diff --git a/.gitignore b/.gitignore index 6a0d3a8..ec9049f 100644 --- a/.gitignore +++ b/.gitignore @@ -80,8 +80,6 @@ service-account.json # Docker secrets secrets/ -# Benchmark results -benchmark_results_*.json # Temporary and backup files *.backup diff --git a/docs/SCRIPTS.md b/docs/SCRIPTS.md index 94756a8..9a5a3bb 100644 --- a/docs/SCRIPTS.md +++ b/docs/SCRIPTS.md @@ -9,25 +9,20 @@ This document provides an overview of the scripts in this repository, organized | `scripts/setup/setup.sh` | Main setup script for the project | `./scripts/setup/setup.sh` | | `scripts/setup/setup-precommit.sh` | Sets up pre-commit hooks | `./scripts/setup/setup-precommit.sh` | | `scripts/setup/setup-claude-auth.sh` | Sets up Claude authentication | `./scripts/setup/setup-claude-auth.sh` | -| `scripts/setup/setup-new-repo.sh` | Sets up a new clean repository | `./scripts/setup/setup-new-repo.sh` | -| `scripts/setup/create-new-repo.sh` | Creates a new repository | `./scripts/setup/create-new-repo.sh` | +| `scripts/setup/setup-secure-credentials.sh` | Sets up secure credentials | `./scripts/setup/setup-secure-credentials.sh` | ## Build Scripts | Script | Description | Usage | |--------|-------------|-------| -| `scripts/build/build-claude-container.sh` | Builds the Claude container | `./scripts/build/build-claude-container.sh` | -| `scripts/build/build-claudecode.sh` | Builds the Claude Code runner Docker image | `./scripts/build/build-claudecode.sh` | -| `scripts/build/update-production-image.sh` | Updates the production Docker image | `./scripts/build/update-production-image.sh` | +| `scripts/build/build.sh` | Builds the Docker images | `./scripts/build/build.sh` | ## AWS Configuration and Credentials | Script | Description | Usage | |--------|-------------|-------| | `scripts/aws/create-aws-profile.sh` | Creates AWS profiles programmatically | `./scripts/aws/create-aws-profile.sh [region] [output-format]` | -| `scripts/aws/migrate-aws-credentials.sh` | Migrates AWS credentials to profiles | `./scripts/aws/migrate-aws-credentials.sh` | | `scripts/aws/setup-aws-profiles.sh` | Sets up AWS profiles | `./scripts/aws/setup-aws-profiles.sh` | -| `scripts/aws/update-aws-creds.sh` | Updates AWS credentials | `./scripts/aws/update-aws-creds.sh` | ## Runtime and Execution @@ -45,58 +40,48 @@ This document provides an overview of the scripts in this repository, organized |--------|-------------|-------| | `scripts/security/init-firewall.sh` | Initializes firewall for containers | `./scripts/security/init-firewall.sh` | | `scripts/security/accept-permissions.sh` | Handles permission acceptance | `./scripts/security/accept-permissions.sh` | -| `scripts/security/fix-credential-references.sh` | Fixes credential references | `./scripts/security/fix-credential-references.sh` | +| `scripts/security/credential-audit.sh` | Audits code for credential leaks | `./scripts/security/credential-audit.sh` | ## Utility Scripts | Script | Description | Usage | |--------|-------------|-------| | `scripts/utils/ensure-test-dirs.sh` | Ensures test directories exist | `./scripts/utils/ensure-test-dirs.sh` | -| `scripts/utils/prepare-clean-repo.sh` | Prepares a clean repository | `./scripts/utils/prepare-clean-repo.sh` | -| `scripts/utils/volume-test.sh` | Tests volume mounting | `./scripts/utils/volume-test.sh` | +| `scripts/utils/setup-repository-labels.js` | Sets up GitHub repository labels | `node scripts/utils/setup-repository-labels.js owner/repo` | -## Testing Scripts +## Testing -### Integration Tests +All shell-based test scripts have been migrated to JavaScript E2E tests using Jest. Use the following npm commands: -| Script | Description | Usage | +### JavaScript Test Files + +**Note**: Shell-based test scripts have been migrated to JavaScript E2E tests using Jest. The following test files provide comprehensive testing: + +| Test File | Description | Usage | |--------|-------------|-------| -| `test/integration/test-full-flow.sh` | Tests the full workflow | `./test/integration/test-full-flow.sh` | -| `test/integration/test-claudecode-docker.sh` | Tests