canic-cli 0.69.2

Operator CLI for Canic fleet setup, builds, evidence, catalog, backup, and restore workflows
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129

//! Module: backup::tests::verify::rejection
//!
//! Responsibility: backup verification rejection tests.
//! Does not own: successful integrity-report behavior.
//! Boundary: invalid dry-run and execution-backed layouts.

use super::super::super::*;
use super::super::fixtures::*;
use crate::test_support::temp_dir;
use canic_backup::persistence::BackupLayout;
use std::fs;

// Ensure verification rejects dry-run plans with a backup-specific error.
#[test]
fn verify_backup_rejects_dry_run_layout() {
    let root = temp_dir("canic-cli-backup-verify-dry-run");
    let plan = valid_backup_plan();
    persist_backup_create_dry_run(&root, &plan).expect("persist dry-run plan");

    let options = BackupVerifyOptions {
        backup_ref: None,
        dir: Some(root.clone()),
        out: None,
    };
    let err = verify_backup(&options).expect_err("dry-run verify rejects");

    fs::remove_dir_all(root).expect("remove temp root");
    std::assert_matches!(
        err,
        BackupCommandError::DryRunNotComplete { plan_id } if plan_id == "plan-test"
    );
}

// Ensure verification reports incomplete execution-backed layouts clearly.
#[test]
fn verify_backup_rejects_manifest_layout_missing_execution_journal() {
    let root = temp_dir("canic-cli-backup-verify-missing-execution-journal");
    write_manifest_plan_without_execution_journal(&root);

    let options = BackupVerifyOptions {
        backup_ref: None,
        dir: Some(root.clone()),
        out: None,
    };
    let err = verify_backup(&options).expect_err("missing execution journal rejects");

    fs::remove_dir_all(root).expect("remove temp root");
    std::assert_matches!(
        err,
        BackupCommandError::BackupLayoutIncomplete {
            missing: "backup-execution-journal.json"
        }
    );
}

// Ensure verification rejects execution-backed layouts that finalized artifacts before execution completion.
#[test]
fn verify_backup_rejects_incomplete_execution_layout_with_manifest() {
    let root = temp_dir("canic-cli-backup-verify-incomplete-execution");
    let layout = BackupLayout::new(root.clone());
    let checksum = write_artifact(&root, b"root artifact");

    layout
        .write_manifest(&valid_manifest())
        .expect("write manifest");
    layout
        .write_journal(&journal_with_checksum(checksum.hash))
        .expect("write journal");
    layout
        .write_backup_plan(&valid_backup_plan())
        .expect("write backup plan");
    layout
        .write_execution_journal(&accepted_execution_journal())
        .expect("write incomplete execution journal");

    let options = BackupVerifyOptions {
        backup_ref: None,
        dir: Some(root.clone()),
        out: None,
    };
    let err = verify_backup(&options).expect_err("incomplete execution rejects");

    fs::remove_dir_all(root).expect("remove temp root");
    std::assert_matches!(
        err,
        BackupCommandError::DryRunNotComplete { plan_id } if plan_id == "plan-test"
    );
}

// Ensure verification rejects execution-backed layouts whose plan and execution journal drift.
#[test]
fn verify_backup_rejects_execution_plan_journal_mismatch() {
    let root = temp_dir("canic-cli-backup-verify-execution-mismatch");
    let layout = BackupLayout::new(root.clone());
    let checksum = write_artifact(&root, b"root artifact");
    let mut journal = accepted_execution_journal();
    journal.operations[0].operation_id = "different-operation".to_string();

    layout
        .write_manifest(&valid_manifest())
        .expect("write manifest");
    layout
        .write_journal(&journal_with_checksum(checksum.hash))
        .expect("write journal");
    layout
        .write_backup_plan(&valid_backup_plan())
        .expect("write backup plan");
    layout
        .write_execution_journal(&journal)
        .expect("write mismatched execution journal");

    let options = BackupVerifyOptions {
        backup_ref: None,
        dir: Some(root.clone()),
        out: None,
    };
    let err = verify_backup(&options).expect_err("mismatched execution rejects");

    fs::remove_dir_all(root).expect("remove temp root");
    std::assert_matches!(
        err,
        BackupCommandError::Persistence(
            canic_backup::persistence::PersistenceError::PlanJournalOperationMismatch {
                field: "operation_id",
                ..
            }
        )
    );
}