improve: fdb → improve

Author: evansims

.github/workflows/ci.yml

@@ -1,9 +1,7 @@
 # yaml-language-server: $schema=https://www.schemastore.org/github-workflow.json
 #
 # CI workflow for tests repository
-# Integration tests require external dependencies (FoundationDB, etc.) and are
-# run locally or in dedicated test environments, not in GitHub Actions CI.
-# This workflow provides a consistent CI Success job for branch protection rules.
+# Runs E2E integration tests against Docker Compose stack with Ledger, Engine, and Control.
 
 name: CI
 
@@ -12,6 +10,8 @@ on:
     branches: [main]
   pull_request:
     branches: [main]
+  # Allow manual trigger for testing
+  workflow_dispatch:
 
 # Cancel in-progress runs when new commits are pushed
 concurrency:
@@ -21,32 +21,157 @@ concurrency:
 permissions:
   contents: read
 
+env:
+  CARGO_TERM_COLOR: always
+  RUST_BACKTRACE: 1
+
 jobs:
-  # Placeholder job - integration tests require external dependencies
-  # Tests are run locally via: make integration-test (uses docker-compose)
-  external-dependencies:
-    name: External Dependencies Required
+  # ==========================================================================
+  # Build: Compile tests (fast feedback on syntax errors)
+  # ==========================================================================
+  build:
+    name: Build Tests
     runs-on: ubuntu-latest
     steps:
       - name: Harden the runner (Audit all outbound calls)
         uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           egress-policy: audit
 
-      - name: Skip CI tests
+      - name: Checkout tests repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-action@7ac8906b4da87dbf44ef2c5cc52b4e736c91b7f6 # master
+        with:
+          toolchain: "1.85"
+          components: clippy
+
+      - name: Cache Rust dependencies
+        uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
+        with:
+          shared-key: "tests-build"
+
+      - name: Check formatting
+        run: cargo fmt --check
+
+      - name: Run clippy
+        run: cargo clippy --all-targets -- -D warnings
+
+      - name: Build tests
+        run: cargo test --no-run
+
+  # ==========================================================================
+  # E2E Integration Tests: Full stack with Ledger + Engine + Control
+  # ==========================================================================
+  e2e-integration-tests:
+    name: E2E Integration Tests
+    runs-on: ubuntu-latest
+    needs: [build]
+    timeout-minutes: 30
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        with:
+          egress-policy: audit
+
+      - name: Checkout meta-repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          repository: inferadb/inferadb
+          submodules: recursive
+          path: inferadb
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+
+      - name: Build and start E2E stack
+        working-directory: inferadb
         run: |
-          echo "This repository contains integration tests that require external dependencies."
+          echo "Building Docker images..."
+          docker compose -f docker-compose.e2e.yml build
+
+          echo "Starting services..."
+          docker compose -f docker-compose.e2e.yml up -d
+
+      - name: Wait for services to be healthy
+        working-directory: inferadb
+        run: |
+          echo "Waiting for services to become healthy..."
+          
+          TIMEOUT=180
+          ELAPSED=0
+          
+          while [[ $ELAPSED -lt $TIMEOUT ]]; do
+            LEDGER_HEALTHY=$(docker inspect --format='{{.State.Health.Status}}' inferadb-e2e-ledger 2>/dev/null || echo "unknown")
+            CONTROL_HEALTHY=$(docker inspect --format='{{.State.Health.Status}}' inferadb-e2e-control 2>/dev/null || echo "unknown")
+            ENGINE_HEALTHY=$(docker inspect --format='{{.State.Health.Status}}' inferadb-e2e-engine 2>/dev/null || echo "unknown")
+            
+            echo "  Ledger: $LEDGER_HEALTHY | Control: $CONTROL_HEALTHY | Engine: $ENGINE_HEALTHY (${ELAPSED}s)"
+            
+            if [[ "$LEDGER_HEALTHY" == "healthy" ]] && \
+               [[ "$CONTROL_HEALTHY" == "healthy" ]] && \
+               [[ "$ENGINE_HEALTHY" == "healthy" ]]; then
+              echo "All services are healthy!"
+              exit 0
+            fi
+            
+            sleep 5
+            ELAPSED=$((ELAPSED + 5))
+          done
+          
+          echo "ERROR: Services did not become healthy within ${TIMEOUT}s"
           echo ""
-          echo "To run tests locally:"
-          echo "  make integration-test"
+          echo "Container logs:"
+          docker compose -f docker-compose.e2e.yml logs
+          exit 1
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-action@7ac8906b4da87dbf44ef2c5cc52b4e736c91b7f6 # master
+        with:
+          toolchain: "1.85"
+
+      - name: Cache Rust dependencies
+        uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
+        with:
+          shared-key: "tests-build"
+          workspaces: "inferadb/tests"
+
+      - name: Run E2E integration tests
+        working-directory: inferadb/tests
+        env:
+          INFERADB_API_URL: "http://localhost:9090"
+          ENGINE_URL: "http://localhost:8080"
+          ENGINE_GRPC_URL: "http://localhost:8081"
+          ENGINE_MESH_URL: "http://localhost:8082"
+          CONTROL_URL: "http://localhost:9090"
+          RUST_LOG: "debug"
+        run: |
+          cargo test --test integration -- --test-threads=1 --nocapture
+
+      - name: Collect logs on failure
+        if: failure()
+        working-directory: inferadb
+        run: |
+          echo "=== Docker Compose Logs ==="
+          docker compose -f docker-compose.e2e.yml logs --tail=500
+          
           echo ""
-          echo "This uses docker-compose to spin up required services."
-          echo "See README.md for more details."
+          echo "=== Container Status ==="
+          docker compose -f docker-compose.e2e.yml ps
+
+      - name: Stop E2E stack
+        if: always()
+        working-directory: inferadb
+        run: |
+          docker compose -f docker-compose.e2e.yml down -v --remove-orphans
 