Claude Code Docker setup | `./test/integration/test-claudecode-docker.sh` | +| `test/e2e/scenarios/container-execution.test.js` | Tests container functionality | `npm run test:e2e` | +| `test/e2e/scenarios/claude-integration.test.js` | Tests Claude integration | `npm run test:e2e` | +| `test/e2e/scenarios/docker-execution.test.js` | Tests Docker execution | `npm run test:e2e` | +| `test/e2e/scenarios/security-firewall.test.js` | Tests security and firewall | `npm run test:e2e` | -### AWS Tests +### Running Tests -| Script | Description | Usage | -|--------|-------------|-------| -| `test/aws/test-aws-profile.sh` | Tests AWS profile configuration | `./test/aws/test-aws-profile.sh` | -| `test/aws/test-aws-mount.sh` | Tests AWS mount functionality | `./test/aws/test-aws-mount.sh` | +```bash +# Run all tests +npm test -### Container Tests +# Run unit tests +npm run test:unit -| Script | Description | Usage | -|--------|-------------|-------| -| `test/container/test-basic-container.sh` | Tests basic container functionality | `./test/container/test-basic-container.sh` | -| `test/container/test-container-cleanup.sh` | Tests container cleanup | `./test/container/test-container-cleanup.sh` | -| `test/container/test-container-privileged.sh` | Tests container privileged mode | `./test/container/test-container-privileged.sh` | +# Run E2E tests +npm run test:e2e -### Claude Tests +# Run tests with coverage +npm run test:coverage -| Script | Description | Usage | -|--------|-------------|-------| -| `test/claude/test-claude-direct.sh` | Tests direct Claude integration | `./test/claude/test-claude-direct.sh` | -| `test/claude/test-claude-no-firewall.sh` | Tests Claude without firewall | `./test/claude/test-claude-no-firewall.sh` | -| `test/claude/test-claude-installation.sh` | Tests Claude installation | `./test/claude/test-claude-installation.sh` | -| `test/claude/test-claude-version.sh` | Tests Claude version | `./test/claude/test-claude-version.sh` | -| `test/claude/test-claude-response.sh` | Tests Claude response | `./test/claude/test-claude-response.sh` | -| `test/claude/test-direct-claude.sh` | Tests direct Claude access | `./test/claude/test-direct-claude.sh` | - -### Security Tests - -| Script | Description | Usage | -|--------|-------------|-------| -| `test/security/test-firewall.sh` | Tests firewall configuration | `./test/security/test-firewall.sh` | -| `test/security/test-with-auth.sh` | Tests with authentication | `./test/security/test-with-auth.sh` | -| `test/security/test-github-token.sh` | Tests GitHub token | `./test/security/test-github-token.sh` | +# Run tests in watch mode +npm run test:watch +``` ## Common Workflows @@ -109,6 +94,9 @@ This document provides an overview of the scripts in this repository, organized # Set up Claude authentication ./scripts/setup/setup-claude-auth.sh +# Set up secure credentials +./scripts/setup/setup-secure-credentials.sh + # Create AWS profile ./scripts/aws/create-aws-profile.sh claude-webhook YOUR_ACCESS_KEY YOUR_SECRET_KEY ``` @@ -116,8 +104,8 @@ This document provides an overview of the scripts in this repository, organized ### Building and Running ```bash -# Build Claude Code container -./scripts/build/build-claudecode.sh +# Build Docker images +./scripts/build/build.sh # Start the API server ./scripts/runtime/start-api.sh @@ -129,22 +117,18 @@ docker compose up -d ### Running Tests ```bash -# Run integration tests -./test/integration/test-full-flow.sh +# Run all tests +npm test -# Run AWS tests -./test/aws/test-aws-profile.sh +# Run E2E tests specifically +npm run test:e2e -# Run Claude tests -./test/claude/test-claude-direct.sh +# Run unit tests specifically +npm run test:unit ``` -## Backward Compatibility +## Notes -For backward compatibility, wrapper scripts are provided in the root directory for the most commonly used scripts: - -- `setup-claude-auth.sh` -> `scripts/setup/setup-claude-auth.sh` -- `build-claudecode.sh` -> `scripts/build/build-claudecode.sh` -- `start-api.sh` -> `scripts/runtime/start-api.sh` - -These