Add integration + Playwright smoke suite for post-deploy QA validation
Existing coverage was one integration test and zero e2e tests. Adds the thin, high-value integration/e2e layer unit tests can't reach (real Postgres wire contract, real browser flows) and wires it as a post-deploy smoke gate. - Seed a deterministic dev/QA admin user and fixed Development env key so HTTP-only tests can authenticate without per-run registration. - Expand the API integration suite: disabled-flag, unauthorized access, environment-document bootstrap, identity-override precedence, and auth login scenarios, reusing the existing black-box HTTP+Npgsql harness. - Add a Playwright suite for the admin SPA: login, nav, project/environment context selection, and feature create/toggle, against the real API. - Bind QA Postgres to 127.0.0.1 for direct seeding, add smoke-qa.sh and an ensure_node() bootstrap (the qa runner has no Node today), and wire a new smoke-qa CI job after deploy-qa.
This commit is contained in:
@@ -0,0 +1,81 @@
|
||||
using System.Text.Json;
|
||||
using MicCheck.Api.Tests.Integration.Common;
|
||||
using NUnit.Framework;
|
||||
|
||||
namespace MicCheck.Api.Tests.Integration.Flags;
|
||||
|
||||
[TestFixture]
|
||||
public class FlagDisabledTests
|
||||
{
|
||||
private IntegrationTestSettings settings = null!;
|
||||
private TestDatabase db = null!;
|
||||
private FlagApiHttpClient client = null!;
|
||||
private FlagSeed? seed;
|
||||
|
||||
[OneTimeSetUp]
|
||||
public void OneTimeSetUp()
|
||||
{
|
||||
settings = IntegrationTestSettings.Load();
|
||||
db = new TestDatabase(settings.DbConnectionString);
|
||||
client = new FlagApiHttpClient(settings);
|
||||
}
|
||||
|
||||
[OneTimeTearDown]
|
||||
public void OneTimeTearDown() => client.Dispose();
|
||||
|
||||
[SetUp]
|
||||
public async Task SetUp()
|
||||
=> seed = await FlagSeed.InsertEnabledFlagAsync(db, testRunTag: "FlagDisabled", enabled: false, value: null);
|
||||
|
||||
[TearDown]
|
||||
public async Task TearDown()
|
||||
{
|
||||
if (seed is not null)
|
||||
{
|
||||
await seed.CleanupAsync(db);
|
||||
seed = null;
|
||||
}
|
||||
}
|
||||
|
||||
[Test]
|
||||
public async Task WhenAFeatureIsDisabledInEnvironment_ThenTheFlagApiReportsItDisabled()
|
||||
{
|
||||
var current = seed!;
|
||||
|
||||
using var response = await client.SendAsync(
|
||||
httpFile: "Flags.http",
|
||||
requestName: "GetFlags",
|
||||
variables: new Dictionary<string, string>
|
||||
{
|
||||
["baseUrl"] = settings.BaseUrl,
|
||||
["environmentKey"] = current.EnvironmentApiKey
|
||||
});
|
||||
|
||||
var body = await response.Content.ReadAsStringAsync();
|
||||
|
||||
Assert.That(
|
||||
response.IsSuccessStatusCode,
|
||||
Is.True,
|
||||
$"GET /api/v1/flags returned {(int)response.StatusCode} {response.ReasonPhrase}. Body: {body}. DB state:\n{await current.DescribeAsync(db)}");
|
||||
|
||||
var flags = JsonSerializer.Deserialize<List<FlagResponseDto>>(body, JsonOptions)
|
||||
?? throw new InvalidOperationException("Response body was not a JSON array.");
|
||||
|
||||
var match = flags.SingleOrDefault(f => f.Feature.Name == current.FeatureName);
|
||||
|
||||
Assert.That(
|
||||
match,
|
||||
Is.Not.Null,
|
||||
$"Feature '{current.FeatureName}' was not present in the flags response. Returned features: [{string.Join(", ", flags.Select(f => f.Feature.Name))}]. DB state:\n{await current.DescribeAsync(db)}");
|
||||
|
||||
Assert.That(
|
||||
match!.Enabled,
|
||||
Is.False,
|
||||
$"Feature '{current.FeatureName}' was reported as enabled, but the seeded FeatureState has Enabled=false. DB state:\n{await current.DescribeAsync(db)}");
|
||||
}
|
||||
|
||||
private static readonly JsonSerializerOptions JsonOptions = new(JsonSerializerDefaults.Web);
|
||||
|
||||
private sealed record FlagResponseDto(int Id, FeatureSummaryDto Feature, bool Enabled, string? FeatureStateValue);
|
||||
private sealed record FeatureSummaryDto(int Id, string Name);
|
||||
}
|
||||
@@ -0,0 +1,57 @@
|
||||
using MicCheck.Api.Tests.Integration.Common;
|
||||
using NUnit.Framework;
|
||||
|
||||
namespace MicCheck.Api.Tests.Integration.Flags;
|
||||
|
||||
[TestFixture]
|
||||
public class FlagsApiAuthorizationTests
|
||||
{
|
||||
private IntegrationTestSettings settings = null!;
|
||||
private FlagApiHttpClient client = null!;
|
||||
|
||||
[OneTimeSetUp]
|
||||
public void OneTimeSetUp()
|
||||
{
|
||||
settings = IntegrationTestSettings.Load();
|
||||
client = new FlagApiHttpClient(settings);
|
||||
}
|
||||
|
||||
[OneTimeTearDown]
|
||||
public void OneTimeTearDown() => client.Dispose();
|
||||
|
||||
[Test]
|
||||
public async Task WhenNoEnvironmentKeyIsProvided_ThenTheFlagsApiReturnsUnauthorized()
|
||||
{
|
||||
using var response = await client.SendAsync(
|
||||
httpFile: "Flags.http",
|
||||
requestName: "GetFlags",
|
||||
variables: new Dictionary<string, string>
|
||||
{
|
||||
["baseUrl"] = settings.BaseUrl,
|
||||
["environmentKey"] = string.Empty
|
||||
});
|
||||
|
||||
Assert.That(
|
||||
(int)response.StatusCode,
|
||||
Is.EqualTo(401),
|
||||
$"Expected 401 for a missing environment key, got {(int)response.StatusCode} {response.ReasonPhrase}.");
|
||||
}
|
||||
|
||||
[Test]
|
||||
public async Task WhenAnUnknownEnvironmentKeyIsProvided_ThenTheFlagsApiReturnsUnauthorized()
|
||||
{
|
||||
using var response = await client.SendAsync(
|
||||
httpFile: "Flags.http",
|
||||
requestName: "GetFlags",
|
||||
variables: new Dictionary<string, string>
|
||||
{
|
||||
["baseUrl"] = settings.BaseUrl,
|
||||
["environmentKey"] = $"unknown_{Guid.NewGuid():N}"
|
||||
});
|
||||
|
||||
Assert.That(
|
||||
(int)response.StatusCode,
|
||||
Is.EqualTo(401),
|
||||
$"Expected 401 for an unrecognized environment key, got {(int)response.StatusCode} {response.ReasonPhrase}.");
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user