Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

$pwd:

srql-fixtures-db-tests

Name: Srql Fixtures Db Tests
Author: carverauto

// Run ServiceRadar Elixir database tests against the Kubernetes CNPG instance in the `srql-fixtures` namespace. Use when local localhost PostgreSQL is unavailable, when tests need current branch migrations, or when a user asks to use the srql-fixtures database for DB-backed validation. Covers scratch database creation, TLS-required NodePort connections, migrations, focused test commands, cleanup, and secret hygiene.

In Manus ausführen

$ git log --oneline --stat

stars:867

forks:68

updated:28. April 2026 um 07:15

SKILL.md

readonly

name

srql-fixtures-db-tests

description

Run ServiceRadar Elixir database tests against the Kubernetes CNPG instance in the `srql-fixtures` namespace. Use when local localhost PostgreSQL is unavailable, when tests need current branch migrations, or when a user asks to use the srql-fixtures database for DB-backed validation. Covers scratch database creation, TLS-required NodePort connections, migrations, focused test commands, cleanup, and secret hygiene.

SRQL Fixtures DB Tests

Use this skill to run DB-backed Elixir tests against the shared CNPG cluster in the Kubernetes srql-fixtures namespace. Prefer a scratch database for branch validation so current migrations can run without mutating shared fixture databases.

Guardrails

Do not print database passwords or full URLs containing credentials.
Use a scratch database named with a unique prefix, for example codex_<topic>_<timestamp>_<pid>.
Point tests at the scratch database with sslmode=require; CNPG rejects non-encrypted client connections.
Prefer the existing NodePort/LoadBalancer service over kubectl port-forward; port-forwarding to CNPG is flaky and should be fallback only.
Keep the Ecto sandbox pool small over the shared fixture DB; use SERVICERADAR_TEST_DATABASE_POOL_SIZE=1 or 2.
Drop the scratch database when finished unless the user asks to keep it for inspection.

Discover Primary And Credentials

From the repo root:

kubectl get pods -n srql-fixtures -l cnpg.io/cluster=srql-fixture -L cnpg.io/instanceRole -o wide
kubectl get svc srql-fixture-rw-ext -n srql-fixtures -o wide
kubectl get nodes -o wide
kubectl get secret srql-test-admin-credentials -n srql-fixtures -o json | jq -r '.data | keys[]'

Use the srql-fixture-rw-ext service for write tests. It is currently exposed as NodePort 30818 and may also advertise an external LoadBalancer IP; verify routeability before choosing the host. Read admin credentials into shell variables without echoing the password:

ADMIN_USER=$(kubectl get secret srql-test-admin-credentials -n srql-fixtures -o jsonpath='{.data.username}' | base64 -d)
ADMIN_PASS=$(kubectl get secret srql-test-admin-credentials -n srql-fixtures -o jsonpath='{.data.password}' | base64 -d)
ADMIN_PASS_ENC=$(printf '%s' "$ADMIN_PASS" | jq -sRr @uri)

Pick a reachable host/port. From the usual workstation, 192.168.10.31:30818 has been reachable while the advertised LoadBalancer IP may not be:

NODEPORT=$(kubectl get svc srql-fixture-rw-ext -n srql-fixtures -o jsonpath='{.spec.ports[0].nodePort}')

for host in 192.168.10.31 192.168.10.96 $(kubectl get nodes -o jsonpath='{range .items[*]}{.status.addresses[?(@.type=="InternalIP")].address}{" "}{end}'); do
  if timeout 4 bash -c "PGPASSWORD=\"$ADMIN_PASS\" psql \"postgresql://${ADMIN_USER}@${host}:${NODEPORT}/postgres?sslmode=require\" -v ON_ERROR_STOP=1 -Atc 'select 1' >/dev/null 2>&1"; then
    DB_HOST="$host"
    DB_PORT="$NODEPORT"
    break
  fi
done

test -n "${DB_HOST:-}" || { echo "no reachable srql-fixtures NodePort host"; exit 1; }

