mirror of
https://github.com/bytedance/deer-flow.git
synced 2026-07-09 16:08:31 +00:00
fix(smoke-test): add auth-aware frontend checks with login support (#3641)
This commit is contained in:
parent
86a4744941
commit
b5a4d3414b
3 changed files with 137 additions and 4 deletions
|
|
@ -97,14 +97,14 @@ smoke-test/
|
|||
2. **Check frontend service** - Visit `http://localhost:2026` and verify that the page loads
|
||||
3. **Check API Gateway** - Verify the `http://localhost:2026/health` endpoint
|
||||
4. **Check LangGraph-compatible API** - Verify the `/api/langgraph/*` route exposed by Gateway
|
||||
5. **Frontend route smoke check** - Run `bash .agent/skills/smoke-test/scripts/frontend_check.sh` to verify key routes under `/workspace`
|
||||
5. **Frontend route smoke check** - Run `bash .agent/skills/smoke-test/scripts/frontend_check.sh` to verify key routes under `/workspace`. The script auto-detects whether authentication is enabled and, if so, registers / logs in a smoke-test user so the real pages are verified rather than the login redirect.
|
||||
|
||||
**Docker mode health check** (when using Docker):
|
||||
1. **Check container status** - Run `docker ps` and confirm that all containers are running
|
||||
2. **Check frontend service** - Visit `http://localhost:2026` and verify that the page loads
|
||||
3. **Check API Gateway** - Verify the `http://localhost:2026/health` endpoint
|
||||
4. **Check LangGraph-compatible API** - Verify the `/api/langgraph/*` route exposed by Gateway
|
||||
5. **Frontend route smoke check** - Run `bash .agent/skills/smoke-test/scripts/frontend_check.sh` to verify key routes under `/workspace`
|
||||
5. **Frontend route smoke check** - Run `bash .agent/skills/smoke-test/scripts/frontend_check.sh` to verify key routes under `/workspace`. The script auto-detects whether authentication is enabled and, if so, registers / logs in a smoke-test user so the real pages are verified rather than the login redirect.
|
||||
|
||||
### Optional Functional Verification
|
||||
|
||||
|
|
@ -136,6 +136,7 @@ smoke-test/
|
|||
The following warnings can appear during smoke testing and do not block a successful result:
|
||||
- Feishu/Lark SSL errors in Gateway logs (certificate verification failure) can be ignored if that channel is not enabled
|
||||
- Warnings in Gateway logs about missing methods in the custom checkpointer, such as `adelete_for_runs` or `aprune`, do not affect the core functionality
|
||||
- The `frontend_check.sh` script automatically handles authentication. When auth is enabled it registers / logs in a smoke-test user (`smoke-test@deerflow.dev` by default) to verify the real `/workspace/*` pages. The registration may produce a log entry from the auth provider, which is expected and harmless.
|
||||
|
||||
## Key Tools
|
||||
|
||||
|
|
|
|||
|
|
@ -361,6 +361,22 @@ curl http://localhost:2026/health
|
|||
|
||||
---
|
||||
|
||||
#### 5.1.5 Frontend Route Smoke Check
|
||||
|
||||
**Objective**: Verify key `/workspace/*` frontend routes render correctly.
|
||||
|
||||
**Steps**:
|
||||
1. Run `bash .agent/skills/smoke-test/scripts/frontend_check.sh`.
|
||||
2. The script auto-detects whether authentication (`DEER_FLOW_AUTH_DISABLED`) is enabled.
|
||||
3. When auth is on, the script registers / logs in a smoke-test user (`smoke-test@deerflow.dev` by default) and passes the session cookie so the real `/workspace/*` pages are verified — not the login redirect.
|
||||
4. When auth is off, the routes are checked anonymously as before.
|
||||
|
||||
**Customisation**:
|
||||
- `SMOKE_TEST_EMAIL` — email for the test account (default: `smoke-test@deerflow.dev`).
|
||||
- `SMOKE_TEST_PASSWORD` — password for the test account (default: `SmokeTest123!`).
|
||||
|
||||
---
|
||||
|
||||
### 5.2 Docker Mode Health Check (When Using Docker)
|
||||
|
||||
#### 5.2.1 Check Container Status
|
||||
|
|
@ -411,6 +427,22 @@ curl http://localhost:2026/health
|
|||
|
||||
---
|
||||
|
||||
#### 5.2.5 Frontend Route Smoke Check
|
||||
|
||||
**Objective**: Verify key `/workspace/*` frontend routes render correctly.
|
||||
|
||||
**Steps**:
|
||||
1. Run `bash .agent/skills/smoke-test/scripts/frontend_check.sh`.
|
||||
2. The script auto-detects whether authentication (`DEER_FLOW_AUTH_DISABLED`) is enabled.
|
||||
3. When auth is on, the script registers / logs in a smoke-test user (`smoke-test@deerflow.dev` by default) and passes the session cookie so the real `/workspace/*` pages are verified — not the login redirect.
