feat: add actual render

Signed-off-by: kjuulh <contact@kjuulh.io>

crates/cuddle-clusters/tests/tests.rs

@@ -4,7 +4,7 @@ mod can_run_for_env;
 mod cuddle_vars;
 
 use cuddle_clusters::{
-    catalog::{cluster_vars::ClusterVars, cuddle_vars::CuddleVars},
+    catalog::{cluster_vars::ClusterVars, cuddle_vars::CuddleVars, vault_secret::VaultSecret},
     IntoComponent,
 };
 
@@ -79,3 +79,20 @@ async fn with_actual_deployment() -> anyhow::Result<()> {
 
     Ok(())
 }
+
+#[tokio::test]
+async fn with_vault_secrets() -> anyhow::Result<()> {
+    let current_dir = std::env::current_dir()?.join("tests/with_vault_secrets");
+
+    run_test_with_components(
+        "with_vault_secrets",
+        vec![
+            CuddleVars::new(&current_dir).await?.into_component(),
+            ClusterVars::default().into_component(),
+            VaultSecret::default().into_component(),
+        ],
+    )
+    .await?;
+
+    Ok(())
+}

crates/cuddle-clusters/tests/with_vault_secrets/cuddle.yaml

@@ -0,0 +1,9 @@
+vars:
+  service: service
+
+cuddle/clusters:
+  dev:
+    env:
+      some.key:
+        vault: true
+      some.other.key: some_value

crates/cuddle-clusters/tests/with_vault_secrets/expected/dev/some.yaml

@@ -0,0 +1,39 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: service
+  name: service
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: service
+  template:
+    metadata:
+      labels:
+        app: service
+    spec:
+      containers:
+      - args:
+        - serve
+        command:
+        - service
+        image: kasperhermansen/service:main-1715336504
+        name: service
+        envFrom:
+        - configMapRef:
+            name: service-config
+        env:
+        - name: SOME_KEY
+          valueFrom:
+            secretKeyRef:
+              name: service-vault-secret
+              key: some.key
+        ports:
+        - containerPort: 3000
+          name: external-http
+        - containerPort: 3001
+          name: internal-http
+        - containerPort: 3002
+          name: internal-grpc

crates/cuddle-clusters/tests/with_vault_secrets/expected/dev/vault_secret.yaml

@@ -0,0 +1,13 @@
+apiVersion: secrets.hashicorp.com/v1beta1
+kind: VaultStaticSecret
+metadata:
+  name: service-vault-secret
+  namespace: dev
+spec:
+  destination:
+    create: true
+    name: service-vault-secret
+  mount: kvv2
+  path: service/dev
+  refreshAfter: 30s
+  type: kv-v2

crates/cuddle-clusters/tests/with_vault_secrets/templates/clusters/some.yaml.jinja2

@@ -0,0 +1,45 @@
+{%- set service_name = vars.cuddle_vars.service -%}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: {{ service_name }}
+  name: {{ service_name }}
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: {{ service_name }}
+  template:
+    metadata:
+      labels:
+        app: {{ service_name }}
+    spec:
+      containers:
+      - args:
+        - serve
+        command:
+        - {{ service_name }}
+        image: kasperhermansen/{{ service_name }}:main-1715336504
+        name: {{ service_name }}
+        envFrom:
+        - configMapRef:
+            name: {{service_name}}-config
+        {%- if vars.vault_secret is defined and (vars.vault_secret.secrets | length) > 0 %}
+        env:
+        {%- for secret in vars.vault_secret.secrets %}
+        - name: {{secret  | upper | replace(".", "_") | replace("-", "_") }}
+          valueFrom:
+            secretKeyRef:
+              name: {{ service_name }}-{{ vars.vault_secret.name }}
+              key: {{ secret }}
+        {%- endfor %}
+        {%- endif %}
+        ports:
+        - containerPort: 3000
+          name: external-http
+        - containerPort: 3001
+          name: internal-http
+        - containerPort: 3002
+          name: internal-grpc