Create A Scratch Database

Create an isolated scratch database through the reachable NodePort endpoint:

DB="codex_${USER:-agent}_$(date +%s)_$$"
PGPASSWORD="$ADMIN_PASS" psql "postgresql://${ADMIN_USER}@${DB_HOST}:${DB_PORT}/postgres?sslmode=require" \
  -v ON_ERROR_STOP=1 \
  -c "CREATE DATABASE $DB"

Run current branch migrations:

cd elixir/serviceradar_core
SERVICERADAR_TEST_DATABASE_URL="postgres://${ADMIN_USER}:${ADMIN_PASS_ENC}@${DB_HOST}:${DB_PORT}/${DB}?sslmode=require" \
SERVICERADAR_TEST_DATABASE_POOL_SIZE=1 \
MIX_ENV=test mix ecto.migrate

Run Focused Tests

Use the same database URL and small pool. Add queue settings for slower fixture runs:

cd elixir/serviceradar_core
SERVICERADAR_TEST_DATABASE_URL="postgres://${ADMIN_USER}:${ADMIN_PASS_ENC}@${DB_HOST}:${DB_PORT}/${DB}?sslmode=require" \
SERVICERADAR_TEST_DATABASE_POOL_SIZE=1 \
SERVICERADAR_TEST_DATABASE_QUEUE_TARGET_MS=10000 \
SERVICERADAR_TEST_DATABASE_QUEUE_INTERVAL_MS=10000 \
SERVICERADAR_TEST_SANDBOX_MODE=shared \
MIX_ENV=test mix test path/to/test_file.exs

For compile-only validation:

cd elixir/serviceradar_core
MIX_ENV=test mix compile --warnings-as-errors

Common Failures

pg_hba.conf rejects ... no encryption: use ?sslmode=require.
No route to host for the LoadBalancer IP: try the NodePort on a routeable node IP such as 192.168.10.31.
connection refused on a NodePort: rerun host discovery; the selected node may not be reachable from the workstation.
column ... does not exist: the database is stale; create a scratch database and run mix ecto.migrate.
Postgrex expected %Postgrex.INET{} for string parameters: cast through text in SQL, for example ($1::text)::cidr or ($2::text)::inet, or pass the project native CIDR type.
If no NodePort route works, fallback to kubectl port-forward -n srql-fixtures svc/srql-fixture-rw 15436:5432, set DB_HOST=127.0.0.1 DB_PORT=15436, and reuse the same commands. Expect possible dropped forwards during long migrations.

Cleanup

After tests finish, drop the scratch database:

PGPASSWORD="$ADMIN_PASS" psql "postgresql://${ADMIN_USER}@${DB_HOST}:${DB_PORT}/postgres?sslmode=require" \
  -v ON_ERROR_STOP=1 \
  -c "DROP DATABASE IF EXISTS $DB"

related-skills.json

gleiches Repository

demo-cnpg-local-web-ng.md

from "carverauto/serviceradar"

Run ServiceRadar web-ng locally against the live Kubernetes `demo` CNPG database for dashboard, SRQL, services, and UI testing. Use when a task asks to test with live demo data, run local Phoenix against demo CNPG, validate dashboard authoring with Playwright, or avoid fragile kubectl port-forward database access.

2026-05-27867

demo-local-rollout.md

from "carverauto/serviceradar"

Build, sign, and roll ServiceRadar changes into the Kubernetes `demo` namespace using locally built images and immutable `sha-...` tags. Use when the user asks to deploy, refresh, roll, patch, or test code in `demo` before a release. Covers changed-image detection, copying unchanged images forward, OpenBao cosign signing, Argo patching, and rollout verification. Do not use for release cuts, Docker Compose refreshes, or non-demo namespaces unless the user explicitly redirects you.

