feat: Hands off workflows (#14)

### Related issue

[Per the summer house keeping
item](https://github.com/orgs/hashicorp/projects/168/views/15?pane=issue&itemId=34263643)

### Description

Adds workflows for Dependabot, automerge, and auto-approve.
Additionally, workflows have been added snapshot testing (to validate
against a regression from dependency updates).

#### Snapshot Testing
Snapshot testing (of synthed stacks) is used to detect any drift from
the original configuration between dependency updates. As such any
version info coming from the synthed stacks are removed prior to to
validating against the snapshot in order to avoid CI failing for
dependabot updates.

.github/dependabot.yml

@@ -0,0 +1,29 @@
+version: 2
+updates:
+  - package-ecosystem: "npm" 
+    directory: "/"
+    schedule:
+        interval: "weekly"
+    labels:
+        - "dependencies"
+        - "automerge"
+        - "auto-approve"
+    open-pull-requests-limit: 5
+    ignore:
+        - dependency-name: "@types/node"
+    groups:
+        cdktf:
+            patterns:
+                - "cdktf"
+                - "cdktf-cli"
+                - "@cdktf/*"
+        jest:
+            patterns:
+                - "jest"
+                - "ts-jest"
+                - "@types/jest"
+                - "@jest/*"
+
+
+
+

.github/workflows/auto-approve.yml

@@ -0,0 +1,32 @@
+name: auto-approve
+on:
+  pull_request:
+    types:
+      - opened
+      - labeled
+      - ready_for_review
+      - reopened
+concurrency: ${{ github.workflow }}-${{ github.ref }}
+jobs:
+  approve:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+    if: contains(github.event.pull_request.labels.*.name, 'auto-approve') && github.event.pull_request.draft == false
+    steps:
+      - name: Checkout PR
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          repository: ${{ github.event.pull_request.head.repo.full_name }}
+      - name: Auto-approve PRs by other users as team-tf-cdk
+        if: github.event.pull_request.user.login != 'team-tf-cdk'
+        env:
+          GH_TOKEN: ${{ secrets.TEAM_TF_CDK }} 
+        run: gh pr review ${{ github.event.pull_request.number }} --approve
+      - name: Auto-approve PRs by team-tf-cdk as github-actions[bot]
+        if: github.event.pull_request.user.login == 'team-tf-cdk'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token does not need to be replaced
+        run: gh pr review ${{ github.event.pull_request.number }} --approve

.github/workflows/automerge.yml

@@ -0,0 +1,23 @@
+name: automerge
+on:
+  pull_request:
+    types:
+      - opened
+      - labeled
+      - ready_for_review
+      - reopened
+      - synchronize
+concurrency: ${{ github.workflow }}-${{ github.ref }}
+jobs:
+  automerge:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    if: contains(github.event.pull_request.labels.*.name, 'automerge') && github.event.pull_request.draft == false
+    steps:
+      - name: Checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Turn on automerge for this PR
+        run: gh pr merge --auto --squash ${{ github.event.pull_request.number }}
+        env:
+          GH_TOKEN: ${{ secrets.TEAM_TF_CDK }}

.github/workflows/test-against-regression.yml

@@ -0,0 +1,31 @@
+name: Test Against Regression
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    types:
+      - opened
+      - edited
+      - synchronize
+      - labeled
+      - unlabeled
+      - reopened
+  workflow_dispatch: {}
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    container:
+      image: docker.mirror.hashicorp.services/hashicorp/jsii-terraform
+    steps:
+      - name: Checkout
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
+      - name: ensure correct user
+        run: chown -R root /__w/cdktf-integration-serverless-example/
+      - name: Install Dependencies
+        run: yarn 
+      - name: Generate Provider Bindings
+        run: yarn get
+      - name: Test
+        run: yarn test