|
||||
4. When auth is off, the routes are checked anonymously as before.
|
||||
|
||||
**Customisation**:
|
||||
- `SMOKE_TEST_EMAIL` — email for the test account (default: `smoke-test@deerflow.dev`).
|
||||
- `SMOKE_TEST_PASSWORD` — password for the test account (default: `SmokeTest123!`).
|
||||
|
||||
---
|
||||
|
||||
## Optional Functional Verification
|
||||
|
||||
### 6.1 List Available Models
|
||||
|
|
|
|||
|
|
@ -9,6 +9,99 @@ echo ""
|
|||
BASE_URL="${BASE_URL:-http://localhost:2026}"
|
||||
DOC_PATH="${DOC_PATH:-/en/docs}"
|
||||
|
||||
# When the gateway has authentication enabled (DEER_FLOW_AUTH_DISABLED != 1),
|
||||
# protected /workspace/* routes redirect anonymous requests to /login.
|
||||
# We detect auth, register / log in a smoke-test user, and pass the session
|
||||
# cookie to all curl calls so the real pages are verified, not the login form.
|
||||
SMOKE_TEST_EMAIL="${SMOKE_TEST_EMAIL:-smoke-test@deerflow.dev}"
|
||||
SMOKE_TEST_PASSWORD="${SMOKE_TEST_PASSWORD:-SmokeTest123!}"
|
||||
COOKIE_JAR=$(mktemp /tmp/deerflow-smoke-cookies.XXXXXX)
|
||||
trap 'rm -f "$COOKIE_JAR"' EXIT
|
||||
CURL_AUTH_OPTS=""
|
||||
|
||||
authenticate() {
|
||||
# Make sure the service is reachable before detecting auth
|
||||
local health
|
||||
health=$(curl -s -o /dev/null -w "%{http_code}" "${BASE_URL}/" 2>/dev/null)
|
||||
if [ "$health" = "000" ]; then
|
||||
echo "✗ Cannot reach ${BASE_URL} — is the service running?"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# A protected endpoint returns 401 when auth is on
|
||||
local auth_check
|
||||
auth_check=$(curl -s -o /dev/null -w "%{http_code}" "${BASE_URL}/api/models" 2>/dev/null)
|
||||
if [ "$auth_check" != "401" ]; then
|
||||
echo "ℹ Auth is disabled — no login needed"
|
||||
return 0
|
||||
fi
|
||||
|
||||
echo "🔐 Auth is enabled — setting up smoke test session..."
|
||||
|
||||
# Check whether the system needs first-boot initialization
|
||||
local needs_setup
|
||||
needs_setup=$(curl -s "${BASE_URL}/api/v1/auth/setup-status" \
|
||||
| grep -o '"needs_setup":[^,}]*' | grep -o 'true\|false')
|
||||
if [ "$needs_setup" = "true" ]; then
|
||||
echo " Initializing system with smoke test admin..."
|
||||
local init_code
|
||||
init_code=$(curl -s -o /dev/null -w "%{http_code}" \
|
||||
-X POST "${BASE_URL}/api/v1/auth/initialize" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"email\":\"${SMOKE_TEST_EMAIL}\",\"password\":\"${SMOKE_TEST_PASSWORD}\"}" \
|
||||
-c "$COOKIE_JAR" 2>/dev/null)
|
||||
if [ "$init_code" != "201" ]; then
|
||||
echo "✗ Initialize failed (HTTP $init_code)"
|
||||
return 1
|
||||
fi
|
||||
echo "✓ Admin initialized & logged in"
|
||||
elif [ -z "$needs_setup" ]; then
|
||||
echo "⚠ Could not determine setup status — skipping initialize, trying register/login"
