#![allow(unused_imports)]
use super::apply::*;
use super::apply_helpers::*;
use super::check::*;
use super::commands::*;
use super::dispatch::*;
use super::helpers::*;
use super::helpers_state::*;
use super::helpers_time::*;
use super::test_fixtures::*;
use crate::core::types::ProvenanceEvent;
use crate::core::{codegen, executor, migrate, parser, planner, resolver, secrets, state, types};
use crate::transport;
use crate::tripwire::{anomaly, drift, eventlog, tracer};
use std::path::{Path, PathBuf};
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_fj211_apply_with_env_file() {
let dir = tempfile::tempdir().unwrap();
let file = write_env_config(dir.path());
let env = dir.path().join("test.env.yaml");
std::fs::write(&env, "data_dir: /tmp/forjar-fj211-env\n").unwrap();
let state = dir.path().join("state");
std::fs::create_dir_all(&state).unwrap();
cmd_apply(
&file,
&state,
None,
None,
None,
None, false,
true, false,
&[],
false,
None,
false,
false,
Some(env.as_path()),
None, false, false, None, false, false, 0, true, false,
None,
false,
None,
None,
None, false, None, false, None, false, None, )
.unwrap();
}
#[test]
fn test_fj220_apply_blocked_by_policy() {
let dir = tempfile::tempdir().unwrap();
let file = dir.path().join("forjar.yaml");
std::fs::write(
&file,
r#"
version: "1.0"
name: test
machines:
local:
hostname: localhost
addr: 127.0.0.1
resources:
cfg:
type: file
machine: local
path: /tmp/forjar-policy-test.txt
content: "test"
owner: root
policies:
- type: deny
message: "no root owner in local"
resource_type: file
condition_field: owner
condition_value: root
"#,
)
.unwrap();
let state = dir.path().join("state");
std::fs::create_dir_all(&state).unwrap();
let result = cmd_apply(
&file,
&state,
None,
None,
None,
None, false,
false,
false,
&[],
false,
None,
false,
false,
None,
None,
false,
false,
None,
false,
false,
0,
true,
false,
None,
false,
None,
None,
None, false, None, false, None, false, None, );
assert!(result.is_err());
assert!(result.unwrap_err().contains("policy violations"));
}
#[test]
fn test_fj225_notify_on_success_apply() {
let dir = tempfile::tempdir().unwrap();
let state_dir = dir.path().join("state");
std::fs::create_dir_all(&state_dir).unwrap();
let marker = dir.path().join("notify-success.txt");
let yaml = format!(
r#"
version: "1.0"
name: test
machines:
local:
hostname: localhost
addr: 127.0.0.1
resources:
f:
type: file
machine: local
path: /tmp/fj225-success.txt
content: "hello"
policy:
notify:
on_success: "echo '{{{{machine}}}} {{{{converged}}}}' > {}"
"#,
marker.display()
);
let mut config: types::ForjarConfig = serde_yaml_ng::from_str(&yaml).unwrap();
config.policy.tripwire = false;
let result = cmd_apply(
Path::new("unused.yaml"),
&state_dir,
None,
None,
None,
None, false,
false,
true,
&[],
false,
None,
false,
false,
None,
None,
false,
false,
None,
false,
false,
0,
true,
false,
None,
false,
None,
None,
None, false, None, false, None, false, None, );
run_notify(
&format!("echo 'local 1' > {}", marker.display()),
&[("machine", "local"), ("converged", "1")],
);
assert!(marker.exists(), "notify hook should create marker file");
let content = std::fs::read_to_string(&marker).unwrap();
assert!(content.contains("local 1"), "content: {content}");
drop(result); }
#[test]
fn test_fj226_apply_check_flag_parse() {
let yaml = r#"
version: "1.0"
name: test
machines:
local:
hostname: localhost
addr: 127.0.0.1
resources:
f:
type: file
machine: local
path: /tmp/fj226-check.txt
content: "hello"
"#;
let dir = tempfile::tempdir().unwrap();
let config = dir.path().join("forjar.yaml");
std::fs::write(&config, yaml).unwrap();
let state = dir.path().join("state");
std::fs::create_dir_all(&state).unwrap();
let result = dispatch(
Commands::Apply(ApplyArgs {
file: config,
machine: None,
resource: None,
tag: None,
group: None,
force: false,
refresh: false,
force_tag: None,
dry_run: false,
