fix: [nomad-prep] P7 — make disinto init idempotent + add --dry-run (#800)

Make `disinto init` safe to re-run on the same box: - Store admin token as FORGE_ADMIN_TOKEN in .env; preserve on re-run (previously deleted and recreated every run, churning DB state) - Fix human token creation: use admin_pass for basic-auth since human_user == admin_user (previously used a random password that never matched the actual user password, so HUMAN_TOKEN was never created successfully) - Preserve HUMAN_TOKEN in .env on re-run (same pattern as bot tokens) - Bot tokens were already idempotent (preserved unless --rotate-tokens) Add --dry-run flag that reports every intended action (file writes, API calls, docker commands) based on current state, then exits 0 without touching state. Useful for CI gating and cutover confidence. Update smoke test: - Add dry-run test (verifies exit 0 and no .env modification) - Add idempotency state diff (verifies .env is unchanged on re-run) - Verify FORGE_ADMIN_TOKEN and HUMAN_TOKEN are stored in .env Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 22:37:22 +00:00 · 2026-04-15 22:37:22 +00:00 · 9d8f322005
commit 9d8f322005
parent 55cce66468
3 changed files with 212 additions and 58 deletions
--- a/tests/smoke-init.sh
+++ b/tests/smoke-init.sh
@ -29,7 +29,8 @@ cleanup() {
  pkill -f "mock-forgejo.py" 2>/dev/null || true
  rm -rf "$MOCK_BIN" /tmp/smoke-test-repo \
         "${FACTORY_ROOT}/projects/smoke-repo.toml" \
-         /tmp/smoke-claude-shared /tmp/smoke-home-claude
+         /tmp/smoke-claude-shared /tmp/smoke-home-claude \
+         /tmp/smoke-env-before-rerun /tmp/smoke-env-before-dryrun
  # Restore .env only if we created the backup
  if [ -f "${FACTORY_ROOT}/.env.smoke-backup" ]; then
    mv "${FACTORY_ROOT}/.env.smoke-backup" "${FACTORY_ROOT}/.env"
@ -178,8 +179,30 @@ else
  fail "disinto init exited non-zero"
 fi

-# ── Idempotency test: run init again ───────────────────────────────────────
+# ── Dry-run test: must not modify state ────────────────────────────────────
+echo "=== Dry-run test ==="
+cp "${FACTORY_ROOT}/.env" /tmp/smoke-env-before-dryrun
+if bash "${FACTORY_ROOT}/bin/disinto" init \
+  "${TEST_SLUG}" \
+  --bare --yes --dry-run \
+  --forge-url "$FORGE_URL" \
+  --repo-root "/tmp/smoke-test-repo" 2>&1 | grep -q "Dry run complete"; then
+  pass "disinto init --dry-run exited successfully"
+else
+  fail "disinto init --dry-run did not complete"
+fi
+
+# Verify --dry-run did not modify .env
+if diff -q /tmp/smoke-env-before-dryrun "${FACTORY_ROOT}/.env" >/dev/null 2>&1; then
+  pass "dry-run: .env unchanged"
+else
+  fail "dry-run: .env was modified (should be read-only)"
+fi
+rm -f /tmp/smoke-env-before-dryrun
+
+# ── Idempotency test: run init again, verify .env is stable ────────────────
 echo "=== Idempotency test: running disinto init again ==="
+cp "${FACTORY_ROOT}/.env" /tmp/smoke-env-before-rerun
 if bash "${FACTORY_ROOT}/bin/disinto" init \
  "${TEST_SLUG}" \
  --bare --yes \
@ -190,6 +213,29 @@ else
  fail "disinto init (re-run) exited non-zero"
 fi

+# Verify .env is stable across re-runs (no token churn)
+if diff -q /tmp/smoke-env-before-rerun "${FACTORY_ROOT}/.env" >/dev/null 2>&1; then
+  pass "idempotency: .env unchanged on re-run"
+else
+  fail "idempotency: .env changed on re-run (token churn detected)"
+  diff /tmp/smoke-env-before-rerun "${FACTORY_ROOT}/.env" >&2 || true
+fi
+rm -f /tmp/smoke-env-before-rerun
+
+# Verify FORGE_ADMIN_TOKEN is stored in .env
+if grep -q '^FORGE_ADMIN_TOKEN=' "${FACTORY_ROOT}/.env"; then
+  pass ".env contains FORGE_ADMIN_TOKEN"
+else
+  fail ".env missing FORGE_ADMIN_TOKEN"
+fi
+
+# Verify HUMAN_TOKEN is stored in .env
+if grep -q '^HUMAN_TOKEN=' "${FACTORY_ROOT}/.env"; then
+  pass ".env contains HUMAN_TOKEN"
+else
+  fail ".env missing HUMAN_TOKEN"
+fi
+
 # ── 4. Verify Forgejo state ─────────────────────────────────────────────────
 echo "=== 4/6 Verifying Forgejo state ==="