open-cmis-tck/docs/CMIS-PROFILES.md

CMIS Profiles

Status: draft Created: 2026-05-07

Purpose

open-cmis-tck uses guide-board target and assessment profiles without adding a separate persisted profile format. This keeps the extension compatible with the guide-board planner while still giving CMIS-specific diagnostics through open_cmis_tck.profile.validate_cmis_profile_config.

Target Profile Fields

The CMIS target profile uses the guide-board target-profile schema:

• subject_type: use cmis-browser-binding-endpoint.
• endpoints: include one endpoint with binding set to cmis-browser and url set to the Browser Binding service document URL.
• credentials_ref: use null for anonymous/local development targets, or a secret reference for authenticated repositories.
• declared_capabilities: list the CMIS requirement refs the target claims to support, such as cmis.repository-info, cmis.type-definitions, cmis.object-services, cmis.content-streams, cmis.query, cmis.acl, and cmis.versioning.
• known_gaps: list unsupported optional requirements with a stable gap ID, requirement refs, reason, and status such as unsupported_by_design.

Templates live under profiles/targets/templates/:

• cmis-browser-anonymous.json
• cmis-browser-basic-auth-env.json
• cmis-browser-basic-auth-file.json

Credential References

Secrets should not be committed to the repository or preserved in guide-board artifacts.

Supported credential reference forms:

null
env:CMIS_TCK_USER,CMIS_TCK_PASSWORD
file:/absolute/path/to/cmis-tck-credentials.json

Environment variables are useful for local runs:

export CMIS_TCK_USER='alice'
export CMIS_TCK_PASSWORD='local-secret'

File credentials use JSON:

{
  "user": "alice",
  "password": "local-secret"
}

The ConsoleRunner adapter writes a private session properties file only for the duration of the run and retains session.properties.redacted as the artifact.

Validate target profiles through guide-board before running:

cd ../guide-board
PYTHONPATH=src python3 -m guide_board \
  profile validate-target \
  ../open-cmis-tck/profiles/targets/kontextual-cmis-compat.json

Assessment Runtime Fields

Repository selection and harness execution settings live in the assessment profile because they are run policy, not target identity:

{
  "runtime_policy": {
    "offline": false,
    "timeout_seconds": 300,
    "opencmis_tck": {
      "repository_id": "compat-tck",
      "requires_java_maven": true,
      "command": [
        "python3",
        "{extension_path}/adapters/opencmis_console_adapter.py",
        "--browser-url",
        "{browser_url}",
        "--repository-id",
        "{repository_id}",
        "--check-group",
        "{check_group}",
        "--artifact-dir",
        "{artifact_dir}",
        "--run-dir",
        "{run_dir}",
        "--extension-path",
        "{extension_path}",
        "--credentials-ref",
        "{credentials_ref}",
        "--target-profile-dir",
        "{target_profile_dir}",
        "--timeout-seconds",
        "{timeout_seconds}"
      ]
    }
  }
}

repository_id is optional for preflight. If omitted, preflight selects the first repository from the Browser Binding service document. A real TCK command usually needs it.

command is optional. When absent, the wrapper reports tck_invocation_not_configured as a structured, expected bootstrap blocker.

Diagnostics

Use the extension helper from tests or local scripts:

from open_cmis_tck.profile import validate_cmis_profile_config

diagnostics = validate_cmis_profile_config(target_profile, assessment_profile)

The result contains status, diagnostics, and the interpreted cmis_config. Diagnostics are intentionally actionable: they point to the field that should be changed and explain what the extension expects.