feat: [#546] artisan command up and down to set website Maintenance mode

[praem90]

📑 Description

This PR adds two Artisan commands

1. Up
2. Down

go run . artisan down
go run . artisan up

The down commands creates a temporary file in the framework storage folder
The up commands removes that file if exists

There is an another middleware CheckForMaintenance, that checks for the file.
It returns the request with 503 status code if the file exists else allow the request to passthrough.

Closes goravel/goravel#546

✅ Checks

• [ x ] Added test cases for my code

[codecov]

Codecov Report

❌ Patch coverage is 68.00000% with 40 lines in your changes missing coverage. Please review.
✅ Project coverage is 70.25%. Comparing base (bedddf4) to head (65fd56a).

Files with missing lines	Patch %	Lines
http/middleware/check_for_maintenance.go	35.29%	21 Missing and 1 partial ⚠️
foundation/console/down_command.go	80.55%	7 Missing and 7 partials ⚠️
foundation/application.go	0.00%	2 Missing ⚠️
foundation/console/up_command.go	88.23%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1198      +/-   ##
==========================================
- Coverage   70.27%   70.25%   -0.02%     
==========================================
  Files         281      284       +3     
  Lines       17121    17246     +125     
==========================================
+ Hits        12031    12116      +85     
- Misses       4579     4610      +31     
- Partials      511      520       +9     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[almas-x]

This is a fantastic PR with a very useful addition to the framework! 🎉

I have a suggestion: how about allowing an optional reason flag for the down command? This could record the reason or announcement for the maintenance, and store it in the framework/down file. The middleware could then read this reason and return it, making it available for APIsor views to display. This would enhance the user experience by providing more context during maintenance mode.

[almas-x]

In unit tests, use t.TempDir() instead of os.TempDir().

t.TempDir() is preferred in unit tests because it creates a unique temporary directory for each test and automatically cleans it up after the test finishes. This helps prevent conflicts and side effects between tests, making your tests safer and more reliable.

[hwbrzzl]

Please fix the windows CI.

[hwbrzzl]

Thanks, great job 👍 Could add some related screenshots in the PR description?

[hwbrzzl]

Suggested change

	ctx.Request().AbortWithStatus(http.StatusServiceUnavailable)
	ctx.Request().Abort(http.StatusServiceUnavailable)

[praem90]

Done

[hwbrzzl]

Suggested change

	path := r.app.StoragePath("framework/down")
	path := r.app.StoragePath("framework/maintenance")

[praem90]

Done

[hwbrzzl]

Could you implement these options as well?

[hwbrzzl]

Is reason still required in this case? @almas-x

[praem90]

I think I can implement those options @hwbrzzl

[almas-x]

Compared to Laravel, the current implementation of reason is indeed a bit limited. I think we can refer to Laravel's implementation and support all the options in your screenshot except for the two that are crossed out.

[praem90]

Cool. What should be the response would be when no --render option is provided?

[hwbrzzl]

Returning the current logic should be fine.

[hwbrzzl]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces up and down artisan commands to manage maintenance mode, along with a middleware to enforce it. The implementation is a good start, but there are several areas for improvement. My review focuses on enhancing error handling within the new commands to provide clearer feedback for scripting and automation, and on improving the test coverage for the new maintenance middleware to ensure all its features are working as expected. I've also identified a few issues in a test helper function that could lead to flaky tests.

[gemini-code-assist]

When hashing the provided secret fails, an error is printed, but the command continues its execution. This can lead to the application entering maintenance mode without the intended secret protection, which could be a security risk if the secret is expected for bypass. The function should return the error to halt execution.

Suggested change

	hash, err := r.app.MakeHash().Make(secret)
	if err != nil {
	ctx.Error("Unable to generate and hash the secret")
	} else {
	options.Secret = hash
	}
	hash, err := r.app.MakeHash().Make(secret)
	if err != nil {
	ctx.Error("Unable to generate and hash the secret")
	return err
	}
	options.Secret = hash

[gemini-code-assist]

The test for CheckForMaintenance middleware is incomplete. It only covers the case where an empty maintenance file exists, which causes a JSON unmarshalling error and results in a 503 status. The test suite should be expanded to cover all the features of the maintenance mode:

• A valid maintenance file with a reason and custom status.
• The redirect option.
• The render option.
• The secret bypass mechanism.

