kratos SSOT 재설계

test/backup_make_targets_test.sh

@@ -2,6 +2,9 @@
 set -euo pipefail
 
 repo_root="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+positional_restore_path="/tmp/baron-sso-restore-positional.tar.gz"
+trap 'rm -f "$positional_restore_path"' EXIT INT TERM
+: >"$positional_restore_path"
 
 fail() {
   echo "ERROR: $*" >&2
@@ -22,6 +25,8 @@ grep -Fq "docker-cli" "$repo_root/docker/backup-tools/Dockerfile" \
   || fail "backup-tools image must include docker CLI for containerized dump/restore orchestration."
 grep -Fq "perl" "$repo_root/docker/backup-tools/Dockerfile" \
   || fail "backup-tools image must include perl for legacy ClickHouse schema dump decoding."
+grep -Fq "unzip" "$repo_root/docker/backup-tools/Dockerfile" \
+  || fail "backup-tools image must include unzip for .zip restore archives."
 
 dump_dry_run="$(
   make --dry-run --always-make -C "$repo_root" dump DUMP_SERVICES="postgres,config" DUMP_MODE="maintenance" 2>&1
@@ -48,6 +53,24 @@ assert_dry_run_contains "$restore_dry_run" "DUMP_FILE=\"backups/example.tar.zst\
 assert_dry_run_contains "$restore_dry_run" "RESTORE_SERVICES=\"postgres,config\""
 assert_dry_run_contains "$restore_dry_run" "CONFIRM_RESTORE=\"baron-sso\""
 assert_dry_run_contains "$restore_dry_run" "RESTORE_REPORT=\"reports/restore-report.json\""
+assert_dry_run_contains "$restore_dry_run" "Ensuring restore target containers"
+assert_dry_run_contains "$restore_dry_run" "ensure_restore_container baron_postgres compose.infra.yaml postgres"
+assert_dry_run_contains "$restore_dry_run" "ensure_restore_container ory_postgres compose.ory.yaml postgres"
+
+restore_file_path_dry_run="$(
+  make --dry-run --always-make -C "$repo_root" restore FILE_PATH="backups/example.tar.zst" RESTORE_SERVICES="postgres" CONFIRM_RESTORE="baron-sso" 2>&1
+)"
+
+assert_dry_run_contains "$restore_file_path_dry_run" "RESTORE_INPUT=\"backups/example.tar.zst\""
+assert_dry_run_contains "$restore_file_path_dry_run" "RESTORE_SERVICES=\"postgres\""
+assert_dry_run_contains "$restore_file_path_dry_run" "CONFIRM_RESTORE=\"baron-sso\""
+
+restore_positional_dry_run="$(
+  make --dry-run --always-make -C "$repo_root" restore "$positional_restore_path" RESTORE_SERVICES="config" CONFIRM_RESTORE="baron-sso" 2>&1
+)"
+
+assert_dry_run_contains "$restore_positional_dry_run" "RESTORE_INPUT=\"$positional_restore_path\""
+assert_dry_run_contains "$restore_positional_dry_run" "RESTORE_SERVICES=\"config\""
 
 for target in dump-verify restore-verify dump-list restore-plan; do
   target_dry_run="$(

test/make_help_target_test.sh

@@ -0,0 +1,52 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+repo_root="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+
+fail() {
+  echo "ERROR: $*" >&2
+  exit 1
+}
+
+assert_contains() {
+  local output="$1"
+  local expected="$2"
+  grep -Fq -- "$expected" <<<"$output" || fail "help output must contain: $expected"
+}
+
+help_output="$(
+  make -C "$repo_root" help 2>&1
+)"
+
+assert_contains "$help_output" "Usage:"
+assert_contains "$help_output" "Targets:"
+assert_contains "$help_output" "Options:"
+assert_contains "$help_output" "Restore Safety:"
+
+for target in up dev code-check dump restore-plan code-check-userfront-e2e-tests; do
+  assert_contains "$help_output" "$target"
+done
+
+for option in DEV_SERVICES CODE_CHECK_TEST_JOBS PLAYWRIGHT_WORKERS BACKUP_USE_DOCKER DUMP_SERVICES RESTORE_SERVICES; do
+  assert_contains "$help_output" "$option"
+done
+
+for restore_usage in \
+  "CONFIRM_RESTORE=baron-sso" \
+  "ALLOW_NON_EMPTY_RESTORE=true" \
+  "make restore-plan FILE_PATH=stg.today.tar.gz CONFIRM_RESTORE=baron-sso" \
+  "make restore FILE_PATH=stg.today.tar.gz CONFIRM_RESTORE=baron-sso ALLOW_NON_EMPTY_RESTORE=true"; do
+  assert_contains "$help_output" "$restore_usage"
+done
+
+for description in \
+  "전체 로컬 스택 실행" \
+  "개발 앱 컨테이너를 포그라운드로 실행" \
+  "로컬 CI 상당 코드 검사 실행" \
+  "백업 덤프 생성" \
+  "복구 실행 계획 출력" \
+  "UserFront WASM E2E 테스트 실행"; do
+  assert_contains "$help_output" "$description"
+done
+
+echo "OK: make help exposes generated targets and configurable options"

