geoffsee/cluster
1
0
Fork 0
mirror of https://github.com/seemueller-io/cluster.git synced 2025-09-08 22:56:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Development environment functions

Browse Source
This commit is contained in:
geoffsee
2025-08-15 18:59:05 -04:00
commit e289de2bd7
58 changed files with 11955 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

245
deploy/dev/components/__tests__/__snapshots__/main-test.ts.snap Normal file
View File

@@ -0,0 +1,245 @@
// Jest Snapshot v1, https://jestjs.io/docs/snapshot-testing
exports[`ClusterComponentsStack Snapshot Tests should match the expected Terraform configuration snapshot 1`] = `
"{
"output": {
"admin_credentials": {
"description": "Default admin credentials",
"value": "zitadel-admin@zitadel.machine.127.0.0.1.sslip.io / Password1!"
},
"zitadel_url": {
"description": "Zitadel Console URL",
"value": "https://machine.127.0.0.1.sslip.io/ui/console?login_hint=zitadel-admin@zitadel.machine.127.0.0.1.sslip.io"
}
},
"provider": {
"helm": [
{
"kubernetes": {
"config_context": "kind-kind",
"config_path": "~/.kube/config"
}
}
],
"kubernetes": [
{
"config_context": "kind-kind",
"config_path": "~/.kube/config"
}
],
"null": [
{
}
]
},
"resource": {
"helm_release": {
"cert-manager": {
"chart": "cert-manager",
"create_namespace": true,
"name": "cert-manager",
"namespace": "cert-manager",
"repository": "oci://quay.io/jetstack/charts",
"set": [
{
"name": "crds.enabled",
"value": "true"
}
],
"version": "v1.18.2",
"wait": true
},
"postgresql": {
"chart": "postgresql",
"depends_on": [
"helm_release.traefik"
],
"name": "db",
"namespace": "default",
"repository": "https://charts.bitnami.com/bitnami",
"values": [
"https://raw.githubusercontent.com/zitadel/zitadel-charts/main/examples/4-machine-user/postgres-values.yaml"
],
"version": "12.10.0",
"wait": true
},
"traefik": {
"chart": "traefik",
"create_namespace": true,
"depends_on": [
"helm_release.cert-manager"
],
"name": "traefik",
"namespace": "ingress",
"repository": "https://traefik.github.io/charts",
"values": [
"https://raw.githubusercontent.com/zitadel/zitadel-charts/main/examples/99-kind-with-traefik/traefik-values.yaml"
],
"version": "36.3.0",
"wait": true
},
"zitadel": {
"chart": "zitadel",
"depends_on": [
"helm_release.postgresql"
],
"name": "my-zitadel",
"namespace": "default",
"repository": "https://charts.zitadel.com",
"values": [
"https://raw.githubusercontent.com/zitadel/zitadel-charts/main/examples/4-machine-user/zitadel-values.yaml"
],
"wait": true
}
},
"null_resource": {
"completion-message": {
"depends_on": [
"null_resource.verify-zitadel"
],
"provisioner": [
{
"local-exec": {
"command": "echo 'Installation completed successfully!'",
"when": "create"
}
}
],
"triggers": {
"verification_dependency": "\${null_resource.verify-zitadel.id}"
}
},
"configure-ssl": {
"depends_on": [
"null_resource.patch-ingresses"
],
"provisioner": [
{
"local-exec": {
"command": "\\n # Extract certificate and add to system trust store\\n kubectl get secret zitadel-tls -n default -o jsonpath='{.data.tls\\\\.crt}' | base64 -d > /tmp/zitadel-cert.crt || true\\n sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /tmp/zitadel-cert.crt || true\\n ",
