From 96b259cbc1137828f4245570de2d473b40b5ed35 Mon Sep 17 00:00:00 2001
From: Jason Woltje <jason.woltje@uscllc.com>
Date: Fri, 6 Feb 2026 12:25:54 -0600
Subject: [PATCH] fix(tests): Fix CI pipeline failures in pipeline 239

Two fixes for CI test failures:

1. secret-scanner.service.spec.ts - "unreadable files" test:
   - The test uses chmod 0o000 to make a file unreadable
   - In CI (Docker), tests run as root where chmod doesn't prevent reads
   - Fix: Detect if running as root with process.getuid() and adjust
     expectations accordingly (root can still read the file)

2. demo/kanban/page.tsx - Build failure during static generation:
   - KanbanBoard component uses useToast() hook from @mosaic/ui
   - During Next.js static generation, ToastProvider context is not available
   - Fix: Wrap page content with ToastProvider to provide context

Quality gates verified locally:
- lint: pass
- typecheck: pass
- orchestrator tests: 612 passing
- web tests: 650 passing (23 skipped)
- web build: pass (/demo/kanban now prerendered successfully)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 .../src/git/secret-scanner.service.spec.ts    | 16 ++++++--
 apps/web/src/app/demo/kanban/page.tsx         | 37 +++++++++++--------
 2 files changed, 34 insertions(+), 19 deletions(-)

diff --git a/apps/orchestrator/src/git/secret-scanner.service.spec.ts b/apps/orchestrator/src/git/secret-scanner.service.spec.ts
index b211c4f..1b3655e 100644
--- a/apps/orchestrator/src/git/secret-scanner.service.spec.ts
+++ b/apps/orchestrator/src/git/secret-scanner.service.spec.ts
@@ -434,11 +434,21 @@ SECRET=replace-me
       // Remove read permissions
       await fs.chmod(testFile, 0o000);
 
+      // Check if we're running as root (where chmod 0o000 won't prevent reads)
+      const isRoot = process.getuid?.() === 0;
+
       const result = await service.scanFile(testFile);
 
-      expect(result.scannedSuccessfully).toBe(false);
-      expect(result.scanError).toBeDefined();
-      expect(result.hasSecrets).toBe(false); // Not "clean", just unscanned
+      if (isRoot) {
+        // Root can still read the file, so it will scan successfully
+        expect(result.scannedSuccessfully).toBe(true);
+        expect(result.hasSecrets).toBe(true); // Contains AWS key
+      } else {
+        // Non-root user cannot read the file
+        expect(result.scannedSuccessfully).toBe(false);
+        expect(result.scanError).toBeDefined();
+        expect(result.hasSecrets).toBe(false); // Not "clean", just unscanned
+      }
 
       // Cleanup - restore permissions first
       await fs.chmod(testFile, 0o644);
diff --git a/apps/web/src/app/demo/kanban/page.tsx b/apps/web/src/app/demo/kanban/page.tsx
index a945885..6b1906e 100644
--- a/apps/web/src/app/demo/kanban/page.tsx
+++ b/apps/web/src/app/demo/kanban/page.tsx
@@ -6,6 +6,7 @@ import { useState } from "react";
 import { KanbanBoard } from "@/components/kanban";
 import type { Task } from "@mosaic/shared";
 import { TaskStatus, TaskPriority } from "@mosaic/shared";
+import { ToastProvider } from "@mosaic/ui";
 
 const initialTasks: Task[] = [
   {
@@ -173,23 +174,27 @@ export default function KanbanDemoPage(): ReactElement {
   };
 
   return (
-    <div className="min-h-screen bg-gray-100 dark:bg-gray-950 p-6">
-      <div className="max-w-7xl mx-auto space-y-6">
-        {/* Header */}
-        <div className="bg-white dark:bg-gray-900 rounded-lg shadow-sm border border-gray-200 dark:border-gray-800 p-6">
-          <h1 className="text-2xl font-bold text-gray-900 dark:text-gray-100">Kanban Board Demo</h1>
-          <p className="mt-2 text-gray-600 dark:text-gray-400">
-            Drag and drop tasks between columns to update their status.
-          </p>
-          <p className="mt-1 text-sm text-gray-500 dark:text-gray-500">
-            {tasks.length} total tasks •{" "}
-            {tasks.filter((t) => t.status === TaskStatus.COMPLETED).length} completed
-          </p>
-        </div>
+    <ToastProvider>
+      <div className="min-h-screen bg-gray-100 dark:bg-gray-950 p-6">
+        <div className="max-w-7xl mx-auto space-y-6">
+          {/* Header */}
+          <div className="bg-white dark:bg-gray-900 rounded-lg shadow-sm border border-gray-200 dark:border-gray-800 p-6">
+            <h1 className="text-2xl font-bold text-gray-900 dark:text-gray-100">
+              Kanban Board Demo
+            </h1>
+            <p className="mt-2 text-gray-600 dark:text-gray-400">
+              Drag and drop tasks between columns to update their status.
+            </p>
+            <p className="mt-1 text-sm text-gray-500 dark:text-gray-500">
+              {tasks.length} total tasks •{" "}
+              {tasks.filter((t) => t.status === TaskStatus.COMPLETED).length} completed
+            </p>
+          </div>
 
-        {/* Kanban Board */}
-        <KanbanBoard tasks={tasks} onStatusChange={handleStatusChange} />
+          {/* Kanban Board */}
+          <KanbanBoard tasks={tasks} onStatusChange={handleStatusChange} />
+        </div>
       </div>
-    </div>
+    </ToastProvider>
   );
 }