@symbiosis-lab/moss-plugin-github 1.5.1

package/features/steps/auth.steps.ts

@@ -0,0 +1,285 @@
+/**
+ * Step definitions for GitHub OAuth Device Flow authentication tests
+ */
+
+import { loadFeature, describeFeature } from "@amiceli/vitest-cucumber";
+import { expect, vi, beforeEach, afterEach } from "vitest";
+import {
+  createMockFetch,
+  defaultDeviceCodeResponse,
+  defaultTokenResponse,
+  defaultUserResponse,
+  authorizationPendingResponse,
+  expiredTokenResponse,
+} from "../../test-helpers/mock-github-api";
+import type { DeviceCodeResponse, TokenResponse, GitHubUser } from "../../src/types";
+
+// Load the feature file
+const feature = await loadFeature("features/auth/device-flow.feature");
+
+describeFeature(feature, ({ Scenario, BeforeEachScenario, AfterEachScenario }) => {
+  // Test state
+  let mockFetch: ReturnType<typeof createMockFetch>;
+  let originalFetch: typeof global.fetch;
+  let deviceCodeResponse: DeviceCodeResponse | null = null;
+  let tokenResponse: TokenResponse | null = null;
+  let validationResult: { valid: boolean; user?: GitHubUser; scopes?: string[] } | null = null;
+  let storedToken: string | null = null;
+  let retrievedToken: string | null = null;
+
+  // Mock credential helper
+  const credentialStore = new Map<string, string>();
+
+  BeforeEachScenario(() => {
+    // Save original fetch
+    originalFetch = global.fetch;
+    // Reset state
+    deviceCodeResponse = null;
+    tokenResponse = null;
+    validationResult = null;
+    storedToken = null;
+    retrievedToken = null;
+    credentialStore.clear();
+  });
+
+  AfterEachScenario(() => {
+    // Restore original fetch
+    global.fetch = originalFetch;
+    vi.restoreAllMocks();
+  });
+
+  // ============================================================================
+  // Scenario: Request device code from GitHub
+  // ============================================================================
+
+  Scenario("Request device code from GitHub", ({ Given, When, Then, And }) => {
+    Given("no existing GitHub credentials", () => {
+      credentialStore.clear();
+      mockFetch = createMockFetch({
+        deviceCodeResponse: defaultDeviceCodeResponse,
+      });
+      global.fetch = mockFetch;
+    });
+
+    When("I initiate the device flow authentication", async () => {
+      const response = await fetch("https://github.com/login/device/code", {
+        method: "POST",
+        headers: {
+          Accept: "application/json",
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+          client_id: "test-client-id",
+          scope: "repo workflow",
+        }),
+      });
+
+      deviceCodeResponse = await response.json();
+    });
+
+    Then("I should receive a device code response", () => {
+      expect(deviceCodeResponse).not.toBeNull();
+      expect(deviceCodeResponse?.device_code).toBeDefined();
+    });
+
+    And("the response should include user_code, verification_uri, and interval", () => {
+      expect(deviceCodeResponse?.user_code).toBe("ABCD-1234");
+      expect(deviceCodeResponse?.verification_uri).toBe("https://github.com/login/device");
+      expect(deviceCodeResponse?.interval).toBe(5);
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Poll for access token after authorization
+  // ============================================================================
+
+  Scenario("Poll for access token after authorization", ({ Given, When, Then, And }) => {
+    Given("a valid device code", () => {
+      mockFetch = createMockFetch({
+        tokenResponse: defaultTokenResponse,
+        userResponse: defaultUserResponse,
+        scopes: ["repo", "workflow"],
+      });
+      global.fetch = mockFetch;
+    });
+
+    And("the user has authorized the application", () => {
+      // Mock is already configured to return success
+    });
+
+    When("I poll for the access token", async () => {
+      const response = await fetch("https://github.com/login/oauth/access_token", {
+        method: "POST",
+        headers: {
+          Accept: "application/json",
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+          client_id: "test-client-id",
+          device_code: "test-device-code",
+          grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+        }),
+      });
+
+      tokenResponse = await response.json();
+    });
+
+    Then("I should receive an access token", () => {
+      expect(tokenResponse?.access_token).toBeDefined();
+      expect(tokenResponse?.access_token).toBe("gho_test_token_abc123");
+    });
+
+    And("the token should have repo and workflow scopes", () => {
+      expect(tokenResponse?.scope).toContain("repo");
+      expect(tokenResponse?.scope).toContain("workflow");
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Handle authorization pending state
+  // ============================================================================
+
