diff --git a/CLAUDE.md b/CLAUDE.md index 858ff59..ac9b2e5 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -24,48 +24,66 @@ Use the UDS CLI with these tasks defined in `tasks.yaml`: - `uds run test:ingress` - Check SocketZero UI accessibility at https://socketzero.uds.dev - `uds run test:ui` - Run Playwright tests in Docker container +To run Playwright tests locally without Docker: +```bash +cd tests && npm ci && npx playwright test +# Run a single test file: +npx playwright test socketzero.test.ts +# Run with specific browser: +npx playwright test --project=chromium +``` + ### Package Management The repository uses common UDS tasks imported from `uds-common` v1.16.4: - `create:package`, `create:test-bundle` - Package creation -- `deploy:test-bundle` - Bundle deployment +- `deploy:test-bundle` - Bundle deployment - `setup:k3d-test-cluster` - Test cluster setup - `lint`, `pull`, `upgrade`, `compliance` - Standard operations +### Manual Build & Deploy + +```bash +uds zarf package create +uds create bundle --confirm +uds deploy bundle/uds-bundle-socketzero--0.0.1.tar.zst --confirm \ + --set socketzero_license_org="" \ + --set socketzero_license_key="" \ + --set socketzero_config="$(cat config.json | base64)" +``` + ## Architecture ### Package Structure - **Root `zarf.yaml`** - Main package definition importing from `common/zarf.yaml` -- **`common/zarf.yaml`** - Core component definition with SocketZero Helm chart -- **`bundle/uds-bundle.yaml`** - UDS bundle for testing with dependencies +- **`common/zarf.yaml`** - Core component definition with SocketZero Helm chart and UDS config chart +- **`bundle/uds-bundle.yaml`** - UDS bundle for testing with variable overrides - **`chart/`** - UDS Package custom resources (SSO, network policies, virtual services) ### Key Components -1. **SocketZero Application** - Deployed via Helm chart from https://github.com/radiusmethod/socketzero-helm.git -2. **UDS Package Resource** - Configures SSO integration and network policies in `chart/templates/uds-package.yaml` -3. **Values Files** - Environment-specific configurations in `values/` directory +1. **SocketZero Application** - Deployed via Helm chart from https://github.com/radiusmethod/socketzero-helm.git (v0.6.2) +2. **Redis** - Bundled dependency using Iron Bank image (`registry1.dso.mil/ironbank/bitnami/redis:8.0.3`) +3. **UDS Package Resource** - Configures SSO integration and network policies in `chart/templates/uds-package.yaml` +4. **Values Files** - Environment-specific configurations in `values/` directory ### Configuration -- **SSO Integration** - SAML-based authentication configured in UDS Package spec -- **Network Policies** - Ingress/egress rules with Istio gateway exposure on port 1234 -- **Service Exposure** - SocketZero service exposed via tenant gateway at `socketzero.{{ domain }}` +- **SSO Integration** - Keycloak-based authentication with authservice selector on `app.kubernetes.io/name: socketzero` +- **Network Policies** - Ambient mesh mode with intra-namespace ingress/egress rules +- **Service Exposure** - SocketZero service exposed via tenant gateway on port 9997 at `socketzero.{{ domain }}` ## Image Registry -Uses Registry1 Iron Bank image: `registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver:0.5.9` - -## Testing Strategy - -- **Health Checks** - Kubernetes deployment readiness validation -- **Ingress Testing** - HTTP status verification via curl -- **UI Testing** - Playwright tests running in containerized environment -- **Package Validation** - UDS Package CRD status monitoring +Uses Registry1 Iron Bank images: +- `registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver:0.6.2` +- `registry1.dso.mil/ironbank/bitnami/redis:8.0.3` ## Variables Key Zarf variables defined in root `zarf.yaml`: - `DOMAIN` (default: "uds.dev") -- `EXAMPLE_DB_USERNAME`, `EXAMPLE_DB_ENDPOINT` - Database configuration placeholders \ No newline at end of file +- `SOCKETZERO_CONFIG` - Base64-encoded JSON configuration +- `SOCKETZERO_LICENSE_ORG` - Organization name for license +- `SOCKETZERO_LICENSE_KEY` - License key \ No newline at end of file diff --git a/CODEOWNERS-template.md b/CODEOWNERS-template.md deleted file mode 100644 index c4aa271..0000000 --- a/CODEOWNERS-template.md +++ /dev/null @@ -1,36 +0,0 @@ -The current `CODEOWNERS` file that exists, is to denote who owns this `uds-package-template`. If you are creating a new package from this template, you can copy / paste one of the below examples into the `CODEOWNERS` file, then modify the string to fit your needs. After updating the `CODEOWNERS` file to your liking, you