tests for dry run output and error handling

Author: kushalshit27

docs/using-dry-run.md

@@ -2,7 +2,7 @@
 
 The Auth0 Deploy CLI supports a "dry run" mode that allows you to preview all potential changes to your Auth0 tenant without actually applying them. This feature provides a safety net for validating configurations and understanding the impact of deployments before they occur.
 
-[Discussions thread](https://github.com/auth0/auth0-deploy-cli/discussions/1092?sort=new)
+[Discussions thread](https://github.com/auth0/auth0-deploy-cli/discussions/1149)
 
 ## Usage
 

test/tools/auth0/handlers/dryRun.tests.ts

@@ -6,7 +6,9 @@ import DatabasesHandler from '../../../../src/tools/auth0/handlers/databases';
 import HooksHandler from '../../../../src/tools/auth0/handlers/hooks';
 import RulesConfigsHandler from '../../../../src/tools/auth0/handlers/rulesConfigs';
 import RulesHandler from '../../../../src/tools/auth0/handlers/rules';
+import DefaultHandler from '../../../../src/tools/auth0/handlers/default';
 import constants from '../../../../src/tools/constants';
+import { configFactory } from '../../../../src/configFactory';
 import { mockPagedData } from '../../../utils';
 
 const pool = {
@@ -298,3 +300,86 @@ describe('#handler dryRunChanges', () => {
     expect(changes.update[0].secrets).to.equal(undefined);
   });
 });
+
+describe('#getResourceName', () => {
+  function createHandler(type: string): DefaultHandler {
+    return new DefaultHandler({
+      // @ts-ignore test stub
+      config: configFactory(),
+      type,
+      id: 'id',
+      identifiers: ['id', 'name'],
+    });
+  }
+
+  it('should return name when present', () => {
+    const handler = createHandler('clients');
+    expect(handler.getResourceName({ name: 'My App' })).to.equal('My App');
+  });
+
+  it('should return display_name when name is absent', () => {
+    const handler = createHandler('clients');
+    expect(handler.getResourceName({ display_name: 'My Display Name' })).to.equal(
+      'My Display Name'
+    );
+  });
+
+  it('should return template when name and display_name are absent', () => {
+    const handler = createHandler('emailTemplates');
+    expect(handler.getResourceName({ template: 'verify_email' })).to.equal('verify_email');
+  });
+
+  it('should return email property as fallback', () => {
+    const handler = createHandler('users');
+    expect(handler.getResourceName({ email: 'test@example.com' })).to.equal('test@example.com');
+  });
+
+  it('should format clientGrants as "client_id -> audience"', () => {
+    const handler = createHandler('clientGrants');
+    expect(
+      handler.getResourceName({ client_id: 'cli_123', audience: 'https://api.example.com' })
+    ).to.equal('cli_123 -> https://api.example.com');
+  });
+
+  it('should return name or type for guardianFactors', () => {
+    const handler = createHandler('guardianFactors');
+    expect(handler.getResourceName({ type: 'sms' })).to.equal('sms');
+  });
+
+  it('should return template for emailTemplates type when no name', () => {
+    const handler = createHandler('emailTemplates');
+    expect(handler.getResourceName({ template: 'welcome_email' })).to.equal('welcome_email');
+  });
+
+  it('should return description or priority for networkACLs', () => {
+    const handler = createHandler('networkACLs');
+    expect(handler.getResourceName({ description: 'Block list' })).to.equal('Block list');
+    expect(handler.getResourceName({ priority: 10 })).to.equal('priority:10');
+  });
+
+  it('should return domain for customDomains', () => {
+    const handler = createHandler('customDomains');
+    expect(handler.getResourceName({ domain: 'auth.example.com' })).to.equal('auth.example.com');
+  });
+
+  it('should return "{type} settings" for singleton resource types', () => {
+    const singletonTypes = [
+      'tenant',
+      'attackProtection',
+      'branding',
+      'emailProvider',
+      'guardianPhoneFactorSelectedProvider',
+      'guardianPolicies',
+      'riskAssessment',
+    ];
+    singletonTypes.forEach((type) => {
+      const handler = createHandler(type);
+      expect(handler.getResourceName({})).to.equal(`${type} settings`);
+    });
+  });
+
+  it('should return "unnamed resource" as fallback', () => {
+    const handler = createHandler('unknownType');
+    expect(handler.getResourceName({})).to.equal('unnamed resource');
+  });
+});

