Development environment functions

packages/scripts/cleanup.sh

@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+echo "WARNING: This will remove all build artifacts, temporary directories, and cached files."
+echo -n "Are you sure you want to proceed? (y/N): "
+read -r response
+
+if [[ ! "$response" =~ ^[Yy]$ ]]; then
+    echo "Cleanup cancelled."
+    exit 0
+fi
+
+# Clean up build artifacts and temporary directories
+echo "Cleaning up build artifacts and temporary directories..."
+
+# Remove persisted data
+find . -name ".wrangler" -type d -prune -exec rm -rf {} \;
+
+# Remove node_modules directories
+find . -name "node_modules" -type d -prune -exec rm -rf {} \;
+
+# Remove Rust stuff
+find . -name "target" -type d -prune -exec rm -rf {} \;
+
+# Remove old builds
+find . -name "dist" -type d -prune -exec rm -rf {} \;
+find . -name "build" -type d -prune -exec rm -rf {} \;
+
+# Remove CDKTF generated files
+find . -name ".gen" -type d -prune -exec rm -rf {} \;
+find . -name "cdktf.out" -type d -prune -exec rm -rf {} \;
+find . -name "*.out" -type f -exec rm -f {} \;
+
+# Remove TypeScript build artifacts
+find . -name "*.tsbuildinfo" -type f -exec rm -f {} \;
+
+# Remove Terraform artifacts
+find . -name "*.tfstate*" -type f -exec rm -f {} \;
+find . -name "*.lock.hcl" -type f -exec rm -f {} \;
+find . -name ".terraform" -type d -prune -exec rm -rf {} \;
+find . -name ".terraform.lock.hcl" -type f -exec rm -f {} \;
+
+# Remove test and coverage outputs
+find . -name "coverage" -type d -prune -exec rm -rf {} \;
+find . -name ".nyc_output" -type d -prune -exec rm -rf {} \;
+
+# Remove cache directories
+find . -name ".cache" -type d -prune -exec rm -rf {} \;
+find . -name ".turbo" -type d -prune -exec rm -rf {} \;
+find . -name ".next" -type d -prune -exec rm -rf {} \;
+
+# Remove log files
+find . -name "*.log" -type f -exec rm -f {} \;
+
+echo "Cleanup complete!"

packages/scripts/dev.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env sh
+
+(cd deploy/dev/cluster && bun run deploy)
+(cd deploy/dev/components && bun run deploy)
+(cd deploy/dev/configurations && bun run deploy)

packages/scripts/legacy/deploy.ts

@@ -0,0 +1,14 @@
+// Legacy: not used
+// Intended to run the entire deployment process and generate artifacts for client applications without requiring developer intervention
+
+// #!/usr/bin/env bun
+//
+// import {execSync} from "child_process";
+//
+// function deployCdktf() {
+//     execSync("cdktf deploy --auto-approve", {stdio: "inherit"})
+//     execSync("./extract-outputs.ts", {stdio: "inherit"})
+//     execSync("./update-vars.ts", {stdio: "inherit"})
+// }
+//
+// deployCdktf()

packages/scripts/legacy/extract-outputs.ts

@@ -0,0 +1,64 @@
+// Legacy: not used
+
+// #!/usr/bin/env bun
+//
+// import * as fs from 'fs';
+// import * as path from 'path';
+//
+// interface TerraformOutput {
+//     value: any;
+//     type: string | string[];
+//     sensitive?: boolean;
+// }
+//
+// interface TerraformState {
+//     outputs: Record<string, TerraformOutput>;
+// }
+//
+// export function extractOutputsToFile(successfulDeploy: boolean = true ) {
+//     if(!successfulDeploy) {
+//         console.log("[INFO] Skipping outputs extraction, because the deployment was not successful.")
+//         return
+//     }
+//     const stateFilePath = path.join(__dirname, 'terraform.zitadel-dev.tfstate');
+//     const outputFilePath = path.join(__dirname, 'terraform-outputs.json');
+//
+//     try {
+//         // Read the terraform state file
+//         const stateContent = fs.readFileSync(stateFilePath, 'utf-8');
+//         const state: TerraformState = JSON.parse(stateContent);
+//
+//         // Extract outputs with their values (unmasked)
+//         const outputs: Record<string, any> = {};
+//
+//         for (const [key, output] of Object.entries(state.outputs)) {
+//             outputs[key] = {
+//                 value: output.value,
+//                 type: output.type,
+//                 sensitive: output.sensitive || false
+//             };
+//         }
+//
+//         // Write outputs to file
+//         fs.writeFileSync(outputFilePath, JSON.stringify(outputs, null, 2));
+//
+//         console.log(`✅ Terraform outputs successfully written to: ${outputFilePath}`);
+//         console.log(`📋 Extracted ${Object.keys(outputs).length} outputs:`);
+//
+//         // Display summary without showing sensitive values in console
+//         for (const [key, output] of Object.entries(outputs)) {
+//             if (output.sensitive) {
+//                 console.log(`   - ${key}: [SENSITIVE - written to file unmasked]`);
+//             } else {
+//                 console.log(`   - ${key}: ${JSON.stringify(output.value)}`);
+//             }
+//         }
+//
+//     } catch (error) {
+//         console.error('❌ Error extracting outputs:', error);
+//         process.exit(1);
+//     }
+// }
+//
+// // Run the extraction
+// extractOutputsToFile();