test/restore_input_path_test.sh

@@ -0,0 +1,76 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+repo_root="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+tmp_dir="$(mktemp -d /tmp/baron-sso-restore-input.XXXXXX)"
+
+cleanup() {
+  rm -rf "$tmp_dir"
+}
+trap cleanup EXIT INT TERM
+
+fail() {
+  echo "ERROR: $*" >&2
+  exit 1
+}
+
+assert_contains() {
+  local output="$1"
+  local expected="$2"
+  grep -Fq -- "$expected" <<<"$output" || fail "output must contain: $expected"
+}
+
+run_restore_plan() {
+  local output
+  output="$("$@" 2>&1)"
+  assert_contains "$output" "Restore plan for"
+  assert_contains "$output" "Services: config"
+}
+
+backup_dir="$tmp_dir/baron-sso-backup-test"
+mkdir -p "$backup_dir"
+printf '{"restore_policy":{}}\n' >"$backup_dir/manifest.json"
+
+tar_zst="$tmp_dir/baron-sso-backup-test.tar.zst"
+tar_gz="$tmp_dir/baron-sso-backup-test.tar.gz"
+zip_file="$tmp_dir/baron-sso-backup-test.zip"
+unsupported_file="$tmp_dir/baron-sso-backup-test.tar.bz2"
+
+tar --zstd -cf "$tar_zst" -C "$tmp_dir" "$(basename "$backup_dir")"
+tar -czf "$tar_gz" -C "$tmp_dir" "$(basename "$backup_dir")"
+(cd "$tmp_dir" && python3 -m zipfile -c "$zip_file" "$(basename "$backup_dir")")
+: >"$unsupported_file"
+
+run_restore_plan \
+  env RESTORE_INPUT="$backup_dir" RESTORE_SERVICES=config CONFIRM_RESTORE=baron-sso RESTORE_REPORT="$tmp_dir/dir-report.json" \
+  "$repo_root/scripts/backup/restore.sh" --dry-run
+
+run_restore_plan \
+  env RESTORE_INPUT="$tar_zst" RESTORE_SERVICES=config CONFIRM_RESTORE=baron-sso RESTORE_REPORT="$tmp_dir/tar-zst-report.json" \
+  "$repo_root/scripts/backup/restore.sh" --dry-run
+
+run_restore_plan \
+  env RESTORE_INPUT="$tar_gz" RESTORE_SERVICES=config CONFIRM_RESTORE=baron-sso RESTORE_REPORT="$tmp_dir/tar-gz-report.json" \
+  "$repo_root/scripts/backup/restore.sh" --dry-run
+
+run_restore_plan \
+  env RESTORE_INPUT="$zip_file" RESTORE_SERVICES=config CONFIRM_RESTORE=baron-sso RESTORE_REPORT="$tmp_dir/zip-report.json" \
+  "$repo_root/scripts/backup/restore.sh" --dry-run
+
+run_restore_plan \
+  env DUMP_FILE="$zip_file" RESTORE_SERVICES=config CONFIRM_RESTORE=baron-sso RESTORE_REPORT="$tmp_dir/direct-zip-report.json" \
+  "$repo_root/scripts/backup/restore.sh" --dry-run
+
+if env RESTORE_INPUT="$unsupported_file" RESTORE_SERVICES=config CONFIRM_RESTORE=baron-sso RESTORE_REPORT="$tmp_dir/unsupported-report.json" \
+  "$repo_root/scripts/backup/restore.sh" --dry-run >/tmp/baron-sso-restore-unsupported.out 2>&1; then
+  fail "unsupported restore archive extension must fail."
+fi
+assert_contains "$(cat /tmp/baron-sso-restore-unsupported.out)" "unsupported restore input file extension"
+
+if env RESTORE_INPUT="$backup_dir" BACKUP="$backup_dir" RESTORE_SERVICES=config CONFIRM_RESTORE=baron-sso RESTORE_REPORT="$tmp_dir/ambiguous-report.json" \
+  "$repo_root/scripts/backup/restore.sh" --dry-run >/tmp/baron-sso-restore-ambiguous.out 2>&1; then
+  fail "ambiguous restore inputs must fail."
+fi
+assert_contains "$(cat /tmp/baron-sso-restore-ambiguous.out)" "set only one restore input"
+
+echo "OK: restore input path inference supports directories, tar archives, and zip archives"