Without these tests, the middleware's core logic is not verified.

[gemini-code-assist]

This implementation of Input has several issues:

1. Request body consumption: io.ReadAll(r.ctx.request.Body) consumes the request body. Subsequent calls to Input (or any other method that reads the body) within the same request lifecycle will find an empty body, leading to unpredictable test failures. The body should be read once and cached.
2. Unsafe type assertion: data[key].(string) is an unsafe type assertion that will panic if the value is not a string (e.g., a number). You should use the two-variable form: val, ok := data[key].(string).
3. Error handling: If json.Unmarshal fails, it returns an empty string, silently swallowing the error. This can make debugging tests difficult.
4. Content-Type assumption: The method assumes the request body is JSON. It doesn't handle other common content types like application/x-www-form-urlencoded.

A more robust implementation should be considered to avoid these problems.

[gemini-code-assist]

When hashing the auto-generated secret fails, an error is printed, but the function returns nil, indicating success. This is misleading and prevents proper error handling by the caller. The function should propagate the underlying error.

Suggested change

	ctx.Error("Unable to generate and hash the secret")
	return nil
	ctx.Error("Unable to generate and hash the secret")
	return err

[gemini-code-assist]

In this test and others (TestHandleWithReason, TestHandleWithRedirect, TestHandleWithRender, TestHandleSecret), file.GetContent is used to read the file, which returns a string. This string is then converted back to a byte slice for json.Unmarshal. It would be more efficient and consistent with TestHandleWithSecret to use os.ReadFile directly, which returns a byte slice.

Suggested change

	content, err := file.GetContent(tmpfile)
	assert.Nil(s.T(), err)
	var maintenanceOptions *MaintenanceOptions
	err = json.Unmarshal([]byte(content), &maintenanceOptions)
	assert.Nil(s.T(), err)
	content, err := os.ReadFile(tmpfile)
	assert.Nil(s.T(), err)
	var maintenanceOptions *MaintenanceOptions
	err = json.Unmarshal(content, &maintenanceOptions)
	assert.Nil(s.T(), err)

[gemini-code-assist]

When the application is not in maintenance mode, the command prints an error but returns nil, indicating success. This can be misleading for scripts that rely on exit codes. It would be better to return an error to signal that the command's intended action was not performed. You will also need to import the fmt package.

Suggested change

	return nil
	return fmt.Errorf("the application is not in maintenance mode")

[gemini-code-assist]

This comment is a code smell. It implies that the error check is only present to satisfy the linter, not for actual error handling. If the error is not important, it should be explicitly ignored with _ = .... If it is important, it should be handled properly (e.g., logged), and this comment should be removed.

[hwbrzzl]

Thanks, great PR! Just left a few questions.

[hwbrzzl]

Use path.Storage() instead.

[hwbrzzl]

Please inject View to the command directly instead of App, the same Hash.

[hwbrzzl]

Add the error to errors/list.go, the same other errors.

[hwbrzzl]

Suggested change

	if redirect := ctx.Option("redirect"); redirect != "" {
	options.Redirect = redirect
	}
	options.Redirect = ctx.Option("redirect")

[hwbrzzl]

return nil here.

[hwbrzzl]

Suggested change

	func CheckForMaintenance() http.Middleware {
	func CheckForMaintenanceMode() http.Middleware {

[hwbrzzl]

Suggested change

	ctx.Request().Abort(http.StatusServiceUnavailable)
	ctx.Response().String(http.StatusServiceUnavailable, err.Error()).Abort()

[hwbrzzl]

How about panic in such cases? The panic will be caught and logged.

[hwbrzzl]

Please cover more cases.

[hwbrzzl]

It's better to use a mock context instead of creating a test one.