generated from bisco/codex-bootstrap
29 lines
1.6 KiB
Markdown
29 lines
1.6 KiB
Markdown
# Testing
|
|
|
|
All checks run inside Docker containers.
|
|
|
|
```bash
|
|
docker compose run --rm --no-deps wordpress php -l /opt/azionelab/theme/functions.php
|
|
docker compose run --rm --no-deps wordpress php -l /opt/azionelab/theme/front-page.php
|
|
docker compose run --rm --no-deps wordpress php -l /opt/azionelab/azionelab-content.php
|
|
docker compose run --rm --no-deps proxy nginx -t
|
|
docker compose -f docker-compose.yml -f docker-compose.test.yml up --build -d db wordpress proxy
|
|
docker compose -f docker-compose.yml -f docker-compose.test.yml --profile tools run --rm wp-cli /scripts/bootstrap.sh
|
|
docker compose -f docker-compose.yml -f docker-compose.test.yml --profile test run --build --rm functional-tests
|
|
docker compose -f docker-compose.yml -f docker-compose.test.yml --profile test run --rm security-tests
|
|
docker compose config --quiet
|
|
LETSENCRYPT_ENABLED=1 docker compose config --quiet
|
|
```
|
|
|
|
The normal stack uses host-based bind mounts under `./runtime` by default. The test
|
|
override replaces database and WordPress state with isolated Docker volumes, maps
|
|
`azionelab.org` to the internal proxy, and never publishes an extra port. Browser tests
|
|
cover content and section order, contact actions, mobile overflow/navigation, semantic
|
|
landmarks, image alternatives, admin routing, security headers, blocked sensitive
|
|
routes, blocked uploaded PHP requests, and unknown virtual hosts. Security checks also
|
|
assert that WordPress does not publish host ports and that Apache hardening remains
|
|
installed in the WordPress image.
|
|
|
|
Subjective visual review and a real-device accessibility audit remain manual release
|
|
checks.
|