can delete this file. - -The `CODEOWNERS` file should follow the below format, you can even just copy / paste the exact text into the `CODEOWNERS` file. - -``` -* @defenseunicorns/uds-package-maintainers - -/CODEOWNERS @jeff-mccoy @daveworth -/LICENS* @jeff-mccoy @austenbryan -``` - -If you would like to add optional package reviewers, such as the creator of the app, you can append creators after `uds-package-maintainers` - -For instance, you could handle this like below: - -``` -* @defenseunicorns/uds-package-maintainers @name-of-creator/s @name-of-established-known-team - -/CODEOWNERS @jeff-mccoy @daveworth -/LICENS* @jeff-mccoy @austenbryan -``` - -Keeping the reviewers on one line, like the above format, makes it easier on Bullpen to approve Support / Maintenance PRs on a package. -This format with everything on one line, enables an `OR` for package approvers. So, `uds-package-maintainers` OR `@name-of-creator/s` could approve a PR. - - -If you break the lines up like the below, then it becomes an `AND`. So, it would take both `uds-package-maintainers` AND `@name-or-creator/s` to approve a PR. - -``` -* @defenseunicorns/uds-package-maintainers -* @name-of-creator/s #optional during package creation to enable velocity -* @name-of-established-known-team #optional addition to "uds-package-maintainers" - -/CODEOWNERS @jeff-mccoy @daveworth -/LICENS* @jeff-mccoy @austenbryan -``` diff --git a/README-template.md b/README-template.md deleted file mode 100644 index c8f8c88..0000000 --- a/README-template.md +++ /dev/null @@ -1,36 +0,0 @@ -# UDS Package SocketZero - -This package is designed to be deployed on [UDS Core](https://github.com/defenseunicorns/uds-core) and is based on the upstream [SocketZero](#TEMPLATE_CHART_REPO#) chart. - -> INSERT HERE 1-2 sentence summary of what the application does. - -## Pre-requisites - -The SocketZero Package expects to be deployed on top of [UDS Core](https://github.com/defenseunicorns/uds-core) with the dependencies listed below being configured prior to deployment. - -#### Dependency information - -Add any dependency information here - -## Flavors - -| Flavor | Description | Example Creation | -| ------ | ----------- | ---------------- | -| `upstream` | Uses upstream images within the package. | `zarf package create . -f upstream` | -| `registry1` | Uses images from registry1.dso.mil within the package | `zarf package create . -f registry1` | -| `unicorn` | Uses images from chainguard within the package | `zarf package create . -f unicorn` | - -## Releases - -The released packages can be found in [ghcr](https://github.com/uds-packages/socketzero/pkgs/container/socketzero). - -## UDS Tasks (for local dev and CI) - -*For local dev, this requires you install [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) - -> [!TIP] -> To get a list of tasks to run you can use `uds run --list`! - -## Contributing - -Please see the [CONTRIBUTING.md](./CONTRIBUTING.md) diff --git a/chart/templates/uds-package.yaml b/chart/templates/uds-package.yaml index 4028937..5199404 100644 --- a/chart/templates/uds-package.yaml +++ b/chart/templates/uds-package.yaml @@ -18,10 +18,12 @@ spec: {{- end }} # Customize network policies and expose services via istio network: + serviceMesh: + mode: ambient expose: - service: socketzero - podLabels: - app: socketzero + selector: + app.kubernetes.io/name: socketzero gateway: tenant host: socketzero port: 9997 diff --git a/common/zarf.yaml b/common/zarf.yaml index c7127de..cd2c586 100644 --- a/common/zarf.yaml +++ b/common/zarf.yaml @@ -29,7 +29,7 @@ components: namespace: socketzero url: https://github.com/radiusmethod/socketzero-helm.git gitPath: . - version: 0.5.9-r1 + version: 0.6.2 valuesFiles: - ../values/common-values.yaml actions: diff --git a/tests/optional-example-zarf-tests/example-custom-resource.yaml b/tests/optional-example-zarf-tests/example-custom-resource.yaml deleted file mode 100644 index 6ca6f92..0000000 --- a/tests/optional-example-zarf-tests/example-custom-resource.yaml +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright 2024 Defense Unicorns -# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -apiVersion: example-custom-resource.io/v1alpha1 -kind: example-custom-resource -metadata: - name: example-custom-resource -spec: -# custom resource spec diff --git a/tests/optional-example-zarf-tests/example-secret.yaml b/tests/optional-example-zarf-tests/example-secret.yaml deleted file mode 100644 index fe1ec22..0000000 --- a/tests/optional-example-zarf-tests/example-secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -# Copyright 2024 Defense Unicorns -# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -apiVersion: v1 -kind: Secret -metadata: - name: example-secret - namespace: test-ns -type: kubernetes.io/opaque -data: - chain.crt: "###ZARF_VAR_EXAMPLE_SECRET_VALUE###" diff --git a/tests/optional-example-zarf-tests/zarf.yaml b/tests/optional-example-zarf-tests/zarf.yaml deleted file mode 100644 index 574e94f..0000000 --- a/tests/optional-example-zarf-tests/zarf.