wrappers simply forward all arguments to the actual scripts in their new locations. \ No newline at end of file +- All shell-based test scripts have been migrated to JavaScript E2E tests for better maintainability and consistency. +- The project uses npm scripts for most common operations. See `package.json` for available scripts. +- Docker Compose is the recommended way to run the service in production. \ No newline at end of file diff --git a/run-claudecode-interactive.sh b/run-claudecode-interactive.sh deleted file mode 100755 index ce1447a..0000000 --- a/run-claudecode-interactive.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -# Run claudecode container interactively for testing and debugging -docker run -it --rm \ - -v $(pwd):/workspace \ - -v ~/.aws:/root/.aws:ro \ - -v ~/.claude:/root/.claude \ - -w /workspace \ - --entrypoint /bin/bash \ - claudecode:latest \ No newline at end of file diff --git a/scripts/utils/benchmark-startup.sh b/scripts/utils/benchmark-startup.sh deleted file mode 100755 index 1a84d82..0000000 --- a/scripts/utils/benchmark-startup.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash - -# Benchmark script for measuring spin-up times -set -e - -BENCHMARK_RUNS=${1:-3} -COMPOSE_FILE=${2:-docker-compose.yml} - -echo "Benchmarking startup time with $COMPOSE_FILE (${BENCHMARK_RUNS} runs)" -echo "==============================================" - -TOTAL_TIME=0 -RESULTS=() - -for i in $(seq 1 $BENCHMARK_RUNS); do - echo "Run $i/$BENCHMARK_RUNS:" - - # Ensure clean state - docker compose -f $COMPOSE_FILE down >/dev/null 2>&1 || true - docker system prune -f >/dev/null 2>&1 || true - - # Start timing - START_TIME=$(date +%s%3N) - - # Start service - docker compose -f $COMPOSE_FILE up -d >/dev/null 2>&1 - - # Wait for health check to pass - echo -n " Waiting for service to be ready." - while true; do - if curl -s -f http://localhost:8082/health >/dev/null 2>&1; then - READY_TIME=$(date +%s%3N) - break - fi - echo -n "." - sleep 0.5 - done - - ELAPSED=$((READY_TIME - START_TIME)) - TOTAL_TIME=$((TOTAL_TIME + ELAPSED)) - RESULTS+=($ELAPSED) - - echo " Ready! (${ELAPSED}ms)" - - # Get detailed startup metrics - METRICS=$(curl -s http://localhost:8082/health | jq -r '.startup.totalElapsed // "N/A"') - echo " App startup time: ${METRICS}ms" - - # Clean up - docker compose -f $COMPOSE_FILE down >/dev/null 2>&1 - - # Brief pause between runs - sleep 2 -done - -echo "" -echo "Results Summary:" -echo "==============================================" - -AVERAGE=$((TOTAL_TIME / BENCHMARK_RUNS)) -echo "Average startup time: ${AVERAGE}ms" - -# Calculate min/max -MIN=${RESULTS[0]} -MAX=${RESULTS[0]} -for time in "${RESULTS[@]}"; do - [ $time -lt $MIN ] && MIN=$time - [ $time -gt $MAX ] && MAX=$time -done - -echo "Fastest: ${MIN}ms" -echo "Slowest: ${MAX}ms" -echo "Individual results: ${RESULTS[*]}" - -# Save results to file -TIMESTAMP=$(date '+%Y%m%d_%H%M%S') -RESULTS_FILE="benchmark_results_${TIMESTAMP}.json" - -cat > $RESULTS_FILE << EOF -{ - "timestamp": "$(date -Iseconds)", - "compose_file": "$COMPOSE_FILE", - "runs": $BENCHMARK_RUNS, - "results_ms": [$(IFS=,; echo "${RESULTS[*]}")], - "average_ms": $AVERAGE, - "min_ms": $MIN, - "max_ms": $MAX -} -EOF - -echo "Results saved to: $RESULTS_FILE" \ No newline at end of file diff --git a/scripts/utils/volume-test.sh b/scripts/utils/volume-test.sh deleted file mode 100755 index 2630a21..0000000 --- a/scripts/utils/volume-test.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -# Test container with a volume mount for output -OUTPUT_DIR="/tmp/claude-output" -OUTPUT_FILE="$OUTPUT_DIR/output.txt" - -echo "Docker Container Volume Test" -echo "==========================" - -# Ensure output directory exists and is empty -mkdir -p "$OUTPUT_DIR" -rm -f "$OUTPUT_FILE" - -# Run container with volume mount for output -docker run --rm \ - -v "$OUTPUT_DIR:/output" \ - claudecode:latest \ - bash -c "echo 'Hello from container' > /output/output.txt && echo 'Command executed successfully.'" - -# Check if output file was created -echo -echo "Checking for output file: $OUTPUT_FILE" -if [ -f "$OUTPUT_FILE" ]; then - echo "Output file created. Contents:" - cat "$OUTPUT_FILE" -else - echo "No output file was created." -fi \ No newline at end of file diff --git a/test/claude/test-claude.sh b/test/claude/test-claude.sh deleted file mode 100755 index a2feff6..0000000 --- a/test/claude/test-claude.