"when": "create"
}
}
],
"triggers": {
"patch_dependency": "\${null_resource.patch-ingresses.id}"
}
},
"create-tls-resources": {
"depends_on": [
"null_resource.wait-for-cert-manager-crds",
"helm_release.zitadel"
],
"provisioner": [
{
"local-exec": {
"command": "cat <<EOF | kubectl apply -f -\\napiVersion: cert-manager.io/v1\\nkind: ClusterIssuer\\nmetadata:\\n name: selfsigned-issuer\\nspec:\\n selfSigned: {}\\n---\\napiVersion: cert-manager.io/v1\\nkind: Certificate\\nmetadata:\\n name: zitadel-cert\\n namespace: default\\nspec:\\n secretName: zitadel-tls\\n issuerRef:\\n name: selfsigned-issuer\\n kind: ClusterIssuer\\n commonName: machine.127.0.0.1.sslip.io\\n dnsNames:\\n - machine.127.0.0.1.sslip.io\\nEOF",
"when": "create"
}
}
],
"triggers": {
"crd_dependency": "\${null_resource.wait-for-cert-manager-crds.id}",
"zitadel_dependency": "\${helm_release.zitadel.id}"
}
},
"extract-credentials": {
"depends_on": [
"null_resource.configure-ssl"
],
"provisioner": [
{
"local-exec": {
"command": "echo 'Credential extraction would run during apply'",
"when": "create"
}
}
],
"triggers": {
"ssl_dependency": "\${null_resource.configure-ssl.id}"
}
},
"patch-ingresses": {
"depends_on": [
"null_resource.wait-for-certificate"
],
"provisioner": [
{
"local-exec": {
"command": "\\n kubectl patch ingress my-zitadel -n default --type='merge' -p='{\\"spec\\":{\\"tls\\":[{\\"hosts\\":[\\"machine.127.0.0.1.sslip.io\\"],\\"secretName\\":\\"zitadel-tls\\"}]}}' || true\\n kubectl patch ingress my-zitadel-login -n default --type='merge' -p='{\\"spec\\":{\\"tls\\":[{\\"hosts\\":[\\"machine.127.0.0.1.sslip.io\\"],\\"secretName\\":\\"zitadel-tls\\"}]}}' || true\\n ",
"when": "create"
}
}
],
"triggers": {
"wait_dependency": "\${null_resource.wait-for-certificate.id}"
}
},
"verify-zitadel": {
"depends_on": [
"null_resource.extract-credentials"
],
"provisioner": [
{
"local-exec": {
"command": "echo 'Zitadel verification would run during apply'",
"when": "create"
}
}
],
"triggers": {
"credentials_dependency": "\${null_resource.extract-credentials.id}"
}
},
"wait-for-cert-manager-crds": {
"depends_on": [
"helm_release.cert-manager"
],
"provisioner": [
{
"local-exec": {
"command": "kubectl wait --for=condition=established --timeout=120s crd/clusterissuers.cert-manager.io || kubectl get crd clusterissuers.cert-manager.io",
"when": "create"
}
}
],
"triggers": {
"cert_manager_dependency": "\${helm_release.cert-manager.id}"
}
},
"wait-for-certificate": {
"depends_on": [
"null_resource.create-tls-resources"
],
"provisioner": [
{
"local-exec": {
"command": "kubectl wait --for=condition=ready certificate zitadel-cert -n default --timeout=120s || true",
"when": "create"
}
}
],
"triggers": {
"tls_resources_dependency": "\${null_resource.create-tls-resources.id}"
}
}
}
},
"terraform": {
"required_providers": {
"helm": {
"source": "helm",
"version": "2.17.0"
},
"kubernetes": {
"source": "kubernetes",
"version": "2.38.0"
},
"null": {
"source": "null",
"version": "3.2.4"
}
}
}
}"
`;