+  # ==========================================================================
   # Overall status check - required for branch protection
+  # ==========================================================================
   ci-success:
     name: CI Success
-    needs: [external-dependencies]
+    needs: [build, e2e-integration-tests]
     runs-on: ubuntu-latest
     if: always()
     permissions:
@@ -59,22 +184,38 @@ jobs:
 
       - name: Check CI results
         env:
-          EXTERNAL_DEPS_RESULT: ${{ needs.external-dependencies.result }}
+          BUILD_RESULT: ${{ needs.build.result }}
+          E2E_RESULT: ${{ needs.e2e-integration-tests.result }}
         run: |
           echo "## CI Results"
           echo ""
           echo "| Check | Status |"
           echo "|-------|--------|"
-          echo "| External Dependencies | $EXTERNAL_DEPS_RESULT (tests skipped) |"
-          echo ""
-          echo "Integration tests require external dependencies and are run locally."
-          echo "See docker-compose.integration.yml for the test environment setup."
+          echo "| Build | $BUILD_RESULT |"
+          echo "| E2E Integration Tests | $E2E_RESULT |"
           echo ""
 
-          # Fail if the placeholder job failed (shouldn't happen)
-          if [[ "$EXTERNAL_DEPS_RESULT" != "success" && "$EXTERNAL_DEPS_RESULT" != "skipped" ]]; then
-            echo "Unexpected failure in CI workflow"
+          # Function to validate result
+          validate_result() {
+            local name="$1"
+            local result="$2"
+            if [[ "$result" != "success" && "$result" != "skipped" ]]; then
+              echo "FAILED: $name ($result)"
+              return 1
+            fi
+            return 0
+          }
+
+          # Check all results
+          FAILED=0
+          validate_result "Build" "$BUILD_RESULT" || FAILED=1
+          validate_result "E2E Integration Tests" "$E2E_RESULT" || FAILED=1
+
+          if [[ $FAILED -eq 1 ]]; then
+            echo ""
+            echo "Some CI checks failed!"
             exit 1
           fi
 
-          echo "CI checks passed!"
+          echo ""
+          echo "All CI checks passed!"

README.md

@@ -5,14 +5,44 @@
         <a href="https://discord.gg/inferadb"><img src="https://img.shields.io/badge/Discord-Join%20us-5865F2?logo=discord&logoColor=white" alt="Discord" /></a>
         <a href="#license"><img src="https://img.shields.io/badge/license-MIT%2FApache--2.0-blue.svg" alt="License" /></a>
     </p>
-    <p>E2E tests for Engine and Control in Kubernetes</p>
+    <p>E2E tests for Engine and Control with Ledger storage</p>
 </div>
 
 > [!IMPORTANT]
 > Under active development. Not production-ready.
 
 ## Quick Start
 
+There are two ways to run the E2E tests:
+
+### Option 1: Docker Compose (CI-friendly)
+
+Use this for CI pipelines or when you don't have a K8s cluster:
+
+```bash
+# From the meta-repository root
+docker compose -f docker-compose.e2e.yml up -d
+
+# Run tests
+cd tests
+cargo test --test integration -- --test-threads=1
+
+# Stop and cleanup
+docker compose -f docker-compose.e2e.yml down -v
+```
+
+Or use the helper script:
+
+```bash
+./run-e2e.sh              # Run all tests
+./run-e2e.sh --keep       # Keep containers running after tests
+./run-e2e.sh cache        # Run only cache-related tests
+```
+
+### Option 2: Kubernetes Development Cluster
+
+Use this for development with the full Tailscale-based setup:
+
 ```bash
 # Check prerequisites
 inferadb dev doctor
@@ -36,19 +66,21 @@ Run specific suites:
 cargo test --test integration auth_jwt -- --test-threads=1
 cargo test --test integration vault_isolation -- --test-threads=1
 cargo test --test integration cache -- --test-threads=1
+cargo test --test integration ledger_cache_invalidation -- --test-threads=1
 ```
 
 ## Test Coverage
 
-| Category        | Tests | Scope                                           |
-| --------------- | ----- | ----------------------------------------------- |
-| Authentication  | 7     | JWT validation, Ed25519, expiration, scopes     |
-| Vault Isolation | 4     | Multi-tenant separation, cross-vault prevention |
-| Cache Behavior  | 4     | Hit/miss patterns, expiration, concurrency      |
-| Concurrency     | 5     | Parallel requests, race conditions              |
-| E2E Workflows   | 2     | Registration → authorization flows              |
-| Management      | 5     | Org suspension, client deactivation             |
-| Resilience      | 6     | Recovery, degradation, error propagation        |
+| Category                  | Tests | Scope                                           |
+| ------------------------- | ----- | ----------------------------------------------- |
+| Authentication            | 7     | JWT validation, Ed25519, expiration, scopes     |
+| Vault Isolation           | 4     | Multi-tenant separation, cross-vault prevention |
+| Cache Behavior            | 4     | Hit/miss patterns, expiration, concurrency      |
+| Ledger Cache Invalidation | 4     | Ledger watch, certificate revocation, writes    |
+| Concurrency               | 5     | Parallel requests, race conditions              |
+| E2E Workflows             | 2     | Registration → authorization flows              |
+| Management                | 5     | Org suspension, client deactivation             |
+| Resilience                | 6     | Recovery, degradation, error propagation        |
 
 ## CLI Commands