kimi-code/packages/server/test/start.test.ts
liruifengv b51e13538d
ci: run unit tests on windows (#1037)
* ci: run unit tests on windows

* fix(migration-legacy): align workdir bucket key with agent-core

computeWorkdirBucket used a local node:path-based resolve that yields backslash-separated paths on Windows, while agent-core's encodeWorkDirKey uses pathe (forward slashes on every platform). The SHA-256 inputs diverged, so migrated sessions were written to a bucket that the session picker never reads, making them invisible on Windows.

Alias computeWorkdirBucket to encodeWorkDirKey so both sides stay byte-identical, drop the local slugify copy, and update the workdir-bucket test reference accordingly.

* test(acp-adapter): expect platform-native separators in e2e-fs path

The e2e-fs test asserted the fs/readTextFile wire path as the raw POSIX targetPath, but AcpKaos.toClientPath converts '/' to '\' when the inner LocalKaos reports pathClass 'win32' (Windows). On Windows the wire path became '\Users\test\x.ts' and the assertion failed.

Mirror toClientPath in the test: expect backslash separators on win32 and the raw path otherwise. Implementation is unchanged.

* test(sdk): normalize workDir and skillDir paths in session tests

SessionStore.create/list and the skill loader normalize paths through pathe (forward slashes). The SDK tests compared the resulting workDir and skill loaded-dir against raw mkdtemp / node:path strings, which use backslashes on Windows (and node:fs realpath also returns backslashes for the skill dir), failing three toMatchObject assertions.

Build the expected paths with agent-core's normalizeWorkDir so they match the internal pathe representation on every platform. The skill dir keeps its realpath() (the loader realpaths the root) and only normalizes separators.

* test(skill): normalize realpath to forward slashes in scanner tests

resolveSkillRoots normalizes every root.path through fs.realpath followed by replacing backslashes with forward slashes (scanner.ts). The scanner tests compared root.path against node:fs realpath directly, which returns backslashes on Windows, so twenty assertions failed (toEqual / toContain / toHaveLength) even though the resolved paths were identical.

Wrap realpath at the top of the test file to mirror the implementation's normalization, so every comparison uses the same forward-slash form on every platform.

* test: skip Unix-only permission tests on Windows

The Unix file-permission assertions (mode bits like 0o600 / 0o700 and chmod 000 making a path unreadable) have no equivalent on Windows, which uses ACLs; fs.chmod there can only toggle the read-only bit. These six tests failed on Windows with mismatched mode values or a missing 40411.

Skip them on win32 via it.skipIf(process.platform === 'win32'): oauth FileTokenStorage (0600 file, 0700 dir), agent-core BackgroundTaskPersistence (0700 tasks dir), agent-core createPerIdJsonStore (0700 subdir), migration-legacy atomicWrite (0600 file), and server fs:browse (chmod 000 -> 40411).

* test(tui): make platform-sensitive assertions cross-platform

The TUI implementations are already platform-aware (pathe-style paths, pathToFileURL, quoteShellArg cmd/POSIX quoting, Alt+V on Windows for paste expansion), but the tests hard-coded POSIX expectations and failed on Windows.

Align the assertions with the implementation's platform behavior: footer-goal-badge matches the '[goal' badge prefix instead of /goal/ (toolbar tips contain '/goal'); tool-call expects backslash relative paths on win32; plan-box builds the file:// URL via pathToFileURL; custom-editor sends Alt+V on win32 for paste expansion; file-mention-provider normalizes the expected description to forward slashes; kimi-tui-startup builds the resume command with quoteShellArg; kimi-tui-message-flow builds the expected install path with resolve().

* test: align path assertions with pathe on Windows

Several test suites asserted paths produced by node:path/node:os/node:fs against values that agent-core, node-sdk and kaos normalize through pathe (forward slashes). On Windows the two forms diverge (backslashes vs forward slashes), failing about 19 assertions.

Mirror the implementation's normalization in the assertions via a local toPosix helper (or agent-core's normalizeWorkDir), so expected paths use forward slashes on every platform: kaos LocalKaos, node-sdk export/list/resume/config/transport sessions, cli FileMentionProvider, and agent-core skill-session.

