ai: update serena memories

evansims · evansims · commit 8aab8ce8dfa7 · 2026-01-04T20:26:33.000-06:00
diff --git a/.serena/memories/project_overview.md b/.serena/memories/project_overview.md
@@ -0,0 +1,51 @@
+# InferaDB Integration Tests - Project Overview
+
+## Purpose
+E2E test suite validating InferaDB Engine and Control services in Kubernetes. Tests run against a Tailscale-based dev environment.
+
+## Tech Stack
+- **Language**: Rust 1.85 (2021 edition)
+- **Runtime**: Tokio async runtime
+- **HTTP Client**: reqwest (with cookies, JSON support)
+- **JWT**: jsonwebtoken (EdDSA/Ed25519)
+- **Serialization**: serde/serde_json
+- **Testing**: Built-in Rust test framework with tokio::test
+
+## Architecture
+Tests use a `TestFixture` pattern that:
+1. Registers a test user via Control API
+2. Creates organization, vault, client, and certificate
+3. Generates JWTs signed with Ed25519 keys
+4. Makes authenticated requests to Engine (Access) API
+5. Cleans up resources on Drop
+
+## Test Categories (33 total tests)
+| Category        | Count | Focus                                     |
+|-----------------|-------|-------------------------------------------|
+| Authentication  | 7     | JWT validation, Ed25519, expiration       |
+| Vault Isolation | 4     | Multi-tenant separation                   |
+| Cache Behavior  | 4     | Hit/miss, expiration, concurrency         |
+| Concurrency     | 5     | Parallel requests, race conditions        |
+| E2E Workflows   | 2     | Registration → authorization journeys     |
+| Management      | 5     | Org suspension, client deactivation       |
+| Resilience      | 6     | Recovery, degradation, error propagation  |
+
+## Key Files
+- `integration/mod.rs` - TestFixture, TestContext, API types
+- `integration/auth_jwt_tests.rs` - JWT authentication tests
+- `integration/vault_isolation_tests.rs` - Multi-tenancy tests
+- `integration/cache_tests.rs` - Caching behavior tests
+- `integration/concurrency_tests.rs` - Parallel operation tests
+- `integration/e2e_workflows_tests.rs` - Full journey tests
+- `integration/control_integration_tests.rs` - Management tests
+- `integration/resilience_tests.rs` - Failure scenario tests
+
+## API Endpoints
+Tests target a unified Tailscale endpoint (auto-discovered):
+- Control API: `{base}/control/v1/*`
+- Engine (Access) API: `{base}/access/v1/*`
+
+## Environment Variables
+| Variable          | Purpose                      |
+|-------------------|------------------------------|
+| `INFERADB_API_URL`| Override auto-discovered URL |
diff --git a/.serena/memories/style_and_conventions.md b/.serena/memories/style_and_conventions.md
@@ -0,0 +1,70 @@
+# InferaDB Integration Tests - Style & Conventions
+
+## Rust Formatting (.rustfmt.toml)
+- **Edition**: 2024 style
+- **Imports**: Group by StdExternalCrate, crate-level granularity
+- **Line width**: Uses MAX heuristics
+- **Comment width**: 100 chars, wrap/normalize enabled
+- **Newlines**: Unix style
+- **Derives**: Don't merge (each derive separate)
+- **Format nightly**: `cargo +nightly fmt`
+
+## Code Style Patterns
+
+### Test Structure
+```rust
+#[tokio::test]
+async fn test_descriptive_name() {
+    // Setup
+    let fixture = TestFixture::create().await.expect("Failed to create test fixture");
+    
+    // Action
+    let jwt = fixture.generate_jwt(None, &["scope"]).expect("...");
+    let response = fixture.call_server_evaluate(&jwt, ...).await.expect("...");
+    
+    // Assert
+    assert_eq!(response.status(), StatusCode::OK, "context message");
+    
+    // Cleanup
+    fixture.cleanup().await.expect("Failed to cleanup");
+}
+```
+
+### Error Handling
+- Use `anyhow::Result<T>` for test setup
+- Use `.expect("descriptive message")` for infallible operations
+- Use `.context("message")` for contextual errors
+
+### Naming Conventions
+- Test functions: `test_<what>_<scenario>` (e.g., `test_jwt_with_expired_token`)
+- Request types: `<Entity>Request` (e.g., `CreateVaultRequest`)
+- Response types: `<Entity>Response` (e.g., `VaultResponse`)
+- Constants: `SCREAMING_SNAKE_CASE`
+
+### Documentation
+- Module-level doc comments explain purpose
+- Inline comments for non-obvious logic
+- No docstrings on individual test functions (test name should be descriptive)
+
+### Assertions
+- Use `assert_eq!` with failure message context
+- Use `assert!` with descriptive conditions
+- Use `assert_matches!` for pattern matching (from assert_matches crate)
+
+### Imports
+```rust
+// Standard library first (handled by rustfmt)
+use std::{...};
+
+// External crates
+use anyhow::{Context, Result};
+use reqwest::StatusCode;
+// etc.