+  Scenario("Handle authorization pending state", ({ Given, When, Then, And }) => {
+    Given("a valid device code", () => {
+      mockFetch = createMockFetch({
+        tokenResponse: authorizationPendingResponse,
+      });
+      global.fetch = mockFetch;
+    });
+
+    And("the user has not yet authorized", () => {
+      // Mock is configured to return authorization_pending
+    });
+
+    When("I poll for the access token", async () => {
+      const response = await fetch("https://github.com/login/oauth/access_token", {
+        method: "POST",
+        headers: {
+          Accept: "application/json",
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+          client_id: "test-client-id",
+          device_code: "test-device-code",
+          grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+        }),
+      });
+
+      tokenResponse = await response.json();
+    });
+
+    Then("I should receive authorization_pending error", () => {
+      expect(tokenResponse?.error).toBe("authorization_pending");
+    });
+
+    And("I should continue polling", () => {
+      // This is the expected behavior - we would continue polling in real code
+      expect(tokenResponse?.error_description).toContain("pending");
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Store token in git credential helper
+  // ============================================================================
+
+  Scenario("Store token in git credential helper", ({ Given, When, Then, And }) => {
+    Given("a valid access token", () => {
+      storedToken = "gho_test_token_abc123";
+    });
+
+    When("I store the token", () => {
+      // Simulate storing in credential helper
+      credentialStore.set("github.com", storedToken!);
+    });
+
+    Then("the token should be stored successfully", () => {
+      expect(credentialStore.has("github.com")).toBe(true);
+    });
+
+    And("I should be able to retrieve the token", () => {
+      retrievedToken = credentialStore.get("github.com") || null;
+      expect(retrievedToken).toBe(storedToken);
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Handle expired device code
+  // ============================================================================
+
+  Scenario("Handle expired device code", ({ Given, When, Then }) => {
+    Given("a device code that has expired", () => {
+      mockFetch = createMockFetch({
+        tokenResponse: expiredTokenResponse,
+      });
+      global.fetch = mockFetch;
+    });
+
+    When("I poll for the access token", async () => {
+      const response = await fetch("https://github.com/login/oauth/access_token", {
+        method: "POST",
+        headers: {
+          Accept: "application/json",
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+          client_id: "test-client-id",
+          device_code: "expired-device-code",
+          grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+        }),
+      });
+
+      tokenResponse = await response.json();
+    });
+
+    Then("I should receive an expired_token error", () => {
+      expect(tokenResponse?.error).toBe("expired_token");
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Validate token with GitHub API
+  // ============================================================================
+
+  Scenario("Validate token with GitHub API", ({ Given, When, Then, And }) => {
+    Given("a valid access token", () => {
+      mockFetch = createMockFetch({
+        userResponse: defaultUserResponse,
+        scopes: ["repo", "workflow"],
+      });
+      global.fetch = mockFetch;
+    });
+
+    When("I validate the token", async () => {
+      const response = await fetch("https://api.github.com/user", {
+        headers: {
+          Authorization: "Bearer gho_test_token_abc123",
+          Accept: "application/vnd.github.v3+json",
+        },
+      });
+
+      if (response.ok) {
+        const user = await response.json();
+        const scopeHeader = response.headers.get("X-OAuth-Scopes") || "";
+        const scopes = scopeHeader.split(",").map((s) => s.trim());
+
+        validationResult = {
+          valid: true,
+          user,
+          scopes,
+        };
+      } else {
+        validationResult = { valid: false };
+      }
+    });
+
+    Then("I should receive user information", () => {
+      expect(validationResult?.valid).toBe(true);
+      expect(validationResult?.user?.login).toBe("testuser");
+    });
+
+    And("the scopes should include repo and workflow", () => {
+      expect(validationResult?.scopes).toContain("repo");
+      expect(validationResult?.scopes).toContain("workflow");
+    });
+  });
+});

package/features/steps/deploy.steps.ts

@@ -0,0 +1,354 @@
+/**
+ * Step definitions for GitHub Deployer validation tests
+ *
+ * Uses @symbiosis-lab/moss-api/testing to mock Tauri IPC commands
+ *
+ * Updated for git-origin-based deploy target (no config.json, no validation.ts).
