Add integration + Playwright smoke suite for post-deploy QA validation

Existing coverage was one integration test and zero e2e tests. Adds the thin,
high-value integration/e2e layer unit tests can't reach (real Postgres wire
contract, real browser flows) and wires it as a post-deploy smoke gate.

- Seed a deterministic dev/QA admin user and fixed Development env key so
  HTTP-only tests can authenticate without per-run registration.
- Expand the API integration suite: disabled-flag, unauthorized access,
  environment-document bootstrap, identity-override precedence, and auth
  login scenarios, reusing the existing black-box HTTP+Npgsql harness.
- Add a Playwright suite for the admin SPA: login, nav, project/environment
  context selection, and feature create/toggle, against the real API.
- Bind QA Postgres to 127.0.0.1 for direct seeding, add smoke-qa.sh and an
  ensure_node() bootstrap (the qa runner has no Node today), and wire a new
  smoke-qa CI job after deploy-qa.
This commit is contained in:
2026-07-04 17:28:13 -07:00
parent 1b2ce263e5
commit 8fc0ebb724
28 changed files with 1164 additions and 6 deletions

View File

@@ -0,0 +1,103 @@
using MicCheck.Api.Tests.Integration.Common;
namespace MicCheck.Api.Tests.Integration.Identities;
/// <summary>
/// Seeds an environment-default FeatureState plus an identity-level override for the same
/// feature, so a test can assert that identity overrides take precedence over the environment
/// default when evaluating <c>/api/v1/identity</c>.
/// </summary>
public sealed record IdentityOverrideSeed(
int OrganizationId,
int EnvironmentId,
int FeatureId,
string EnvironmentApiKey,
string FeatureName,
string Identifier)
{
public static async Task<IdentityOverrideSeed> InsertAsync(
TestDatabase db,
string testRunTag,
bool environmentDefaultEnabled,
bool identityOverrideEnabled)
{
var rawUnique = $"{testRunTag}-{Guid.NewGuid():N}";
var unique = rawUnique[..Math.Min(rawUnique.Length, 40)];
var environmentApiKey = $"envkey_{Guid.NewGuid():N}";
var featureName = $"feature_{unique}";
var identifier = $"identity_{unique}";
var now = DateTimeOffset.UtcNow;
var organizationId = await db.ExecuteScalarAsync<int>(
"INSERT INTO \"Organizations\" (\"Name\", \"CreatedAt\") VALUES (@name, @createdAt) RETURNING \"Id\"",
("name", $"org_{unique}"),
("createdAt", now));
var projectId = await db.ExecuteScalarAsync<int>(
"INSERT INTO \"Projects\" (\"Name\", \"OrganizationId\", \"CreatedAt\", \"HideDisabledFlags\") VALUES (@name, @orgId, @createdAt, false) RETURNING \"Id\"",
("name", $"project_{unique}"),
("orgId", organizationId),
("createdAt", now));
var environmentId = await db.ExecuteScalarAsync<int>(
"INSERT INTO \"Environments\" (\"Name\", \"ApiKey\", \"ProjectId\", \"CreatedAt\") VALUES (@name, @apiKey, @projectId, @createdAt) RETURNING \"Id\"",
("name", $"env_{unique}"),
("apiKey", environmentApiKey),
("projectId", projectId),
("createdAt", now));
var featureId = await db.ExecuteScalarAsync<int>(
"INSERT INTO \"Features\" (\"Name\", \"Type\", \"DefaultEnabled\", \"ProjectId\", \"CreatedAt\") VALUES (@name, 0, @defaultEnabled, @projectId, @createdAt) RETURNING \"Id\"",
("name", featureName),
("defaultEnabled", environmentDefaultEnabled),
("projectId", projectId),
("createdAt", now));
await db.ExecuteScalarAsync<int>(
"""
INSERT INTO "FeatureStates" ("FeatureId", "EnvironmentId", "Enabled", "Value", "CreatedAt", "UpdatedAt", "Version")
VALUES (@featureId, @environmentId, @enabled, NULL, @createdAt, @updatedAt, 1)
RETURNING "Id"
""",
("featureId", featureId),
("environmentId", environmentId),
("enabled", environmentDefaultEnabled),
("createdAt", now),
("updatedAt", now));
var identityId = await db.ExecuteScalarAsync<int>(
"INSERT INTO \"Identities\" (\"Identifier\", \"EnvironmentId\", \"CreatedAt\") VALUES (@identifier, @environmentId, @createdAt) RETURNING \"Id\"",
("identifier", identifier),
("environmentId", environmentId),
("createdAt", now));
await db.ExecuteScalarAsync<int>(
"""
INSERT INTO "FeatureStates" ("FeatureId", "EnvironmentId", "IdentityId", "Enabled", "Value", "CreatedAt", "UpdatedAt", "Version")
VALUES (@featureId, @environmentId, @identityId, @enabled, NULL, @createdAt, @updatedAt, 1)
RETURNING "Id"
""",
("featureId", featureId),
("environmentId", environmentId),
("identityId", identityId),
("enabled", identityOverrideEnabled),
("createdAt", now),
("updatedAt", now));
return new IdentityOverrideSeed(organizationId, environmentId, featureId, environmentApiKey, featureName, identifier);
}
public async Task CleanupAsync(TestDatabase db)
=> await db.ExecuteAsync(
"DELETE FROM \"Organizations\" WHERE \"Id\" = @orgId",
("orgId", OrganizationId));
public async Task<string> DescribeAsync(TestDatabase db)
=> await db.SnapshotRowsAsync(
"""
SELECT fs."Id" AS "FeatureStateId", fs."Enabled", fs."IdentityId", fs."FeatureSegmentId"
FROM "FeatureStates" fs
WHERE fs."FeatureId" = @featureId
""",
("featureId", FeatureId));
}

