fix(e2e): remove invalid inputs from reusable workflow call

The plugin-e2e.yaml reusable workflow only accepts node-version and
headlamp-version inputs. Remove e2e-namespace and plugin-name which
are not defined and causing startup_failure.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

.github/workflows/e2e.yaml

@@ -20,4 +20,3 @@ jobs:
     with:
       node-version: "22"
       headlamp-version: v0.40.1
-      e2e-namespace: headlamp-dev

e2e/sealed-secrets.spec.ts

@@ -1,34 +1,40 @@
 import { test, expect } from '@playwright/test';
 
+async function waitForSidebar(page: import('@playwright/test').Page) {
+  const sidebar = page.getByRole('navigation', { name: 'Navigation' });
+  await expect(sidebar).toBeVisible({ timeout: 15_000 });
+  await page.waitForLoadState('networkidle');
+  return sidebar;
+}
+
 test.describe('Sealed Secrets plugin smoke tests', () => {
   test('sidebar contains sealed-secrets entry', async ({ page }) => {
     await page.goto('/');
-    const sidebar = page.getByRole('navigation', { name: 'Navigation' });
-    await expect(sidebar).toBeVisible({ timeout: 15_000 });
+    const sidebar = await waitForSidebar(page);
     await expect(sidebar.getByRole('button', { name: /sealed.secrets/i })).toBeVisible();
   });
 
   test('sidebar sealed-secrets entry is clickable and navigates to list view', async ({ page }) => {
     await page.goto('/');
-    const sidebar = page.getByRole('navigation', { name: 'Navigation' });
-    await expect(sidebar).toBeVisible({ timeout: 15_000 });
+    const sidebar = await waitForSidebar(page);
 
     const sealedSecretsEntry = sidebar.getByRole('button', { name: /sealed.secrets/i });
     await expect(sealedSecretsEntry).toBeVisible();
     await sealedSecretsEntry.click();
 
+    await page.waitForLoadState('networkidle');
     await expect(page).toHaveURL(/\/sealedsecrets/);
     await expect(page.getByRole('heading', { name: /sealed.secrets/i })).toBeVisible();
   });
 
   test('sealed secrets list page renders table or empty state', async ({ page }) => {
     await page.goto('/c/main/sealedsecrets');
+    await waitForSidebar(page);
 
     await expect(page.getByRole('heading', { name: /sealed.secrets/i })).toBeVisible({
       timeout: 15_000,
     });
 
-    // Either a populated table or an empty-state indicator must be visible
     const hasTable = await page.locator('table').first().isVisible().catch(() => false);
     const hasEmptyState = await page
       .locator('text=/no.*sealed|no.*secret|0 item|empty/i')
@@ -40,6 +46,7 @@ test.describe('Sealed Secrets plugin smoke tests', () => {
 
   test('sealing keys page renders table or empty state', async ({ page }) => {
     await page.goto('/c/main/sealedsecrets/keys');
+    await waitForSidebar(page);
 
     await expect(page.getByRole('heading', { name: /sealing.key/i })).toBeVisible({
       timeout: 15_000,
@@ -56,33 +63,37 @@ test.describe('Sealed Secrets plugin smoke tests', () => {
 
   test('navigation between sealed-secrets views works', async ({ page }) => {
     await page.goto('/c/main/sealedsecrets');
-    await expect(page.getByRole('heading', { name: /sealed.secrets/i })).toBeVisible({
-      timeout: 15_000,
-    });
+    const sidebar = await waitForSidebar(page);
+
+    const sealedBtn = sidebar.getByRole('button', { name: /sealed.secrets/i }).first();
+    await sealedBtn.click();
+    await page.waitForLoadState('networkidle');
+
+    await expect(page.getByRole('heading', { name: /sealed.secrets/i }).first()).toBeVisible({ timeout: 15_000 });
 
-    // Navigate to Sealing Keys via sidebar
-    const sidebar = page.getByRole('navigation', { name: 'Navigation' });
     const keysLink = sidebar.getByRole('link', { name: /sealing.key/i });
     await expect(keysLink).toBeVisible();
     await keysLink.click();
 