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright 2024 Defense Unicorns -# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - -# yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/zarf/main/zarf.schema.json -kind: ZarfPackageConfig -metadata: - name: example-zarf-tests - description: "Example zarf package for testing functionality of operators and other services deployed by UDS package" - architecture: "amd64" - version: "0.0.1" - -variables: - - name: EXAMPLE_SECRET_VALUE - description: "Some data needed for testing functionality" - -components: - # Create secret containing example secret value - - name: example-secret - required: true - manifests: - - name: example-secret - namespace: test-ns - files: - - example-secret.yaml - # Create some custom resource used by operator or service - - name: example-custom-resource - required: true - manifests: - - name: example-custom-resource - namespace: test-ns - files: - - example-custom-resource.yaml diff --git a/tests/socketzero.test.ts b/tests/socketzero.test.ts new file mode 100644 index 0000000..9eb4de1 --- /dev/null +++ b/tests/socketzero.test.ts @@ -0,0 +1,36 @@ +/** + * Copyright 2024 Defense Unicorns + * SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial + */ + +import { test, expect } from "@playwright/test"; + +test('SocketZero UI loads successfully', async ({ page }) => { + // Test that the SocketZero application loads + await page.goto('/'); + + // Wait for the page to load and check for SocketZero-specific content + await expect(page).toHaveTitle(/SocketZero/); + + // Check that the main interface elements are present + await expect(page.locator('body')).toBeVisible(); +}); + +test('SocketZero authentication flow', async ({ page }) => { + // Test SSO integration by attempting to access protected content + await page.goto('/'); + + // Check if redirected to authentication or if already authenticated + const currentUrl = page.url(); + + if (currentUrl.includes('/login') || currentUrl.includes('auth')) { + // If redirected to login, verify the SSO flow is working + await expect(page).toHaveURL(/login|auth/); + + // Look for authentication elements + await expect(page.locator('form, .login, .auth')).toBeVisible(); + } else { + // If already authenticated, verify main interface is accessible + await expect(page.locator('body')).toBeVisible(); + } +}); diff --git a/tests/template-application-name.test.ts b/tests/template-application-name.test.ts deleted file mode 100644 index 637f8d3..0000000 --- a/tests/template-application-name.test.ts +++ /dev/null @@ -1,26 +0,0 @@ -/** - * Copyright 2024 Defense Unicorns - * SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial - */ - -import { test, expect } from "@playwright/test"; - -// Customize tests for application being tested. Example given for reference - -function randomProjectName() { - return `uds-package-socketzero-${Math.floor((Math.random() * 1000))}`; -} - -test('create a project', async ({ page }) => { - await page.goto('/projects/create'); - - const projectName = randomProjectName(); - - await page.getByRole('button', { name: 'Manually' }).click(); - await page.getByLabel('Project display name*').fill(projectName); - await page.getByRole('button', { name: 'Set Up' }).click(); - - await expect(page).toHaveURL(`/dashboard?id=${projectName}`); - - await expect(page.getByRole('heading', { level: 1 })).toContainText(projectName); -}); diff --git a/values/registry1-values.yaml b/values/registry1-values.yaml index c7eaf4e..9d7f851 100644 --- a/values/registry1-values.yaml +++ b/values/registry1-values.yaml @@ -6,4 +6,4 @@ # Example variables from UDS package repo template. Update to relevant variables after templating image: repository: registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver - tag: 0.5.9 + tag: 0.6.2 diff --git a/zarf.yaml b/zarf.yaml index 1f49565..91ded27 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -33,5 +33,5 @@ components: charts: - name: socketzero images: - - registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver:0.5.9 + - registry1.dso.mil/ironbank/radiusmethod/socketzero/receiver:0.6.2 - registry1.dso.mil/ironbank/bitnami/redis:8.0.3