Developer-Dashboard
6 results

 view release on metacpan or  search on metacpan

t/34-scorecard-guardrails.t  view on Meta::CPAN 

    )
  )
{
    my $text = _slurp($workflow);
    like( $text, qr/^permissions:\s*$/m, "$workflow declares an explicit permissions block" );
    like( $text, qr/^concurrency:\s*$/m, "$workflow declares an explicit concurrency block" );
    like( $text, qr/^\s*timeout-minutes:\s*\d+\s*$/m, "$workflow sets an explicit timeout to avoid hung jobs" );
    unlike( $text, qr/uses:\s*[^@\s]+\@[Vv]?\d+(?:\.\d+)*(?:\s|$)/, "$workflow does not use floating action tags" );
    unlike( $text, qr/curl\s+-L\s+https:\/\/cpanmin\.us\s*\|\s*perl/, "$workflow does not install cpanm via curl pipe" );
}

my $release_cpan_workflow = _slurp('.github/workflows/release-cpan.yml');
like( $release_cpan_workflow, qr/Developer-Dashboard-\*\.tar\.gz/, 'PAUSE release workflow locates dzil tarballs from the repo root instead of a nonexistent .build tree' );
unlike( $release_cpan_workflow, qr/\.build\/\*\.tar\.gz/, 'PAUSE release workflow no longer looks for tarballs under a nonexistent .build directory' );
like(
    $release_cpan_workflow,
    qr/grep -E '\^Total\[\[:space:\]\]\+100\\\.0\[\[:space:\]\]\+100\\\.0\[\[:space:\]\]\+100\\\.0\$'/,
    'PAUSE release workflow enforces the same 100% lib coverage gate as the main CI workflow without depending on fixed column spacing',
);

for my $coverage_workflow (
    qw(
    .github/workflows/test.yml
    .github/workflows/release-cpan.yml
    .github/workflows/release-github.yml
    )
  )
{
    my $text = _slurp($coverage_workflow);
    like(
        $text,
        qr/grep -E '\^Total\[\[:space:\]\]\+100\\\.0\[\[:space:\]\]\+100\\\.0\[\[:space:\]\]\+100\\\.0\$'/,
        "$coverage_workflow matches the Total coverage line by regex instead of a brittle fixed-width string",
    );
    unlike(
        $text,
        qr/grep -F "Total\s{10,}100\.0\s+100\.0\s+100\.0"/,
        "$coverage_workflow no longer hard-codes one Devel::Cover spacing layout",
    );
}

my $blank_env_dockerfile = _slurp('integration/blank-env/Dockerfile');
like(
    $blank_env_dockerfile,
    qr/\AFROM\s+perl:5\.38-bookworm\@sha256:[0-9a-f]{64}\b/,
    'blank-env Dockerfile pins the Debian perl:5.38-bookworm base image by digest for dependency hygiene',
);

done_testing;

sub _git_tracks {
    my ($path) = @_;
    my ( $stdout, $stderr, $exit ) = capture {
        system( 'git', '-C', $ROOT, 'ls-files', '--error-unmatch', $path );
    };
    return $exit == 0;
}

sub _slurp {
    my ($relative_path) = @_;
    my $path = File::Spec->catfile( $ROOT, split m{/}, $relative_path );
    open my $fh, '<:raw', $path or die "Unable to read $path: $!";
    local $/;
    my $text = <$fh>;
    close $fh or die "Unable to close $path: $!";
    return $text;
}

__END__

=pod

=head1 NAME

t/34-scorecard-guardrails.t - enforce repository-side Scorecard guardrails

=for comment FULL-POD-DOC START

=head1 PURPOSE

This test is the executable regression contract for the repository-side Scorecard and workflow guardrails. Read it when you need to understand the real fixture setup, assertions, and failure modes for this slice of the repository instead of guessing ...

=head1 WHY IT EXISTS

It exists because the repository-side Scorecard and workflow guardrails has enough moving parts that a code-only review can miss real regressions. Keeping those expectations in a dedicated test file makes the TDD loop, coverage loop, and release gate...

=head1 WHEN TO USE

Use this file when changing the repository-side Scorecard and workflow guardrails, when a focused CI failure points here, or when you want a faster regression loop than running the entire suite.

=head1 HOW TO USE

Run it directly with C<prove -lv t/34-scorecard-guardrails.t> while iterating, then keep it green under C<prove -lr t> and the coverage runs before release. 

=head1 WHAT USES IT

Developers during TDD, the full C<prove -lr t> suite, the coverage gates, and the release verification loop all rely on this file to keep this behavior from drifting.

=head1 EXAMPLES

Example 1:

  prove -lv t/34-scorecard-guardrails.t

Run the focused regression test by itself while you are changing the behavior it owns.

Example 2:

  HARNESS_PERL_SWITCHES=-MDevel::Cover prove -lv t/34-scorecard-guardrails.t

Exercise the same focused test while collecting coverage for the library code it reaches.

Example 3:

  prove -lr t

Put the focused fix back through the whole repository suite before calling the work finished.

=for comment FULL-POD-DOC END

=cut



( run in 0.498 second using v1.01-cache-2.11-cpan-71847e10f99 )