* test(native): build path expectations with node:path.resolve

paths.mjs builds every path with node:path.resolve, which yields backslash-separated absolute paths on Windows. The path-helpers tests asserted against template strings that mixed the backslash appRoot with forward-slash segments, so Object.is failed on Windows even though the strings looked identical.

Build the expectations with the same resolve(appRoot, ...) helper so the separators match on every platform.

* fix: make Windows CI tests pass across all packages

Fix the remaining Windows CI failures so the Windows test job can go green. The changes fall into a few categories:

- Path separators: agent-core/node-sdk/kaos normalize paths via pathe (forward slashes); align test expectations and a couple of implementations (native cache base, workspace registry) with that.

- Platform-only services: skip launchd/systemd manager suites on win32 (Windows uses schtasks).

- Process/signal lifecycle: skip or relax tests that rely on POSIX signals / SIGTERM semantics that Windows does not support.

- Hook shell syntax: rewrite hook test commands from POSIX shell (single quotes, semicolons, stderr redirects, if/then/fi) to node -e / .cjs files that run under cmd.exe.

- CRLF: make Bash tool description stripping tolerate CRLF line endings.

- Misc: realpath short-name divergence, port-retry timing, telemetry spawn, fs-watch timing, snapshot path normalization, etc.

* fix: remove unused basename import in workspaceRegistryService

Fix lint error (no-unused-vars): basename from node:path is no longer used after switching to posixBasename from pathe.

* fix: align resume harness pathClass and wait for banner state on Windows

Two more Windows CI fixes:

- createResumeNoSideEffectKaos now reports pathClass 'win32' on Windows so tool descriptions (e.g. Glob's Windows note) match the live agent in expectResumeMatches, fixing usage/description deep-equal drift.

- kimi-tui-startup once-banner test now waits for writeBannerDisplayState to land before asserting, since the atomic write can lag behind the render on Windows.

* fix: resolve remaining Windows unit test failures

Make the new Windows CI job green across agent-core, kaos, node-sdk and server:

- Align the resume harness kaos pathClass with the live agent so platform-conditional tool descriptions (Glob's Windows note) match in expectResumeMatches instead of drifting on win32.
- Rewrite hook commands in agent-core tests as cross-platform node one-liners; single-quote echo, >&2 and ';' do not work under cmd.exe.
- Add .gitattributes enforcing LF so raw-imported templates (e.g. the compaction instruction) produce byte-identical token counts on Windows and POSIX.
- Terminate the full process tree on Windows in both the hook runner and kaos (taskkill /T /F) so grandchildren cannot outlive their parent and keep the cwd locked.
- Normalize workDir path separators in two kimi-sdk session tests to match the stored canonical form.
- Avoid cmd.exe arg-quoting pitfalls in the kaos cmd.exe test, and run the Windows process-tree kill test from a script file with the pid path passed via argv.
- Give the first fs-git e2e test more time on Windows and retry the temp-dir cleanup; skip the fs-watch overflow-burst assertion on Windows where fs-event coalescing prevents the single-window spike.

* ci: retrigger checks

* fix: resolve remaining Windows failures after merging main

- Terminate the spawned git/gh process tree on Windows in FsGitService (taskkill /T /F on timeout) so a timed-out 'gh pr view' cannot leave a grandchild holding the workspace cwd, which made the fs-git e2e cleanup fail with EPERM.

- Give the fs:git_status e2e suite a longer timeout on Windows and retry the temp-dir cleanup longer to ride out the slower child-process teardown.

- Make the third-party plugin install trust test assert the resolved install path via node:path so it matches the Windows-resolved path (D:\tmp\...) as well as the POSIX one.

* fix: align workspace registry roots and harden fs-git cleanup on Windows

- workspace-registry test: compare normalized (forward-slash) roots, since the registry and session index both store workDir via pathe.resolve (forward slashes on every platform). realpath() yields backslashes on Windows and diverged from the stored root.

- fs-git e2e: bump the temp-dir cleanup retries and the afterEach timeout, since Windows child-process teardown after server.close() is asynchronous and can keep the workspace cwd locked for several seconds.