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash -# Consolidated Claude test script -# Usage: ./test-claude.sh [direct|installation|no-firewall|response] - -set -e - -TEST_TYPE=${1:-direct} - -case "$TEST_TYPE" in - direct) - echo "Testing direct Claude integration..." - # Direct Claude test logic from test-claude-direct.sh - docker run --rm -it \ - -e REPO_FULL_NAME="owner/test-repo" \ - -e ISSUE_NUMBER="1" \ - -e IS_PULL_REQUEST="false" \ - -e COMMAND="echo 'Direct Claude test'" \ - -e GITHUB_TOKEN="${GITHUB_TOKEN:-test-token}" \ - -e ANTHROPIC_API_KEY="${ANTHROPIC_API_KEY:-test-key}" \ - claude-code-runner:latest - ;; - - installation) - echo "Testing Claude installation..." - # Installation test logic from test-claude-installation.sh and test-claude-version.sh - docker run --rm -it \ - -e REPO_FULL_NAME="owner/test-repo" \ - -e ISSUE_NUMBER="1" \ - -e IS_PULL_REQUEST="false" \ - -e COMMAND="claude-cli --version && claude --version" \ - -e GITHUB_TOKEN="${GITHUB_TOKEN:-test-token}" \ - claude-code-runner:latest - ;; - - no-firewall) - echo "Testing Claude without firewall..." - # Test logic from test-claude-no-firewall.sh - docker run --rm -it \ - -e REPO_FULL_NAME="owner/test-repo" \ - -e ISSUE_NUMBER="1" \ - -e IS_PULL_REQUEST="false" \ - -e COMMAND="echo 'Claude without firewall test'" \ - -e GITHUB_TOKEN="${GITHUB_TOKEN:-test-token}" \ - -e DISABLE_FIREWALL=true \ - claude-code-runner:latest - ;; - - response) - echo "Testing Claude response..." - # Test logic from test-claude-response.sh - docker run --rm -it \ - -e REPO_FULL_NAME="owner/test-repo" \ - -e ISSUE_NUMBER="1" \ - -e IS_PULL_REQUEST="false" \ - -e COMMAND="claude \"Tell me a joke\"" \ - -e GITHUB_TOKEN="${GITHUB_TOKEN:-test-token}" \ - -e ANTHROPIC_API_KEY="${ANTHROPIC_API_KEY:-test-key}" \ - claude-code-runner:latest - ;; - - *) - echo "Unknown test type: $TEST_TYPE" - echo "Usage: ./test-claude.sh [direct|installation|no-firewall|response]" - exit 1 - ;; -esac - -echo "Test complete!" diff --git a/test/container/test-container.sh b/test/container/test-container.sh deleted file mode 100755 index 0bcbe71..0000000 --- a/test/container/test-container.sh +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/bash -# Consolidated container test script -# Usage: ./test-container.sh [basic|privileged|cleanup] - -set -e - -TEST_TYPE=${1:-basic} - -case "$TEST_TYPE" in - basic) - echo "Running basic container test..." - # Basic container test logic from test-basic-container.sh - docker run --rm -it \ - -e REPO_FULL_NAME="owner/test-repo" \ - -e ISSUE_NUMBER="1" \ - -e IS_PULL_REQUEST="false" \ - -e COMMAND="echo 'Basic container test'" \ - -e GITHUB_TOKEN="${GITHUB_TOKEN:-test-token}" \ - claude-code-runner:latest - ;; - - privileged) - echo "Running privileged container test..." - # Privileged container test logic from test-container-privileged.sh - docker run --rm -it \ - --privileged \ - -e REPO_FULL_NAME="owner/test-repo" \ - -e ISSUE_NUMBER="1" \ - -e IS_PULL_REQUEST="false" \ - -e COMMAND="echo 'Privileged container test'" \ - -e GITHUB_TOKEN="${GITHUB_TOKEN:-test-token}" \ - claude-code-runner:latest - ;; - - cleanup) - echo "Running container cleanup test..." - # Container cleanup test logic from test-container-cleanup.sh - docker run --rm -it \ - -e REPO_FULL_NAME="owner/test-repo" \ - -e ISSUE_NUMBER="1" \ - -e IS_PULL_REQUEST="false" \ - -e COMMAND="echo 'Container cleanup test'" \ - -e GITHUB_TOKEN="${GITHUB_TOKEN:-test-token}" \ - claude-code-runner:latest - ;; - - *) - echo "Unknown test type: $TEST_TYPE" - echo "Usage: ./test-container.sh [basic|privileged|cleanup]" - exit 1 - ;; -esac - -echo "Test complete!"