Skip to content

test: fail closed when DIFFBOT_TOKEN is missing#18

Open
brendancsmith wants to merge 1 commit into
mainfrom
test/conftest-token-fail-closed
Open

test: fail closed when DIFFBOT_TOKEN is missing#18
brendancsmith wants to merge 1 commit into
mainfrom
test/conftest-token-fail-closed

Conversation

@brendancsmith

Copy link
Copy Markdown
Owner

Summary

The functional tests (tests/functional/) call the live Diffbot API and require a valid DIFFBOT_TOKEN. Previously, when the token was missing, the tests fell through to a real HTTP request and failed with a cryptic 401 Unauthorized deep in the aiohttp/tenacity stack. Worse, it was easy to mistake an unconfigured environment for a legitimate run.

This makes the token fixture fail closed: if DIFFBOT_TOKEN is unset, the functional tests fail immediately with a clear, actionable message instead of a confusing 401 — and they can never silently pass without actually exercising the API.

Change

tests/functional/conftest.py — the session-scoped token fixture now checks for an empty/unset token and calls pytest.fail(..., pytrace=False) with guidance on how to provide the token (local .env, an Actions secret for normal runs, or a Dependabot secret for Dependabot PRs).

Why

This surfaced while diagnosing the failing checks on #17 (a Dependabot PR). Dependabot runs don't receive Actions/environment secrets, so DIFFBOT_TOKEN was empty and the functional tests failed with an opaque 401. The proper fix for #17 itself is to add DIFFBOT_TOKEN as a Dependabot secret so the functional tests run for real against the upgraded dependencies; this PR is the complementary DX improvement so any future missing-token situation fails loudly and legibly rather than mysteriously.

Behavior

Running the suite without a token now yields (unit tests still pass):

61 passed, 9 errors
ERROR ... TestDiffbotSearchClient::test_search
  DIFFBOT_TOKEN is not set. The functional tests call the live Diffbot API and
  require a valid token. Set it in a local .env file, or provide it as a CI
  secret (an Actions secret for normal runs, a Dependabot secret for Dependabot
  pull requests).

Test plan

  • ruff check and ruff format --check pass on the changed file
  • pytest with no token → functional tests error loudly with the new message; unit tests pass
  • pytest with a valid DIFFBOT_TOKEN → full suite passes (unchanged behavior; requires a token to verify in CI)

🤖 Generated with Claude Code


Generated by Claude Code

The functional tests call the live Diffbot API. Previously, a missing
DIFFBOT_TOKEN produced a confusing live 401 Unauthorized deep in the
request stack, and it was easy to mistake an unconfigured environment
for a passing run.

Make the `token` fixture fail fast with a clear, actionable message
when the token is absent, so a misconfigured local or CI environment is
obvious and functional tests never silently pass without exercising the
API.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01AGzjoh1Ketrd8x1AZJ4gfc
@codacy-production

Copy link
Copy Markdown

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric Results
Complexity 0
Duplication 0

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR improves developer experience and CI clarity by making the functional test suite fail immediately (and clearly) when DIFFBOT_TOKEN is missing, instead of allowing tests to reach the live Diffbot API and fail later with an opaque 401 Unauthorized.

Changes:

  • Update the token session fixture to explicitly check DIFFBOT_TOKEN and pytest.fail(..., pytrace=False) when unset/empty.
  • Provide an actionable failure message describing local .env setup and CI secret options (including Dependabot secrets).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants