null-pointer-nancy[bot]
07bcfa084a
Polaris is already installed on the CI cluster. The E2E workflow was failing because the runner SA lacks RBAC to deploy to the polaris namespace. Remove Setup Helm, Setup kubectl, Deploy Polaris, Apply RBAC, and Wait for readiness steps. Resolves: PRI-28, PRI-109 Co-authored-by: Null Pointer Nancy <nancy@privilegedescalation.dev>
94 lines
3.5 KiB
YAML
94 lines
3.5 KiB
YAML
name: E2E Tests
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
branches: [main]
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
e2e:
|
|
runs-on: local-ubuntu-latest
|
|
timeout-minutes: 15
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '22'
|
|
cache: 'npm'
|
|
|
|
- name: Install dependencies
|
|
run: npm ci
|
|
|
|
- name: Preflight — verify Headlamp and plugin version
|
|
env:
|
|
HEADLAMP_URL: ${{ secrets.HEADLAMP_URL || 'http://headlamp.kube-system.svc.cluster.local' }}
|
|
run: |
|
|
EXPECTED=$(node -p "require('./package.json').version")
|
|
PLUGIN_NAME=$(node -p "require('./package.json').artifacthub?.name || require('./package.json').name")
|
|
echo "Expected: $PLUGIN_NAME@$EXPECTED"
|
|
|
|
# Check Headlamp connectivity
|
|
HTTP_CODE=$(curl -s -o /dev/null -w '%{http_code}' --connect-timeout 10 "$HEADLAMP_URL" || true)
|
|
if [ "$HTTP_CODE" = "000" ]; then
|
|
echo "::error::Cannot reach Headlamp at $HEADLAMP_URL"
|
|
exit 1
|
|
fi
|
|
echo "Headlamp responded HTTP $HTTP_CODE"
|
|
|
|
# Check installed plugins and version match
|
|
PLUGIN_JSON=$(curl -sf --connect-timeout 10 "$HEADLAMP_URL/plugins" 2>/dev/null || echo "[]")
|
|
node -e "
|
|
const expected = '$EXPECTED';
|
|
const pluginName = '$PLUGIN_NAME';
|
|
const plugins = JSON.parse(process.argv[1]);
|
|
console.log('Installed plugins:');
|
|
for (const p of plugins) console.log(' ' + p.name + '@' + (p.version||'unknown'));
|
|
const ours = plugins.find(p => p.name === pluginName || p.name === 'polaris' || p.name.includes('polaris'));
|
|
if (!ours) {
|
|
console.log('::warning::Plugin ' + pluginName + ' not found in Headlamp — data-dependent tests will fail');
|
|
} else {
|
|
console.log('Found plugin: ' + ours.name + ' at path ' + ours.path);
|
|
}
|
|
" "$PLUGIN_JSON"
|
|
|
|
# Fetch deployed plugin version from package.json
|
|
DEPLOYED_VERSION=$(curl -sf --connect-timeout 10 "$HEADLAMP_URL/plugins/$PLUGIN_NAME/package.json" 2>/dev/null \
|
|
| node -p "JSON.parse(require('fs').readFileSync(0,'utf8')).version" 2>/dev/null || echo "unknown")
|
|
echo "Deployed version: $DEPLOYED_VERSION"
|
|
if [ "$DEPLOYED_VERSION" != "$EXPECTED" ] && [ "$DEPLOYED_VERSION" != "unknown" ]; then
|
|
echo "::warning::Version mismatch — repo has $EXPECTED but Headlamp runs $DEPLOYED_VERSION. Tests may fail due to stale plugin."
|
|
fi
|
|
|
|
- name: Install Playwright browsers
|
|
run: npx playwright install --with-deps chromium
|
|
|
|
- name: Run E2E tests
|
|
run: npm run e2e
|
|
env:
|
|
HEADLAMP_URL: ${{ secrets.HEADLAMP_URL || 'http://headlamp.kube-system.svc.cluster.local' }}
|
|
HEADLAMP_TOKEN: ${{ secrets.HEADLAMP_TOKEN }}
|
|
AUTHENTIK_USERNAME: ${{ secrets.AUTHENTIK_USERNAME }}
|
|
AUTHENTIK_PASSWORD: ${{ secrets.AUTHENTIK_PASSWORD }}
|
|
|
|
- name: Upload Playwright report
|
|
uses: actions/upload-artifact@v4
|
|
if: failure()
|
|
with:
|
|
name: playwright-report
|
|
path: playwright-report/
|
|
retention-days: 7
|
|
|
|
- name: Upload test results
|
|
uses: actions/upload-artifact@v4
|
|
if: failure()
|
|
with:
|
|
name: test-results
|
|
path: test-results/
|
|
retention-days: 7
|