* test: stub openUrl in kimi-tui-message-flow feedback tests

The /feedback command falls back to openUrl(FEEDBACK_ISSUE_URL) when submission fails, which spawned a real browser window on every test run. Mock #/utils/open-url (matching the existing login/message-replay/server test convention) so the suite never opens a browser.

* test: harden fs-git e2e cleanup against Windows cwd locks

On Windows, git/gh child processes and the session core process can outlive server.close() and keep the temp workspace as their cwd, so rmSync fails with EPERM even after a long retry. Add rmSyncRobust that retries and, if the cwd is still locked, swallows EPERM/EBUSY on Windows — the OS reclaims the temp dir and a cleanup hiccup must not fail an otherwise-passing test.

* test: harden server e2e cleanup against async teardown races

server.close() does not fully await the server's asynchronous teardown, so on a loaded CI runner the temp home/workspace dirs can still be held or written to when the afterEach rmSync runs, failing with EPERM (Windows) or ENOTEMPTY (Linux). Use a rmSyncRobust helper (retry + swallow EPERM/EBUSY/ENOTEMPTY) in the fs-git and question e2e cleanup. Also fix a leftover `throw err` (renamed to `throw error`) that broke the typecheck.
2026-06-26 11:56:41 +08:00

467 lines
15 KiB
TypeScript

/**
* `startServer` + lock integration + DI wiring (ROADMAP P0.12 + P0.14).
*
* Bind to port 0 → ephemeral port; tmpdir lock path → no `~/.kimi` interference.
* Tests share the assertion that the lock file appears alongside the listener
* and vanishes on close, and that a second startServer raises ServerLockedError.
*
* The DI graph end-to-end is exercised implicitly: every startServer call
* constructs ILogService, IRestGateway, IEventService, IApprovalService,
* IQuestionService, and ICoreProcessService in order. Failure modes there (missing
* service, wrong ctor args) would surface as a startServer reject.
*/
import {
existsSync,
mkdirSync,
mkdtempSync,
readFileSync,
rmSync,
writeFileSync,
} from 'node:fs';
import { createServer, type Server } from 'node:net';
import { tmpdir } from 'node:os';
import { join } from 'node:path';
import { afterEach, beforeEach, describe, expect, it } from 'vitest';
import { pino } from 'pino';
import { listenWithPortRetry } from '../src/start';
import {
ServerLockedError,
IApprovalService,
IConnectionRegistry,
IEventService,
ICoreProcessService,
ILogService,
IQuestionService,
IRestGateway,
IServerShutdownService,
ISessionClientsService,
IWSBroadcastService,
IWSGateway,
createServerLogger,
startServer,
type LockContents,
type RunningServer,
} from '../src';
import { authHeaders, fixedTokenAuth } from './helpers/serverHarness';
let tmpDir: string;
let lockPath: string;
let bridgeHome: string;
const running: RunningServer[] = [];
beforeEach(() => {
tmpDir = mkdtempSync(join(tmpdir(), 'kimi-server-start-test-'));
lockPath = join(tmpDir, 'lock');
// Isolate KimiCore's `~/.kimi` lookup — bridge construction touches it via plugin discovery.
bridgeHome = mkdtempSync(join(tmpdir(), 'kimi-server-start-home-'));
});
afterEach(async () => {
// Tear down every server spawned in the test in the order they were created.
for (const r of running.splice(0)) {
try {
await r.close();
} catch {
// ignore
}
}
rmSync(tmpDir, { recursive: true, force: true });
rmSync(bridgeHome, { recursive: true, force: true });
});
function silentLogger() {
return pino({ level: 'silent' });
}
function listenOnPort(host: string, port: number): Promise<Server> {
return new Promise((resolve, reject) => {
const server = createServer();
server.once('error', reject);
server.listen({ host, port }, () => resolve(server));
});
}
function closeNetServer(server: Server): Promise<void> {
return new Promise((resolve) => server.close(() => resolve()));