+ */
+
+import { loadFeature, describeFeature } from "@amiceli/vitest-cucumber";
+import { expect, vi } from "vitest";
+import {
+  setupMockTauri,
+  type MockTauriContext,
+} from "@symbiosis-lab/moss-api/testing";
+import type { DeployContext, HookResult } from "../../src/types";
+
+// Load the feature file
+const feature = await loadFeature("features/deploy/validation.feature");
+
+// Mock the utils module
+vi.mock("../../src/utils", () => ({
+  reportProgress: vi.fn().mockResolvedValue(undefined),
+  reportError: vi.fn().mockResolvedValue(undefined),
+  reportComplete: vi.fn().mockResolvedValue(undefined),
+  setCurrentHookName: vi.fn(),
+  showToast: vi.fn().mockResolvedValue(undefined),
+  dismissToast: vi.fn().mockResolvedValue(undefined),
+  closeBrowser: vi.fn().mockResolvedValue(undefined),
+  sleep: vi.fn().mockResolvedValue(undefined),
+}));
+
+// Mock the github-deploy module
+vi.mock("../../src/github-deploy", () => ({
+  verifyRepoExists: vi.fn().mockResolvedValue(undefined),
+  getOriginOwnerRepo: vi.fn(),
+  deployViaGitPush: vi.fn(),
+}));
+
+// Mock the auth module
+vi.mock("../../src/auth", () => ({
+  promptLogin: vi.fn(),
+  checkAuthentication: vi.fn(),
+  validateToken: vi.fn(),
+  hasRequiredScopes: vi.fn(),
+}));
+
+// Mock the token module
+vi.mock("../../src/token", () => ({
+  getToken: vi.fn(),
+  getTokenFromGit: vi.fn(),
+  storeToken: vi.fn(),
+  clearToken: vi.fn(),
+}));
+
+// Mock the git module (only pure functions still imported by main.ts)
+vi.mock("../../src/git", () => ({
+  buildPagesUrl: vi.fn().mockImplementation((owner: string, repo: string) => {
+    if (repo.toLowerCase() === `${owner.toLowerCase()}.github.io`) {
+      return `https://${owner}.github.io`;
+    }
+    return `https://${owner}.github.io/${repo}`;
+  }),
+  parseGitHubUrl: vi.fn().mockImplementation((remoteUrl: string) => {
+    const m = remoteUrl.match(/github\.com[:/]([^/]+)\/([^/.]+)/);
+    if (m) return { owner: m[1], repo: m[2] };
+    return null;
+  }),
+}));
+
+// Mock the repo-setup module
+vi.mock("../../src/repo-setup", () => ({
+  ensureGitHubRepo: vi.fn(),
+}));
+
+// Mock the github-api module
+vi.mock("../../src/github-api", () => ({
+  checkPagesStatus: vi.fn().mockResolvedValue({ status: "built" }),
+  getAuthenticatedUser: vi.fn(),
+  checkRepoExists: vi.fn(),
+  createRepository: vi.fn(),
+  setCustomDomain: vi.fn(),
+}));
+
+// Import after mocking
+const { on_deploy } = await import("../../src/main");
+const { deployViaGitPush, getOriginOwnerRepo } = await import("../../src/github-deploy");
+const { getToken, getTokenFromGit } = await import("../../src/token");
+const { parseGitHubUrl, buildPagesUrl } = await import("../../src/git");
+const { checkPagesStatus } = await import("../../src/github-api");
+const { ensureGitHubRepo } = await import("../../src/repo-setup");
+
+describeFeature(feature, ({ Scenario, BeforeEachScenario, AfterEachScenario }) => {
+  // Test state
+  let ctx: MockTauriContext;
+  let projectPath: string;
+  let deployResult: HookResult | null = null;
+  let scenarioSiteFiles: string[] = ["index.html"]; // Default site files
+
+  /**
+   * Create a mock DeployContext for testing
+   */
+  function createMockContext(): DeployContext {
+    return {
+      project_path: projectPath,
+      moss_dir: `${projectPath}/.moss`,
+      output_dir: `${projectPath}/.moss/build/site`,
+      site_files: scenarioSiteFiles,
+      project_info: {
+        project_type: "markdown",
+        content_folders: ["posts"],
+        total_files: 10,
+        homepage_file: "index.md",
+      },
