#!/bin/bash # TEST_WORKFLOW.sh # End-to-end test for GitLab + Cloudflare MCP integration # Usage: ./TEST_WORKFLOW.sh [full|quick] set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" WORKFLOW_MODE="${1:-quick}" # Color codes for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color # Logging functions log_info() { echo -e "${BLUE}[INFO]${NC} $1" } log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1" } log_warning() { echo -e "${YELLOW}[WARN]${NC} $1" } log_error() { echo -e "${RED}[ERROR]${NC} $1" } # ============================================================================ # PHASE 1: Environment Validation # ============================================================================ echo "" log_info "====== PHASE 1: Environment Validation ======" # Check required environment variables check_env_var() { local var_name=$1 local var_value=${!var_name:-} if [[ -z "$var_value" ]]; then log_warning "$var_name not set (optional)" return 1 else log_success "$var_name is set (${#var_value} chars)" return 0 fi } # Essential vars log_info "Checking essential environment variables..." GITHUB_OKAY=$(check_env_var GITHUB_TOKEN || echo "false") GITLAB_OKAY=$(check_env_var GITLAB_TOKEN || echo "false") CLOUDFLARE_OKAY=$(check_env_var CLOUDFLARE_API_TOKEN || echo "false") ACCOUNT_OKAY=$(check_env_var CLOUDFLARE_ACCOUNT_ID || echo "false") # Verify opencode.jsonc exists and is valid JSON log_info "Validating opencode.jsonc..." if [[ ! -f "$SCRIPT_DIR/opencode.jsonc" ]]; then log_error "opencode.jsonc not found in $SCRIPT_DIR" exit 1 fi # Try to parse as JSON (allowing comments via jq) if command -v jq &> /dev/null; then if jq . "$SCRIPT_DIR/opencode.jsonc" > /dev/null 2>&1; then log_success "opencode.jsonc is valid JSON" else log_warning "opencode.jsonc has comments (expected for .jsonc)" fi else log_warning "jq not available, skipping JSON validation" fi # Check Terraform files log_info "Validating Terraform files..." if [[ ! -d "$SCRIPT_DIR/terraform" ]]; then log_error "terraform/ directory not found" exit 1 fi if command -v terraform &> /dev/null; then cd "$SCRIPT_DIR/terraform" if terraform validate > /dev/null 2>&1; then log_success "Terraform files are valid" else log_warning "Terraform validation failed (may need init)" fi cd "$SCRIPT_DIR" else log_warning "terraform CLI not installed, skipping validation" fi # ============================================================================ # PHASE 2: Test Scenarios (by mode) # ============================================================================ echo "" if [[ "$WORKFLOW_MODE" == "quick" ]]; then log_info "====== PHASE 2: Quick Test (Environment Check Only) ======" echo "" log_info "Summary of configured MCPs:" echo " ✓ Enabled globally: filesystem, git, github, gh_grep" echo " ⚠ Per-agent enabled: gitlab, cloudflare (requires tokens)" echo " ✓ Optional: postgres, sqlite, docker, aws, slack, memory, context7" echo "" log_info "Token Status:" [[ "$GITHUB_OKAY" != "false" ]] && echo " ✓ GITHUB_TOKEN available" || echo " ✗ GITHUB_TOKEN missing" [[ "$GITLAB_OKAY" != "false" ]] && echo " ✓ GITLAB_TOKEN available" || echo " ✗ GITLAB_TOKEN missing (needed for gitlab MCP)" [[ "$CLOUDFLARE_OKAY" != "false" ]] && echo " ✓ CLOUDFLARE_API_TOKEN available" || echo " ✗ CLOUDFLARE_API_TOKEN missing (needed for cloudflare MCP)" [[ "$ACCOUNT_OKAY" != "false" ]] && echo " ✓ CLOUDFLARE_ACCOUNT_ID available" || echo " ✗ CLOUDFLARE_ACCOUNT_ID missing (needed for cloudflare MCP)" echo "" log_success "Quick test complete!" elif [[ "$WORKFLOW_MODE" == "full" ]]; then log_info "====== PHASE 2: Full Integration Test ======" # ======================================================================== # Test 1: Git Operations # ======================================================================== echo "" log_info "Test 1: Git operations (local)" if [[ -d "$SCRIPT_DIR/.git" ]]; then log_success "Git repository detected" cd "$SCRIPT_DIR" BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "unknown") COMMITS=$(git log --oneline -n 3 2>/dev/null || echo "none") log_success "Current branch: $BRANCH" log_success "Recent commits: (see below)" echo "$COMMITS" | sed 's/^/ /' else log_warning "Not a git repository (use 'git init' if needed)" fi # ======================================================================== # Test 2: Filesystem Operations # ======================================================================== echo "" log_info "Test 2: Filesystem operations (local)" FILES_FOUND=$(find "$SCRIPT_DIR" -maxdepth 2 -type f -name "*.tf" | wc -l) log_success "Found $FILES_FOUND Terraform files" if [[ -f "$SCRIPT_DIR/terraform/main.tf" ]]; then log_success "main.tf exists" RESOURCE_COUNT=$(grep -c "^resource " "$SCRIPT_DIR/terraform/main.tf" || echo "0") log_success "Contains $RESOURCE_COUNT resources" fi # ======================================================================== # Test 3: GitHub Integration (if token available) # ======================================================================== echo "" log_info "Test 3: GitHub integration" if [[ "$GITHUB_OKAY" != "false" ]] && command -v gh &> /dev/null; then log_success "GitHub CLI available with token" if gh auth status > /dev/null 2>&1; then USER=$(gh api user.login 2>/dev/null || echo "unknown") log_success "Authenticated as: $USER" else log_warning "GitHub token validation failed" fi else log_warning "GitHub token not available (optional for local work)" fi # ======================================================================== # Test 4: GitLab Integration (if token available) # ======================================================================== echo "" log_info "Test 4: GitLab integration" if [[ "$GITLAB_OKAY" != "false" ]]; then GITLAB_URL="${GITLAB_URL:-https://gitlab.com}" log_success "GITLAB_TOKEN available" log_success "GITLAB_URL: $GITLAB_URL" # Test with curl if command -v curl &> /dev/null; then GITLAB_RESPONSE=$(curl -s -H "PRIVATE-TOKEN: $GITLAB_TOKEN" "$GITLAB_URL/api/v4/user" 2>/dev/null | jq '.name' 2>/dev/null || echo "error") if [[ "$GITLAB_RESPONSE" != "error" ]]; then log_success "GitLab API connection successful" else log_warning "GitLab API returned an error (check token/URL)" fi fi else log_warning "GITLAB_TOKEN not available (needed for gitlab MCP)" echo " To enable: export GITLAB_TOKEN='glpat_...'" fi # ======================================================================== # Test 5: Cloudflare Integration (if token available) # ======================================================================== echo "" log_info "Test 5: Cloudflare API integration" if [[ "$CLOUDFLARE_OKAY" != "false" ]] && [[ "$ACCOUNT_OKAY" != "false" ]]; then log_success "CLOUDFLARE_API_TOKEN and CLOUDFLARE_ACCOUNT_ID available" # Test with curl if command -v curl &> /dev/null; then CF_RESPONSE=$(curl -s -X GET "https://api.cloudflare.com/client/v4/accounts/$CLOUDFLARE_ACCOUNT_ID" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" 2>/dev/null | jq '.success' 2>/dev/null || echo "false") if [[ "$CF_RESPONSE" == "true" ]]; then log_success "Cloudflare API connection successful" # Get zones count ZONES=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" 2>/dev/null | jq '.result | length' 2>/dev/null || echo "0") log_success "Account has $ZONES zone(s)" else log_warning "Cloudflare API authentication failed (check token)" fi fi else log_warning "CLOUDFLARE_API_TOKEN or CLOUDFLARE_ACCOUNT_ID not available" echo " To enable: export CLOUDFLARE_API_TOKEN='...'" echo " To enable: export CLOUDFLARE_ACCOUNT_ID='...'" fi # ======================================================================== # Test 6: Compliance Files # ======================================================================== echo "" log_info "Test 6: Compliance and documentation files" COMPLIANCE_FILES=( "cloudflare_dns_manifest.md" "cloudflare_waf_baseline.md" "zero_trust_architecture.md" "WEB-INFRA-SECURITY-PATTERNS.md" "TUNNEL-HARDENING.md" ) for file in "${COMPLIANCE_FILES[@]}"; do if [[ -f "$SCRIPT_DIR/$file" ]]; then LINES=$(wc -l < "$SCRIPT_DIR/$file") log_success "$file ($LINES lines)" else log_warning "$file not found" fi done # ======================================================================== # Test 7: Playbooks # ======================================================================== echo "" log_info "Test 7: Incident Response Playbooks" if [[ -d "$SCRIPT_DIR/playbooks" ]]; then PLAYBOOK_COUNT=$(find "$SCRIPT_DIR/playbooks" -type f -name "*.md" | wc -l) log_success "Found $PLAYBOOK_COUNT playbooks" find "$SCRIPT_DIR/playbooks" -type f -name "*.md" -exec basename {} \; | sed 's/^/ - /' else log_warning "playbooks/ directory not found" fi log_success "Full test complete!" else log_error "Unknown mode: $WORKFLOW_MODE" echo "Usage: $0 [quick|full]" exit 1 fi # ============================================================================ # FINAL SUMMARY # ============================================================================ echo "" log_info "====== Test Summary ======" echo "" echo "Quick Reference:" echo " Start OpenCode: opencode" echo " Initialize: /init" echo " List MCPs: /mcp list" echo " Start agent: /agent cloudflare-ops" echo " Read config: cat opencode.jsonc" echo "" echo "Next Steps:" echo " 1. Export required tokens to environment" echo " 2. Run: opencode /init" echo " 3. Run: /mcp list (verify MCPs load)" echo " 4. Run: /agent cloudflare-ops" echo " 5. Test: 'Query the latest infrastructure changes in GitLab'" echo "" log_success "All checks passed!"