}
/** Find `port` such that both `port` and `port + 1` are free to bind. */
async function allocateAdjacentFreePair(
host = '127.0.0.1',
): Promise<{ port: number; next: number }> {
for (let i = 0; i < 30; i++) {
const a = await listenOnPort(host, 0);
const address = a.address();
const port = typeof address === 'object' && address !== null ? address.port : 0;
await closeNetServer(a);
if (port <= 0 || port >= 65535) continue;
const probe = await listenOnPort(host, port + 1).catch(() => null);
if (probe === null) continue;
await closeNetServer(probe);
return { port, next: port + 1 };
}
throw new Error('could not allocate an adjacent free port pair');
}
function fakeGateway(
listen: (host: string, port: number) => Promise<string>,
): Parameters<typeof listenWithPortRetry>[0]['gateway'] {
return { _serviceBrand: undefined, app: undefined, listen } as unknown as Parameters<
typeof listenWithPortRetry
>[0]['gateway'];
}
function addrInUse(): NodeJS.ErrnoException {
const err = new Error('listen EADDRINUSE') as NodeJS.ErrnoException;
err.code = 'EADDRINUSE';
return err;
}
async function spawn(): Promise<RunningServer> {
const r = await startServer({
serviceOverrides: [fixedTokenAuth()],
host: '127.0.0.1',
port: 0,
lockPath,
logger: silentLogger(),
coreProcessOptions: { homeDir: bridgeHome },
});
running.push(r);
return r;
}
describe('startServer — lock + healthz smoke', () => {
it('acquires the lock and writes pid/port; close releases', async () => {
const r = await spawn();
expect(existsSync(lockPath)).toBe(true);
const stored = JSON.parse(readFileSync(lockPath, 'utf8')) as LockContents;
expect(stored.pid).toBe(process.pid);
expect(stored.host).toBe('127.0.0.1');
expect(stored.port).toBe(0);
expect(r.address).toMatch(/^http:\/\/127\.0\.0\.1:\d+$/);
await r.close();
expect(existsSync(lockPath)).toBe(false);
});
it('second startServer with the same lockPath throws ServerLockedError', async () => {
await spawn();
await expect(spawn()).rejects.toBeInstanceOf(ServerLockedError);
});
it('close() is idempotent', async () => {
const r = await spawn();
await r.close();
await r.close(); // second call is a no-op (would throw on double-app.close otherwise)
expect(existsSync(lockPath)).toBe(false);
});
it('retries on port+1 and updates the lock when the requested port is held by a third party', async () => {
// Occupy the requested port with a raw TCP server (a "third-party" process
// from the server's point of view — it does NOT hold the lock).
const { port, next } = await allocateAdjacentFreePair();
const occupant = await listenOnPort('127.0.0.1', port);
// Distinct lock path: the global single-instance lock is not what we are
// testing here; the port conflict must come from the TCP bind alone.
const thirdPartyLockPath = join(tmpDir, 'lock-third-party');
try {
const r = await startServer({
serviceOverrides: [fixedTokenAuth()],
host: '127.0.0.1',
port,
lockPath: thirdPartyLockPath,
logger: silentLogger(),
coreProcessOptions: { homeDir: bridgeHome },
});
running.push(r);
// Bound to the next available port (>= next); the lock advertises it so
// status/kill/ps work. On Windows a recently-closed probe port can linger
// in TIME_WAIT, so the retry may land on port+2 instead of port+1.
const boundPort = Number(new URL(r.address).port);
expect(boundPort).toBeGreaterThanOrEqual(next);
const stored = JSON.parse(readFileSync(thirdPartyLockPath, 'utf8')) as LockContents;
expect(stored.port).toBe(boundPort);
} finally {
await closeNetServer(occupant);
}
});
});
describe('listenWithPortRetry', () => {
it('returns the requested port when the first listen succeeds', async () => {
const attempts: number[] = [];
const gateway = fakeGateway(async (_host, port) => {
attempts.push(port);
return `http://127.0.0.1:${String(port)}`;
});
