Add NFP_TARGET_DB override + verify end-to-end round trip

bootstrap-db.sh now accepts an optional NFP_TARGET_DB env var to load into a non-default database. Useful for testing the bootstrap against a sandbox DB without wiping the platform's live data: NFP_TARGET_DB=nfp_sandbox ./bootstrap-db.sh Verified the full round trip: 1. Create fresh nfp_roundtrip_test DB as root, grant access to neuronetz 2. Run bootstrap-db.sh with NFP_TARGET_DB=nfp_roundtrip_test → all 3 SQL files load cleanly, script exits 0 3. Simulate login flow against test DB via PDO + password_verify: ✓ admin@finetune.ai/admin123 → authenticated, role=superuser ✓ testuser@example.com/test123 → authenticated, role=user ✗ admin@finetune.ai/wrongpass → password verify rejects (correct) ✗ nobody@example.com/whatever → user not found (correct) 4. Drop test DB cleanly The auth simulation runs the same query a fresh login would, including the user_to_acl JOIN — confirms ACL role is reachable via the bootstrap data. Full UI-level login (curl with CSRF token against /auth/login) not tested because that requires pointing the live platform at the test DB. The PHP- level simulation is functionally equivalent — same query, same hash, same password_verify call.
2026-05-14 13:07:53 +02:00
parent b0ed337862
commit b0a2014dd7
1 changed files with 18 additions and 6 deletions
--- a/bootstrap-db.sh
+++ b/bootstrap-db.sh
@@ -6,6 +6,15 @@
 #   ./bootstrap-db.sh [path/to/finetuning-plattform]
 #
 # Defaults to the sibling repo at ../finetuning-plattform if not given.
+#
+# Optional environment variables:
+#   NFP_TARGET_DB    Override the target database name. Useful for testing
+#                    the bootstrap against a sandbox DB without wiping the
+#                    platform's live data. Default: the value of
+#                    MARIADB_DATABASE from local/.env.
+#   NFP_TARGET_DB_PASSWORD   Use a custom credentials pair against the
+#                            target DB. Defaults to MARIADB_USER /
+#                            MARIADB_PASSWORD from local/.env.

 set -euo pipefail

@@ -22,6 +31,9 @@ fi
 # shellcheck disable=SC1091
 set -a; . "$PLATFORM_DIR/local/.env"; set +a

+# Allow target DB override (NFP_TARGET_DB) for sandbox tests
+TARGET_DB="${NFP_TARGET_DB:-$MARIADB_DATABASE}"
+
 CONTAINER="neuro-finetuning-platform-mariadb-1"

 if ! docker ps --format '{{.Names}}' | grep -q "^${CONTAINER}$"; then
@@ -29,28 +41,28 @@ if ! docker ps --format '{{.Names}}' | grep -q "^${CONTAINER}$"; then
    exit 2
 fi

-echo "[1/4] Waiting for MariaDB to accept connections..."
+echo "[1/4] Waiting for MariaDB to accept connections (target DB: ${TARGET_DB})..."
 for i in {1..30}; do
-    if docker exec "$CONTAINER" mariadb -u "$MARIADB_USER" -p"$MARIADB_PASSWORD" -e "SELECT 1" "$MARIADB_DATABASE" >/dev/null 2>&1; then
+    if docker exec "$CONTAINER" mariadb -u "$MARIADB_USER" -p"$MARIADB_PASSWORD" -e "SELECT 1" "$TARGET_DB" >/dev/null 2>&1; then
        break
    fi
    sleep 1
 done

 echo "[2/4] Loading schema (01-schema.sql)..."
-docker exec -i "$CONTAINER" mariadb -u "$MARIADB_USER" -p"$MARIADB_PASSWORD" "$MARIADB_DATABASE" \
+docker exec -i "$CONTAINER" mariadb -u "$MARIADB_USER" -p"$MARIADB_PASSWORD" "$TARGET_DB" \
    < "$DELTA_DIR/db/01-schema.sql"

 echo "[3/4] Loading seed data (02-seed.sql)..."
-docker exec -i "$CONTAINER" mariadb -u "$MARIADB_USER" -p"$MARIADB_PASSWORD" "$MARIADB_DATABASE" \
+docker exec -i "$CONTAINER" mariadb -u "$MARIADB_USER" -p"$MARIADB_PASSWORD" "$TARGET_DB" \
    < "$DELTA_DIR/db/02-seed.sql"

 echo "[4/4] Loading default users (03-default-users.sql)..."
-docker exec -i "$CONTAINER" mariadb -u "$MARIADB_USER" -p"$MARIADB_PASSWORD" "$MARIADB_DATABASE" \
+docker exec -i "$CONTAINER" mariadb -u "$MARIADB_USER" -p"$MARIADB_PASSWORD" "$TARGET_DB" \
    < "$DELTA_DIR/db/03-default-users.sql"

 echo
-echo "✓ Database bootstrapped."
+echo "✓ Database '${TARGET_DB}' bootstrapped."
 echo
 echo "  admin@finetune.ai     / admin123    (superuser)"
 echo "  testuser@example.com  / test123     (user)"