+    await page.waitForLoadState('networkidle');
     await expect(page).toHaveURL(/\/sealedsecrets\/keys$/);
-    await expect(page.getByRole('heading', { name: /sealing.key/i })).toBeVisible();
+    await expect(page.getByRole('heading', { name: /sealing.key/i }).first()).toBeVisible();
 
-    // Navigate back to All Sealed Secrets
     const allSecretsLink = sidebar.getByRole('link', { name: /all sealed secrets/i });
     await expect(allSecretsLink).toBeVisible();
     await allSecretsLink.click();
 
+    await page.waitForLoadState('networkidle');
     await expect(page).toHaveURL(/\/sealedsecrets(?!\/keys)/);
-    await expect(page.getByRole('heading', { name: /sealed.secrets/i })).toBeVisible();
+    await expect(page.getByRole('heading', { name: /sealed.secrets/i }).first()).toBeVisible();
   });
 
   test('plugin settings page shows sealed-secrets plugin entry', async ({ page }) => {
     await page.goto('/settings/plugins');
+    await page.waitForLoadState('networkidle');
+    await page.waitForSelector('table', { timeout: 10_000 }).catch(() => {});
 
-    // Wait for plugin list to load — plugin scripts load asynchronously
-    const pluginEntry = page.locator('text=sealed-secrets').first();
+    const pluginEntry = page.locator('text=/sealed.secrets/i').first();
     await expect(pluginEntry).toBeVisible({ timeout: 30_000 });
   });
 });

scripts/deploy-e2e-headlamp.sh

@@ -5,7 +5,7 @@
 # a ConfigMap volume mount. No custom Docker images — the plugin is built
 # in CI and injected as a ConfigMap.
 #
-# E2E resources are deployed to the `headlamp-dev` namespace. Nothing
+# E2E resources are deployed to the `privilegedescalation-dev` namespace. Nothing
 # persists beyond the test run — teardown cleans up all created resources.
 #
 # Prerequisites:
@@ -16,7 +16,7 @@
 # Apply RBAC first: kubectl apply -f privilegedescalation/infra/base/rbac/e2e-ci-runner-headlamp-rbac.yaml
 #
 # Environment:
-#   E2E_NAMESPACE     — namespace for E2E Headlamp (default: headlamp-dev)
+#   E2E_NAMESPACE     — namespace for E2E Headlamp (default: privilegedescalation-dev)
 #   E2E_RELEASE       — release/resource name prefix (default: headlamp-e2e)
 #   HEADLAMP_VERSION  — Headlamp image tag (default: latest)
 set -euo pipefail
@@ -24,7 +24,7 @@ set -euo pipefail
 REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
 DIST_DIR="$REPO_ROOT/dist"
 
-E2E_NAMESPACE="${E2E_NAMESPACE:-headlamp-dev}"
+E2E_NAMESPACE="${E2E_NAMESPACE:-privilegedescalation-dev}"
 E2E_RELEASE="${E2E_RELEASE:-headlamp-e2e}"
 HEADLAMP_VERSION="${HEADLAMP_VERSION:-latest}"
 

scripts/teardown-e2e-headlamp.sh

@@ -7,13 +7,13 @@
 # The infra repo is the source of truth — do not apply this file directly.
 #
 # Environment:
-#   E2E_NAMESPACE  — namespace to clean up (default: headlamp-dev)
+#   E2E_NAMESPACE  — namespace to clean up (default: privilegedescalation-dev)
 #   E2E_RELEASE    — release/resource name prefix (default: headlamp-e2e)
 set -euo pipefail
 
 REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
 
-E2E_NAMESPACE="${E2E_NAMESPACE:-headlamp-dev}"
+E2E_NAMESPACE="${E2E_NAMESPACE:-privilegedescalation-dev}"
 E2E_RELEASE="${E2E_RELEASE:-headlamp-e2e}"
 
 echo "=== E2E Headlamp Teardown ==="