.gitignore

@@ -1,5 +1,4 @@
 **/*.d.ts
-**/*.js
 node_modules
 cdktf.out
 cdktf.log

jest.config.js

@@ -0,0 +1,187 @@
+/** @type {import('ts-jest/dist/types').InitialOptionsTsJest} */
+/*
+ * For a detailed explanation regarding each configuration property, visit:
+ * https://jestjs.io/docs/configuration
+ */
+
+module.exports = {
+
+    // All imported modules in your tests should be mocked automatically
+    // automock: false,
+
+    // Stop running tests after `n` failures
+    // bail: 0,
+
+    // The directory where Jest should store its cached dependency information
+    // cacheDirectory: "/private/var/folders/z_/v03l33d55fb57nrr3b1q03ch0000gq/T/jest_dz",
+
+    // Automatically clear mock calls and instances between every test
+    clearMocks: true,
+
+    // Indicates whether the coverage information should be collected while executing the test
+    // collectCoverage: false,
+
+    // An array of glob patterns indicating a set of files for which coverage information should be collected
+    // collectCoverageFrom: undefined,
+
+    // The directory where Jest should output its coverage files
+    // coverageDirectory: undefined,
+
+    // An array of regexp pattern strings used to skip coverage collection
+    // coveragePathIgnorePatterns: [
+    //   "/node_modules/"
+    // ],
+
+    // Indicates which provider should be used to instrument code for coverage
+    coverageProvider: "v8",
+
+    // A list of reporter names that Jest uses when writing coverage reports
+    // coverageReporters: [
+    //   "json",
+    //   "text",
+    //   "lcov",
+    //   "clover"
+    // ],
+
+    // An object that configures minimum threshold enforcement for coverage results
+    // coverageThreshold: undefined,
+
+    // A path to a custom dependency extractor
+    // dependencyExtractor: undefined,
+
+    // Make calling deprecated APIs throw helpful error messages
+    // errorOnDeprecated: false,
+
+    // Force coverage collection from ignored files using an array of glob patterns
+    // forceCoverageMatch: [],
+
+    // A path to a module which exports an async function that is triggered once before all test suites
+    // globalSetup: undefined,
+
+    // A path to a module which exports an async function that is triggered once after all test suites
+    // globalTeardown: undefined,
+
+    // A set of global variables that need to be available in all test environments
+    // globals: {},
+
+    // The maximum amount of workers used to run your tests. Can be specified as % or a number. E.g. maxWorkers: 10% will use 10% of your CPU amount + 1 as the maximum worker number. maxWorkers: 2 will use a maximum of 2 workers.
+    // maxWorkers: "50%",
+
+    // An array of directory names to be searched recursively up from the requiring module's location
+    // moduleDirectories: [
+    //   "node_modules"
+    // ],
+
+    // An array of file extensions your modules use
+    moduleFileExtensions: ["ts", "js", "json", "node"],
+
+    // A map from regular expressions to module names or to arrays of module names that allow to stub out resources with a single module
+    // moduleNameMapper: {},
+
+    // An array of regexp pattern strings, matched against all module paths before considered 'visible' to the module loader
+    // modulePathIgnorePatterns: [],
+
+    // Activates notifications for test results
+    // notify: false,
+
+    // An enum that specifies notification mode. Requires { notify: true }
+    // notifyMode: "failure-change",
+
+    // A preset that is used as a base for Jest's configuration
+    preset: "ts-jest",
+
+    // Run tests from one or more projects
+    // projects: undefined,
+
+    // Use this configuration option to add custom reporters to Jest
+    // reporters: undefined,
+
+    // Automatically reset mock state between every test
+    // resetMocks: false,
+
+    // Reset the module registry before running each individual test
+    // resetModules: false,
+
+    // A path to a custom resolver
+    // resolver: undefined,
+
+    // Automatically restore mock state between every test
+    // restoreMocks: false,
+
+    // The root directory that Jest should scan for tests and modules within
+    // rootDir: undefined,
+
+    // A list of paths to directories that Jest should use to search for files in
+    // roots: [
+    //   "<rootDir>"
+    // ],
+
+    // Allows you to use a custom runner instead of Jest's default test runner
+    // runner: "jest-runner",
+
+    // The paths to modules that run some code to configure or set up the testing environment before each test
+    // setupFiles: [],
+
+    // A list of paths to modules that run some code to configure or set up the testing framework before each test
+    setupFilesAfterEnv: ["<rootDir>/setup.js"],
+
+    // The number of seconds after which a test is considered as slow and reported as such in the results.
+    // slowTestThreshold: 5,
+
+    // A list of paths to snapshot serializer modules Jest should use for snapshot testing
+    // snapshotSerializers: [],
+
+    // The test environment that will be used for testing
+    testEnvironment: "node",
+
+    // Options that will be passed to the testEnvironment
+    // testEnvironmentOptions: {},
+
+    // Adds a location field to test results
+    // testLocationInResults: false,
+
+    // The glob patterns Jest uses to detect test files
+    testMatch: [
+        "**/__tests__/**/*.ts",
+        "**/?(*.)+(spec|test).ts"
+    ],
+
+    // An array of regexp pattern strings that are matched against all test paths, matched tests are skipped
+    testPathIgnorePatterns: ["/node_modules/", ".d.ts", ".js"],
+
+    // The regexp pattern or array of patterns that Jest uses to detect test files
+    // testRegex: [],
+
+    // This option allows the use of a custom results processor
+    // testResultsProcessor: undefined,
+
+    // This option allows use of a custom test runner
+    // testRunner: "jest-circus/runner",
+
+    // This option sets the URL for the jsdom environment. It is reflected in properties such as location.href
+    // testURL: "http://localhost",
+
+    // Setting this value to "fake" allows the use of fake timers for functions such as "setTimeout"
+    // timers: "real",
+
+    // A map from regular expressions to paths to transformers
+    // transform: undefined,
+
+    // An array of regexp pattern strings that are matched against all source file paths, matched files will skip transformation
+    // transformIgnorePatterns: [
+    //   "/node_modules/",
+    //   "\\.pnp\\.[^\\/]+$"
+    // ],
+
+    // An array of regexp pattern strings that are matched against all modules before the module loader will automatically return a mock for them
+    // unmockedModulePathPatterns: undefined,
+
+    // Indicates whether each individual test should be reported during the run
+    // verbose: undefined,
+
+    // An array of regexp patterns that are matched against all source file paths before re-running tests in watch mode
+    // watchPathIgnorePatterns: [],
+
+    // Whether to use watchman for file crawling
+    // watchman: true,
+};

