require "test_helper" class ConfigurationRoleTest < ActiveSupport::TestCase setup do @deploy = { service: "app", image: "dhh/app", registry: { "username" => "dhh", "password" => "secret" }, servers: [ "1.1.1.1", "1.1.1.2" ], env: { "REDIS_URL" => "redis://x/y" } } @config = Kamal::Configuration.new(@deploy) @deploy_with_roles = @deploy.dup.merge({ servers: { "web" => [ "1.1.1.1", "1.1.1.2" ], "workers" => { "hosts" => [ "1.1.1.3", "1.1.1.4" ], "cmd" => "bin/jobs", "env" => { "REDIS_URL" => "redis://a/b", "WEB_CONCURRENCY" => 4 } } } }) @config_with_roles = Kamal::Configuration.new(@deploy_with_roles) end test "hosts" do assert_equal [ "1.1.1.1", "1.1.1.2" ], @config.role(:web).hosts assert_equal [ "1.1.1.3", "1.1.1.4" ], @config_with_roles.role(:workers).hosts end test "cmd" do assert_nil @config.role(:web).cmd assert_equal "bin/jobs", @config_with_roles.role(:workers).cmd end test "label args" do assert_equal [ "--label", "service=\"app\"", "--label", "role=\"workers\"" ], @config_with_roles.role(:workers).label_args end test "special label args for web" do assert_equal [ "--label", "service=\"app\"", "--label", "role=\"web\"", "--label", "traefik.http.services.app-web.loadbalancer.server.scheme=\"http\"", "--label", "traefik.http.routers.app-web.rule=\"PathPrefix(\\`/\\`)\"", "--label", "traefik.http.middlewares.app-web-retry.retry.attempts=\"5\"", "--label", "traefik.http.middlewares.app-web-retry.retry.initialinterval=\"500ms\"", "--label", "traefik.http.routers.app-web.middlewares=\"app-web-retry@docker\"" ], @config.role(:web).label_args end test "custom labels" do @deploy[:labels] = { "my.custom.label" => "50" } assert_equal "50", @config.role(:web).labels["my.custom.label"] end test "custom labels via role specialization" do @deploy_with_roles[:labels] = { "my.custom.label" => "50" } @deploy_with_roles[:servers]["workers"]["labels"] = { "my.custom.label" => "70" } assert_equal "70", @config_with_roles.role(:workers).labels["my.custom.label"] end test "overwriting default traefik label" do @deploy[:labels] = { "traefik.http.routers.app-web.rule" => "\"Host(\\`example.com\\`) || (Host(\\`example.org\\`) && Path(\\`/traefik\\`))\"" } assert_equal "\"Host(\\`example.com\\`) || (Host(\\`example.org\\`) && Path(\\`/traefik\\`))\"", @config.role(:web).labels["traefik.http.routers.app-web.rule"] end test "default traefik label on non-web role" do config = Kamal::Configuration.new(@deploy_with_roles.tap { |c| c[:servers]["beta"] = { "traefik" => "true", "hosts" => [ "1.1.1.5" ] } }) assert_equal [ "--label", "service=\"app\"", "--label", "role=\"beta\"", "--label", "traefik.http.services.app-beta.loadbalancer.server.scheme=\"http\"", "--label", "traefik.http.routers.app-beta.rule=\"PathPrefix(\\`/\\`)\"", "--label", "traefik.http.middlewares.app-beta-retry.retry.attempts=\"5\"", "--label", "traefik.http.middlewares.app-beta-retry.retry.initialinterval=\"500ms\"", "--label", "traefik.http.routers.app-beta.middlewares=\"app-beta-retry@docker\"" ], config.role(:beta).label_args end test "env overwritten by role" do assert_equal "redis://a/b", @config_with_roles.role(:workers).env["REDIS_URL"] expected_env = <<~ENV REDIS_URL=redis://a/b WEB_CONCURRENCY=4 ENV assert_equal expected_env, @config_with_roles.role(:workers).env_file end test "env args" do assert_equal ["--env-file", ".kamal/env/roles/app-workers.env"], @config_with_roles.role(:workers).env_args end test "env secret overwritten by role" do @deploy_with_roles[:env] = { "clear" => { "REDIS_URL" => "redis://a/b" }, "secret" => [ "REDIS_PASSWORD" ] } @deploy_with_roles[:servers]["workers"]["env"] = { "clear" => { "REDIS_URL" => "redis://a/b", "WEB_CONCURRENCY" => 4 }, "secret" => [ "DB_PASSWORD" ] } ENV["REDIS_PASSWORD"] = "secret456" ENV["DB_PASSWORD"] = "secret&\"123" expected = <<~ENV REDIS_PASSWORD=secret456 DB_PASSWORD=secret&\"123 REDIS_URL=redis://a/b WEB_CONCURRENCY=4 ENV assert_equal expected, @config_with_roles.role(:workers).env_file ensure ENV["REDIS_PASSWORD"] = nil ENV["DB_PASSWORD"] = nil end test "env secrets only in role" do @deploy_with_roles[:servers]["workers"]["env"] = { "clear" => { "REDIS_URL" => "redis://a/b", "WEB_CONCURRENCY" => 4 }, "secret" => [ "DB_PASSWORD" ] } ENV["DB_PASSWORD"] = "secret123" expected = <<~ENV DB_PASSWORD=secret123 REDIS_URL=redis://a/b WEB_CONCURRENCY=4 ENV assert_equal expected, @config_with_roles.role(:workers).env_file ensure ENV["DB_PASSWORD"] = nil end test "env secrets only at top level" do @deploy_with_roles[:env] = { "clear" => { "REDIS_URL" => "redis://a/b" }, "secret" => [ "REDIS_PASSWORD" ] } ENV["REDIS_PASSWORD"] = "secret456" expected = <<~ENV REDIS_PASSWORD=secret456 REDIS_URL=redis://a/b WEB_CONCURRENCY=4 ENV assert_equal expected, @config_with_roles.role(:workers).env_file ensure ENV["REDIS_PASSWORD"] = nil end test "host_env_directory" do assert_equal ".kamal/env/roles", @config_with_roles.role(:workers).host_env_directory end test "host_env_file_path" do assert_equal ".kamal/env/roles/app-workers.env", @config_with_roles.role(:workers).host_env_file_path end test "uses cord" do assert @config_with_roles.role(:web).uses_cord? assert !@config_with_roles.role(:workers).uses_cord? end test "cord host directory" do assert_match %r{\$\(pwd\)/.kamal/cords/app-web-[0-9a-f]{32}}, @config_with_roles.role(:web).cord_host_directory end test "cord host file" do assert_match %r{\$\(pwd\)/.kamal/cords/app-web-[0-9a-f]{32}/cord}, @config_with_roles.role(:web).cord_host_file end test "cord container directory" do assert_equal "/tmp/kamal-cord", @config_with_roles.role(:web).cord_container_directory end test "cord container file" do assert_equal "/tmp/kamal-cord/cord", @config_with_roles.role(:web).cord_container_file end end