## Summary - Fix a chain of QA CI issues: Docker build/health-check flakiness, NuGet vuln pins, then adds the post-deploy integration + Playwright smoke suite and works through everything needed to make it actually run on the self-hosted `qa` runner (musl/Alpine job container, no node/dotnet/curl preinstalled, docker-outside-of-docker networking). - Adds a fixed dev/QA seed admin user + fixed Development environment API key so integration tests and e2e specs have a stable target. - Pins Aspire's `AppHost.cs` ports/credentials to match the docker-compose local dev defaults. - Adds `tests/api/MicCheck.Api.Tests.Integration` coverage for disabled flags, environment-document bootstrap, identity override precedence, auth login, and unauthorized access; adds a Playwright e2e suite under `src/admin/e2e` (login, nav, context selection, features CRUD/toggle). - Adds a `smoke-qa` CI job that runs both suites against the just-deployed QA stack, working around: no curl/node/dotnet on the bare runner, musl vs glibc (Playwright browsers run via the official `mcr.microsoft.com/playwright` image instead), and the runner's job-container network isolation (reach the QA stack via the docker bridge gateway IP; `docker cp` instead of a bind mount to get files into the playwright container, since paths don't cross the docker-outside-of-docker boundary). ## Test plan - [x] Unit tests pass (dotnet test tests/api/MicCheck.Api.Tests.Unit, 243 passed) - [x] API integration suite passes against the real QA stack in CI - [x] Playwright e2e suite passes against the real QA stack in CI (verified 3/3 locally against a real dev API + vite server for the flakiest spec) - [x] Full CI pipeline (build → deploy-qa → smoke-qa) green end to end on the qa runner Reviewed-on: #3
MicCheck.Api.Tests.Integration
Black-box integration tests. Targets a running MicCheck.Api instance by URL and seeds/cleans data directly in the Postgres database.
Running against an environment
Two settings are required: BaseUrl and DbConnectionString.
Via .runsettings (recommended for local + CI)
dotnet test --settings local.runsettings
Copy local.runsettings to e.g. staging.runsettings and override the values for other environments.
Via command-line
dotnet test -- TestRunParameters.Parameter\(name=\"BaseUrl\",value=\"https://staging.example.com\"\) ^
TestRunParameters.Parameter\(name=\"DbConnectionString\",value=\"Host=...\"\)
Via environment variables (overrides .runsettings)
MICCHECK_API_BASE_URL=...
MICCHECK_DB_CONNECTION_STRING=...
MICCHECK_ACCEPT_ANY_SERVER_CERTIFICATE=true|false
Patterns
- Tests seed their own data directly in the database, never through the API.
- Per-test data is seeded in
[SetUp]. Reusable cross-test data goes in[OneTimeSetUp]. - Cleanup runs in
[TearDown]/[OneTimeTearDown], also directly in the database. - HTTP requests are defined in
HttpFiles/*.httpand executed viaFlagApiHttpClient. - Assertion failure messages include a fresh snapshot of the relevant rows in the database.