Merge branch 'main' into config

Author: kriswest

.github/workflows/ci.yml

@@ -57,7 +57,7 @@ jobs:
           npm run test-coverage-ci --workspaces --if-present
 
       - name: Upload test coverage report
-        uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
+        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
         with:
           files: ./coverage/lcov.info
           token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/codeql.yml

@@ -60,7 +60,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@df559355d593797519d70b90fc8edd5db049e7a2 # v3
+        uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -73,7 +73,7 @@ jobs:
       # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@df559355d593797519d70b90fc8edd5db049e7a2 # v3
+        uses: github/codeql-action/autobuild@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -86,6 +86,6 @@ jobs:
       #     ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@df559355d593797519d70b90fc8edd5db049e7a2 # v3
+        uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3
         with:
           category: '/language:${{matrix.language}}'

.github/workflows/dependency-review.yml

@@ -17,7 +17,7 @@ jobs:
       - name: 'Checkout Repository'
         uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
       - name: Dependency Review
-        uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4
+        uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b # v4
         with:
           comment-summary-in-pr: always
           fail-on-severity: high

.github/workflows/scorecard.yml

@@ -72,6 +72,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
+        uses: github/codeql-action/upload-sarif@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1
         with:
           sarif_file: results.sarif

README.md

@@ -91,6 +91,8 @@ customize for your environment, see the [project's documentation](https://git-pr
 - [Quickstart](https://git-proxy.finos.org/docs/category/quickstart/)
 - [Installation](https://git-proxy.finos.org/docs/installation)
 - [Configuration](https://git-proxy.finos.org/docs/category/configuration)
+- [Contributing](https://git-proxy.finos.org/docs/development/contributing)
+- [Testing](https://git-proxy.finos.org/docs/development/testing)
 
 ## Contributing
 
@@ -116,6 +118,6 @@ If you can't access Slack, you can also [subscribe to our mailing list](mailto:g
 
 Otherwise, if you have a deeper query or require more support, please [raise an issue](https://github.com/finos/git-proxy/issues) 🧵
 
-🤝 Join our [fortnightly Zoom meeting](https://zoom-lfx.platform.linuxfoundation.org/meeting/95849833904?password=99413314-d03a-4b1c-b682-1ede2c399595) on Monday, 4PM BST (odd week numbers).
-🌍 [Convert to your local time](https://www.timeanddate.com/worldclock)
+🤝 Join our [fortnightly Zoom meeting](https://zoom-lfx.platform.linuxfoundation.org/meeting/95849833904?password=99413314-d03a-4b1c-b682-1ede2c399595) on Monday, 4PM BST (odd week numbers).  
+🌍 [Convert to your local time](https://www.timeanddate.com/worldclock)  
 📅 [Click here](https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MTRvbzM0NG01dWNvNGc4OGJjNWphM2ZtaTZfMjAyNTA2MDJUMTUwMDAwWiBzYW0uaG9sbWVzQGNvbnRyb2wtcGxhbmUuaW8&tmsrc=sam.holmes%40control-plane.io&scp=ALL) for the recurring Google Calendar meeting invite. Alternatively, send an e-mail to [help@finos.org](https://zoom-lfx.platform.linuxfoundation.org/meeting/95849833904?password=99413314-d03a-4b1c-b682-1ede2c399595#:~:text=Need-,an,-invite%3F) to get a calendar invitation.

codecov.yml

@@ -2,7 +2,9 @@ coverage:
   status:
     project:
       default:
+        target: 80
         informational: true
     patch:
       default:
+        target: 80
         informational: true

nyc.config.js

@@ -1,8 +1,6 @@
 const opts = {
-  branches: 80,
+  checkCoverage: true,
   lines: 80,
-  functions: 80,
-  statements: 80,
 };
 
 console.log('nyc config: ', opts);

package.json

@@ -152,6 +152,9 @@
       "last 1 safari version"
     ]
   },
+  "engines": {
+    "node": ">=20.19.2"
+  },
   "lint-staged": {
     "*.{js,jsx,ts,tsx,json,md,yml,yaml,css,scss}": [
       "prettier --write"

test/1.test.js

@@ -1,24 +1,97 @@
-// This test needs to run first
+/*
+  Template test file. Demonstrates how to:
+  - Use chai-http to test the server
+  - Initialize the server
+  - Stub dependencies with sinon sandbox
+  - Reset stubs after each test
+  - Use proxyquire to replace modules
+  - Clear module cache after a test
+*/
+
 const chai = require('chai');
 const chaiHttp = require('chai-http');
+const sinon = require('sinon');
+const proxyquire = require('proxyquire');
+
 const service = require('../src/service');
+const db = require('../src/db');
+
+const expect = chai.expect;
 
 chai.use(chaiHttp);
-chai.should();
 
-// Use this test as a template
-describe('init', async () => {
+const TEST_REPO = {
+  project: 'finos',
+  name: 'db-test-repo',
+  url: 'https://github.com/finos/db-test-repo.git',
+};
+
+describe('init', () => {
   let app;
+  let sandbox;
+
+  // Runs before all tests
   before(async function () {
-    app = await service.start(); // pass in proxy if testing config loading or administration of proxy routes
+    // Start the service (can also pass config if testing proxy routes)
+    app = await service.start();
+  });
+
+  // Runs before each test
+  beforeEach(function () {
+    // Create a sandbox for stubbing
+    sandbox = sinon.createSandbox();
+
+    // Example: stub a DB method
+    sandbox.stub(db, 'getRepo').resolves(TEST_REPO);
   });
 
-  it('should not be logged in', async function () {
+  // Example test: check server is running
+  it('should return 401 if not logged in', async function () {
     const res = await chai.request(app).get('/api/auth/profile');
+    expect(res).to.have.status(401);
+  });
+
+  // Example test: check db stub is working
+  it('should get the repo from stubbed db', async function () {
+    const repo = await db.getRepo('finos/db-test-repo');
+    expect(repo).to.deep.equal(TEST_REPO);
+  });
+
+  // Example test: use proxyquire to override the config module
+  it('should return an array of enabled auth methods when overridden', async function () {
+    const fsStub = {
+      readFileSync: sandbox.stub().returns(
+        JSON.stringify({
+          authentication: [
+            { type: 'local', enabled: true },
+            { type: 'ActiveDirectory', enabled: true },
+            { type: 'openidconnect', enabled: true },
+          ],
+        }),
+      ),
+    };
+
+    const config = proxyquire('../src/config', {
+      fs: fsStub,
+    });
+    config.initUserConfig();
+    const authMethods = config.getAuthMethods();
+    expect(authMethods).to.have.lengthOf(3);
+    expect(authMethods[0].type).to.equal('local');
+    expect(authMethods[1].type).to.equal('ActiveDirectory');
+    expect(authMethods[2].type).to.equal('openidconnect');
+
+    // Clear config module cache so other tests don't use the stubbed config
+    delete require.cache[require.resolve('../src/config')];
+  });
 
-    res.should.have.status(401);
+  // Runs after each test
+  afterEach(function () {
+    // Restore all stubs in this sandbox
+    sandbox.restore();
   });
 
+  // Runs after all tests
   after(async function () {
     await service.httpServer.close();
   });