-
Notifications
You must be signed in to change notification settings - Fork 19
Expand file tree
/
Copy pathmise.toml
More file actions
328 lines (283 loc) · 9.05 KB
/
mise.toml
File metadata and controls
328 lines (283 loc) · 9.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
# mise configuration for cdk-sops-secrets
[env]
CDK_DISABLE_CLI_TELEMETRY = "true"
[tools]
golang = "1.26"
nodejs = "24.11.1"
grype = "0.104.1"
python = "3.14.0"
dotnet = "6"
# aqua repo not working on ubuntu right now
"asdf:maven" = "3.9.11"
[tasks.install]
description = "Install npm dependencies + Go modules"
depends = ["lambda:deps", "cdk:deps"]
[tasks.clean]
description = "Clean build artifacts (including lambda assets)"
run = "rm -rf lib dist .jsii tsconfig.json coverage test-reports assets"
[tasks."cdk:deps"]
description = "Prepare CDK dependencies"
run = "npm ci"
[tasks."cdk:codegen:types"]
description = "Generate TypeScript types from JSON schema"
depends = ["cdk:deps"]
sources = ["lambda/internal/event/config-schema.json"]
outputs = ["src/LambdaInterface.ts"]
run = "npx json-schema-to-typescript lambda/internal/event/config-schema.json -o src/LambdaInterface.ts"
[tasks.jsii]
description = "Compile TypeScript with jsii"
depends = ["cdk:codegen:types", "cdk:prettier:fix", "cdk:eslint:fix"]
sources = ["src/**/*.ts", "tsconfig.json", "package.json"]
outputs = ["lib/**/*", ".jsii"]
run = "npx jsii --silence-warnings=reserved-word"
[tasks.jsii-docgen]
description = "Generate API documentation"
depends = ["jsii"]
sources = [".jsii"]
outputs = ["API.md"]
run = "npx jsii-docgen -o API.md"
[tasks."cdk:test:jest"]
description = "Run TypeScript tests with Jest"
depends = ["cdk:deps", "lambda:build"]
run = """
if [ -n "$CI" ]; then
npx jest --passWithNoTests --coverageProvider=v8 --runInBand
else
npx jest --passWithNoTests --updateSnapshot --coverageProvider=v8 --runInBand --detectOpenHandles
fi
"""
[tasks."test:watch"]
description = "Run tests in watch mode"
run = "npx jest --watch"
[tasks."test:update"]
description = "Update test snapshots"
run = "npx jest --updateSnapshot"
[tasks."lambda:deps"]
description = "Prepare Go lambda dependencies (tidy & download)"
run = '''
BASEPATH=$(git rev-parse --show-toplevel)
cd "$BASEPATH/lambda"
go mod tidy
go mod download
'''
[tasks."lambda:test"]
description = "Run Go lambda tests"
depends = ["lambda:deps"]
run = '''
BASEPATH=$(git rev-parse --show-toplevel)
cd "$BASEPATH/lambda"
mkdir -p "$BASEPATH/coverage"
go test -race -coverprofile=../coverage/coverage.out -covermode=atomic -v
'''
[tasks."lambda:build"]
description = "Build Go lambda binary and package zip"
depends = ["lambda:test"]
sources = ["lambda/**/*.go", "lambda/go.mod", "lambda/go.sum"]
outputs = ["assets/cdk-sops-lambda.zip"]
run = '''
echo "GOROOT: $GOROOT / GOPATH: $GOPATH"
BASEPATH=$(git rev-parse --show-toplevel)
cd "$BASEPATH/lambda"
export GOOS=linux
export GOARCH=amd64
export GOPROXY=https://proxy.golang.org,direct
export CGO_ENABLED=0
go build -trimpath -buildvcs=false -tags lambda.norpc -o bootstrap -ldflags="-s -w -buildid="
ls -la bootstrap
sha1sum bootstrap
touch -t 202002020000 bootstrap
chmod 755 bootstrap
ls -la bootstrap
sha1sum bootstrap
mkdir -p "$BASEPATH/assets"
zip -X9om "$BASEPATH/assets/cdk-sops-lambda.zip" bootstrap
