refactor(test): convert remaining test files from JavaScript to TypeScript

Converted pullRemote, performance, and SSH integration tests to TypeScript
for better type safety and consistency with the codebase migration.

Author: fabiovincenzi

src/proxy/ssh/hostKeyManager.ts

@@ -37,7 +37,7 @@ export function ensureHostKey(config: HostKeyConfig): Buffer {
 
   // Validate paths to prevent command injection
   // Only allow alphanumeric, dots, slashes, underscores, hyphens
-  const safePathRegex = /^[a-zA-Z0-9._\-\/]+$/;
+  const safePathRegex = /^[a-zA-Z0-9._\-/]+$/;
   if (!safePathRegex.test(privateKeyPath) || !safePathRegex.test(publicKeyPath)) {
     throw new Error(
       `Invalid SSH host key path: paths must contain only alphanumeric characters, dots, slashes, underscores, and hyphens`,
@@ -59,7 +59,9 @@ export function ensureHostKey(config: HostKeyConfig): Buffer {
   // Generate a new host key
   console.log(`[SSH] Proxy host key not found at ${privateKeyPath}`);
   console.log('[SSH] Generating new SSH host key for the proxy server...');
-  console.log('[SSH] Note: This key identifies the proxy to connecting clients (like an SSL certificate)');
+  console.log(
+    '[SSH] Note: This key identifies the proxy to connecting clients (like an SSL certificate)',
+  );
 
   try {
     // Create directory if it doesn't exist
@@ -75,13 +77,10 @@ export function ensureHostKey(config: HostKeyConfig): Buffer {
     // - Faster key generation
     // - Better security properties
     console.log('[SSH] Generating Ed25519 host key...');
-    execSync(
-      `ssh-keygen -t ed25519 -f "${privateKeyPath}" -N "" -C "git-proxy-host-key"`,
-      {
-        stdio: 'pipe', // Suppress ssh-keygen output
-        timeout: 10000, // 10 second timeout
-      },
-    );
+    execSync(`ssh-keygen -t ed25519 -f "${privateKeyPath}" -N "" -C "git-proxy-host-key"`, {
+      stdio: 'pipe', // Suppress ssh-keygen output
+      timeout: 10000, // 10 second timeout
+    });
 
     console.log(`[SSH] ✓ Successfully generated proxy host key`);
     console.log(`[SSH]   Private key: ${privateKeyPath}`);
@@ -99,23 +98,20 @@ export function ensureHostKey(config: HostKeyConfig): Buffer {
     return fs.readFileSync(privateKeyPath);
   } catch (error) {
     // If generation fails, provide helpful error message
-    const errorMessage =
-      error instanceof Error
-        ? error.message
-        : String(error);
+    const errorMessage = error instanceof Error ? error.message : String(error);
 
     console.error('[SSH] Failed to generate host key');
     console.error(`[SSH] Error: ${errorMessage}`);
     console.error('[SSH]');
     console.error('[SSH] To fix this, you can either:');
     console.error('[SSH] 1. Install ssh-keygen (usually part of OpenSSH)');
     console.error('[SSH] 2. Manually generate a key:');
-    console.error(`[SSH]    ssh-keygen -t ed25519 -f "${privateKeyPath}" -N "" -C "git-proxy-host-key"`);
+    console.error(
+      `[SSH]    ssh-keygen -t ed25519 -f "${privateKeyPath}" -N "" -C "git-proxy-host-key"`,
+    );
     console.error('[SSH] 3. Disable SSH in proxy.config.json: "ssh": { "enabled": false }');
 
-    throw new Error(
-      `Failed to generate SSH host key: ${errorMessage}. See console for details.`,
-    );
+    throw new Error(`Failed to generate SSH host key: ${errorMessage}. See console for details.`);
   }
 }
 

test/processors/pullRemote.test.js

@@ -0,0 +1,115 @@
+import { describe, it, beforeEach, afterEach, expect, vi } from 'vitest';
+import { Action } from '../../src/proxy/actions/Action';
+
+// Mock modules
+vi.mock('fs');
+vi.mock('isomorphic-git');
+vi.mock('simple-git');
+vi.mock('isomorphic-git/http/node', () => ({}));
+
+describe('pullRemote processor', () => {
+  let fsStub: any;
+  let gitCloneStub: any;
+  let simpleGitStub: any;
+  let pullRemote: any;
+
+  const setupModule = async () => {
+    gitCloneStub = vi.fn().mockResolvedValue(undefined);
+    simpleGitStub = vi.fn().mockReturnValue({
+      clone: vi.fn().mockResolvedValue(undefined),
+    });
+
+    // Mock the dependencies
+    vi.doMock('fs', () => ({
+      promises: fsStub.promises,
+    }));
+    vi.doMock('isomorphic-git', () => ({
+      clone: gitCloneStub,
+    }));
+    vi.doMock('simple-git', () => ({
+      simpleGit: simpleGitStub,
+    }));
+
+    // Import after mocking
+    const module = await import('../../src/proxy/processors/push-action/pullRemote');
+    pullRemote = module.exec;
+  };
+
+  beforeEach(async () => {
+    fsStub = {
+      promises: {
+        mkdtemp: vi.fn(),
+        writeFile: vi.fn(),
+        rm: vi.fn(),
+        rmdir: vi.fn(),
+        mkdir: vi.fn(),
+      },
+    };
+    await setupModule();
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+  });
+
+  it('uses service token when cloning SSH repository', async () => {
+    const action = new Action(
+      '123',
+      'push',
+      'POST',
+      Date.now(),
+      'https://github.com/example/repo.git',
+    );
+    action.protocol = 'ssh';
+    action.sshUser = {
+      username: 'ssh-user',
+      sshKeyInfo: {
+        keyType: 'ssh-rsa',
+        keyData: Buffer.from('public-key'),
+      },
+    };
+
+    const req = {
+      headers: {},
+      authContext: {
+        cloneServiceToken: {
+          username: 'svc-user',
+          password: 'svc-token',
+        },
+      },
+    };
+
+    await pullRemote(req, action);
+
+    expect(gitCloneStub).toHaveBeenCalledOnce();
+    const cloneOptions = gitCloneStub.mock.calls[0][0];
+    expect(cloneOptions.url).toBe(action.url);
+    expect(cloneOptions.onAuth()).toEqual({
+      username: 'svc-user',
+      password: 'svc-token',
+    });
+    expect(action.pullAuthStrategy).toBe('ssh-service-token');
+  });
+
+  it('throws descriptive error when HTTPS authorization header is missing', async () => {
+    const action = new Action(
+      '456',
+      'push',
+      'POST',
+      Date.now(),
+      'https://github.com/example/repo.git',
+    );
+    action.protocol = 'https';
+
+    const req = {
+      headers: {},
+    };
+
+    try {
+      await pullRemote(req, action);
+      expect.fail('Expected pullRemote to throw');
+    } catch (error: any) {
+      expect(error.message).toBe('Missing Authorization header for HTTPS clone');
+    }
+  });
+});