const result = await listenWithPortRetry({
gateway,
host: '127.0.0.1',
port: 5000,
logger: silentLogger(),
});
expect(result.port).toBe(5000);
expect(attempts).toEqual([5000]);
});
it('retries with port+1 on EADDRINUSE until a bind succeeds', async () => {
const attempts: number[] = [];
const gateway = fakeGateway(async (_host, port) => {
attempts.push(port);
if (port < 5002) throw addrInUse();
return `http://127.0.0.1:${String(port)}`;
});
const result = await listenWithPortRetry({
gateway,
host: '127.0.0.1',
port: 5000,
logger: silentLogger(),
});
expect(result.port).toBe(5002);
expect(result.address).toBe('http://127.0.0.1:5002');
expect(attempts).toEqual([5000, 5001, 5002]);
});
it('does not retry on non-EADDRINUSE errors', async () => {
const attempts: number[] = [];
const boom = Object.assign(new Error('listen EACCES'), { code: 'EACCES' });
const gateway = fakeGateway(async (_host, port) => {
attempts.push(port);
throw boom;
});
await expect(
listenWithPortRetry({ gateway, host: '127.0.0.1', port: 5000, logger: silentLogger() }),
).rejects.toBe(boom);
expect(attempts).toEqual([5000]);
});
it('throws after exhausting maxRetries', async () => {
const attempts: number[] = [];
const gateway = fakeGateway(async (_host, port) => {
attempts.push(port);
throw addrInUse();
});
await expect(
listenWithPortRetry({
gateway,
host: '127.0.0.1',
port: 5000,
logger: silentLogger(),
maxRetries: 3,
}),
).rejects.toMatchObject({ code: 'EADDRINUSE' });
// initial attempt + 3 retries, then the cap throws.
expect(attempts).toEqual([5000, 5001, 5002, 5003]);
});
it('does not walk ports when the requested port is 0 (ephemeral)', async () => {
const attempts: number[] = [];
const gateway = fakeGateway(async (_host, port) => {
attempts.push(port);
return 'http://127.0.0.1:54321';
});
const result = await listenWithPortRetry({
gateway,
host: '127.0.0.1',
port: 0,
logger: silentLogger(),
});
expect(result.port).toBe(0);
expect(attempts).toEqual([0]);
});
});
describe('createServerLogger', () => {
it('uses an in-process pretty stream instead of pino worker transport', () => {
const logger = createServerLogger({ level: 'info', pretty: true });
const streamSym = (pino as unknown as { symbols: { streamSym: symbol } }).symbols.streamSym;
const stream = logger[streamSym as keyof typeof logger] as unknown as NodeJS.WritableStream & {
constructor?: { name?: string };
};
expect(stream.constructor?.name).not.toBe('ThreadStream');
stream.end();
});
});
describe('startServer — web assets', () => {
it('serves web assets from the server root without shadowing API routes', async () => {
const assetsDir = join(tmpDir, 'web-assets');
rmSync(assetsDir, { recursive: true, force: true });
mkdirSync(assetsDir);
writeFileSync(join(assetsDir, 'index.html'), '<html><div id="app"></div></html>', 'utf8');
writeFileSync(join(assetsDir, 'app.js'), 'console.log("kimi web");', 'utf8');
const r = await startServer({
serviceOverrides: [fixedTokenAuth()],
host: '127.0.0.1',
port: 0,
lockPath,
logger: silentLogger(),
coreProcessOptions: { homeDir: bridgeHome },
webAssetsDir: assetsDir,
});
running.push(r);
await expect(fetch(`${r.address}/`).then((res) => res.text())).resolves.toContain(
'<div id="app"></div>',
);
await expect(fetch(`${r.address}/sessions/abc`).then((res) => res.text())).resolves.toContain(
'<div id="app"></div>',
);
await expect(fetch(`${r.address}/app.js`).then((res) => res.text())).resolves.toBe(
'console.log("kimi web");',
);
const health = await fetch(`${r.address}/api/v1/healthz`);
await expect(health.json()).resolves.toMatchObject({ code: 0 });
const openApi = await fetch(`${r.address}/openapi.json`, { headers: authHeaders() });
expect(openApi.status).toBe(200);
expect(openApi.headers.get('content-type')).toContain('application/json');