sha1sum "$BASEPATH/assets/cdk-sops-lambda.zip"
ls -la "$BASEPATH/assets/cdk-sops-lambda.zip"
'''
[tasks."lambda:test:update"]
description = "Run Go lambda tests and update snapshots"
depends = ["lambda:deps"]
run = '''
BASEPATH=$(git rev-parse --show-toplevel)
cd "$BASEPATH/lambda"
mkdir -p "$BASEPATH/coverage"
UPDATE_SNAPS=true go test -race -coverprofile=../coverage/coverage.out -covermode=atomic -v
'''
[tasks."lambda:test:integration"]
description = "Run Go lambda integration tests (explicit only)"
depends = ["lambda:deps"]
run = '''
BASEPATH=$(git rev-parse --show-toplevel)
cd "$BASEPATH/lambda"
mkdir -p "$BASEPATH/coverage"
go test -race -tags=integration -coverprofile=../coverage/coverage.out -covermode=atomic -v
'''
[tasks."cdk:eslint"]
description = "Run ESLint"
depends = ["cdk:deps"]
run = "npx eslint --ext .ts,.tsx src test"
[tasks."cdk:eslint:fix"]
description = "Fix ESLint issues"
depends = ["cdk:deps"]
run = "npx eslint --ext .ts,.tsx --fix src test"
[tasks."cdk:prettier:fix"]
description = "Format code with Prettier"
depends = ["cdk:deps", "cdk:eslint:fix"]
run = "npx prettier --write 'src/**/*.ts' 'test/**/*.ts'"
[tasks."cdk:prettier:check"]
description = "Check code formatting"
depends = ["cdk:deps", "cdk:eslint"]
run = "npx prettier --check 'src/**/*.ts' 'test/**/*.ts'"
[tasks.build]
description = "Build (lambda, compile, test, lint, verify, package)"
depends = [
"verify",
"jsii-pacmak:all"
]
[tasks."jsii-pacmak:js"]
description = "Package for npm"
depends = ["jsii", "lambda:build"]
sources = [".jsii", "lib/**/*"]
outputs = ["dist/js/**/*"]
run = "npx jsii-pacmak -v --target js"
[tasks."jsii-pacmak:java"]
description = "Package for Maven"
depends = ["jsii", "lambda:build"]
sources = [".jsii", "lib/**/*"]
outputs = ["dist/java/**/*"]
run = "npx jsii-pacmak -v --target java"
[tasks."jsii-pacmak:python"]
description = "Package for PyPI"
depends = ["jsii", "lambda:build"]
sources = [".jsii", "lib/**/*"]
outputs = ["dist/python/**/*"]
run = "npx jsii-pacmak -v --target python"
[tasks."jsii-pacmak:dotnet"]
description = "Package for NuGet"
depends = ["jsii", "lambda:build"]
sources = [".jsii", "lib/**/*"]
outputs = ["dist/dotnet/**/*"]
run = "npx jsii-pacmak -v --target dotnet"
[tasks."jsii-pacmak:all"]
description = "Package for all targets (runs in parallel)"
depends = ["jsii-pacmak:js", "jsii-pacmak:java", "jsii-pacmak:python", "jsii-pacmak:dotnet"]
# Integration test snapshot tasks
[tasks."cdk:test:integ:snapshot:single"]
description = "Generate snapshot for a single test (internal use)"
run = """
set -e
if [ -z "$TEST" ]; then
echo "ERROR: TEST parameter is required"
exit 1
fi
mkdir -p test/__snapshots__
temp_dir=$(mktemp -d)
trap "rm -rf $temp_dir" EXIT
npx cdk synth --app "npx ts-node test/$TEST.integ.ts" --output "$temp_dir" --quiet --version-reporting false --path-metadata false --asset-metadata false
for template in "$temp_dir"/*.template.json; do
if [ -f "$template" ]; then
cp "$template" "test/__snapshots__/$TEST.integ.snapshot.json"
echo "Saved: test/__snapshots__/$TEST.integ.snapshot.json"
fi
done
"""
[tasks."cdk:test:integ:snapshot"]
description = "Generate CloudFormation template snapshots for all tests"
depends = ["lambda:build", "cdk:deps"]
run = """
set -e
echo "Generating snapshots for all integration tests..."