2026-05-12867

demo-web-ng-fastpath.md

from "carverauto/serviceradar"

Refresh the Kubernetes `demo` namespace with a web-ng-only change using the ServiceRadar fast path. Use when the diff only touches `elixir/web-ng/**` and the user wants a faster local demo rollout without rebuilding the full image graph. Covers scope verification, copying unchanged images forward, rebuilding the production `serviceradar-web-ng` release locally, pushing with `crane`, signing with the OpenBao release key, patching Argo, and verifying the rollout. Do not use when non-web-ng services changed or when cutting a release.

2026-05-12867

release-cut-and-demo-roll.md

from "carverauto/serviceradar"

Cut a ServiceRadar release and roll the Kubernetes `demo` namespace to the resulting published semver image tag through ArgoCD Image Updater. Use when the user asks to update `VERSION` and `CHANGELOG`, run `scripts/cut-release.sh`, push the release refs, wait for published release artifacts, and then refresh `demo` to that released version. Do not use for pre-release local testing with unpublished images; use `$demo-local-rollout` or `$demo-web-ng-fastpath` for that.

2026-05-12867

web-ng-docker-loop.md

from "carverauto/serviceradar"

Run ServiceRadar `elixir/web-ng` locally against the Docker Compose CNPG database with copied mTLS certs and Docker secrets, then verify dashboard UI changes with Playwright. Use when iterating on web-ng, dashboard package, custom React dashboard, UAL WiFi map, SRQL topbar, or browser screenshot behavior without rebuilding the web-ng release image.

2026-05-04867

fieldsurvey-local-web-ng.md

from "carverauto/serviceradar"

Run ServiceRadar web-ng locally against the Kubernetes demo namespace FieldSurvey data, including CNPG NodePort access, NATS Object Store artifact access, authenticated browser checks, and Playwright screenshots for dashboard and FieldSurvey review iteration.

2026-04-29867

package.json

"author": "carverauto"

"repository": "carverauto/serviceradar"

GitHub-Repository öffnen Creator-Repositorys ansehen

$ install --global

$ download --local

In Manus ausführen

$ useful --forSOC

Softwarequalitätssicherungsanalysten und -testerInformatik- und Mathematikberufe15-1253L4

name

srql-fixtures-db-tests

description

SRQL Fixtures DB Tests

Guardrails

Do not print database passwords or full URLs containing credentials.
Use a scratch database named with a unique prefix, for example codex_<topic>_<timestamp>_<pid>.
Point tests at the scratch database with sslmode=require; CNPG rejects non-encrypted client connections.
Prefer the existing NodePort/LoadBalancer service over kubectl port-forward; port-forwarding to CNPG is flaky and should be fallback only.
Keep the Ecto sandbox pool small over the shared fixture DB; use SERVICERADAR_TEST_DATABASE_POOL_SIZE=1 or 2.
Drop the scratch database when finished unless the user asks to keep it for inspection.

Discover Primary And Credentials

From the repo root:

kubectl get pods -n srql-fixtures -l cnpg.io/cluster=srql-fixture -L cnpg.io/instanceRole -o wide
kubectl get svc srql-fixture-rw-ext -n srql-fixtures -o wide
kubectl get nodes -o wide
kubectl get secret srql-test-admin-credentials -n srql-fixtures -o json | jq -r '.data | keys[]'

ADMIN_USER=$(kubectl get secret srql-test-admin-credentials -n srql-fixtures -o jsonpath='{.data.username}' | base64 -d)
ADMIN_PASS=$(kubectl get secret srql-test-admin-credentials -n srql-fixtures -o jsonpath='{.data.password}' | base64 -d)
ADMIN_PASS_ENC=$(printf '%s' "$ADMIN_PASS" | jq -sRr @uri)

Pick a reachable host/port. From the usual workstation, 192.168.10.31:30818 has been reachable while the advertised LoadBalancer IP may not be:

