Files
rutster/deploy/smoke/compose_smoke.sh
Aaron D. Lee abb7e1428d feat(deploy/smoke): all-in-one + compose + reload-during-call smoke harness (deploy-B §9)
Three Python-stdlib-only smoke scripts (no pip install required in CI;
the runner image ships Python 3 + ssl/socket/json/base64/time):

* allinone_smoke.py — boots rutster-allinone with RUTSTER_LOCAL_CERTS=true
  (Caddy internal CA, no ACME per spec §9), extracts the root cert from
  /data, opens wss:// WS to /twilio/media-stream, sends Twilio's
  connected+start handshake (the same JSON sequence the in-tree
  ws_ping.rs/nodelay.rs tests use), streams 200 PCM frames at 20ms cadence,
  asserts the engine echoes/replies at least one text frame. Reuses the
  T8 stub's handshake pattern (crates/rutster/tests/trunk_sim_e2e.rs TODO
  body) against a real containerized binary rather than an in-process
  MockTwilioMediaStreamsServer.
* compose_smoke.sh — T2 four-service boots + health checks via Caddy TLS.
  The # TODO slice-C: assert lifecycle event in Valkey stream named hook
  documents the contract slice C will assert; the valkey service is dark
  on day one (no consumers) so the stream length is always 0 today.
* reload_during_call.py — holds a live WS streaming frames at 20ms while a
  concurrent `caddy reload` fires mid-call; asserts zero frames dropped
  + WS survives across the reload. Regresses the stream_close_delay 24h
  mitigation against caddy #6420/#7222 (TLS brief §5 risk 1; spec §9
  reload-during-call smoke).

WS frame encode/decode is hand-rolled (RFC 6455 §5 — ten lines on top of
socket+ssl) so the smoke needs no websocket-client/websockets pip
dependency + no network round-trip in CI.

Signed-off-by: Aaron D. Lee <himself@adlee.work>
2026-07-06 15:30:44 -04:00

93 lines
4.1 KiB
Bash
Executable File

#!/usr/bin/env bash
# deploy/smoke/compose_smoke.sh — T2 compose smoke (deploy-B §9).
#
# Brings up deploy/compose.yaml with `docker compose up -d --wait`, asserts
# every service reports healthy via `docker compose ps`, then curls
# /healthz through Caddy's TLS (using the internal CA —
# RUTSTER_LOCAL_CERTS=true is set in the smoke's env). The compose smoke
# is intentionally lighter than the all-in-one smoke (which already proves
# the WS path) — its job is to assert the four-service orchestrator shape
# boots + the network_mode: "service:engine" brain->engine tap posture.
#
# The ValkeyEventSink-lands-in-stream assertion is slice C's concern.
# Named hook below; do NOT implement it in this slice.
set -euo pipefail
cd "$(dirname "$0")/.." # deploy/
IMAGES_TAG="${RUTSTER_IMAGES_TAG:-smoke}"
export RUTSTER_DOMAIN=localhost
export RUTSTER_ACME_EMAIL=smoke@example.com
export RUTSTER_LOCAL_CERTS=true
export RUTSTER_HTTP_BIND=0.0.0.0:8080
export RUTSTER_MEDIA_BIND_IP=127.0.0.1
export RUTSTER_MEDIA_PORT_RANGE=49160-49170
export RUTSTER_DRAIN_DEADLINE_SECS=10
export RUTSTER_TAP_URL=ws://127.0.0.1:8082
echo "[compose_smoke] overriding compose.yaml image tags -> :${IMAGES_TAG}"
# Sed the image: tags from :latest to :smoke so CI's locally-built images
# are picked up. In-place + restored on exit.
cp compose.yaml compose.yaml.smoke-backup
trap 'mv compose.yaml.smoke-backup compose.yaml' EXIT
sed -i "s|image: rutster-edge:latest|image: rutster-edge:${IMAGES_TAG}|" compose.yaml
sed -i "s|image: rutster-engine:latest|image: rutster-engine:${IMAGES_TAG}|" compose.yaml
sed -i "s|image: rutster-brain:latest|image: rutster-brain:${IMAGES_TAG}|" compose.yaml
echo "[compose_smoke] docker compose up -d --wait"
docker compose up -d --wait --timeout 120
echo "[compose_smoke] docker compose ps"
docker compose ps
# Each service should report "running" state. (Healthy flag is set by the
# engine's /readyz via the Docker healthcheck — none of the shipped images
# define a HEALTHCHECK yet; slice-G or a future hardening slice can add one.
# For now State="running" + /healthz 200 + /readyz 200 is the gate.)
HEALTHY_COUNT=$(docker compose ps --format json | jq '[.[] | select(.State == "running")] | length')
EXPECTED=4
if [ "$HEALTHY_COUNT" -ne "$EXPECTED" ]; then
echo "[compose_smoke] FAIL: expected $EXPECTED running services, got $HEALTHY_COUNT" >&2
docker compose logs
exit 1
fi
echo "[compose_smoke] $EXPECTED services running"
# Caddy /healthz via TLS (internal CA). Port 443 is published by the caddy service.
ROOT_CERT=$(docker compose exec -T caddy cat /data/caddy/pki/authorities/local/root.crt)
echo "$ROOT_CERT" > /tmp/rutster-smoke-root.pem
# Wait for /healthz to return 200 via Caddy TLS.
for _ in $(seq 1 60); do
if curl --cacert /tmp/rutster-smoke-root.pem -fsS https://localhost/healthz \
| grep -q '^ok$'; then
echo "[compose_smoke] /healthz ok"
break
fi
sleep 0.5
done
curl --cacert /tmp/rutster-smoke-root.pem -fsS https://localhost/healthz \
|| { echo "[compose_smoke] FAIL: /healthz never returned ok"; docker compose logs; exit 1; }
# Engine /readyz — fresh boot, MUST be 200 (drain happens on shutdown, not
# boot; cap only after RUTSTER_MAX_SESSIONS sessions exist).
curl --cacert /tmp/rutster-smoke-root.pem -fsS https://localhost/readyz \
|| { echo "[compose_smoke] FAIL: /readyz never returned ok"; docker compose logs; exit 1; }
echo "[compose_smoke] /readyz ok"
# TODO slice-C: assert lifecycle event in Valkey stream.
# Slice C lands ValkeyEventSink (spec §5.6) + the assert-event-lands-in-
# Valkey-stream smoke addition. The hook here documents the contract:
# Once slice C lands, this smoke runs:
# docker compose exec valkey valkey-cli XLEN rutster:events
# and asserts > 0 after a sim call completes (an EventSink::on_event
# call writes via XADD MAXLEN ~). Until then, the valkey service is dark
# (no consumers) — counting the stream length would always be 0.
# Leaving the named hook so slice C's plan can grep for it.
echo "[compose_smoke] PASS: T2 compose boots + /healthz + /readyz verified"
# Cleanup (compose down; volumes left for warm cache on re-run).
docker compose down --volumes --timeout 30 || true
exit 0