ci: tolerate legacy qa inventory entries

2026-05-06 18:30:44 +00:00 · 2026-04-27 05:07:11 +01:00
parent a33a2c97a3
commit 0ff0c7ce57
2 changed files with 109 additions and 0 deletions
--- a/test/scripts/check-openclaw-package-tarball.test.ts
+++ b/test/scripts/check-openclaw-package-tarball.test.ts
@@ -0,0 +1,70 @@
+import { spawnSync } from "node:child_process";
+import { mkdtempSync, rmSync, mkdirSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { dirname, join } from "node:path";
+import { describe, expect, it } from "vitest";
+
+const CHECK_SCRIPT = "scripts/check-openclaw-package-tarball.mjs";
+
+function withTarball(
+  inventory: string[],
+  files: Record<string, string>,
+  testBody: (tarball: string) => void,
+) {
+  const root = mkdtempSync(join(tmpdir(), "openclaw-package-tarball-test-"));
+  try {
+    const packageRoot = join(root, "package");
+    mkdirSync(join(packageRoot, "dist"), { recursive: true });
+    writeFileSync(
+      join(packageRoot, "package.json"),
+      JSON.stringify({ name: "openclaw", version: "0.0.0" }),
+    );
+    writeFileSync(
+      join(packageRoot, "dist", "postinstall-inventory.json"),
+      JSON.stringify(inventory),
+    );
+    for (const [relativePath, body] of Object.entries(files)) {
+      const filePath = join(packageRoot, relativePath);
+      mkdirSync(dirname(filePath), { recursive: true });
+      writeFileSync(filePath, body);
+    }
+
+    const tarball = join(root, "openclaw.tgz");
+    const pack = spawnSync("tar", ["-czf", tarball, "-C", root, "package"], {
+      encoding: "utf8",
+    });
+    expect(pack.status, pack.stderr).toBe(0);
+    testBody(tarball);
+  } finally {
+    rmSync(root, { recursive: true, force: true });
+  }
+}
+
+describe("check-openclaw-package-tarball", () => {
+  it("allows legacy private QA inventory entries omitted from shipped tarballs", () => {
+    withTarball(
+      ["dist/index.js", "dist/extensions/qa-channel/runtime-api.js"],
+      { "dist/index.js": "export {};\n" },
+      (tarball) => {
+        const result = spawnSync("node", [CHECK_SCRIPT, tarball], { encoding: "utf8" });
+
+        expect(result.status, result.stderr).toBe(0);
+        expect(result.stderr).toContain("legacy inventory references omitted private QA");
+        expect(result.stdout).toContain("OpenClaw package tarball integrity passed.");
+      },
+    );
+  });
+
+  it("still rejects non-legacy missing inventory entries", () => {
+    withTarball(
+      ["dist/index.js", "dist/cli.js"],
+      { "dist/index.js": "export {};\n" },
+      (tarball) => {
+        const result = spawnSync("node", [CHECK_SCRIPT, tarball], { encoding: "utf8" });
+
+        expect(result.status).not.toBe(0);
+        expect(result.stderr).toContain("inventory references missing tar entry dist/cli.js");
+      },
+    );
+  });
+});