NODEPORT=$(kubectl get svc srql-fixture-rw-ext -n srql-fixtures -o jsonpath='{.spec.ports[0].nodePort}')

for host in 192.168.10.31 192.168.10.96 $(kubectl get nodes -o jsonpath='{range .items[*]}{.status.addresses[?(@.type=="InternalIP")].address}{" "}{end}'); do
  if timeout 4 bash -c "PGPASSWORD=\"$ADMIN_PASS\" psql \"postgresql://${ADMIN_USER}@${host}:${NODEPORT}/postgres?sslmode=require\" -v ON_ERROR_STOP=1 -Atc 'select 1' >/dev/null 2>&1"; then
    DB_HOST="$host"
    DB_PORT="$NODEPORT"
    break
  fi
done

test -n "${DB_HOST:-}" || { echo "no reachable srql-fixtures NodePort host"; exit 1; }

Create A Scratch Database

Create an isolated scratch database through the reachable NodePort endpoint:

DB="codex_${USER:-agent}_$(date +%s)_$$"
PGPASSWORD="$ADMIN_PASS" psql "postgresql://${ADMIN_USER}@${DB_HOST}:${DB_PORT}/postgres?sslmode=require" \
  -v ON_ERROR_STOP=1 \
  -c "CREATE DATABASE $DB"

Run current branch migrations:

cd elixir/serviceradar_core
SERVICERADAR_TEST_DATABASE_URL="postgres://${ADMIN_USER}:${ADMIN_PASS_ENC}@${DB_HOST}:${DB_PORT}/${DB}?sslmode=require" \
SERVICERADAR_TEST_DATABASE_POOL_SIZE=1 \
MIX_ENV=test mix ecto.migrate

Run Focused Tests

Use the same database URL and small pool. Add queue settings for slower fixture runs:

cd elixir/serviceradar_core
SERVICERADAR_TEST_DATABASE_URL="postgres://${ADMIN_USER}:${ADMIN_PASS_ENC}@${DB_HOST}:${DB_PORT}/${DB}?sslmode=require" \
SERVICERADAR_TEST_DATABASE_POOL_SIZE=1 \
SERVICERADAR_TEST_DATABASE_QUEUE_TARGET_MS=10000 \
SERVICERADAR_TEST_DATABASE_QUEUE_INTERVAL_MS=10000 \
SERVICERADAR_TEST_SANDBOX_MODE=shared \
MIX_ENV=test mix test path/to/test_file.exs

For compile-only validation:

cd elixir/serviceradar_core
MIX_ENV=test mix compile --warnings-as-errors

Common Failures

pg_hba.conf rejects ... no encryption: use ?sslmode=require.
No route to host for the LoadBalancer IP: try the NodePort on a routeable node IP such as 192.168.10.31.
connection refused on a NodePort: rerun host discovery; the selected node may not be reachable from the workstation.
column ... does not exist: the database is stale; create a scratch database and run mix ecto.migrate.
Postgrex expected %Postgrex.INET{} for string parameters: cast through text in SQL, for example ($1::text)::cidr or ($2::text)::inet, or pass the project native CIDR type.
If no NodePort route works, fallback to kubectl port-forward -n srql-fixtures svc/srql-fixture-rw 15436:5432, set DB_HOST=127.0.0.1 DB_PORT=15436, and reuse the same commands. Expect possible dropped forwards during long migrations.

Cleanup

After tests finish, drop the scratch database:

PGPASSWORD="$ADMIN_PASS" psql "postgresql://${ADMIN_USER}@${DB_HOST}:${DB_PORT}/postgres?sslmode=require" \
  -v ON_ERROR_STOP=1 \
  -c "DROP DATABASE IF EXISTS $DB"

srql-fixtures-db-tests

SRQL Fixtures DB Tests

Guardrails

Discover Primary And Credentials

Create A Scratch Database

Run Focused Tests

Common Failures

Cleanup

Mehr aus diesem Repository

Mehr aus diesem Repository

SRQL Fixtures DB Tests

Guardrails

Discover Primary And Credentials

Create A Scratch Database

Run Focused Tests

Common Failures

Cleanup