main.ts

@@ -16,7 +16,7 @@ interface FrontendStackOptions extends EnvironmentOptions {
   apiEndpoint: string;
 }
 
-class FrontendStack extends TerraformStack {
+export class FrontendStack extends TerraformStack {
   constructor(
     scope: Construct,
     name: string,
@@ -33,7 +33,7 @@ class FrontendStack extends TerraformStack {
   }
 }
 
-class PostsStack extends TerraformStack {
+export class PostsStack extends TerraformStack {
   public posts: Posts;
 
   constructor(

package.json

@@ -11,7 +11,7 @@
     "synth": "cdktf synth",
     "compile": "tsc --pretty",
     "watch": "tsc -w",
-    "test": "echo ok",
+    "test": "jest",
     "upgrade": "npm i cdktf@latest cdktf-cli@latest",
     "upgrade:next": "npm i cdktf@next cdktf-cli@next",
     "deploy:dev": "cdktf deploy '*-dev' && yarn deploy:frontend",
@@ -33,8 +33,11 @@
     "esbuild": "^0.14.21"
   },
   "devDependencies": {
+    "@types/jest": "^29.5.4",
     "@types/node": "^15.6.2",
     "cdktf-cli": "0.17.0",
+    "jest": "^29.6.4",
+    "ts-jest": "^29.1.1",
     "ts-node": "^10.5.0",
     "typescript": "^4.3.2"
   },

setup.js

@@ -0,0 +1,2 @@
+const cdktf = require("cdktf");
+cdktf.Testing.setupJest();