Skip to content

test(e2e): expand mock API fixtures for comprehensive edge-case coverage#10

Open
CJFWeatherhead wants to merge 1 commit into
fix/tagged-device-user-associationfrom
test/expand-mock-api-fixtures
Open

test(e2e): expand mock API fixtures for comprehensive edge-case coverage#10
CJFWeatherhead wants to merge 1 commit into
fix/tagged-device-user-associationfrom
test/expand-mock-api-fixtures

Conversation

@CJFWeatherhead
Copy link
Copy Markdown
Member

@CJFWeatherhead CJFWeatherhead commented May 1, 2026

Summary

Substantially expands e2e/mock-api.mjs from a minimal 5-node / 2-user dataset to a rich fixture set designed to maximise UI test surface and catch edge cases.

Fixture counts (smoke-tested via Docker)

Resource Before After
Users 2 25
Nodes 5 91
Pre-auth keys 1 11
API keys 1 3

Users (25)

Covers the full provider matrix and edge cases:

  • Local accounts: standard, no display name, no email, service accounts (ci-bot, deploy-svc)
  • OIDC / Google, Azure AD, GitHub — with and without profile pictures
  • Long username that will overflow UI components (peter-the-very-long-username-that-may-overflow-ui)
  • Unicode display names (Sven Åström, Tánya Волкова)
  • Legacy epoch creation date (vera, created 1970-01-01)
  • Numeric username (user-42)
  • Recently created user with zero nodes (ulrich)

Nodes (91) — grouped by scenario

Group A — Personal workstations / laptops (50 nodes)

  • Mixed online/offline state
  • Future expiry, past expiry (expired node), expiry within 24 h
  • All four registerMethod values including REGISTER_METHOD_UNSPECIFIED
  • Users with 1 node, 2 nodes, 3 nodes, and 5 nodes (CI runners)
  • givenName override that is unreasonably long (overflow test)

Group B — Exit nodes (6)

  • Full dual-stack (0.0.0.0/0 + ::/0), approved
  • IPv4-only approved, IPv6 unapproved
  • IPv6-only approved
  • Advertised but not yet approved by admin (pending)
  • Dual-stack offline
  • Dual-stack with expiry in 7 days

Group C — Route-provider nodes (8)

  • RFC 1918 /24, /16, /8 (very large prefix)
  • Overlapping subnets (172.20.0.0/16 + 172.20.1.0/24)
  • IPv6 ULA only (fd00::/8)
  • Dual-stack IPv4 + IPv6 ULA
  • Routes advertised but none approved yet
  • 8 routes simultaneously (overflow test)

Group D — Tagged nodes under tagged-devices (22)

  • Single tag (tag:server)
  • Multiple tags (tag:server, tag:database, tag:k8s, tag:infra, etc.)
  • 7 tags on a single node (overflow test)
  • Orphaned nodes (no originalUser) — including one with an extremely long hostname
  • Node that has never been seen (lastSeen: null)
  • Tagged exit node (tag:exit)
  • Tagged route-provider node
  • K8s cluster (master + 3 workers, one offline)
  • IoT sensors, camera, printer

Group E — Dedicated edge cases

  • lastSeen: null (freshly registered, never connected)
  • IPv4-only IP address list (no IPv6)
  • IPv6-only IP address list (no IPv4)
  • 5 IP addresses on a single node (multi-NIC / multiple subnets)
  • REGISTER_METHOD_UNSPECIFIED (legacy migration artefact)
  • Node name with dashes and digits

Pre-auth keys (11)

Covers: standard, reusable, ephemeral, already-used, expired, tagged (single), tagged (multi), reusable+ephemeral tagged, expiring within 1 hour, service-account, 7-tag overflow key.

API keys (3)

Healthy, expiring in 7 days, already expired.

ACL policy

Enriched with groups (admin, dev, ops), named hosts, multi-rule ACLs, full tagOwners map, and SSH rules.

Implementation notes

  • userNodeMap is now built dynamically from fixture data rather than hardcoded; tagged-device nodes are attributed to their originalUser for the ?user= filter, matching real Headscale behaviour.
  • resetState() resets _nodeId to 0 so IDs are deterministic across test resets.
  • No existing router logic or test helpers were changed.

@CJFWeatherhead
test(e2e): expand mock API fixtures for comprehensive edge-case coverage
f8e2cba 
Grows the fixture dataset from ~5 nodes / 2 users to:
- 25 users (local, OIDC/Google, OIDC/Azure, OIDC/GitHub, service accounts,
  long names, unicode display names, legacy epoch creation dates)
- 91 nodes distributed unevenly across users + tagged-devices:
  - Group A: personal workstations/laptops (mixed online/offline, expiry states)
  - Group B: 6 exit nodes (dual-stack approved, IPv4-only, IPv6-only,
    unapproved, expiring soon, offline)
  - Group C: 8 route-provider nodes (RFC1918 /24, /16, /8, overlapping
    subnets, IPv6 ULA, dual-stack, pending approval, many-routes overflow)
  - Group D: 22 tagged nodes under tagged-devices (single/multi tag,
    k8s cluster, IoT, cameras, printers, orphaned nodes, never-seen node,
    tagged exit node, tagged router)
  - Group E: edge cases (null lastSeen, IPv4-only, IPv6-only addresses,
    REGISTER_METHOD_UNSPECIFIED, multi-IP node, overflow name/givenName)
- 11 pre-auth keys (reusable, ephemeral, used, expired, tagged, multi-tag,
  expiring-soon, service-account)
- 3 API keys (healthy, expiring-soon, expired)
- Richer ACL policy (groups, hosts, tagOwners, SSH rules)
- userNodeMap built dynamically from fixture data (includes originalUser
  attribution for tagged-device nodes)

Smoke-tested via Docker: 25 users, 91 nodes, 11 preAuthKeys returned.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@CJFWeatherhead