Skip to content

CCM-15258 - Additional integration tests and helper scripts #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mjewildnhs wants to merge 15 commits into
base: main
Choose a base branch
from
Open

CCM-15258 - Additional integration tests and helper scripts #86

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
916fea1
Add IT for DLQ alarms
mjewildnhs Mar 30, 2026
bf52fc5
Remove redundant infrastructure exists test - if the config bucket do…
mjewildnhs Mar 30, 2026
2c3e125
Target fan out test
mjewildnhs Mar 30, 2026
06d9d78
Assert DLQ for every target
mjewildnhs Mar 30, 2026
5178047
fixup! Assert DLQ for every target
mjewildnhs Mar 30, 2026
b6d51f9
Add script to run integration tests locally
mjewildnhs Mar 31, 2026
1b272c3
Add integration debug script and readme
mjewildnhs Mar 31, 2026
a0c2d4e
fixup! Add script to run integration tests locally
mjewildnhs Mar 31, 2026
6296bb1
fixup! Add integration debug script and readme
mjewildnhs Mar 31, 2026
eb83d46
Filter logs by time to avoid pagination issue
mjewildnhs Mar 31, 2026
93e2134
fixup! Filter logs by time to avoid pagination issue
mjewildnhs Mar 31, 2026
d8cff15
Feedback: improve debug tool readme
mjewildnhs Apr 2, 2026
9d33b9d
Make times in debug script consistent (last 30m)
mjewildnhs Apr 2, 2026
645dcb7
Update package.lock following rebase
mjewildnhs Apr 2, 2026
c2bc651
fixup! fixup! Filter logs by time to avoid pagination issue
mjewildnhs Apr 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
80 changes: 80 additions & 0 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

283 changes: 283 additions & 0 deletions scripts/tests/integration-debug.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,283 @@
#!/bin/bash

set -euo pipefail

# Debug a live environment: inspect queues, tail logs, check pipe state.
#
# Usage (via make):
# ENVIRONMENT=<env> AWS_PROFILE=<profile> make test-integration-debug ACTION=queue-status
# ENVIRONMENT=<env> AWS_PROFILE=<profile> make test-integration-debug ACTION=tail-transform
# ENVIRONMENT=<env> AWS_PROFILE=<profile> make test-integration-debug ACTION=tail-transform LOG_FILTER=<value>
#
# Actions:
# queue-status Show SQS queue message counts
# queue-peek Peek one message from each SQS queue
# tail-transform Tail client-transform-filter lambda logs
# tail-webhook Tail mock-webhook lambda logs
# tail-pipe Tail EventBridge pipe log group
# pipe-state Show EventBridge pipe state and recent metrics
#
# Required:
# ENVIRONMENT
# AWS_PROFILE
# ACTION
#
# Optional:
# LOG_FILTER CloudWatch Logs filter pattern / text
# AWS_REGION (default: eu-west-2)

if [ -z "${ENVIRONMENT:-}" ]; then
echo "Error: ENVIRONMENT must be set before running this target." >&2
echo "Example: ENVIRONMENT=<env> AWS_PROFILE=<profile> make test-integration-debug ACTION=queue-status" >&2
exit 1
fi

if [ -z "${AWS_PROFILE:-}" ]; then
echo "Error: AWS_PROFILE must be set before running this target." >&2
exit 1
fi

if [ -z "${ACTION:-}" ]; then
echo "Error: ACTION must be set before running this target." >&2
echo "Actions: queue-status, queue-peek, tail-transform, tail-webhook, tail-pipe, pipe-state" >&2
exit 1
fi

REGION="${AWS_REGION:-eu-west-2}"
LOG_FILTER="${LOG_FILTER:-}"
SUBSCRIPTION_FIXTURE_PATH="${SUBSCRIPTION_FIXTURE_PATH:-tests/integration/fixtures/subscriptions/mock-client-1.json}"

if ! aws sts get-caller-identity --profile "$AWS_PROFILE" >/dev/null 2>&1; then
echo "No active AWS SSO session for profile '$AWS_PROFILE'. Running aws sso login..."
aws sso login --profile "$AWS_PROFILE"
fi

ACCOUNT_ID="$(aws sts get-caller-identity --profile "$AWS_PROFILE" --query Account --output text)"

PREFIX="nhs-${ENVIRONMENT}-callbacks"
PIPE_NAME="${PREFIX}-main"

print_section() {
echo ""
echo "========================================"
echo "$1"
echo "========================================"
}

queue_url() {
local queue_name="$1"
echo "https://sqs.${REGION}.amazonaws.com/${ACCOUNT_ID}/${queue_name}"
}

target_dlq_queue_name() {
local target_id

if [ ! -f "$SUBSCRIPTION_FIXTURE_PATH" ]; then
echo "Error: subscription fixture not found: $SUBSCRIPTION_FIXTURE_PATH" >&2
exit 1
fi

target_id="$(jq -r '.targets[0].targetId // empty' "$SUBSCRIPTION_FIXTURE_PATH")"
if [ -z "$target_id" ]; then
echo "Error: unable to read targets[0].targetId from $SUBSCRIPTION_FIXTURE_PATH" >&2
exit 1
fi

echo "${PREFIX}-${target_id}-dlq-queue"
}

show_queue_counts() {
local title="$1"
local name="$2"

print_section "$title"
aws sqs get-queue-attributes \
--region "$REGION" \
--profile "$AWS_PROFILE" \
--no-cli-pager \
--queue-url "$(queue_url "$name")" \
--attribute-names ApproximateNumberOfMessages ApproximateNumberOfMessagesNotVisible \
--query '{ApproximateNumberOfMessages: Attributes.ApproximateNumberOfMessages, ApproximateNumberOfMessagesNotVisible: Attributes.ApproximateNumberOfMessagesNotVisible}'
}

