Testing
:::info Source
Sourced from services/content-service/TESTING_STRATEGY.md in the documentation repo.
:::
1. Coverage Targets
| Layer | Line | Branch | Mutation |
|---|---|---|---|
Domain aggregates (PlayPackage, Bundle, LicenseEnvelope) | 95% | 98% | 80% |
| Application services | 90% | 90% | 70% |
| Integration | 80% | 80% | — |
| Overall | 85% | — | — |
2. Unit Tests
PlayPackagestate machine:building → built → revokedtransitions.PackageManifestvalidator: rejects cross-tenant refs, unresolved media, missing required locales.LicenseEnvelopeconstructor: rejects expiredexpiresAt, missing signature, cross-tenantenrollmentId.Bundlekey derivation: deterministic given inputs; different for different device keys.- JWS sign/verify round-trip.
Data builders: aPlayPackage().forCourseVersion(cv).withAssets(5).built().
3. Integration Tests (Testcontainers)
- Postgres + NATS + MinIO + mock KMS (localstack).
- Test flows:
- Build package from draft snapshot → assets uploaded → event emitted.
- Create bundle for (tenant, device, enrollment) → encrypted → signed → URL served.
- Revoke package → all downstream bundles marked revoked.
- SCORM 1.2 import → package projection → verify playable.
- SCORM 2004 import → package projection.
4. Contract Tests
Pact contracts:
- Producer → content (consumes
authoring.course_draft.published.v1): verify payload shape. - content → authoring (produces
content.play_package.built.v1). - content → catalog (produces
content.play_package.built.v1). - content → delivery (produces
content.play_package.bundle.published.v1). - content → sync (bundle delta projection).
- API: catalog expects
GET /api/v1/packages/{id}/manifestshape.
OpenAPI diff in CI — breaking changes blocked.
5. E2E Tests
Journey J-05 "Publish → Bundle → Offline Play":
- Author publishes draft → authoring emits event.
- content builds PlayPackage; emits event.
- catalog registers CourseVersion.
- enrollment-service creates bundle-request for enrolled learner.
- content creates bundle; signs; uploads; emits.
- sync projects delta to device; device downloads bundle.
- Player mounts; license validates; plays offline.
Journey J-12 Airplane-mode E2E: mount → disconnect → full session → reconnect → sync.
6. Load Tests
k6 scenarios:
- 100 concurrent package builds → assert p95 < 120s, no failures.
- 1000 concurrent bundle downloads → signed URL + CDN handle throughput.
- SCORM imports at 10/min sustained → queue stable, workers saturated.
7. Chaos Tests
- Kill worker mid-build → verify saga resumes.
- Fail KMS for 30s → signing retries, eventually succeeds, no partial signatures persisted.
- Corrupt S3 object for a bundle → tamper detection on mount.
- Network partition between content + catalog during publish saga → verify compensation.
8. Offline Tests
- Mount tampered bundle → unmount + event.
- Mount expired license → refused.
- Mount on non-bound device → refused.
- Revocation while offline → cached license expires at
expiresAt; online reconnect triggers unmount.
9. Security Tests
- SCORM zip with RCE payload → sandbox catches; quarantined.
- SCORM with path traversal → rejected.
- Cross-tenant bundle download attempt → 403.
- Signed URL replay after TTL → 403.
- License envelope tamper (flip a byte) → signature fails → refused.
- Forged license (attacker signs with non-tenant key) → refused.
10. Compliance & Conformance
- SCORM 1.2 conformance: run CI against SCORM Cloud Conformance Test Suite on every build.
- SCORM 2004 conformance: same, 3rd + 4th edition.
- xAPI 1.0.3 export: validate against ADL conformance suite.
- cmi5: validate session + registration correctness.
11. Replay Tests
- Rebuild PlayPackage table from event log; verify byte-identical packages.
- Rebuild Bundle table from event log; verify signatures reproduce (with same KMS key).
12. CI Gates (merge-blocking)
- Unit + integration pass.
- OpenAPI diff reviewed.
- Pact consumer + provider verification.
- SCORM 1.2 + 2004 conformance green.
- Two-tenant isolation test green.
- Mutation score ≥ 80% on domain.