Mocha Testing changes #48
Conversation
tejashah88
commented
Jan 31, 2017
•
tejashah88
commented
- Removed deprecated dependency 'supertest-as-promised'
- Maintaining testing format consistency
- Added tests to verify that server does not always bind to both HTTP and HTTPS ports (Server binds to both HTTPs and HTTP ports? #46)
- Added more node versions to run mocha tests on Travis-CI
* Removed deprecated dependency 'supertest-as-promised' * Maintaining testing format consistency * Added tests to verify that server does not always bind to both HTTP and HTTPS ports (#46)
…les, it asks for a passphrase, effectively halting the testing
| expect(err).to.not.exist; | ||
| expect(result).to.be.true; | ||
|
|
||
| isPortTaken({ port: 3000 }, function(err, result) { |
There was a problem hiding this comment.
This is identical to the above, bad copy-paste?
| }); | ||
| }); | ||
|
|
||
| it("should have the HTTP and HTTPS server instances running", function() { |
There was a problem hiding this comment.
This is the problem, it seems wrong to me. When I enable HTTPs, why should I have both HTTP and HTTPs? No other server works like this. There should be only 1 port option and it should be HTTP or HTTPs.
There was a problem hiding this comment.
When I enable HTTPs, why should I have both HTTP and HTTPs?
No other server works like this
one use case for having both: you want to have all traffic sent over http redirected to https.
modern sites should never run http, unless they need to for some compatability reasons.
There was a problem hiding this comment.
Maybe a flag explicitly stating that HTTP is enabled or not would make sense. For example, if I wanted only HTTPS to be enabled, it could be the following:
{
httpEnabled: false,
httpsEnabled: true
...
}There was a problem hiding this comment.
another option is just ditch https in alexa-app-server. In production most people don't run ssl directly with node; there is better software to do this. (load balancers, nginx reverse proxy, etc.)
It also makes local development easier, because there's no certificate ceremony to deal with.
There was a problem hiding this comment.
Interesting option. If we do decide to go that route, we should at least add some tutorials for setting up with HTTPS if people do want to do so.
Speaking on the same note, it might be a great idea to have a wiki pages so that all relevant tutorials and API documentation can stay there and the README is not as long.
There was a problem hiding this comment.
I think ditching HTTPs when it's implemented and working seems unnecessary. I am against two flags, the default it HTTP and if you want, you get HTTPs. There should be no fallback if SSL setup fails the server shouldn't start.
No modern server, Apache, IIS, Tomcat, Express, ..., listens on two ports AFAIK. I could be wrong, but If you want to do http redirecting to https you would make separate instances, implement something like HSTS on the first one, etc.
There was a problem hiding this comment.
Another option could be to change the flag name so that it's obvious that only HTTPS is enabled (i.e. something like httpsOnly). Or the flag could be like an enumeration with multiple states, such as the following:
var httpsOptions = {
DISABLED, REDIRECTED_TO, STRICT_ENABLED //something like that
}There was a problem hiding this comment.
Two minutes ago we were discussing dropping HTTPs altogether ;)
Seems to me that we're trying to do too much. I think there should just be 1 option: https: true, and whatever cert options. This would mimic what every web server out there I know does.
Either way, do you have a preference to what to do @tejashah88? At the very least we should fix the bug that's here of binding to two different ports, that's totally unexpected.
There was a problem hiding this comment.
Well, we need all the ideas that we can get. ;) I do agree on fixing the bug, although as I've said, it should be obvious to the developer. If we were to go with this route, some other changes may need to be employed.
- The
httpsPortis not needed since that should be handled by theportflag. - The
httpsEnabledflag should be either documented in that only https will be enabled, and/or the flag name itself should be changed.
Personally, I don't mind any particular fix, so long as it makes using the library a bit easier in some aspect. @mreinstein thoughts on this?
There was a problem hiding this comment.
I like what you're saying @tejashah88, @mreinstein would be nice to hear from you to help clear up any disagreement on what this code should do, it's easier to "vote" with 3 people :)
| expect(err).to.not.exist; | ||
| expect(result).to.be.true; | ||
|
|
||
| isPortTaken({ port: 3000, host: '127.0.0.1' }, function(err, result) { |
There was a problem hiding this comment.
This is duplicating the block above unnecessarily. One test is enough :)
There was a problem hiding this comment.
I added that block so that it would test if the server was binding to a specific address.
|
I am down with merging this and dealing with #46 separately, @tejashah88 LMK how you feel about it. You might want to squash these commits, it's a good exercise ;) |
|
I have to say I'm a little bit frustrated right now. While more polished testing infrastructure is nice and appreciated, there are serious problems with this module: Granted one of them is only a few minutes old, but several are months old. These strike me as "house on fire" kinds of issues. These need to be addressed. If I'm happy to help with this but we have to prioritize broken shit over nice polish. |
|
@dblock I agree, let's get this PR merged first, then we can talk about it in a new issue. Normally, I don't squash the commits until I know the PR is ready to be merged. Thanks for reminding me though. |
|
@mreinstein I do agree, and I've been planning to implement #21 and #35 for some time. For now, we can leave the HTTPS handling for another time. |
|
I merged this. Tests weren't a thing here until recently, so fixing broken stuff without tests breaks other things, so tests are important. I'll take a stab at the https stuff sometime in the future unless someone beats me to it. |
|
LMK how I can help with the on fire issues. |
