port: 0,

outputPath,

repoRoot,

controlUiUrl: "http://127.0.0.1:18789/",

controlUiToken: "qa-token",

controlUiUrl: "http://127.0.0.1:18789/?token=qa-token&panel=chat#token=fragment-token",

embeddedGateway: "disabled",

});

cleanups.push(async () => {

};

expect(bootstrap.defaults.conversationId).toBe("qa-operator");

expect(bootstrap.defaults.senderId).toBe("qa-operator");

expect(bootstrap.controlUiUrl).toBe("http://127.0.0.1:18789/");

expect(bootstrap.controlUiEmbeddedUrl).toBe("http://127.0.0.1:18789/#token=qa-token");

expect(bootstrap.controlUiUrl).toBe("http://127.0.0.1:18789/?panel=chat");

expect(bootstrap.controlUiEmbeddedUrl).toBe("http://127.0.0.1:18789/?panel=chat");

expect(bootstrap.kickoffTask).toContain("Lobster Invaders");

expect(bootstrap.scenarios.length).toBeGreaterThanOrEqual(10);

expect(bootstrap.scenarios.map((scenario) => scenario.id)).toContain("dm-chat-baseline");

expect(bootstrap.runner.status).toBe("idle");

expect(bootstrap.runner.selection.providerMode).toBe("live-frontier");

expect(bootstrap.runner.selection.scenarioIds).toHaveLength(bootstrap.scenarios.length);

const startupStatus = (await (

await fetchWithRetry(`${lab.baseUrl}/api/capture/startup-status`)

).json()) as {

status: { gateway: { url: string } };

};

expect(startupStatus.status.gateway.url).toBe("http://127.0.0.1:18789/?panel=chat");

const messageResponse = await fetch(`${lab.baseUrl}/api/inbound/message`, {

method: "POST",

headers: {

});

it("proxies control-ui paths through /control-ui", async () => {

const authorizations: Array<string | undefined> = [];

const upstream = createServer((req, res) => {

authorizations.push(req.headers.authorization);

if ((req.url ?? "/") === "/healthz") {

res.writeHead(200, { "content-type": "application/json" });

res.end(JSON.stringify({ ok: true, status: "live" }));

advertiseHost: "127.0.0.1",

advertisePort: 43124,

controlUiProxyTarget: `http://127.0.0.1:${address.port}/`,

controlUiToken: "proxy-token",

controlUiProxyToken: "proxy-token",

});

cleanups.push(async () => {

await lab.stop();

controlUiEmbeddedUrl: string | null;

};

expect(bootstrap.controlUiUrl).toBe("http://127.0.0.1:43124/control-ui/");

expect(bootstrap.controlUiEmbeddedUrl).toBe(

"http://127.0.0.1:43124/control-ui/#token=proxy-token",

);

expect(bootstrap.controlUiEmbeddedUrl).toBe("http://127.0.0.1:43124/control-ui/");

const healthResponse = await fetchWithRetry(`${lab.listenUrl}/control-ui/healthz`);

expect(healthResponse.status).toBe(200);

expect(rootResponse.headers.get("x-frame-options")).toBeNull();

expect(rootResponse.headers.get("content-security-policy")).toContain("frame-ancestors 'self'");

expect(await rootResponse.text()).toContain("Control UI");

expect(authorizations).toEqual(["Bearer proxy-token", "Bearer proxy-token"]);

});

it("serves the built QA UI bundle when available", async () => {

],

});

lab.setControlUi({

controlUiUrl: "http://127.0.0.1:18789/",

controlUiToken: "late-token",

controlUiUrl: "http://127.0.0.1:18789/?password=late-password#token=late-token",

});

const bootstrap = (await (await fetchWithRetry(`${lab.baseUrl}/api/bootstrap`)).json()) as {

controlUiEmbeddedUrl: string | null;

};

expect(bootstrap.controlUiEmbeddedUrl).toBe("http://127.0.0.1:18789/#token=late-token");

expect(bootstrap.controlUiEmbeddedUrl).toBe("http://127.0.0.1:18789/");

const outcomes = (await (await fetchWithRetry(`${lab.baseUrl}/api/outcomes`)).json()) as {

run: {