social.io system testing

This standalone repository qualifies the complete social.io deployment boundary. It follows the sibling serve.zone/testing model: Vagrant creates an isolated Ubuntu guest, the whole social.io workspace is copied into it with one-way rsync, and independently runnable scenarios exercise real services.

Phase 1 is one production-mode vertical slice. It proves TLS/authenticated MongoDB transactions, HTTPS object storage, clamd, provider IMAP/JMAP, transactional/provider SMTP capture, the first-party JMAP/IMAP surfaces, real browser login, and deterministic desktop/iPad/iPhone screenshots. The broader recovery, backup/restore, failure-injection, performance, accessibility, and full journey matrix is tracked in ../readme.plan.md and belongs to test:full as it lands.

Isolation model

  • The app and deterministic mail fixture are supervised guest processes.
  • MongoDB, MinIO, clamd, and Caddy run in a private Docker network.
  • Only HTTPS on guest port 8443 and first-party IMAPS on guest port 1993 are forwarded to host loopback.
  • Generated secrets and PKI stay under ignored infra/runtime/ inside the VM.
  • Guest-to-host artifacts are copied explicitly; rsync never returns secrets.

Commands

pnpm install --frozen-lockfile
pnpm check
pnpm test:unit
pnpm vagrant:up
pnpm vagrant:test
pnpm vagrant:screenshots
pnpm vagrant:pull
pnpm vagrant:destroy

The default Vagrant provider is libvirt. Override box/provider resources with SOCIALIO_VAGRANT_BOX, SOCIALIO_VAGRANT_BOX_VERSION, SOCIALIO_VAGRANT_CPUS, and SOCIALIO_VAGRANT_MEMORY. Phase 1 is pinned to amd64 because the qualified ClamAV image is amd64-only; an arm64 matrix remains a roadmap item rather than silently skipping scanning.

Screenshot boundary

Raw candidates live in .playwright-mcp/landing/device-matrix/. Capture and tests never modify ../landingpage. Promotion is a separate dry-run-first command:

pnpm screenshots:verify
pnpm screenshots:promote --landing ../landingpage
# Applying changed existing files additionally requires --apply and one
# --overwrite <allowlisted-file.png> argument for every changed file.
# If a prior qualified promotion left only unstaged tracked screenshot
# modifications, add --allow-dirty-screenshots. Any staged, untracked, or
# non-screenshot change still blocks promotion.

Promotion validates real paths, the 34-name candidate allowlist, per-profile dimensions (1920x1080 desktop, 1180x820 iPad, 402x874 iPhone), manifest hashes, and a clean or explicitly screenshot-only landing worktree. Every overwrite must be explicitly named. It never commits or pushes.

Static validation proves only the scaffold. The 2026-07-16 clean-volume VM run, browser journey, repeated protocol checks, and 34-image desktop/iPad/iPhone device matrix passed, including per-profile responsive-shell assertions and host-side hash verification. The manifest remains a phase1-candidate until the verified SmartIMAP Deno TLS listener fix is published, adopted, and the run passes without a guest dependency hotpatch.

S
Description
No description provided
Readme 150 KiB
Languages
TypeScript 82.9%
Shell 16.1%
HTML 1%