Implement Keystone environment deployments

2026-05-13 16:11:23 +01:00
parent 65d3142d03
commit aa680b25fd
175 changed files with 10258 additions and 740 deletions
--- a/tests/Feature/BuildApplicationArtifactTest.php
+++ b/tests/Feature/BuildApplicationArtifactTest.php
@@ -0,0 +1,104 @@
+<?php
+
+use App\Actions\Applications\CreateLaravelEnvironment;
+use App\Actions\Applications\GenerateDeployKey;
+use App\Actions\Environments\BuildApplicationArtifact;
+use App\Actions\Environments\PlanBuildArtifact;
+use App\Enums\BuildArtifactStatus;
+use App\Enums\RegistryType;
+use App\Models\Application;
+use App\Models\Network;
+use App\Models\Organisation;
+use App\Models\Provider;
+use App\Models\Server;
+use App\Services\Operations\RemoteCommandRunner;
+
+beforeEach(function () {
+    $this->remoteRunner = new class implements RemoteCommandRunner
+    {
+        /** @var array<int, string> */
+        public array $scripts = [];
+
+        public function run(Server $server, string $script): string
+        {
+            $this->scripts[] = $script;
+
+            return str_contains($script, 'docker manifest inspect')
+                ? "image_digest=sha256:registrydigest\n"
+                : "image_digest=billing-api:aaaaaaaaaaaa@sha256:localdigest\n";
+        }
+    };
+
+    app()->instance(RemoteCommandRunner::class, $this->remoteRunner);
+});
+
+it('builds a target-server artifact over ssh with a temporary deploy key and stores the resolved digest', function () {
+    $organisation = Organisation::factory()->create();
+    $server = buildServerFor($organisation);
+    $application = Application::factory()->for($organisation)->create([
+        'name' => 'Billing API',
+        'repository_url' => 'git@example.com:org/repo.git',
+    ]);
+    app(GenerateDeployKey::class)->execute($application, [
+        'public' => 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAITestPublicKey keystone',
+        'private' => "-----BEGIN OPENSSH PRIVATE KEY-----\ntest\n-----END OPENSSH PRIVATE KEY-----",
+        'fingerprint' => 'SHA256:test',
+    ]);
+    $environment = app(CreateLaravelEnvironment::class)->execute($application->refresh(), 'production');
+    $environment->services()->first()->update(['server_id' => $server->id]);
+    $artifact = app(PlanBuildArtifact::class)->execute($environment, str_repeat('a', 40));
+
+    $built = app(BuildApplicationArtifact::class)->execute($artifact);
+
+    expect($built->status)->toBe(BuildArtifactStatus::AVAILABLE)
+        ->and($built->image_digest)->toBe('sha256:localdigest')
+        ->and($this->remoteRunner->scripts[0])->toContain('GIT_SSH_COMMAND')
+        ->and($this->remoteRunner->scripts[0])->toContain('git clone --depth 1 --branch')
+        ->and($this->remoteRunner->scripts[0])->toContain('docker build --file Dockerfile.keystone')
+        ->and($this->remoteRunner->scripts[0])->toContain('/home/keystone/operations/build-')
+        ->and($this->remoteRunner->scripts[0])->toContain('trap cleanup EXIT');
+});
+
+it('resolves external registry artifacts without building locally', function () {
+    $organisation = Organisation::factory()->create();
+    $server = buildServerFor($organisation);
+    $organisation->registries()->create([
+        'name' => 'GHCR',
+        'type' => RegistryType::GHCR,
+        'url' => 'ghcr.io/example',
+    ]);
+    $application = Application::factory()->for($organisation)->create([
+        'name' => 'Billing API',
+        'repository_url' => 'git@example.com:org/repo.git',
+    ]);
+    $environment = app(CreateLaravelEnvironment::class)->execute($application->refresh(), 'production');
+    $environment->services()->first()->update(['server_id' => $server->id]);
+    $environment->services()->first()->update(['desired_replicas' => 2]);
+    $artifact = app(PlanBuildArtifact::class)->execute($environment, str_repeat('b', 40));
+
+    $built = app(BuildApplicationArtifact::class)->execute($artifact);
+
+    expect($built->registry_ref)->toBe('ghcr.io/example/billing-api:bbbbbbbbbbbb')
+        ->and($built->image_digest)->toBe('sha256:registrydigest')
+        ->and($this->remoteRunner->scripts[0])->toContain('docker manifest inspect')
+        ->and($this->remoteRunner->scripts[0])->toContain('ghcr.io/example/billing-api:bbbbbbbbbbbb')
+        ->and($this->remoteRunner->scripts[0])->not->toContain('docker build')
+        ->and($this->remoteRunner->scripts[0])->not->toContain('git clone');
+});
+
+function buildServerFor(Organisation $organisation): Server
+{
+    $provider = Provider::factory()->forOrganisation($organisation)->create();
+    $network = Network::create([
+        'organisation_id' => $organisation->id,
+        'provider_id' => $provider->id,
+        'name' => 'test-network',
+        'ip_range' => '10.0.0.0/24',
+    ]);
+
+    return Server::factory()
+        ->forOrganisation($organisation->id)
+        ->forProvider($provider->id)
+        ->forNetwork($network->id)
+        ->create();
+}