Fix CI build/deploy/smoke pipeline for the self-hosted qa runner (#3)
## Summary - Fix a chain of QA CI issues: Docker build/health-check flakiness, NuGet vuln pins, then adds the post-deploy integration + Playwright smoke suite and works through everything needed to make it actually run on the self-hosted `qa` runner (musl/Alpine job container, no node/dotnet/curl preinstalled, docker-outside-of-docker networking). - Adds a fixed dev/QA seed admin user + fixed Development environment API key so integration tests and e2e specs have a stable target. - Pins Aspire's `AppHost.cs` ports/credentials to match the docker-compose local dev defaults. - Adds `tests/api/MicCheck.Api.Tests.Integration` coverage for disabled flags, environment-document bootstrap, identity override precedence, auth login, and unauthorized access; adds a Playwright e2e suite under `src/admin/e2e` (login, nav, context selection, features CRUD/toggle). - Adds a `smoke-qa` CI job that runs both suites against the just-deployed QA stack, working around: no curl/node/dotnet on the bare runner, musl vs glibc (Playwright browsers run via the official `mcr.microsoft.com/playwright` image instead), and the runner's job-container network isolation (reach the QA stack via the docker bridge gateway IP; `docker cp` instead of a bind mount to get files into the playwright container, since paths don't cross the docker-outside-of-docker boundary). ## Test plan - [x] Unit tests pass (dotnet test tests/api/MicCheck.Api.Tests.Unit, 243 passed) - [x] API integration suite passes against the real QA stack in CI - [x] Playwright e2e suite passes against the real QA stack in CI (verified 3/3 locally against a real dev API + vite server for the flakiest spec) - [x] Full CI pipeline (build → deploy-qa → smoke-qa) green end to end on the qa runner Reviewed-on: #3
This commit was merged in pull request #3.
This commit is contained in:
@@ -1,5 +1,7 @@
|
||||
using MicCheck.Api.Organizations;
|
||||
using MicCheck.Api.Projects;
|
||||
using MicCheck.Api.Users;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using AppEnvironment = MicCheck.Api.Environments.Environment;
|
||||
|
||||
@@ -7,11 +9,26 @@ namespace MicCheck.Api.Data;
|
||||
|
||||
public class DatabaseSeeder
|
||||
{
|
||||
private readonly MicCheckDbContext _db;
|
||||
/// <summary>
|
||||
/// Deterministic credentials for the development/QA seed admin user. Only ever created when
|
||||
/// <c>SeedAsync</c> runs, which is gated behind <c>IsDevelopment()</c> in Program.cs.
|
||||
/// Used by the API integration suite and the Playwright admin e2e suite to authenticate
|
||||
/// without depending on per-run registration.
|
||||
/// </summary>
|
||||
public const string SeedAdminEmail = "admin@miccheck.local";
|
||||
public const string SeedAdminPassword = "MicCheckQa!2026";
|
||||
|
||||
public DatabaseSeeder(MicCheckDbContext db)
|
||||
/// <summary>Deterministic environment key for the seeded Development environment, so
|
||||
/// HTTP-only integration/e2e tests can read flags without a direct DB connection.</summary>
|
||||
public const string SeedDevelopmentEnvironmentKey = "env-qa-development";
|
||||
|
||||
private readonly MicCheckDbContext _db;
|
||||
private readonly IPasswordHasher<User> _passwordHasher;
|
||||
|
||||
public DatabaseSeeder(MicCheckDbContext db, IPasswordHasher<User> passwordHasher)
|
||||
{
|
||||
_db = db;
|
||||
_passwordHasher = passwordHasher;
|
||||
}
|
||||
|
||||
public async Task SeedAsync(CancellationToken ct = default)
|
||||
@@ -42,12 +59,34 @@ public class DatabaseSeeder
|
||||
_db.Environments.Add(new AppEnvironment
|
||||
{
|
||||
Name = name,
|
||||
ApiKey = $"env-{Guid.NewGuid():N}",
|
||||
ApiKey = name == "Development" ? SeedDevelopmentEnvironmentKey : $"env-{Guid.NewGuid():N}",
|
||||
ProjectId = project.Id,
|
||||
CreatedAt = DateTimeOffset.UtcNow
|
||||
});
|
||||
}
|
||||
|
||||
await _db.SaveChangesAsync(ct);
|
||||
|
||||
var adminUser = new User
|
||||
{
|
||||
Email = SeedAdminEmail,
|
||||
FirstName = "MicCheck",
|
||||
LastName = "Admin",
|
||||
IsActive = true,
|
||||
CreatedAt = DateTimeOffset.UtcNow,
|
||||
PasswordHash = string.Empty
|
||||
};
|
||||
adminUser.PasswordHash = _passwordHasher.HashPassword(adminUser, SeedAdminPassword);
|
||||
_db.Users.Add(adminUser);
|
||||
await _db.SaveChangesAsync(ct);
|
||||
|
||||
_db.OrganizationUsers.Add(new OrganizationUser
|
||||
{
|
||||
OrganizationId = organization.Id,
|
||||
UserId = adminUser.Id,
|
||||
Role = OrganizationRole.Admin,
|
||||
IsPrimary = true
|
||||
});
|
||||
await _db.SaveChangesAsync(ct);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user