|
||||
else
|
||||
# Register first — on success (201) it also auto-logs-in via the cookie.
|
||||
# This avoids a wasted login attempt that counts toward rate-limiting.
|
||||
local auth_code
|
||||
auth_code=$(curl -s -o /dev/null -w "%{http_code}" \
|
||||
-X POST "${BASE_URL}/api/v1/auth/register" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"email\":\"${SMOKE_TEST_EMAIL}\",\"password\":\"${SMOKE_TEST_PASSWORD}\"}" \
|
||||
-c "$COOKIE_JAR" 2>/dev/null)
|
||||
|
||||
if [ "$auth_code" = "201" ]; then
|
||||
echo "✓ Registered as ${SMOKE_TEST_EMAIL}"
|
||||
else
|
||||
# User already exists — clear stale cookies from register attempt, then log in
|
||||
: > "$COOKIE_JAR"
|
||||
local login_code
|
||||
login_code=$(curl -s -o /dev/null -w "%{http_code}" \
|
||||
-X POST "${BASE_URL}/api/v1/auth/login/local" \
|
||||
--data-urlencode "username=${SMOKE_TEST_EMAIL}" \
|
||||
--data-urlencode "password=${SMOKE_TEST_PASSWORD}" \
|
||||
-c "$COOKIE_JAR" 2>/dev/null)
|
||||
if [ "$login_code" != "200" ]; then
|
||||
echo "✗ Login failed (HTTP $login_code)"
|
||||
return 1
|
||||
fi
|
||||
echo "✓ Logged in as ${SMOKE_TEST_EMAIL}"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Verify the session cookie works across all branches
|
||||
local me_code
|
||||
me_code=$(curl -s -o /dev/null -w "%{http_code}" \
|
||||
-b "$COOKIE_JAR" "${BASE_URL}/api/v1/auth/me" 2>/dev/null)
|
||||
|
||||
if [ "$me_code" = "200" ]; then
|
||||
echo "✓ Session verified for ${SMOKE_TEST_EMAIL}"
|
||||
CURL_AUTH_OPTS="-b $COOKIE_JAR"
|
||||
return 0
|
||||
fi
|
||||
|
||||
echo "✗ Auth failed — session cookie not accepted (HTTP $me_code)"
|
||||
echo " Set SMOKE_TEST_EMAIL / SMOKE_TEST_PASSWORD or check the existing account"
|
||||
return 1
|
||||
}
|
||||
|
||||
all_passed=true
|
||||
|
||||
check_status() {
|
||||
|
|
@ -17,7 +110,7 @@ check_status() {
|
|||
local expected_re="$3"
|
||||
|
||||
local status
|
||||
status="$(curl -s -o /dev/null -w "%{http_code}" -L "$url")"
|
||||
status="$(curl -s -o /dev/null -w "%{http_code}" -L ${CURL_AUTH_OPTS} "$url")"
|
||||
if echo "$status" | grep -Eq "$expected_re"; then
|
||||
echo "✓ $name ($url) -> $status"
|
||||
else
|
||||
|
|
@ -32,7 +125,7 @@ check_final_url() {
|
|||
local expected_path_re="$3"
|
||||
|
||||
local effective
|
||||
effective="$(curl -s -o /dev/null -w "%{url_effective}" -L "$url")"
|
||||
effective="$(curl -s -o /dev/null -w "%{url_effective}" -L ${CURL_AUTH_OPTS} "$url")"
|
||||
if echo "$effective" | grep -Eq "$expected_path_re"; then
|
||||
echo "✓ $name redirect target -> $effective"
|
||||
else
|
||||
|
|
@ -41,6 +134,10 @@ check_final_url() {
|
|||
fi
|
||||
}
|
||||
|
||||
# Authenticate before checking protected routes
|
||||
authenticate || exit 1
|
||||
|
||||
echo ""
|
||||
echo "1. Checking entry pages..."
|
||||
check_status "Landing page" "${BASE_URL}/" "200"
|
||||
check_status "Workspace redirect" "${BASE_URL}/workspace" "200|301|302|307|308"
|
||||
|
|
@ -49,8 +146,11 @@ echo ""
|
|||
|
||||
echo "2. Checking key workspace routes..."
|
||||
check_status "New chat page" "${BASE_URL}/workspace/chats/new" "200"
|
||||
check_final_url "New chat page" "${BASE_URL}/workspace/chats/new" "/workspace/"
|
||||
check_status "Chats list page" "${BASE_URL}/workspace/chats" "200"
|
||||
check_final_url "Chats list page" "${BASE_URL}/workspace/chats" "/workspace/"
|
||||
check_status "Agents gallery page" "${BASE_URL}/workspace/agents" "200"
|
||||
check_final_url "Agents gallery page" "${BASE_URL}/workspace/agents" "/workspace/agents"
|
||||
echo ""
|
||||
|
||||
echo "3. Checking docs route (optional)..."
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue