release: v0.12.0 — migrate to famedly-zitadel-rust-client v0.12#164
release: v0.12.0 — migrate to famedly-zitadel-rust-client v0.12#164nikzen wants to merge 4 commits into
Conversation
Bump the Zitadel client from the legacy zitadel-rust-client v0.3 to
famedly-zitadel-rust-client v0.12 and migrate the e2e test suite off the
gRPC v1 API onto the v2 HTTP API, dropping the v1 dev-dependency feature
that carried the remaining security advisories.
Fix two error-handling regressions in src/zitadel.rs surfaced by running
the e2e suite against the v2 production code: the v2 client exposes
Zitadel error codes (V3-DKcYh, PHONE-so0wa, COMMAND-ieJ2e) as a source in
the error chain rather than in the top-level Display. Match against the
full chain via `{error:#}` to restore the "user already exists" update
path and the invalid-phone fallback in both import_user and update_user.
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #164 +/- ##
==========================================
+ Coverage 91.37% 91.99% +0.61%
==========================================
Files 10 10
Lines 1600 1648 +48
==========================================
+ Hits 1462 1516 +54
+ Misses 138 132 -6
... and 4 files with indirect coverage changes Continue to review full report in Codecov by Harness.
|
The pinned CI nightly denies these pedantic lints via `-D warnings`. - Extract import/delete/update arms of `sync_users` into helper functions. - Hoist test-local items (fixtures, helpers) to module scope, since the test macros emit statements before them, tripping items_after_statements. - Split the long install-ids/UKT test bodies into seeding helpers and add `#![cfg(test)]` to install-ids.rs so expect-in-tests is allowed. Co-authored-by: Cursor <cursoragent@cursor.com>
sirewix
left a comment
There was a problem hiding this comment.
Looks ok on the surface, but there are so many changes in test code. If we want to verify everything it will take a lot of time
| uuid = { version = "1.10.0", features = ["v5"] } | ||
| wiremock = "0.6.2" | ||
| zitadel-rust-client = { git = "https://github.com/famedly/zitadel-rust-client", version = "0.3.0", default-features = false } | ||
| zitadel-rust-client = { git = "https://github.com/famedly/zitadel-rust-client", package = "famedly-zitadel-rust-client", version = "0.12", default-features = false } |
There was a problem hiding this comment.
We should use the version from crates.io
|
|
||
| ### Miscellaneous Tasks | ||
|
|
||
| - *(deps)* Migrate to famedly-zitadel-rust-client v0.12 and drop the v1 feature, resolving the remaining security advisories |
There was a problem hiding this comment.
It was only used in tests, so probably there was no real security issues
| // error code we match on below) as a source in the error chain, | ||
| // so we must inspect the full chain rather than just the | ||
| // top-level `Display`. | ||
| let error_chain = format!("{error:#}"); |
There was a problem hiding this comment.
| let error_chain = format!("{error:#}"); | |
| let error_chain = format!("{error:?}"); |
| // error chain, so we match against the whole chain. | ||
| // If the new phone number is invalid | ||
| if error.to_string().contains("PHONE-so0wa") { | ||
| if format!("{error:#}").contains("PHONE-so0wa") { |
There was a problem hiding this comment.
| if format!("{error:#}").contains("PHONE-so0wa") { | |
| if format!("{error:?}").contains("PHONE-so0wa") { |
| if let Err(error) = self.zitadel_client.remove_phone(zitadel_id).await { | ||
| // If the user didn't start out with a phone | ||
| if !error.to_string().contains("COMMAND-ieJ2e") { | ||
| if !format!("{error:#}").contains("COMMAND-ieJ2e") { |
There was a problem hiding this comment.
| if !format!("{error:#}").contains("COMMAND-ieJ2e") { | |
| if !format!("{error:?}").contains("COMMAND-ieJ2e") { |
| @@ -1,5 +1,7 @@ | |||
| //! E2E tests for the id installation script | |||
|
|
|||
| #![cfg(test)] | |||
There was a problem hiding this comment.
| #![cfg(test)] |
Summary
zitadel-rust-clientv0.3 tofamedly-zitadel-rust-clientv0.12 and migrate the e2e tests off the gRPC v1 API onto the v2 HTTP API, dropping thev1dev-dependency feature that carried the remaining security advisories (cargo auditnow clean).src/zitadel.rssurfaced by running e2e against the v2 production code: the v2 client exposes Zitadel error codes (V3-DKcYh,PHONE-so0wa,COMMAND-ieJ2e) as a source in the error chain rather than in the top-levelDisplay. Match against the full chain via{error:#}to restore the "user already exists" update path and the invalid-phone fallback in bothimport_userandupdate_user.ZitadelExttest helper trait and rewrite the e2e suite to use v2 idioms (Optionsemantics,human()/profile()/is_verified()accessors, login-name lookup, grants, IDP links).Cargo.toml/Cargo.lockand add aCHANGELOG.mdentry.Closes: https://famedly.atlassian.net/browse/FC-554