From acd6b33767a6f0493b508dfe27ed4d1a38f0d65c Mon Sep 17 00:00:00 2001
From: Aditya Thebe <thebeaditya@gmail.com>
Date: Tue, 31 Oct 2023 14:46:34 +0545
Subject: [PATCH] test: add test for webhook check

---
 .github/workflows/webhook-check-test.yml | 43 ++++++++++++
 fixtures/external/alertmanager.yaml      |  2 +
 pkg/config.go                            |  2 +-
 test/e2e-webook.sh                       | 87 ++++++++++++++++++++++++
 4 files changed, 133 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/webhook-check-test.yml
 create mode 100755 test/e2e-webook.sh

diff --git a/.github/workflows/webhook-check-test.yml b/.github/workflows/webhook-check-test.yml
new file mode 100644
index 000000000..d485035f5
--- /dev/null
+++ b/.github/workflows/webhook-check-test.yml
@@ -0,0 +1,43 @@
+on:
+  push:
+    tags:
+      - v*
+    branches:
+      - master
+    paths:
+      - "**.go"
+      - "Makefile"
+      - "**.yaml"
+      - "**.yml"
+      - "test/**"
+  pull_request:
+    paths:
+      - "**.go"
+      - "Makefile"
+      - "**.yaml"
+      - "**.yml"
+      - "test/**"
+name: Webhook Check Test
+permissions:
+  contents: read
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install Go
+        uses: actions/setup-go@bfdd3570ce990073878bf10f6b2d79082de49492 # v2.2.0
+        with:
+          go-version: 1.20.x
+      - name: Checkout code
+        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
+      - uses: actions/cache@8492260343ad570701412c2f464a5877dc76bace # v2
+        with:
+          path: |
+            ~/go/pkg/mod
+            ~/.cache/go-build
+            .bin
+          key: cache-${{ hashFiles('**/go.sum') }}-${{ hashFiles('.bin/*') }}
+          restore-keys: |
+            cache-
+      - name: Test
+        run: ./test/e2e-webook.sh
diff --git a/fixtures/external/alertmanager.yaml b/fixtures/external/alertmanager.yaml
index 6d6a1a6b3..41db778f2 100644
--- a/fixtures/external/alertmanager.yaml
+++ b/fixtures/external/alertmanager.yaml
@@ -8,6 +8,8 @@ spec:
   schedule: "@every 1m"
   webhook:
     name: my-webhook
+    token:
+      value: webhook-auth-token
     transform:
       expr: |
         results.json.alerts.map(r,
diff --git a/pkg/config.go b/pkg/config.go
index 2770c6951..1cc299b5c 100644
--- a/pkg/config.go
+++ b/pkg/config.go
@@ -135,7 +135,7 @@ func ParseConfig(configfile string, datafile string) ([]v1.Canary, error) {
 			return nil, err
 		}
 
-		if len(config.Spec.GetAllChecks()) == 0 {
+		if len(config.Spec.GetAllChecks()) == 0 && config.Spec.Webhook == nil {
 			// try just the specs:
 			spec := v1.CanarySpec{}
 
diff --git a/test/e2e-webook.sh b/test/e2e-webook.sh
new file mode 100755
index 000000000..b104e8843
--- /dev/null
+++ b/test/e2e-webook.sh
@@ -0,0 +1,87 @@
+#!/bin/bash
+
+set -e
+
+echo "::group::Prerequisites"
+required_tools=("tr" "docker" "curl")
+for tool in "${required_tools[@]}"; do
+  if ! command -v $tool &>/dev/null; then
+    echo "$tool is not installed. Please install it to run this script."
+    exit 1
+  fi
+done
+echo "::endgroup::"
+
+# https://cedwards.xyz/defer-for-shell/
+DEFER=
+defer() {
+  DEFER="$*; ${DEFER}"
+  trap "{ $DEFER }" EXIT
+}
+
+## Summary
+# - Fire up the canary checker HTTP server for webhook endpoint
+# - Expect the checks to be created
+# - Create resolved alert
+# - Expect the checks to be deleted
+
+echo "::group::Provisioning"
+echo "Starting up postgres database"
+docker run --rm -p 5433:5432 --name webhook-postgres -e POSTGRES_PASSWORD=mysecretpassword -d postgres:14
+defer docker container rm -f webhook-postgres
+
+echo "Starting canary-checker in the background"
+go run main.go serve --httpPort=7676 --db-migrations --disable-postgrest -vvv --db='postgres://postgres:mysecretpassword@localhost:5433/postgres?sslmode=disable' \
+  --maxStatusCheckCount=1 fixtures/external/alertmanager.yaml &>/dev/null &
+PROC_ID=$!
+echo "Started canary checker with PID $PROC_ID"
+
+timeout=30
+echo Waiting for the server to come up. timeout=$timeout seconds
+for ((i = 1; i <= $timeout; i++)); do
+  if [ $(curl -s -o /dev/null -w "%{http_code}" 'http://localhost:7676/health') == "200" ]; then
+    echo "Server healthy (HTTP 200 OK)."
+    break
+  fi
+
+  [ $i -eq $timeout ] && echo "Timeout: Server didn't return HTTP 200." && exit 1
+  sleep 1
+done
+
+# Not sure why killing PROC_ID doesn't kill the HTTP server.
+# So had to get the process id this way
+process_id=$(lsof -nti:7676)
+echo "Running on port $process_id"
+defer "kill -9 $process_id"
+echo "::endgroup::"
+
+echo "::group::Assertion"
+echo Expect the check to be created by sync job
+resp=$(docker exec webhook-postgres psql 'postgres://postgres:mysecretpassword@localhost:5432/postgres?sslmode=disable' -t -c "SELECT count(*) FROM checks WHERE name = 'my-webhook';" | tr -d '[:space:]')
+if [ $resp -ne 1 ]; then
+  echo "Expected one webhook check to be created but $resp were created"
+  exit 1
+fi
+
+echo Attempt to call the webhook endpoint without the auth token
+resp=$(curl -w "%{http_code}" -s -o /dev/null -X POST 'localhost:7676/webhook/my-webhook')
+if [ $resp -ne 401 ]; then
+  echo "Expected 401, got $resp"
+  exit 1
+fi
+
+echo Attempt to call the webhook endpoint with the auth token
+resp=$(curl -w "%{http_code}" -s -o /dev/null -X POST 'localhost:7676/webhook/my-webhook?token=webhook-auth-token')
+if [ $resp -ne 200 ]; then
+  echo "Expected 200, got $resp"
+  exit 1
+fi
+echo "::endgroup::"
+
+# TODO:
+# Call the webhook endpoint with the auth token
+# Ensure that the new check is created
+# Call the webhook endpoint with resolved alert
+# Ensure that the check is deleted
+
+exit 0