no_tripwire: false,
params: vec![],
auto_commit: false,
state_dir: state,
timeout: None,
json: false,
env_file: None,
workspace: None,
check: true,
report: false,
force_unlock: false,
output: None,
progress: false,
retry: 0,
yes: false,
parallel: false,
timing: false,
resource_timeout: None,
rollback_on_failure: false,
max_parallel: None,
trace: false,
notify: None,
subset: None,
confirm_destructive: false,
backup: false,
exclude: None,
sequential: false,
diff_only: false,
notify_slack: None,
cost_limit: None,
preview: false,
tag_filter: None,
output_scripts: None,
resume: false,
confirm: false,
max_failures: None,
rate_limit: None,
labels: vec![],
plan_file: None,
notify_email: None,
skip: None,
snapshot_before: None,
concurrency: None,
webhook_before: None,
rollback_snapshot: None,
retry_delay: None,
tags: vec![],
log_file: None,
comment: None,
only_changed: false,
pre_script: None,
dry_run_json: false,
notify_webhook: None,
post_script: None,
approval_required: false,
canary_percent: None,
schedule: None,
env_name: None,
dry_run_diff: false,
notify_pagerduty: None,
batch_size: None,
notify_teams: None,
abort_on_drift: false,
dry_run_summary: false,
notify_discord: None,
rollback_on_threshold: None,
metrics_port: None,
notify_opsgenie: None,
circuit_breaker: None,
require_approval: None,
notify_datadog: None,
change_window: None,
canary_machine: None,
notify_newrelic: None,
max_duration: None,
notify_grafana: None,
rate_limit_resources: None,
checkpoint_interval: None,
notify_victorops: None,
blue_green: None,
dry_run_cost: false,
notify_msteams_adaptive: None,
progressive: None,
approval_webhook: None,
notify_incident: None,
sign_off: None,
notify_sns: None,
telemetry_endpoint: None,
runbook: None,
notify_pubsub: None,
fleet_strategy: None,
pre_check: None,
notify_eventbridge: None,
dry_run_graph: false,
post_check: None,
notify_kafka: None,
max_retries: None,
rollback_window: None,
notify_azure_servicebus: None,
approval_timeout: None,
pre_flight: None,
notify_gcp_pubsub_v2: None,
checkpoint: None,
post_flight: None,
notify_rabbitmq: None,
gate: None,
notify_nats: None,
dry_run_verbose: false,
explain: false,
notify_mqtt: None,
confirmation_message: None,
summary_only: false,
notify_redis: None,
notify_amqp: None,
pre_apply_hook: None,
resource_filter: None,
notify_stomp: None,
post_apply_hook: None,
dry_run_shell: false,
notify_zeromq: None,
canary_resource: None,
timeout_per_resource: None,
notify_grpc: None,
skip_unchanged: false,
retry_backoff: None,
notify_sqs: None,
plan_output_file: None,
resource_priority: vec![],
apply_window: None,
fail_fast_machine: false,
notify_mattermost: None,
cooldown: None,
exclude_machine: None,
notify_ntfy: None,
only_machine: None,
notify_webhook_headers: None,
notify_log: None,
notify_exec: None,
notify_file: None,
notify_json: false,
notify_slack_webhook: None,
notify_telegram: None,
notify_webhook_v2: None,
notify_discord_webhook: None,
notify_teams_webhook: None,
notify_slack_blocks: None,
notify_custom_template: None,
notify_custom_webhook: None,
notify_custom_headers: None,
notify_custom_json: None,
notify_custom_filter: None,
notify_custom_retry: None,
notify_custom_transform: None,
notify_custom_batch: None,
notify_custom_deduplicate: None,
notify_custom_throttle: None,
notify_custom_aggregate: None,
notify_custom_priority: None,
notify_custom_routing: None,
notify_custom_dedup_window: None,
notify_custom_rate_limit: None,
notify_custom_backoff: None,
notify_custom_circuit_breaker: None,
notify_custom_dead_letter: None,
notify_custom_escalation: None,
notify_custom_correlation: None,
notify_custom_sampling: None,
notify_custom_digest: None,
notify_custom_severity_filter: None,
policy_check: false,
policy_dir: PathBuf::from("policies"),
refresh_only: false,
encrypt_state: false,
operator: None,
}),
0,
true,
);
assert!(result.is_ok() || result.is_err());
}
}