProjectKey: 'TEST',
+        confluenceLabels: ['label1'],
+        status: 'active' as const,
+        team: [],
+        stakeholders: [],
+        repository: '',
+      };
+
+      writeFileSync(join(testRoot, '.kiro/project.json'), JSON.stringify(projectMeta));
+
+      expect(() => getRepositoryInfo(testRoot)).toThrow('Repository information not found');
+    });
+
+    it('不正な repository 形式の場合はエラー', () => {
+      const projectMeta = createValidProjectMeta('https://example.com/not-github/repo.git');
+      writeFileSync(join(testRoot, '.kiro/project.json'), JSON.stringify(projectMeta));
+
+      expect(() => getRepositoryInfo(testRoot)).toThrow('Invalid GitHub repository format');
+    });
+
+    it('owner/repo にハイフンが含まれる場合も正しく抽出できる', () => {
+      const projectMeta = createValidProjectMeta('https://github.com/my-org/my-repo.git');
+      writeFileSync(join(testRoot, '.kiro/project.json'), JSON.stringify(projectMeta));
+
+      const result = getRepositoryInfo(testRoot);
+      expect(result).toBe('my-org/my-repo');
+    });
+
+    it('project.jsonが存在しない場合はエラー', () => {
+      expect(() => getRepositoryInfo(testRoot)).toThrow('Project metadata not found');
+    });
+  });
+});

package/scripts/utils/__tests__/security-validator.test.ts

@@ -0,0 +1,272 @@
+/**
+ * security-validator.test.ts
+ * セキュリティバリデーターのテスト
+ */
+
+import { describe, it, expect } from 'vitest';
+import {
+  validateAtlassianToken,
+  validateGitHubToken,
+  validateEmail,
+  validateUrl,
+  validateAtlassianUrl,
+  validateGitHubRepositoryUrl,
+  validateEnvironmentConfig,
+} from '../security-validator.js';
+
+describe('security-validator', () => {
+  describe('validateAtlassianToken', () => {
+    it('空のトークンはエラー', () => {
+      const result = validateAtlassianToken('');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('Atlassian API token is empty');
+    });
+
+    it('スペースを含むトークンはエラー', () => {
+      const result = validateAtlassianToken('token with spaces');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('Atlassian API token contains spaces');
+    });
+
+    it('短すぎるトークンは警告', () => {
+      const result = validateAtlassianToken('short');
+      expect(result.isValid).toBe(true);
+      expect(result.warnings).toContain(
+        'Atlassian API token seems too short (expected >20 characters)',
+      );
+    });
+
+    it('プレースホルダー値はエラー', () => {
+      const result = validateAtlassianToken('your-token-here');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('Atlassian API token is a placeholder value');
+    });
+
+    it('正しいトークンは成功', () => {
+      const result = validateAtlassianToken('ATATT3xFfGF0abcdefghijklmnopqrstuvwxyz1234567890');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+      expect(result.warnings).toHaveLength(0);
+    });
+  });
+
+  describe('validateGitHubToken', () => {
+    it('空のトークンはエラー', () => {
+      const result = validateGitHubToken('');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('GitHub token is empty');
+    });
+
+    it('スペースを含むトークンはエラー', () => {
+      const result = validateGitHubToken('token with spaces');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('GitHub token contains spaces');
+    });
+
+    it('プレフィックスなしのトークンは警告', () => {
+      const result = validateGitHubToken('abcdefghijklmnopqrstuvwxyz1234567890');
+      expect(result.isValid).toBe(true);
+      expect(result.warnings).toContain(
+        'GitHub token does not start with expected prefix (ghp_ or github_pat_)',
+      );
+    });
+
+    it('プレースホルダー値はエラー', () => {
+      const result = validateGitHubToken('ghp_xxx');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('GitHub token is a placeholder value');
+    });
+
+    it('正しいトークン(ghp_)は成功', () => {
+      const result = validateGitHubToken('ghp_abcdefghijklmnopqrstuvwxyz1234567890');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+
+    it('正しいトークン(github_pat_)は成功', () => {
+      const result = validateGitHubToken('github_pat_abcdefghijklmnopqrstuvwxyz1234567890');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+  });
+
+  describe('validateEmail', () => {
+    it('空のメールアドレスはエラー', () => {
+      const result = validateEmail('');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('Email is empty');
+    });
+
+    it('不正な形式のメールアドレスはエラー', () => {
+      const result = validateEmail('invalid-email');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('Email format is invalid');
+    });
+
+    it('プレースホルダー値はエラー', () => {
+      const result = validateEmail('user@example.com');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('Email is a placeholder value');
+    });
+
+    it('正しいメールアドレスは成功', () => {
+      const result = validateEmail('real.user@company.com');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+  });
+
+  describe('validateUrl', () => {
+    it('空のURLはエラー', () => {
+      const result = validateUrl('');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('URL is empty');
+    });
+
+    it('不正な形式のURLはエラー', () => {
+      const result = validateUrl('not-a-url');
+      expect(result.isValid).toBe(false);
+      expect(result.errors.length).toBeGreaterThan(0);
+    });
+
+    it('httpプロトコルは警告', () => {
+      const result = validateUrl('http://example.com');
+      expect(result.isValid).toBe(true);
+      expect(result.warnings).toContain(
+        'URL uses insecure http:// protocol (consider using https://)',
+      );
+    });
+
+    it('プレースホルダー値はエラー', () => {
+      const result = validateUrl('https://example.com');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('URL is a placeholder value');
+    });
+
+    it('正しいURLは成功', () => {
+      const result = validateUrl('https://real-domain.com');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+
+    it('expectedDomainが一致しない場合はエラー', () => {
+      const result = validateUrl('https://wrong.com', 'example.com');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain(
+        'URL hostname wrong.com does not contain expected domain: example.com',
+      );
+    });
+
+    it('expectedDomainが一致する場合は成功', () => {
+      const result = validateUrl('https://sub.example.com', 'example.com');
+      expect(result.isValid).toBe(true);
+    });
+  });
+
+  describe('validateAtlassianUrl', () => {
+    it('atlassian.netドメインでない場合はエラー', () => {
+      const result = validateAtlassianUrl('https://wrong-domain.com');
+      expect(result.isValid).toBe(false);
+      expect(result.errors.some((e) => e.includes('atlassian.net'))).toBe(true);
+    });
+
+    it('正しいAtlassian URLは成功', () => {
+      const result = validateAtlassianUrl('https://mycompany.atlassian.net');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+  });
+
+  describe('validateGitHubRepositoryUrl', () => {
+    it('空のURLはエラー', () => {
+      const result = validateGitHubRepositoryUrl('');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('Repository URL is empty');
+    });
+
+    it('不正な形式はエラー', () => {
+      const result = validateGitHubRepositoryUrl('https://example.com/repo');
+      expect(result.isValid).toBe(false);
+      expect(result.errors.some((e) => e.includes('format'))).toBe(true);
+    });
+
+    it('プレースホルダー値はエラー', () => {
+      const result = validateGitHubRepositoryUrl('https://github.com/your-org/your-repo.git');
+      expect(result.isValid).toBe(false);
+      expect(result.errors).toContain('Repository URL contains placeholder values');
+    });
+
+    it('正しいHTTPS URLは成功', () => {
+      const result = validateGitHubRepositoryUrl('https://github.com/owner/repo.git');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+
+    it('正しいHTTPS URL(.gitなし)も成功', () => {
+      const result = validateGitHubRepositoryUrl('https://github.com/owner/repo');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+
+    it('正しいSSH URLは成功', () => {
+      const result = validateGitHubRepositoryUrl('git@github.com:owner/repo.git');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+
+    it('正しいSSH URL(.gitなし)も成功', () => {
+      const result = validateGitHubRepositoryUrl('git@github.com:owner/repo');
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+  });
+
+  describe('validateEnvironmentConfig', () => {
+    it('すべて正しい設定は成功', () => {
+      const result = validateEnvironmentConfig({
+        atlassianUrl: 'https://mycompany.atlassian.net',
+        atlassianEmail: 'user@company.com',
+        atlassianApiToken: 'ATATT3xFfGF0abcdefghijklmnopqrstuvwxyz1234567890',
+        githubOrg: 'myorg',
+        githubToken: 'ghp_abcdefghijklmnopqrstuvwxyz1234567890',
+        repositoryUrl: 'https://github.com/myorg/myrepo.git',
+      });
+
+      expect(result.isValid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+
+    it('複数のエラーをすべて報告', () => {
+      const result = validateEnvironmentConfig({
+        atlassianUrl: 'https://example.com', // プレースホルダー
+        atlassianEmail: 'invalid-email', // 不正な形式
+        atlassianApiToken: 'test-token', // プレースホルダー
+        githubOrg: 'your-org', // プレースホルダー
+        githubToken: 'ghp_xxx', // プレースホルダー
+        repositoryUrl: '', // 空
+      });
+
+      expect(result.isValid).toBe(false);
+      expect(result.errors.length).toBeGreaterThan(5);
+      expect(result.errors.some((e) => e.startsWith('ATLASSIAN_URL:'))).toBe(true);
+      expect(result.errors.some((e) => e.startsWith('ATLASSIAN_EMAIL:'))).toBe(true);
+      expect(result.errors.some((e) => e.startsWith('ATLASSIAN_API_TOKEN:'))).toBe(true);
+      expect(result.errors.some((e) => e.startsWith('GITHUB_ORG:'))).toBe(true);
+      expect(result.errors.some((e) => e.startsWith('GITHUB_TOKEN:'))).toBe(true);
+      expect(result.errors.some((e) => e.startsWith('repository:'))).toBe(true);
+    });
+
+    it('警告も正しく集約される', () => {
+      const result = validateEnvironmentConfig({
+        atlassianUrl: 'http://mycompany.atlassian.net', // http警告
+        atlassianApiToken: 'shorttoken', // 短い警告
+        githubToken: 'abcdefghijklmnopqrstuvwxyz1234567890', // プレフィックスなし警告
+      });
+
+      expect(result.warnings.length).toBeGreaterThan(0);
+      expect(result.warnings.some((w) => w.includes('ATLASSIAN_URL:'))).toBe(true);
+      expect(result.warnings.some((w) => w.includes('ATLASSIAN_API_TOKEN:'))).toBe(true);
+      expect(result.warnings.some((w) => w.includes('GITHUB_TOKEN:'))).toBe(true);
+    });
+  });
+});