for f in test/*.integ.ts; do
if [ -f "$f" ]; then
basename=$(basename "$f" .integ.ts)
echo " - $basename"
TEST="$basename" mise run cdk:test:integ:snapshot:single
fi
done
echo "All snapshots saved to test/__snapshots__/"
"""
[tasks."verify"]
description = "Verify no files changed during build (shows all diffs)"
depends = ["cdk:test:integ:snapshot", "cdk:test:jest", "lambda:test"]
run = """
set -e
echo "Verifying no files changed during build..."
# Check if any files changed
if ! git diff --exit-code --quiet; then
echo ""
echo "ERROR: Files were modified during build"
echo "Showing all differences:"
git --no-pager diff --no-color
exit 1
fi
echo "All files verified - no changes detected"
"""
[tasks."cdk:test:integ:destroy:single"]
description = "Destroy integration test resources for a single test (internal use)"
run = """
set -e
if [ -z "$TEST" ]; then
echo "ERROR: TEST parameter is required"
exit 1
fi
echo "Destroying integration test $TEST"
npx cdk destroy --app "npx ts-node test/$TEST.integ.ts" --all --force
"""
[tasks."cdk:test:integ:destroy"]
description = "Destroy integration test resources (if deployed) for all tests"
run = """
set -e
echo "Destroying all integration tests"
for f in test/*.integ.ts; do
if [ -f "$f" ]; then
basename=$(basename "$f" .integ.ts)
echo " - $basename"
TEST="$basename" mise run cdk:test:integ:destroy:single
fi
done
"""
[tasks."cdk:test:integ:deploy:single"]
description = "Deploy integration test for a single test (internal use)"
depends = ["lambda:build"]
run = """
set -e
if [ -z "$TEST" ]; then
echo "ERROR: TEST parameter is required"
exit 1
fi
mkdir -p test/__snapshots__
temp_dir=$(mktemp -d)
trap "rm -rf $temp_dir" EXIT
echo "Deploying integration test $TEST"
npx cdk deploy --app "npx ts-node test/$TEST.integ.ts" --output "$temp_dir" --all --require-approval never
# Copy snapshot from deploy output
for template in "$temp_dir"/*.template.json; do
if [ -f "$template" ]; then
cp "$template" "test/__snapshots__/$TEST.integ.snapshot.json"
echo "Saved snapshot: test/__snapshots__/$TEST.integ.snapshot.json"
fi
done
"""
[tasks."cdk:test:integ:deploy"]
description = "Deploy all integration tests to AWS"
run = """
set -e
echo "Deploying all integration tests"
for f in test/*.integ.ts; do
if [ -f "$f" ]; then
basename=$(basename "$f" .integ.ts)
echo " - $basename"
TEST="$basename" mise run cdk:test:integ:deploy:single
fi
done
echo "All integration tests deployed successfully"
"""
[tasks.compat]
description = "Check API compatibility"
run = """
npx jsii-diff npm:$(node -p "require('./package.json').name") -k --ignore-file .compatignore || \
(echo "\nUNEXPECTED BREAKING CHANGES: add keys such as 'removed:constructs.Node.of' to .compatignore to skip.\n" && exit 1)
"""
[tasks.watch]
description = "Watch and recompile on changes"
run = "tsc --watch"