Pierre Fitness Platform MCP Server

production_logging_test.rs•11.6 kB

// ABOUTME: Integration tests for production-ready logging improvements // ABOUTME: Verifies request ID correlation, JWT secret safety, and structured logging // // SPDX-License-Identifier: MIT OR Apache-2.0 // Copyright (c) 2025 Pierre Fitness Intelligence #![doc = "Production logging integration tests"] use anyhow::Result; use axum::{ body::{to_bytes, Body}, http::{Request, StatusCode}, middleware::from_fn, routing::get, Extension, Router, }; #[cfg(feature = "postgresql")] use pierre_mcp_server::config::environment::PostgresPoolConfig; use pierre_mcp_server::{ database_plugins::{factory::Database, DatabaseProvider}, logging::LoggingConfig, middleware::{request_id_middleware, RequestId}, models::{User, UserStatus, UserTier}, permissions::UserRole, }; use std::error::Error; use tower::ServiceExt; /// Test that request ID middleware generates unique IDs for each request #[tokio::test] async fn test_request_id_uniqueness() -> Result<(), Box<dyn Error>> { let app = Router::new() .route("/test", get(|| async { "OK" })) .layer(from_fn(request_id_middleware)); let mut request_ids = Vec::new(); // Make multiple requests and collect request IDs for _ in 0..5 { let request = Request::builder().uri("/test").body(Body::empty())?; let response = app.clone().oneshot(request).await?; assert_eq!(response.status(), StatusCode::OK); if let Some(request_id) = response.headers().get("x-request-id") { request_ids.push(request_id.to_str()?.to_owned()); } } // Verify all request IDs are unique assert_eq!(request_ids.len(), 5, "Should have 5 request IDs"); let mut unique_ids = request_ids.clone(); unique_ids.sort(); unique_ids.dedup(); assert_eq!( unique_ids.len(), request_ids.len(), "All request IDs should be unique" ); Ok(()) } /// Test that request ID is available to handlers via Extension #[tokio::test] async fn test_request_id_accessible_in_handler() -> Result<(), Box<dyn Error>> { async fn handler_with_request_id( Extension(request_id): Extension<RequestId>, ) -> Result<String, StatusCode> { Ok(format!("ID: {}", request_id.as_str())) } let app = Router::new() .route("/with-id", get(handler_with_request_id)) .layer(from_fn(request_id_middleware)); let request = Request::builder().uri("/with-id").body(Body::empty())?; let response = app.oneshot(request).await?; assert_eq!(response.status(), StatusCode::OK); let body = to_bytes(response.into_body(), usize::MAX).await?; let body_str = String::from_utf8(body.to_vec())?; assert!( body_str.starts_with("ID: "), "Handler should access request ID" ); assert!(body_str.len() >= 40, "Request ID should be a UUID string"); Ok(()) } /// Test that request ID header is present in all responses #[tokio::test] async fn test_request_id_header_always_present() -> Result<(), Box<dyn Error>> { let app = Router::new() .route("/success", get(|| async { "OK" })) .route( "/error", get(|| async { StatusCode::INTERNAL_SERVER_ERROR }), ) .layer(from_fn(request_id_middleware)); // Test successful response let request = Request::builder().uri("/success").body(Body::empty())?; let response = app.clone().oneshot(request).await?; assert!( response.headers().contains_key("x-request-id"), "Success response should have request ID header" ); // Test error response let request = Request::builder().uri("/error").body(Body::empty())?; let response = app.oneshot(request).await?; assert!( response.headers().contains_key("x-request-id"), "Error response should have request ID header" ); Ok(()) } /// Test that `RequestId` implements `Display` trait correctly #[test] fn test_request_id_display_trait() { let request_id = RequestId("test-request-id-12345".to_owned()); // Test Display trait let display_output = request_id.to_string(); assert_eq!(display_output, "test-request-id-12345"); // Test as_str method assert_eq!(request_id.as_str(), "test-request-id-12345"); } /// Test that request IDs are valid UUID v4 format #[tokio::test] async fn test_request_id_uuid_format() -> Result<(), Box<dyn Error>> { let app = Router::new() .route("/test", get(|| async { "OK" })) .layer(from_fn(request_id_middleware)); let request = Request::builder().uri("/test").body(Body::empty())?; let response = app.oneshot(request).await?; if let Some(request_id_header) = response.headers().get("x-request-id") { let request_id_str = request_id_header.to_str()?; // Parse as UUID to verify format uuid::Uuid::parse_str(request_id_str)?; // Verify it's a version 4 UUID (random) let parsed_uuid = uuid::Uuid::parse_str(request_id_str)?; assert_eq!( parsed_uuid.get_version(), Some(uuid::Version::Random), "Request ID should be UUID v4" ); } else { return Err("Request ID header not found".into()); } Ok(()) } /// Test JWT secret safety - verify no secrets in initialization #[tokio::test] async fn test_jwt_secret_not_logged() -> Result<(), Box<dyn Error>> { use tempfile::TempDir; // Create temporary database let temp_dir = TempDir::new()?; let db_path = temp_dir.path().join("test.db"); let db_url = format!("sqlite:{}", db_path.display()); // Generate encryption key let encryption_key = vec![0u8; 32]; // Initialize database (which creates JWT secret) #[cfg(feature = "postgresql")] let database = Database::new(&db_url, encryption_key, &PostgresPoolConfig::default()).await?; #[cfg(not(feature = "postgresql"))] let database = Database::new(&db_url, encryption_key).await?; // Get or create JWT secret let jwt_secret = database .get_or_create_system_secret("admin_jwt_secret") .await?; // Verify secret exists and is non-empty assert!(!jwt_secret.is_empty(), "JWT secret should not be empty"); assert!( jwt_secret.len() >= 32, "JWT secret should be sufficiently long" ); // This test primarily verifies that the code path executes without // exposing secrets in logs. Manual verification needed via: // RUST_LOG=debug cargo test test_jwt_secret_not_logged 2>&1 | grep -i secret Ok(()) } /// Test that database operations can be instrumented #[tokio::test] async fn test_database_operation_instrumentation() -> Result<(), Box<dyn Error>> { use tempfile::TempDir; use uuid::Uuid; // Create temporary database let temp_dir = TempDir::new()?; let db_path = temp_dir.path().join("test.db"); let db_url = format!("sqlite:{}", db_path.display()); let encryption_key = vec![0u8; 32]; #[cfg(feature = "postgresql")] let database = Database::new(&db_url, encryption_key, &PostgresPoolConfig::default()).await?; #[cfg(not(feature = "postgresql"))] let database = Database::new(&db_url, encryption_key).await?; // Create a test user let user = User { id: Uuid::new_v4(), email: "test@example.com".to_owned(), display_name: Some("Test User".to_owned()), password_hash: "hash".to_owned(), tier: UserTier::Starter, tenant_id: None, strava_token: None, fitbit_token: None, is_active: true, user_status: UserStatus::Active, is_admin: false, role: UserRole::User, approved_by: None, approved_at: None, created_at: chrono::Utc::now(), last_active: chrono::Utc::now(), firebase_uid: None, auth_provider: String::new(), }; // Test instrumented database operation (has #[tracing::instrument]) let created_id = database.create_user(&user).await?; assert_eq!(created_id, user.id, "Created user ID should match"); // Test instrumented get_user operation let retrieved_user = database.get_user(user.id).await?; assert!(retrieved_user.is_some(), "User should be retrievable"); if let Some(user) = retrieved_user { assert_eq!( user.email, "test@example.com", "Retrieved user email should match" ); } Ok(()) } /// Test structured logging configuration #[test] fn test_logging_config_from_env() { // Test default configuration let default_config = LoggingConfig::default(); assert_eq!(default_config.level, "info"); assert_eq!(default_config.service_name, "pierre-mcp-server"); // Test environment-based configuration (would need actual env vars set) let env_config = LoggingConfig::from_env(); assert!(!env_config.service_name.is_empty()); assert!(!env_config.service_version.is_empty()); } /// Test GCP-optimized logging configuration #[test] fn test_gcp_logging_configuration() { let gcp_config = LoggingConfig::for_gcp_cloud_run(); assert_eq!(gcp_config.level, "info"); assert_eq!(gcp_config.environment, "production"); assert!(gcp_config.features.gcp_format); assert!(gcp_config.features.telemetry); assert!( !gcp_config.features.truncate_mcp, "Production wants full logs" ); } /// Test that provider API calls can be instrumented #[tokio::test] async fn test_provider_instrumentation_integration() { // This is an integration test that verifies the instrumentation // exists on provider methods. The actual execution would require // valid OAuth tokens, so we just verify the methods compile and // can be called with proper error handling. // Note: Real testing would require mock providers or integration with test APIs // This test primarily verifies the instrumentation doesn't break compilation } /// Test request ID middleware with concurrent requests #[tokio::test] async fn test_request_id_concurrency() -> Result<(), Box<dyn Error>> { let app = Router::new() .route("/test", get(|| async { "OK" })) .layer(from_fn(request_id_middleware)); let mut handles = vec![]; // Spawn 10 concurrent requests for _ in 0..10 { let app_clone = app.clone(); let handle = tokio::spawn(async move { let request = Request::builder() .uri("/test") .body(Body::empty()) .map_err(anyhow::Error::from)?; let response = app_clone .oneshot(request) .await .map_err(|e| anyhow::Error::msg(format!("Request failed: {e}")))?; if let Some(id_header) = response.headers().get("x-request-id") { if let Ok(id_str) = id_header.to_str() { return Ok::<String, anyhow::Error>(id_str.to_owned()); } } Err(anyhow::Error::msg("Failed to get request ID")) }); handles.push(handle); } // Collect all request IDs let mut request_ids = vec![]; for handle in handles { let result = handle.await.map_err(anyhow::Error::from)??; request_ids.push(result); } // Verify all IDs are unique let mut unique_ids = request_ids.clone(); unique_ids.sort(); unique_ids.dedup(); assert_eq!( unique_ids.len(), 10, "All concurrent request IDs should be unique" ); Ok(()) }

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jfarcand/pierre_mcp_server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

production_logging_test.rs•11.6 kB