+      config: {},
+    };
+  }
+
+  BeforeEachScenario(() => {
+    ctx = setupMockTauri();
+    projectPath = "/test/project";
+    deployResult = null;
+    scenarioSiteFiles = ["index.html"]; // Reset to default
+    vi.clearAllMocks();
+
+    // Restore default implementations after clearAllMocks
+    vi.mocked(parseGitHubUrl).mockImplementation((remoteUrl: string) => {
+      const m = remoteUrl.match(/github\.com[:/]([^/]+)\/([^/.]+)/);
+      if (m) return { owner: m[1], repo: m[2] };
+      return null;
+    });
+    vi.mocked(buildPagesUrl).mockImplementation((owner: string, repo: string) => {
+      if (repo.toLowerCase() === `${owner.toLowerCase()}.github.io`) {
+        return `https://${owner}.github.io`;
+      }
+      return `https://${owner}.github.io/${repo}`;
+    });
+    vi.mocked(checkPagesStatus).mockResolvedValue({ status: "built" });
+    // Default: no git origin (first-time user)
+    vi.mocked(getOriginOwnerRepo).mockResolvedValue(null);
+  });
+
+  AfterEachScenario(() => {
+    ctx.cleanup();
+  });
+
+  // ============================================================================
+  // Scenario: Deploy from non-git directory shows repo setup UI
+  // No .git origin → ensureGitHubRepo → user cancels → "cancelled"
+  // ============================================================================
+
+  Scenario("Deploy from non-git directory", ({ Given, When, Then, And }) => {
+    Given("the directory is not a git repository", () => {
+      // No git origin (no .git directory)
+      vi.mocked(getOriginOwnerRepo).mockResolvedValue(null);
+      // ensureGitHubRepo returns null (user cancelled)
+      vi.mocked(ensureGitHubRepo).mockResolvedValue(null);
+    });
+
+    When("I attempt to deploy", async () => {
+      deployResult = await on_deploy(createMockContext());
+    });
+
+    Then("the deployment should fail", () => {
+      expect(deployResult?.success).toBe(false);
+    });
+
+    And('the error should indicate setup was cancelled', () => {
+      expect(deployResult?.message).toContain("cancelled");
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Deploy without any git remote
+  // Same as above: no origin → ensureGitHubRepo → user cancels
+  // ============================================================================
+
+  Scenario("Deploy without any git remote", ({ Given, When, Then, And }) => {
+    Given("the directory is a git repository", () => {
+      // Git repo exists but no GitHub origin
+      vi.mocked(getOriginOwnerRepo).mockResolvedValue(null);
+    });
+
+    And("no git remote is configured", () => {
+      // ensureGitHubRepo returns null (user cancelled)
+      vi.mocked(ensureGitHubRepo).mockResolvedValue(null);
+    });
+
+    When("I attempt to deploy", async () => {
+      deployResult = await on_deploy(createMockContext());
+    });
+
+    Then("the deployment should fail", () => {
+      expect(deployResult?.success).toBe(false);
+    });
+
+    And('the error should mention "No git remote configured"', () => {
+      // In new flow: shows repo setup UI, returns cancelled when no interaction
+      expect(deployResult?.message).toContain("cancelled");
+    });
+
+    And("the error should include instructions to add a GitHub remote", () => {
+      expect(deployResult?.message).toContain("Repository setup cancelled");
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Deploy with non-GitHub remote triggers setup
+  // getOriginOwnerRepo returns null for non-GitHub → ensureGitHubRepo → cancelled
+  // ============================================================================