packages/scripts/legacy/update-vars.ts

@@ -0,0 +1,39 @@
+// Legacy: not used
+// #!/usr/bin/env bun
+//
+// import {readFileSync, writeFileSync} from "fs";
+// import {execSync} from "child_process";
+//
+//
+// export function configureDevVars() {
+//     const terraformOutputs = JSON.parse(readFileSync("terraform-outputs.json", 'utf-8'));
+//
+//     interface DevVarsConfig {
+//         CLIENT_ID: string;
+//         CLIENT_SECRET: string;
+//         AUTH_SERVER_URL: string;
+//         APP_URL: string;
+//         DEV_MODE: string;
+//         ZITADEL_ORG_ID: string;
+//         ZITADEL_PROJECT_ID: string;
+//     }
+//
+//     const destinationConfig: DevVarsConfig = {
+//         CLIENT_ID: terraformOutputs.client_id.value,
+//         CLIENT_SECRET: terraformOutputs.client_secret.value,
+//         AUTH_SERVER_URL: "https://machine.127.0.0.1.sslip.io",
+//         APP_URL: "http://localhost:8787",
+//         DEV_MODE: "true",
+//         ZITADEL_ORG_ID: terraformOutputs.created_org.value.id,
+//         ZITADEL_PROJECT_ID: terraformOutputs.created_project.value.id,
+//     }
+//
+//     const repoRoot = execSync('git rev-parse --show-toplevel').toString().trim();
+//     const formattedConfig = Object.entries(destinationConfig)
+//         .map(([key, value]) => `${key}="${value}"`)
+//         .join('\n');
+//
+//     writeFileSync(`${repoRoot}/.dev.vars`, formattedConfig);
+// }
+//
+// configureDevVars()

packages/scripts/setup.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env sh
+
+set -e
+
+(cargo check &)
+
+bun i
+
+for dir in deploy/dev/*/; do
+    if [ -f "${dir}/cdktf.json" ]; then
+        echo "Running cdktf get in ${dir}"
+        cd "${dir}" && cdktf get && cd - > /dev/null
+    fi
+done
+
+wait

packages/scripts/teardown_all.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env sh
+
+echo "WARNING: This will destroy all local deployments."
+echo -n "Are you sure you want to proceed? (y/N): "
+read -r response
+
+if [[ ! "$response" =~ ^[Yy]$ ]]; then
+    echo "Teardown cancelled."
+    exit 0
+fi
+
+(cd deploy/dev/cluster && bun run destroy)
+(cd deploy/dev/components && bun run destroy)
+(cd deploy/dev/configurations && bun run destroy)

packages/scripts/trust_cluster_cert.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env sh
+
+CERT_PATH="/tmp/kind-cluster.crt"
+
+echo "Getting cluster certificate from Kubernetes secret..."
+kubectl get secret zitadel-tls -n default -o jsonpath='{.data.tls\.crt}' | base64 -d > "${CERT_PATH}"
+
+if [ ! -f "${CERT_PATH}" ]; then
+    echo "Error: Certificate file ${CERT_PATH} not found"
+    exit 1
+fi
+
+echo "Adding certificate to macOS keychain..."
+# macos specific
+sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "${CERT_PATH}"
+echo "Certificate successfully added to keychain"

packages/scripts/trust_zitadel_cert.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env sh
+
+CERT_PATH="/tmp/zitadel.crt"
+
+echo "Getting ZITADEL certificate from Kubernetes secret..."
+kubectl get secret zitadel-tls -n default -o jsonpath='{.data.tls\.crt}' | base64 -d > "${CERT_PATH}"
+
+if [ ! -f "${CERT_PATH}" ]; then
+    echo "Error: Certificate file ${CERT_PATH} not found" 
+    exit 1
+fi
+
+echo "Adding ZITADEL certificate to macOS keychain..."
+# macos specific
+sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "${CERT_PATH}"
+echo "ZITADEL certificate successfully added to keychain"

packages/scripts/untrust_dev_certs.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env sh
+
+untrust_cert() {
+  cert_path=$1
+  echo "Removing trust for development certificate"
+  sudo security remove-trusted-cert -d $cert_path
+}
+
+untrust_cert ./cluster.crt
+untrust_cert ./zitadel.crt
+
+echo "Development certificates successfully removed from system trust store"