test/tools/auth0/handlers/tenant.tests.ts

@@ -226,4 +226,45 @@ describe('#tenant handler', () => {
       expect(() => removeUnallowedTenantFlags({})).to.not.throw();
     });
   });
+
+  describe('#tenant processChanges dry-run', () => {
+    it('should convert session durations from hours to minutes in update payload', async () => {
+      let capturedPayload: any = null;
+      const auth0 = {
+        tenants: {
+          settings: {
+            get: () => ({
+              friendly_name: 'Test',
+              session_lifetime_in_minutes: 60,
+              idle_session_lifetime_in_minutes: 120,
+            }),
+            update: (data: any) => {
+              capturedPayload = data;
+              return Promise.resolve(data);
+            },
+          },
+        },
+      };
+
+      // @ts-ignore — standard test pattern
+      const handler = new tenantHandler({ client: auth0 });
+      const stageFn = Object.getPrototypeOf(handler).processChanges;
+
+      await stageFn.apply(handler, [
+        {
+          tenant: {
+            friendly_name: 'Updated Test',
+            session_lifetime: 2,
+            idle_session_lifetime: 3,
+          },
+        },
+      ]);
+
+      expect(capturedPayload).to.not.be.null;
+      expect(capturedPayload.session_lifetime_in_minutes).to.equal(120);
+      expect(capturedPayload.idle_session_lifetime_in_minutes).to.equal(180);
+      expect(capturedPayload).to.not.have.property('session_lifetime');
+      expect(capturedPayload).to.not.have.property('idle_session_lifetime');
+    });
+  });
 });