+
+// Crate imports
+use super::*;  // For test modules
+```
+
+## Clippy
+- All warnings treated as errors (`-D warnings`)
+- No `#[allow(...)]` without justification
diff --git a/.serena/memories/suggested_commands.md b/.serena/memories/suggested_commands.md
@@ -0,0 +1,71 @@
+# InferaDB Integration Tests - Commands
+
+## Prerequisites
+- Tailscale running: `tailscale status`
+- Dev environment: `inferadb dev start`
+
+## Testing Commands
+
+```bash
+# Run all tests (recommended)
+make test
+
+# Run specific test suite
+make test-suite SUITE=auth_jwt
+make test-suite SUITE=vault_isolation
+make test-suite SUITE=cache
+make test-suite SUITE=concurrency
+make test-suite SUITE=e2e_workflows
+make test-suite SUITE=control_integration
+make test-suite SUITE=resilience
+
+# Run single test
+make test-single TEST=test_valid_jwt_from_management_client
+
+# Verbose output
+make test-verbose
+
+# Direct cargo (with mise)
+mise exec -- cargo test --test integration -- --test-threads=1
+mise exec -- cargo test --test integration auth_jwt -- --nocapture
+```
+
+## Code Quality
+
+```bash
+# Full check (format + lint + audit)
+make check
+
+# Individual checks
+make format    # rustfmt (nightly)
+make lint      # clippy with -D warnings
+make audit     # cargo-audit
+make deny      # cargo-deny
+```
+
+## Setup & Maintenance
+
+```bash
+# Initial setup
+make setup
+
+# Clean build artifacts
+make clean
+```
+
+## Environment Override
+
+```bash
+# Use custom API URL instead of Tailscale discovery
+INFERADB_API_URL=http://localhost:9090 make test
+```
+
+## Unix Utilities (Darwin)
+
+```bash
+# Standard utilities work the same
+git status
+ls -la
+grep -r "pattern" .
+find . -name "*.rs"
+```
diff --git a/.serena/memories/task_completion_checklist.md b/.serena/memories/task_completion_checklist.md
@@ -0,0 +1,59 @@
+# InferaDB Integration Tests - Task Completion Checklist
+
+## Before Committing
+
+### 1. Format Code
+```bash
+make format
+# Or: mise exec -- cargo +nightly fmt --all
+```
+
+### 2. Run Linter
+```bash
+make lint
+# Or: mise exec -- cargo clippy --all-targets -- -D warnings
+```
+
+### 3. Run Tests (if environment available)
+```bash
+make test
+# Tests require: Tailscale running + dev environment deployed
+```
+
+### 4. Security Audit (if dependencies changed)
+```bash
+make audit
+make deny
+```
+
+## Quick Validation
+```bash
+# Full check (format + lint + audit)
+make check
+```
+
+## When Adding New Tests
+
+1. Place in appropriate test module:
+   - `auth_jwt_tests.rs` - Authentication
+   - `vault_isolation_tests.rs` - Multi-tenancy
+   - `cache_tests.rs` - Caching
+   - `concurrency_tests.rs` - Parallel operations
+   - `e2e_workflows_tests.rs` - Full journeys
+   - `control_integration_tests.rs` - Management ops
+   - `resilience_tests.rs` - Failure scenarios
+
+2. Follow test naming: `test_<feature>_<scenario>`
+
+3. Use `TestFixture::create()` for setup
+
+4. Include cleanup: `fixture.cleanup().await`
+
+5. Add descriptive assertion messages
+
+## When Modifying mod.rs
+
+- Update `TestFixture` if adding new API calls
+- Add new request/response types as needed
+- Document new public functions
+- Update imports if adding test modules
