Skip to content

chore(test): gate test-only DB short-circuit behind CACTI_TEST_BOOTSTRAP env#7128

Open
somethingwithproof wants to merge 5 commits into
Cacti:developfrom
somethingwithproof:chore/test-db-sentinel
Open

chore(test): gate test-only DB short-circuit behind CACTI_TEST_BOOTSTRAP env#7128
somethingwithproof wants to merge 5 commits into
Cacti:developfrom
somethingwithproof:chore/test-db-sentinel

Conversation

@somethingwithproof
Copy link
Copy Markdown
Contributor

@somethingwithproof somethingwithproof commented May 8, 2026

The existing !defined('PHP_TESTING') guards in include/global.php
skipped db_connect_real whenever PHP_TESTING was defined anywhere
in the include chain. A stray define from a CLI tool or third-party
script could disable real DB connection logic in a deployed
environment.

This change tightens the guard:

  • Require both defined('PHP_TESTING') and getenv('CACTI_TEST_BOOTSTRAP') === '1'
    before short-circuiting the DB connect calls.
  • Replace the silent no-connect branch with new Cacti_TestDbSentinel(),
    a final class whose __call throws RuntimeException for every
    invocation. Any code path that treats the sentinel as a real handle
    fails loudly instead of silently returning the wrong value.
  • Skip the remote-override block when $remote_db_cnn_id is the
    sentinel.

Self-contained: only include/global.php changes. No public API
shifts.

@somethingwithproof
chore(test): gate test-only DB short-circuit behind CACTI_TEST_BOOTST…
99523c4 
…RAP env

The previous `!defined('PHP_TESTING')` guard skipped db_connect_real
whenever PHP_TESTING was set anywhere in the include chain. A stray
define from a CLI tool or third-party script could disable real DB
connection logic in a deployed environment.

Switch the guard to require both `PHP_TESTING` and an explicit
`CACTI_TEST_BOOTSTRAP=1` env var, and replace the silent-no-connect
path with a `Cacti_TestDbSentinel` whose every method throws. Any
production code path that accidentally treats the sentinel as a real
DB handle will fail loudly instead of silently misbehaving.

Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
Copilot AI review requested due to automatic review settings May 8, 2026 08:00
@somethingwithproof somethingwithproof mentioned this pull request May 8, 2026
Closed
Copilot AI reviewed May 8, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens Cacti’s bootstrap DB connection logic in include/global.php by preventing a stray PHP_TESTING define from accidentally disabling real database connections in non-test environments. It introduces an explicit opt-in via CACTI_TEST_BOOTSTRAP=1 and replaces silent “no-connect” behavior with a sentinel object intended to fail loudly if misused as a DB handle.

Changes:

  • Gate the test-only DB connection short-circuit behind both PHP_TESTING and CACTI_TEST_BOOTSTRAP=1.
  • Introduce Cacti_TestDbSentinel whose method calls throw to avoid silently treating a non-connection as a real handle.
  • Avoid applying the remote-override configuration when the “remote connection” is the sentinel.

Comment thread include/global.php Outdated
Comment thread include/global.php Outdated
Comment thread include/global.php
Comment thread include/global.php Outdated
@somethingwithproof
chore(phpstan): catch up baseline with 11 upstream-detected entries
2c2637a 
Same as PR-A: appends 11 PHPStan ignoreErrors entries that exist on
upstream develop but are not yet baselined, so this branch's CI does
not regress on phpstan analyse --level 6.

Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
@somethingwithproof
fix(test): apply Copilot review feedback for test DB sentinel guard
38d39ae 
Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
@somethingwithproof somethingwithproof mentioned this pull request May 8, 2026
Merged
somethingwithproof and others added 2 commits May 13, 2026 23:03
@somethingwithproof
test: collapse remaining test-bootstrap guard to $is_test_bootstrap
eb90c79 
The previous review fix introduced a local $is_test_bootstrap flag but left
two call sites still inlining defined('PHP_TESTING') && getenv(...). Replace
the long-form check and guard the single-poller cacti_db_version fetch so the
sentinel branch finishes initialising without invoking the DB.

Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
@TheWitness
Merge branch 'develop' into chore/test-db-sentinel
60479cf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@somethingwithproof @TheWitness