+
+  Scenario("Deploy with non-GitHub remote triggers setup", ({ Given, When, Then, And }) => {
+    Given("the directory is a git repository", () => {
+      // Non-GitHub origin → getOriginOwnerRepo returns null
+      vi.mocked(getOriginOwnerRepo).mockResolvedValue(null);
+    });
+
+    And("the git remote is not a GitHub URL", () => {
+      // ensureGitHubRepo returns null (user cancelled)
+      vi.mocked(ensureGitHubRepo).mockResolvedValue(null);
+    });
+
+    When("I attempt to deploy", async () => {
+      deployResult = await on_deploy(createMockContext());
+    });
+
+    Then("the deployment should fail", () => {
+      expect(deployResult?.success).toBe(false);
+    });
+
+    And('the error should indicate setup was cancelled', () => {
+      expect(deployResult?.message).toContain("cancelled");
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Deploy with empty site directory
+  // ============================================================================
+
+  Scenario("Deploy with empty site directory", ({ Given, When, Then, And }) => {
+    Given("the directory is a git repository", () => {
+      // Git origin exists
+      vi.mocked(getOriginOwnerRepo).mockResolvedValue({ owner: "user", repo: "repo" });
+    });
+
+    And("the site directory is empty", () => {
+      scenarioSiteFiles = [];
+    });
+
+    When("I attempt to deploy", async () => {
+      deployResult = await on_deploy(createMockContext());
+    });
+
+    Then("the deployment should fail", () => {
+      expect(deployResult?.success).toBe(false);
+    });
+
+    And("the error should mention that the site needs to be built", () => {
+      expect(deployResult?.message).toMatch(/site.*empty|build.*first|not found/i);
+    });
+  });
+
+  // ============================================================================
+  // Scenario: Successful deployment with SSH remote
+  // ============================================================================
+
+  Scenario("Successful deployment with SSH remote", ({ Given, When, Then, And }) => {
+    Given("the directory is a git repository", () => {
+      // Git origin returns testuser/testrepo
+      vi.mocked(getOriginOwnerRepo).mockResolvedValue({ owner: "testuser", repo: "testrepo" });
+    });
+
+    And('the git remote is "git@github.com:testuser/testrepo.git"', () => {
+      // Already set via getOriginOwnerRepo in Given
+    });
+
+    And('the site is built with files in ".moss/build/site/"', () => {
+      ctx.filesystem.setFile(`${projectPath}/.moss/build/site/index.html`, "<html></html>");
+    });
+
+    And("the GitHub Actions workflow already exists", () => {
+      // Token available
+      vi.mocked(getToken).mockResolvedValue("test-token");
+      vi.mocked(getTokenFromGit).mockResolvedValue(null);
+
+      // deployViaGitPush returns DeployResult
+      vi.mocked(deployViaGitPush).mockResolvedValue({ commitSha: "new-commit-sha", orphanSha: "orphan-sha", treeChanged: true });
+
+      // Pages status check
+      vi.mocked(checkPagesStatus).mockResolvedValue({ status: "built" });
+    });
+
+    When("I attempt to deploy", async () => {
+      deployResult = await on_deploy(createMockContext());
+    });
+
+    Then("the deployment should succeed", () => {
+      expect(deployResult?.success).toBe(true);
+    });
+
+    And('the deployment URL should be "https://testuser.github.io/testrepo"', () => {
+      expect(deployResult?.deployment?.url).toBe("https://testuser.github.io/testrepo");
+    });
+  });
+
+  // ============================================================================
