feat(gitops): config-as-code via .tinyforge.yml for repo-backed workloads
A dockerfile or static workload can opt in to reading its deploy config from a
.tinyforge.yml in its own repo. Tinyforge fetches the file, shows field-level
drift vs the live config, and an admin applies it with an explicit Sync. The
repo becomes the source of truth for the declared fields. Manual-sync only;
no auto-apply on deploy, no multi-workload reconcile, no create/delete in v1.
Scope is deliberately source-aware and source_config-resident: dockerfile
declares port/healthcheck/deploy_strategy, static declares deploy_strategy.
The file never carries repo coords or secrets (those stay in the encrypted
DB), which keeps credentials out of the repo.
Backend:
- internal/gitops: Spec/ParseSpec (KnownFields rejects unknown keys), a
source-aware ApplyPlan/BuildPlan, MergeAndValidate (omitted-field-preserving
deep merge + validate-the-merged-result-then-commit — never a partial
config), declared-only Drift with normalization, and Fetch with
ok/no_file/fetch_failed/invalid statuses and token-redacted messages.
- staticsite: DownloadFile added to GitProvider + Gitea/GitHub/GitLab impls,
reusing each provider's SSRF-safe client; 64 KiB cap; ErrFileNotFound.
- store: 4 additive gitops_* columns + setters (disjoint from UpdateWorkload
so the edit-form save and a sync never clobber each other).
- api: GET /workloads/{id}/gitops (status + raw + live drift + managed_fields),
PUT /gitops (admin, enable/path, traversal-safe), POST /gitops/sync (admin,
per-workload locked read->merge->validate->write, audited to event_log).
Frontend:
- GitOpsPanel.svelte: status pill, a purpose-built field-level drift view,
.tinyforge.yml preview, enable ToggleSwitch, Sync via ConfirmDialog; all five
statuses handled, admin affordances gated on the real viewer role.
- GitOps-managed badge (list + detail hero) and a read-only edit-form banner.
- api.ts fetchers + types; i18n apps.detail.gitops.* (en + ru parity).
Built phase-by-phase with an adversarial plan review (caught 5 design flaws
pre-implementation) and an independent review per phase (go / security / ts /
final) — all APPROVE, 0 CRITICAL/HIGH. docs/gitops.md documents the schema and
what's intentionally out of v1. Plan: plans/gitops/.
This commit is contained in:
@@ -0,0 +1,63 @@
|
||||
package store
|
||||
|
||||
import "testing"
|
||||
|
||||
func TestSetWorkloadGitOps_RoundTrip(t *testing.T) {
|
||||
s := newTestStore(t)
|
||||
w, err := s.CreateWorkload(Workload{Kind: "plugin", Name: "app", SourceKind: "dockerfile"})
|
||||
if err != nil {
|
||||
t.Fatalf("CreateWorkload: %v", err)
|
||||
}
|
||||
|
||||
// Fresh row defaults: GitOps off, default path applied by CreateWorkload.
|
||||
if w.GitOpsEnabled {
|
||||
t.Fatalf("new workload should default to gitops disabled")
|
||||
}
|
||||
if w.GitOpsPath != ".tinyforge.yml" {
|
||||
t.Fatalf("default path = %q, want .tinyforge.yml", w.GitOpsPath)
|
||||
}
|
||||
|
||||
// Enable with a custom path.
|
||||
if err := s.SetWorkloadGitOps(w.ID, true, "deploy/.tinyforge.yml"); err != nil {
|
||||
t.Fatalf("SetWorkloadGitOps: %v", err)
|
||||
}
|
||||
got, err := s.GetWorkloadByID(w.ID)
|
||||
if err != nil {
|
||||
t.Fatalf("GetWorkloadByID: %v", err)
|
||||
}
|
||||
if !got.GitOpsEnabled || got.GitOpsPath != "deploy/.tinyforge.yml" {
|
||||
t.Fatalf("after enable: enabled=%v path=%q", got.GitOpsEnabled, got.GitOpsPath)
|
||||
}
|
||||
|
||||
// Empty path falls back to the default.
|
||||
if err := s.SetWorkloadGitOps(w.ID, false, ""); err != nil {
|
||||
t.Fatalf("SetWorkloadGitOps disable: %v", err)
|
||||
}
|
||||
got, _ = s.GetWorkloadByID(w.ID)
|
||||
if got.GitOpsEnabled || got.GitOpsPath != ".tinyforge.yml" {
|
||||
t.Fatalf("after disable: enabled=%v path=%q", got.GitOpsEnabled, got.GitOpsPath)
|
||||
}
|
||||
}
|
||||
|
||||
func TestRecordGitOpsSync(t *testing.T) {
|
||||
s := newTestStore(t)
|
||||
w, _ := s.CreateWorkload(Workload{Kind: "plugin", Name: "app", SourceKind: "static"})
|
||||
|
||||
if err := s.RecordGitOpsSync(w.ID, "abc123", "2026-06-21 10:00:00"); err != nil {
|
||||
t.Fatalf("RecordGitOpsSync: %v", err)
|
||||
}
|
||||
got, _ := s.GetWorkloadByID(w.ID)
|
||||
if got.GitOpsCommitSHA != "abc123" || got.GitOpsLastSyncAt != "2026-06-21 10:00:00" {
|
||||
t.Fatalf("sync not recorded: sha=%q at=%q", got.GitOpsCommitSHA, got.GitOpsLastSyncAt)
|
||||
}
|
||||
}
|
||||
|
||||
func TestGitOpsSetters_NotFound(t *testing.T) {
|
||||
s := newTestStore(t)
|
||||
if err := s.SetWorkloadGitOps("nope", true, ""); err == nil {
|
||||
t.Fatalf("expected ErrNotFound for missing workload")
|
||||
}
|
||||
if err := s.RecordGitOpsSync("nope", "x", "y"); err == nil {
|
||||
t.Fatalf("expected ErrNotFound for missing workload")
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user