action_queue_status() {
show_queue_counts "Mock Target DLQ - Queue Message Counts" "$(target_dlq_queue_name)"
show_queue_counts "Inbound Event Queue - Queue Message Counts" "${PREFIX}-inbound-event-queue"
show_queue_counts "Inbound Event DLQ - Queue Message Counts" "${PREFIX}-inbound-event-dlq"
}

peek_queue_message() {
local title="$1"
local name="$2"

print_section "$title"
aws sqs receive-message \
--region "$REGION" \
--profile "$AWS_PROFILE" \
--no-cli-pager \
--queue-url "$(queue_url "$name")" \
--attribute-names All \
--message-attribute-names All \
--max-number-of-messages 1 \
--visibility-timeout 0 \
--output json \
| jq 'if (.Messages // [] | length) == 0
then {message: "No messages"}
else .Messages[0] | {Body, Attributes, MessageAttributes}
end'
}

action_queue_peek() {
peek_queue_message "Mock Target DLQ - Message Peek" "$(target_dlq_queue_name)"
peek_queue_message "Inbound Event Queue - Message Peek" "${PREFIX}-inbound-event-queue"
peek_queue_message "Inbound Event DLQ - Message Peek" "${PREFIX}-inbound-event-dlq"
}

log_filter_args() {
local -a args=()
local escaped_log_filter
if [[ -n "$LOG_FILTER" ]]; then
escaped_log_filter="${LOG_FILTER//\"/\\\"}"
# CloudWatch filter patterns treat quoted strings as exact phrases.
args+=(--filter-pattern "\"$escaped_log_filter\"")
fi

printf '%s\n' "${args[@]}"
}

action_tail_transform() {
local -a filter_args=()
mapfile -t filter_args < <(log_filter_args)

print_section "Transform/Filter Lambda Logs"
aws logs tail \
"/aws/lambda/${PREFIX}-client-transform-filter" \
--region "$REGION" \
--profile "$AWS_PROFILE" \
--since 30m \
--follow \
--format short \
"${filter_args[@]}"
}

action_tail_webhook() {
local -a filter_args=()
mapfile -t filter_args < <(log_filter_args)

print_section "Mock Webhook Lambda Logs"
aws logs tail \
"/aws/lambda/${PREFIX}-mock-webhook" \
--region "$REGION" \
--profile "$AWS_PROFILE" \
--since 30m \
--follow \
--format short \
"${filter_args[@]}"
}

action_tail_pipe() {
local pipe_log_group_arn
local pipe_log_group_name
local -a filter_args=()

mapfile -t filter_args < <(log_filter_args)

pipe_log_group_arn=$(aws pipes describe-pipe \
--region "$REGION" \
--profile "$AWS_PROFILE" \
--name "$PIPE_NAME" \
--no-cli-pager \
--query "LogConfiguration.CloudwatchLogsLogDestination.LogGroupArn" \
--output text)

if [[ -z "$pipe_log_group_arn" || "$pipe_log_group_arn" == "None" ]]; then
echo "No CloudWatch log group configured for pipe: $PIPE_NAME"
return 1
fi

pipe_log_group_name="${pipe_log_group_arn#*:log-group:}"

print_section "EventBridge Pipe Logs"
aws logs tail \
"$pipe_log_group_name" \
--region "$REGION" \
--profile "$AWS_PROFILE" \
--since 30m \
--follow \
--format short \
"${filter_args[@]}"
}

pipe_metric_sum() {
local metric_name="$1"
local start_time="$2"
local end_time="$3"

aws cloudwatch get-metric-statistics \
--region "$REGION" \
--profile "$AWS_PROFILE" \
--namespace "AWS/Pipes" \
--metric-name "$metric_name" \
--dimensions "Name=PipeName,Value=$PIPE_NAME" \
--start-time "$start_time" \
--end-time "$end_time" \
--period 60 \
--statistics Sum \
--query "sum(Datapoints[].Sum)" \
--output text \
--no-cli-pager
}

action_pipe_state() {
local start_time
local end_time
local execution_succeeded
local execution_failed
local dead_lettered_events

start_time="$(date -u -d '30 minutes ago' +%Y-%m-%dT%H:%M:%SZ)"
end_time="$(date -u +%Y-%m-%dT%H:%M:%SZ)"

print_section "EventBridge Pipe State"
aws pipes describe-pipe \
--region "$REGION" \
--profile "$AWS_PROFILE" \
--name "$PIPE_NAME" \
--no-cli-pager \
--query '{Name:Name,CurrentState:CurrentState,DesiredState:DesiredState,StateReason:StateReason,LogConfiguration:LogConfiguration}'

execution_succeeded="$(pipe_metric_sum "ExecutionSucceeded" "$start_time" "$end_time")"
execution_failed="$(pipe_metric_sum "ExecutionFailed" "$start_time" "$end_time")"
dead_lettered_events="$(pipe_metric_sum "DeadLetteredEvents" "$start_time" "$end_time")"

print_section "EventBridge Pipe Metrics (last 30 minutes)"
echo "ExecutionSucceeded: ${execution_succeeded}"
echo "ExecutionFailed: ${execution_failed}"
echo "DeadLetteredEvents: ${dead_lettered_events}"
}

case "$ACTION" in
queue-status)
action_queue_status
;;
queue-peek)
action_queue_peek
;;
tail-transform)
action_tail_transform
;;
tail-webhook)
action_tail_webhook
;;
tail-pipe)
action_tail_pipe
;;
pipe-state)
action_pipe_state
;;
*)
echo "Unknown action: $ACTION" >&2
echo "Actions: queue-status, queue-peek, tail-transform, tail-webhook, tail-pipe, pipe-state" >&2
exit 1
;;
esac
Loading
Loading