Fix CI build/deploy/smoke pipeline for the self-hosted qa runner (#3)
## Summary - Fix a chain of QA CI issues: Docker build/health-check flakiness, NuGet vuln pins, then adds the post-deploy integration + Playwright smoke suite and works through everything needed to make it actually run on the self-hosted `qa` runner (musl/Alpine job container, no node/dotnet/curl preinstalled, docker-outside-of-docker networking). - Adds a fixed dev/QA seed admin user + fixed Development environment API key so integration tests and e2e specs have a stable target. - Pins Aspire's `AppHost.cs` ports/credentials to match the docker-compose local dev defaults. - Adds `tests/api/MicCheck.Api.Tests.Integration` coverage for disabled flags, environment-document bootstrap, identity override precedence, auth login, and unauthorized access; adds a Playwright e2e suite under `src/admin/e2e` (login, nav, context selection, features CRUD/toggle). - Adds a `smoke-qa` CI job that runs both suites against the just-deployed QA stack, working around: no curl/node/dotnet on the bare runner, musl vs glibc (Playwright browsers run via the official `mcr.microsoft.com/playwright` image instead), and the runner's job-container network isolation (reach the QA stack via the docker bridge gateway IP; `docker cp` instead of a bind mount to get files into the playwright container, since paths don't cross the docker-outside-of-docker boundary). ## Test plan - [x] Unit tests pass (dotnet test tests/api/MicCheck.Api.Tests.Unit, 243 passed) - [x] API integration suite passes against the real QA stack in CI - [x] Playwright e2e suite passes against the real QA stack in CI (verified 3/3 locally against a real dev API + vite server for the flakiest spec) - [x] Full CI pipeline (build → deploy-qa → smoke-qa) green end to end on the qa runner Reviewed-on: #3
This commit was merged in pull request #3.
This commit is contained in:
55
tests/api/MicCheck.Api.Tests.Integration/Auth/AuthSeed.cs
Normal file
55
tests/api/MicCheck.Api.Tests.Integration/Auth/AuthSeed.cs
Normal file
@@ -0,0 +1,55 @@
|
||||
using MicCheck.Api.Tests.Integration.Common;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
|
||||
namespace MicCheck.Api.Tests.Integration.Auth;
|
||||
|
||||
/// <summary>
|
||||
/// A stand-in for the real API's <c>User</c> type: <see cref="PasswordHasher{TUser}"/> only uses
|
||||
/// it as a type parameter (it doesn't inspect the instance), so any reference type works. Keeps
|
||||
/// this project a true black box with no <c>ProjectReference</c> to the API.
|
||||
/// </summary>
|
||||
public class HashedUser;
|
||||
|
||||
public sealed record AuthSeed(int OrganizationId, int UserId, string Email, string Password)
|
||||
{
|
||||
public static async Task<AuthSeed> InsertAsync(TestDatabase db, string testRunTag, string password)
|
||||
{
|
||||
var rawUnique = $"{testRunTag}-{Guid.NewGuid():N}";
|
||||
var unique = rawUnique[..Math.Min(rawUnique.Length, 40)];
|
||||
var email = $"{unique}@integration.test";
|
||||
var now = DateTimeOffset.UtcNow;
|
||||
|
||||
var passwordHash = new PasswordHasher<HashedUser>().HashPassword(new HashedUser(), password);
|
||||
|
||||
var organizationId = await db.ExecuteScalarAsync<int>(
|
||||
"INSERT INTO \"Organizations\" (\"Name\", \"CreatedAt\") VALUES (@name, @createdAt) RETURNING \"Id\"",
|
||||
("name", $"org_{unique}"),
|
||||
("createdAt", now));
|
||||
|
||||
var userId = await db.ExecuteScalarAsync<int>(
|
||||
"""
|
||||
INSERT INTO "Users" ("Email", "PasswordHash", "FirstName", "LastName", "IsActive", "IsTwoFactorEnabled", "CreatedAt")
|
||||
VALUES (@email, @passwordHash, 'Integration', 'Test', true, false, @createdAt)
|
||||
RETURNING "Id"
|
||||
""",
|
||||
("email", email),
|
||||
("passwordHash", passwordHash),
|
||||
("createdAt", now));
|
||||
|
||||
await db.ExecuteAsync(
|
||||
"""
|
||||
INSERT INTO "OrganizationUsers" ("OrganizationId", "UserId", "Role", "IsPrimary")
|
||||
VALUES (@orgId, @userId, 1, true)
|
||||
""",
|
||||
("orgId", organizationId),
|
||||
("userId", userId));
|
||||
|
||||
return new AuthSeed(organizationId, userId, email, password);
|
||||
}
|
||||
|
||||
public async Task CleanupAsync(TestDatabase db)
|
||||
{
|
||||
await db.ExecuteAsync("DELETE FROM \"Users\" WHERE \"Id\" = @userId", ("userId", UserId));
|
||||
await db.ExecuteAsync("DELETE FROM \"Organizations\" WHERE \"Id\" = @orgId", ("orgId", OrganizationId));
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user