+  // Scenario: First-time deployment creates workflow
+  // getOriginOwnerRepo returns null → ensureGitHubRepo → setup + deploy
+  // ============================================================================
+
+  Scenario("First-time deployment creates workflow", ({ Given, When, Then, And }) => {
+    Given("the directory is a git repository", () => {
+      // No git origin (first-time deploy)
+      vi.mocked(getOriginOwnerRepo).mockResolvedValue(null);
+    });
+
+    And('the git remote is "git@github.com:user/repo.git"', () => {
+      // ensureGitHubRepo returns repo info (auto-created or via UI)
+      vi.mocked(ensureGitHubRepo).mockResolvedValue({
+        name: "repo",
+        sshUrl: "git@github.com:user/repo.git",
+        fullName: "user/repo",
+      });
+    });
+
+    And('the site is built with files in ".moss/build/site/"', () => {
+      ctx.filesystem.setFile(`${projectPath}/.moss/build/site/index.html`, "<html></html>");
+      ctx.filesystem.setFile(`${projectPath}/.gitignore`, "node_modules/");
+    });
+
+    And("the GitHub Actions workflow does not exist", () => {
+      // Token available
+      vi.mocked(getToken).mockResolvedValue("test-token");
+      vi.mocked(getTokenFromGit).mockResolvedValue(null);
+
+      // deployViaGitPush returns DeployResult
+      vi.mocked(deployViaGitPush).mockResolvedValue({ commitSha: "first-commit-sha", orphanSha: "orphan-sha", treeChanged: true });
+
+      // Pages status check
+      vi.mocked(checkPagesStatus).mockResolvedValue({ status: "built" });
+    });
+
+    When("I attempt to deploy", async () => {
+      deployResult = await on_deploy(createMockContext());
+    });
+
+    Then("the deployment should succeed", () => {
+      expect(deployResult?.success).toBe(true);
+    });
+
+    And("the result should indicate first-time setup", () => {
+      expect(deployResult?.deployment?.metadata?.was_first_setup).toBe("true");
+    });
+  });
+});

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "@symbiosis-lab/moss-plugin-github",
+  "version": "1.5.1",
+  "description": "Deploy to GitHub Pages via GitHub Actions",
+  "main": "dist/main.js",
+  "keywords": [
+    "moss",
+    "plugin",
+    "github-pages",
+    "deployment",
+    "deployer"
+  ],
+  "author": "Symbiosis Lab",
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/",
+    "provenance": false
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Symbiosis-Lab/moss-plugins.git",
+    "directory": "github"
+  },
+  "devDependencies": {
+    "@amiceli/vitest-cucumber": "^5.2.1",
+    "@types/node": "^20.0.0",
+    "@vitest/coverage-v8": "^3.2.4",
+    "chokidar-cli": "^3.0.0",
+    "concurrently": "^8.2.0",
+    "esbuild": "^0.27.0",
+    "happy-dom": "^20.0.11",
+    "typescript": "^5.3.0",
+    "vitest": "^3.2.4",
+    "@symbiosis-lab/moss-api": "0.10.0"
+  },
+  "scripts": {
+    "build": "npm run clean && npm run bundle && npm run copy-assets",
+    "dev": "npm run clean && npm run copy-assets && concurrently \"npm run bundle -- --watch\" \"npm run watch-assets\"",
+    "bundle": "esbuild src/main.ts --bundle --format=iife --global-name=GithubPlugin --outfile=dist/main.bundle.js",
+    "clean": "rm -rf dist && mkdir -p dist",
+    "copy-assets": "cp assets/* dist/",
+    "watch-assets": "chokidar 'assets/**/*' -c 'npm run copy-assets'",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest run --coverage",
+    "test:unit": "vitest run --project unit",
+    "test:integration": "vitest run --project integration",
+    "test:e2e": "vitest run --project e2e"
+  }
+}