204
deploy/dev/components/__tests__/main-test.ts Normal file
View File

@@ -0,0 +1,204 @@
// Copyright (c) HashiCorp, Inc
// SPDX-License-Identifier: MPL-2.0
import "cdktf/lib/testing/adapters/jest"; // Load types for expect matchers
import { Testing } from "cdktf";
import { ClusterComponentsStack } from "../main";
describe("ClusterComponentsStack", () => {
describe("Resource Creation", () => {
it("should create all required Helm releases", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
// Check for all Helm releases
expect(synthesized).toContain("helm_release");
expect(synthesized).toContain('"name": "cert-manager"');
expect(synthesized).toContain('"name": "traefik"');
expect(synthesized).toContain('"name": "db"');
expect(synthesized).toContain('"name": "my-zitadel"');
});
it("should create cert-manager with correct configuration", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain('"chart": "cert-manager"');
expect(synthesized).toContain('"version": "v1.18.2"');
expect(synthesized).toContain('"namespace": "cert-manager"');
expect(synthesized).toContain('"create_namespace": true');
expect(synthesized).toContain('"wait": true');
expect(synthesized).toContain('"name": "crds.enabled"');
expect(synthesized).toContain('"value": "true"');
});
it("should create Traefik with correct configuration", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain('"chart": "traefik"');
expect(synthesized).toContain('"version": "36.3.0"');
expect(synthesized).toContain('"namespace": "ingress"');
expect(synthesized).toContain("https://traefik.github.io/charts");
expect(synthesized).toContain("traefik-values.yaml");
});
it("should create PostgreSQL with correct configuration", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain('"chart": "postgresql"');
expect(synthesized).toContain('"version": "12.10.0"');
expect(synthesized).toContain("charts.bitnami.com/bitnami");
expect(synthesized).toContain("postgres-values.yaml");
});
it("should create Zitadel with correct configuration", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain('"chart": "zitadel"');
expect(synthesized).toContain("charts.zitadel.com");
expect(synthesized).toContain("zitadel-values.yaml");
});
it("should create TLS resources using kubectl apply", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
// Check for null_resource with kubectl apply command containing TLS resources
expect(synthesized).toContain("null_resource");
expect(synthesized).toContain("create-tls-resources");
expect(synthesized).toContain("kubectl apply -f -");
expect(synthesized).toContain("kind: ClusterIssuer");
expect(synthesized).toContain("name: selfsigned-issuer");
// Check for Certificate in the kubectl apply command
expect(synthesized).toContain("kind: Certificate");
expect(synthesized).toContain("name: zitadel-cert");
expect(synthesized).toContain("secretName: zitadel-tls");
expect(synthesized).toContain("machine.127.0.0.1.sslip.io");
});
it("should create null resources for operations", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain("null_resource");
expect(synthesized).toContain("kubectl wait --for=condition=ready certificate");
expect(synthesized).toContain("kubectl patch ingress");
expect(synthesized).toContain("kubectl get secret zitadel-tls");
});
});
describe("Resource Dependencies", () => {
it("should have proper resource dependencies", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
// Verify that resources have dependencies
expect(synthesized).toContain("depends_on");
});
it("should ensure correct deployment order", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
// Traefik should depend on cert-manager
const traefikSection = synthesized.match(/"traefik"[\s\S]*?"depends_on"[\s\S]*?"helm_release\.cert-manager"/);
expect(traefikSection).toBeTruthy();
// PostgreSQL should depend on Traefik
const postgresSection = synthesized.match(/"postgresql"[\s\S]*?"depends_on"[\s\S]*?"helm_release\.traefik"/);
expect(postgresSection).toBeTruthy();
// Zitadel should depend on PostgreSQL
const zitadelSection = synthesized.match(/"zitadel"[\s\S]*?"depends_on"[\s\S]*?"helm_release\.postgresql"/);
expect(zitadelSection).toBeTruthy();
});
});
describe("Providers Configuration", () => {
it("should configure all required providers", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain('"provider"');
expect(synthesized).toContain('"helm"');
expect(synthesized).toContain('"kubernetes"');
expect(synthesized).toContain('"null"');
});
it("should configure Kubernetes provider with correct context", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain('"config_path": "~/.kube/config"');
expect(synthesized).toContain('"config_context": "kind-kind"');
});
});
describe("Outputs", () => {
it("should create Terraform outputs for important information", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain('"output"');
expect(synthesized).toContain('"zitadel_url"');
expect(synthesized).toContain('"admin_credentials"');
expect(synthesized).toContain("https://machine.127.0.0.1.sslip.io/ui/console");
expect(synthesized).toContain("zitadel-admin@zitadel.machine.127.0.0.1.sslip.io");
});
});
describe("TLS Configuration", () => {
it("should create self-signed certificate issuer", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain("apiVersion: cert-manager.io/v1");
expect(synthesized).toContain("kind: ClusterIssuer");
expect(synthesized).toContain("selfSigned: {}");
});
it("should create certificate with correct DNS names", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
const synthesized = Testing.synth(stack);
expect(synthesized).toContain("commonName: machine.127.0.0.1.sslip.io");
expect(synthesized).toContain("dnsNames:");
expect(synthesized).toContain("- machine.127.0.0.1.sslip.io");
expect(synthesized).toContain("issuerRef:");
expect(synthesized).toContain("kind: ClusterIssuer");
});
});
describe("Terraform Configuration Validity", () => {
it("should generate valid Terraform configuration", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
expect(Testing.fullSynth(stack)).toBeValidTerraform();
});
});
describe("Snapshot Tests", () => {
it("should match the expected Terraform configuration snapshot", () => {
const app = Testing.app();
const stack = new ClusterComponentsStack(app, "test-stack");
expect(Testing.synth(stack)).toMatchSnapshot();
});
});
});