await expect(openApi.json()).resolves.toMatchObject({
info: {
title: 'Kimi Code Server API',
},
paths: {
'/api/v1/healthz': {},
'/api/v1/sessions': {},
},
});
const asyncApi = await fetch(`${r.address}/asyncapi.json`, { headers: authHeaders() });
expect(asyncApi.status).toBe(200);
expect(asyncApi.headers.get('content-type')).toContain('application/json');
await expect(asyncApi.json()).resolves.toMatchObject({
asyncapi: '3.1.0',
defaultContentType: 'application/json',
channels: {
kimiCodeWebSocket: {
address: '/api/v1/ws',
},
},
operations: {
receiveClientMessages: {
action: 'receive',
},
sendServerMessages: {
action: 'send',
},
},
});
});
it('does not expose the Swagger UI while keeping /openapi.json available', async () => {
const r = await startServer({
serviceOverrides: [fixedTokenAuth()],
host: '127.0.0.1',
port: 0,
lockPath,
logger: silentLogger(),
coreProcessOptions: { homeDir: bridgeHome },
});
running.push(r);
const openApi = await fetch(`${r.address}/openapi.json`, { headers: authHeaders() });
expect(openApi.status).toBe(200);
const res = await fetch(`${r.address}/documentation`);
expect(res.status).toBe(404);
});
});
describe('startServer — DI container wiring', () => {
it('exposes all DI services through running.services', async () => {
const r = await spawn();
// Every decorator should resolve. .get() would throw "No service registered"
// if any were missing.
r.services.invokeFunction((a) => {
expect(a.get(ILogService)).toBeDefined();
expect(a.get(IRestGateway)).toBeDefined();
expect(a.get(IConnectionRegistry)).toBeDefined();
expect(a.get(ISessionClientsService)).toBeDefined();
expect(a.get(IEventService)).toBeDefined();
expect(a.get(IWSBroadcastService)).toBeDefined();
expect(a.get(IApprovalService)).toBeDefined();
expect(a.get(IQuestionService)).toBeDefined();
expect(a.get(IWSGateway)).toBeDefined();
const bridge = a.get(ICoreProcessService);
expect(bridge).toBeDefined();
expect(typeof bridge.rpc).toBe('object');
expect(typeof bridge.dispose).toBe('function');
});
});
it('CoreProcessService.rpc rejects after the server is closed (dispose cascade)', async () => {
const r = await spawn();
// Grab a bridge reference BEFORE close — after close the container is disposed
// and a.get(ICoreProcessService) would throw on the dead InstantiationService.
const bridge = r.services.invokeFunction((a) => a.get(ICoreProcessService));
await r.close();
await expect(bridge.rpc.getCoreInfo({})).rejects.toThrow(/disposed/);
});
});
describe('POST /api/v1/shutdown', () => {
it('responds ok and triggers the shutdown service', async () => {
let resolveCalled!: () => void;
const called = new Promise<void>((res) => {
resolveCalled = res;
});
const reasons: string[] = [];
const fake = {
_serviceBrand: undefined,
requestShutdown: async (reason: string) => {
reasons.push(reason);
resolveCalled();
},
};
const r = await startServer({
host: '127.0.0.1',
port: 0,
lockPath,
logger: silentLogger(),
coreProcessOptions: { homeDir: bridgeHome },
// Override the real shutdown service so the route does not exit the
// test runner via `process.exit(0)`.
serviceOverrides: [fixedTokenAuth(), [IServerShutdownService, fake] as const],
});
running.push(r);
const res = await fetch(`${r.address}/api/v1/shutdown`, {
method: 'POST',
headers: authHeaders(),
});
expect(res.status).toBe(200);
const body = (await res.json()) as Record<string, unknown>;
expect(body['code']).toBe(0);
expect(body['data']).toEqual({ ok: true });
// The route defers shutdown via setImmediate so the response can flush.
await called;
expect(reasons).toEqual(['api']);
});
it('registers a real shutdown service by default', async () => {
const r = await spawn();
const service = r.services.invokeFunction((a) => a.get(IServerShutdownService));
expect(typeof service.requestShutdown).toBe('function');
});
});