View File

@@ -0,0 +1,87 @@
using System.Text.Json;
using MicCheck.Api.Tests.Integration.Common;
using NUnit.Framework;
namespace MicCheck.Api.Tests.Integration.Identities;
[TestFixture]
public class IdentityOverrideTests
{
private IntegrationTestSettings settings = null!;
private TestDatabase db = null!;
private FlagApiHttpClient client = null!;
private IdentityOverrideSeed? seed;
[OneTimeSetUp]
public void OneTimeSetUp()
{
settings = IntegrationTestSettings.Load();
db = new TestDatabase(settings.DbConnectionString);
client = new FlagApiHttpClient(settings);
}
[OneTimeTearDown]
public void OneTimeTearDown() => client.Dispose();
[SetUp]
public async Task SetUp()
=> seed = await IdentityOverrideSeed.InsertAsync(
db,
testRunTag: "IdentityOverride",
environmentDefaultEnabled: false,
identityOverrideEnabled: true);
[TearDown]
public async Task TearDown()
{
if (seed is not null)
{
await seed.CleanupAsync(db);
seed = null;
}
}
[Test]
public async Task WhenAnIdentityHasAFeatureOverride_ThenItTakesPrecedenceOverTheEnvironmentDefault()
{
var current = seed!;
using var response = await client.SendAsync(
httpFile: "Identity.http",
requestName: "GetIdentity",
variables: new Dictionary<string, string>
{
["baseUrl"] = settings.BaseUrl,
["environmentKey"] = current.EnvironmentApiKey,
["identifier"] = current.Identifier
});
var body = await response.Content.ReadAsStringAsync();
Assert.That(
response.IsSuccessStatusCode,
Is.True,
$"GET /api/v1/identity returned {(int)response.StatusCode} {response.ReasonPhrase}. Body: {body}. DB state:\n{await current.DescribeAsync(db)}");
var identity = JsonSerializer.Deserialize<IdentityResponseDto>(body, JsonOptions)
?? throw new InvalidOperationException("Response body was not the expected identity shape.");
var match = identity.Flags.SingleOrDefault(f => f.Feature.Name == current.FeatureName);
Assert.That(
match,
Is.Not.Null,
$"Feature '{current.FeatureName}' was not present in the identity response. DB state:\n{await current.DescribeAsync(db)}");
Assert.That(
match!.Enabled,
Is.True,
$"Expected the identity override (Enabled=true) to win over the environment default (Enabled=false). DB state:\n{await current.DescribeAsync(db)}");
}
private static readonly JsonSerializerOptions JsonOptions = new(JsonSerializerDefaults.Web);
private sealed record IdentityResponseDto(List<object> Traits, List<FlagResponseDto> Flags);
private sealed record FlagResponseDto(int Id, FeatureSummaryDto Feature, bool Enabled, string? FeatureStateValue);
private sealed record FeatureSummaryDto(int Id, string Name);
}