test/tools/auth0/index.test.ts

@@ -130,5 +130,196 @@ describe('#Auth0 class', () => {
       expect(output).to.match(/│ ResourceServers\s+│ UPDATE\s+│ Role test API\s+│/);
       expect(output).to.match(/└[─┴]+┘/);
     });
+
+    it('should output "No changes detected" when all handlers report no changes', async () => {
+      process.env.AUTH0_DEBUG = 'true';
+
+      sandbox
+        .stub(calculateDryRunChanges, 'dryRunFormatAssets')
+        .callsFake(async (assets) => assets);
+
+      const printedMessages: string[] = [];
+      sandbox.stub(utils, 'printCLIMessage').callsFake((message: string) => {
+        printedMessages.push(message);
+      });
+
+      const auth0 = new Auth0(mockEmptyClient, mockEmptyAssets, (key) => {
+        const config = {
+          AUTH0_DOMAIN: 'example-tenant.auth0.com',
+          AUTH0_INPUT_FILE: './tenant.yaml',
+        };
+        return config[key];
+      });
+
+      auth0.handlers = [
+        {
+          type: 'clients',
+          dryRunChanges: async () => ({ create: [], update: [], del: [] }),
+          getResourceName: (item: { name: string }) => item.name,
+        },
+      ] as any;
+
+      const hasChanges = await auth0.dryRun();
+      const output = printedMessages[printedMessages.length - 1].replace(
+        new RegExp(`${String.fromCharCode(27)}\\[[0-9;]*m`, 'g'),
+        ''
+      );
+
+      expect(hasChanges).to.equal(false);
+      expect(output).to.include('No changes detected');
+    });
+
+    it('should show DELETE with asterisk note when AUTH0_ALLOW_DELETE is false', async () => {
+      process.env.AUTH0_DEBUG = 'true';
+
+      sandbox
+        .stub(calculateDryRunChanges, 'dryRunFormatAssets')
+        .callsFake(async (assets) => assets);
+
+      const printedMessages: string[] = [];
+      sandbox.stub(utils, 'printCLIMessage').callsFake((message: string) => {
+        printedMessages.push(message);
+      });
+
+      const auth0 = new Auth0(mockEmptyClient, mockEmptyAssets, (key) => {
+        const config = {
+          AUTH0_ALLOW_DELETE: false,
+          AUTH0_DOMAIN: 'example-tenant.auth0.com',
+          AUTH0_INPUT_FILE: './tenant.yaml',
+        };
+        return config[key];
+      });
+
+      auth0.handlers = [
+        {
+          type: 'clients',
+          dryRunChanges: async () => ({
+            create: [],
+            update: [],
+            del: [{ name: 'Old App' }],
+          }),
+          getResourceName: (item: { name: string }) => item.name,
+        },
+      ] as any;
+
+      const hasChanges = await auth0.dryRun();
+      const output = printedMessages[printedMessages.length - 1].replace(
+        new RegExp(`${String.fromCharCode(27)}\\[[0-9;]*m`, 'g'),
+        ''
+      );
+
+      expect(hasChanges).to.equal(true);
+      expect(output).to.include('Requires AUTH0_ALLOW_DELETE to be enabled');
+      expect(output).to.include('DELETE');
+    });
+
+    it('should show CREATE changes in the table', async () => {
+      process.env.AUTH0_DEBUG = 'true';
+
+      sandbox
+        .stub(calculateDryRunChanges, 'dryRunFormatAssets')
+        .callsFake(async (assets) => assets);
+
+      const printedMessages: string[] = [];
+      sandbox.stub(utils, 'printCLIMessage').callsFake((message: string) => {
+        printedMessages.push(message);
+      });
+
+      const auth0 = new Auth0(mockEmptyClient, mockEmptyAssets, (key) => {
+        const config = {
+          AUTH0_DOMAIN: 'example-tenant.auth0.com',
+          AUTH0_INPUT_FILE: './tenant.yaml',
+        };
+        return config[key];
+      });
+
+      auth0.handlers = [
+        {
+          type: 'actions',
+          dryRunChanges: async () => ({
+            create: [{ name: 'New Action' }],
+            update: [],
+            del: [],
+          }),
+          getResourceName: (item: { name: string }) => item.name,
+        },
+      ] as any;
+
+      const hasChanges = await auth0.dryRun();
+      const output = printedMessages[printedMessages.length - 1].replace(
+        new RegExp(`${String.fromCharCode(27)}\\[[0-9;]*m`, 'g'),
+        ''
+      );
+
+      expect(hasChanges).to.equal(true);
+      expect(output).to.include('CREATE');
+      expect(output).to.include('New Action');
+    });
+
+    it('should propagate handler errors with type and stage annotations', async () => {
+      process.env.AUTH0_DEBUG = 'true';
+
+      sandbox
+        .stub(calculateDryRunChanges, 'dryRunFormatAssets')
+        .callsFake(async (assets) => assets);
+
+      sandbox.stub(utils, 'printCLIMessage');
+
+      const auth0 = new Auth0(mockEmptyClient, mockEmptyAssets, (key) => {
+        const config = {
+          AUTH0_DOMAIN: 'example-tenant.auth0.com',
+        };
+        return config[key];
+      });
+
+      auth0.handlers = [
+        {
+          type: 'clients',
+          dryRunChanges: async () => {
+            throw new Error('API failure');
+          },
+          getResourceName: (item: { name: string }) => item.name,
+        },
+      ] as any;
+
+      try {
+        await auth0.dryRun();
+        expect.fail('Expected dryRun to throw');
+      } catch (err) {
+        expect(err.message).to.equal('API failure');
+        expect(err.type).to.equal('clients');
+        expect(err.stage).to.equal('dryRun');
+      }
+    });
+
+    it('should use default input path when AUTH0_INPUT_FILE is not set', async () => {
+      process.env.AUTH0_DEBUG = 'true';
+
+      sandbox
+        .stub(calculateDryRunChanges, 'dryRunFormatAssets')
+        .callsFake(async (assets) => assets);
+
+      const printedMessages: string[] = [];
+      sandbox.stub(utils, 'printCLIMessage').callsFake((message: string) => {
+        printedMessages.push(message);
+      });
+
+      const auth0 = new Auth0(mockEmptyClient, mockEmptyAssets, (key) => {
+        const config = {
+          AUTH0_DOMAIN: 'example-tenant.auth0.com',
+        };
+        return config[key];
+      });
+
+      auth0.handlers = [] as any;
+
+      await auth0.dryRun();
+      const output = printedMessages[printedMessages.length - 1].replace(
+        new RegExp(`${String.fromCharCode(27)}\\[[0-9;]*m`, 'g'),
+        ''
+      );
+
+      expect(output).to.include('./tenant-config-directory/');
+    });
   });
 });