mirror of
https://github.com/formbricks/formbricks.git
synced 2026-05-06 11:20:56 -05:00
Matti Nannt
239 lines
8.0 KiB
YAML
239 lines
8.0 KiB
YAML
name: E2E Tests
|
|
|
|
on:
|
|
workflow_call:
|
|
secrets:
|
|
PLAYWRIGHT_SERVICE_URL:
|
|
required: false
|
|
PLAYWRIGHT_SERVICE_ACCESS_TOKEN:
|
|
required: false
|
|
ENTERPRISE_LICENSE_KEY:
|
|
required: true
|
|
# Add other secrets if necessary
|
|
workflow_dispatch:
|
|
|
|
env:
|
|
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
|
|
TURBO_TEAM: ${{ vars.TURBO_TEAM }}
|
|
|
|
permissions:
|
|
contents: read
|
|
actions: read
|
|
|
|
jobs:
|
|
build:
|
|
name: Run E2E Tests
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 60
|
|
services:
|
|
postgres:
|
|
image: pgvector/pgvector@sha256:9ae02a756ba16a2d69dd78058e25915e36e189bb36ddf01ceae86390d7ed786a
|
|
env:
|
|
POSTGRES_DB: postgres
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
ports:
|
|
- 5432:5432
|
|
options: >-
|
|
--health-cmd="pg_isready -U postgres"
|
|
--health-interval=10s
|
|
--health-timeout=5s
|
|
--health-retries=5
|
|
valkey:
|
|
image: valkey/valkey@sha256:12ba4f45a7c3e1d0f076acd616cb230834e75a77e8516dde382720af32832d6d
|
|
ports:
|
|
- 6379:6379
|
|
steps:
|
|
- name: Harden the runner (Audit all outbound calls)
|
|
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
|
|
with:
|
|
egress-policy: audit
|
|
allowed-endpoints: |
|
|
ee.formbricks.com:443
|
|
registry-1.docker.io:443
|
|
docker.io:443
|
|
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
- uses: ./.github/actions/dangerous-git-checkout
|
|
|
|
- name: Setup Node.js 22.x
|
|
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
|
|
with:
|
|
node-version: 22.x
|
|
|
|
- name: Install pnpm
|
|
uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install --frozen-lockfile --config.platform=linux --config.architecture=x64
|
|
shell: bash
|
|
|
|
- name: create .env
|
|
run: cp .env.example .env
|
|
shell: bash
|
|
|
|
- name: Fill ENCRYPTION_KEY, ENTERPRISE_LICENSE_KEY and E2E_TESTING in .env
|
|
run: |
|
|
RANDOM_KEY=$(openssl rand -hex 32)
|
|
sed -i "s/ENCRYPTION_KEY=.*/ENCRYPTION_KEY=${RANDOM_KEY}/" .env
|
|
sed -i "s/CRON_SECRET=.*/CRON_SECRET=${RANDOM_KEY}/" .env
|
|
sed -i "s/NEXTAUTH_SECRET=.*/NEXTAUTH_SECRET=${RANDOM_KEY}/" .env
|
|
sed -i "s/ENTERPRISE_LICENSE_KEY=.*/ENTERPRISE_LICENSE_KEY=${{ secrets.ENTERPRISE_LICENSE_KEY }}/" .env
|
|
sed -i "s|REDIS_URL=.*|REDIS_URL=redis://localhost:6379|" .env
|
|
echo "" >> .env
|
|
echo "E2E_TESTING=1" >> .env
|
|
echo "S3_REGION=us-east-1" >> .env
|
|
echo "S3_BUCKET_NAME=formbricks-e2e" >> .env
|
|
echo "S3_ENDPOINT_URL=http://localhost:9000" >> .env
|
|
echo "S3_ACCESS_KEY=devrustfs-service" >> .env
|
|
echo "S3_SECRET_KEY=devrustfs-service123" >> .env
|
|
echo "S3_FORCE_PATH_STYLE=1" >> .env
|
|
shell: bash
|
|
|
|
- name: Start RustFS Server
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
# Start RustFS server in background
|
|
docker run -d \
|
|
--name rustfs-server \
|
|
-p 9000:9000 \
|
|
-p 9001:9001 \
|
|
-e RUSTFS_ACCESS_KEY=devrustfs \
|
|
-e RUSTFS_SECRET_KEY=devrustfs123 \
|
|
-e RUSTFS_ADDRESS=:9000 \
|
|
-e RUSTFS_CONSOLE_ENABLE=true \
|
|
-e RUSTFS_CONSOLE_ADDRESS=:9001 \
|
|
rustfs/rustfs:1.0.0-alpha.93 \
|
|
/data
|
|
|
|
echo "RustFS server started"
|
|
|
|
- name: Bootstrap RustFS bucket and browser upload CORS
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
docker run --rm \
|
|
--network host \
|
|
--entrypoint /bin/sh \
|
|
-e RUSTFS_ENDPOINT_URL=http://127.0.0.1:9000 \
|
|
-e RUSTFS_ADMIN_USER=devrustfs \
|
|
-e RUSTFS_ADMIN_PASSWORD=devrustfs123 \
|
|
-e RUSTFS_SERVICE_USER=devrustfs-service \
|
|
-e RUSTFS_SERVICE_PASSWORD=devrustfs-service123 \
|
|
-e RUSTFS_BUCKET_NAME=formbricks-e2e \
|
|
-e RUSTFS_POLICY_NAME=formbricks-e2e-policy \
|
|
-e RUSTFS_CORS_ALLOWED_ORIGINS=http://localhost:3000,http://127.0.0.1:3000 \
|
|
-v "$PWD/docker/rustfs-init.sh:/tmp/rustfs-init.sh:ro" \
|
|
minio/mc@sha256:95b5f3f7969a5c5a9f3a700ba72d5c84172819e13385aaf916e237cf111ab868 \
|
|
/tmp/rustfs-init.sh
|
|
|
|
- name: Build App
|
|
run: |
|
|
pnpm build --filter=@formbricks/web...
|
|
|
|
- name: Apply Prisma Migrations
|
|
run: |
|
|
# pnpm prisma migrate deploy
|
|
pnpm db:migrate:dev
|
|
|
|
- name: Run Rate Limiter Load Tests
|
|
run: |
|
|
echo "Running rate limiter load tests with Redis/Valkey..."
|
|
cd apps/web && pnpm vitest run modules/core/rate-limit/rate-limit-load.test.ts
|
|
shell: bash
|
|
|
|
- name: Run Cache Integration Tests
|
|
run: |
|
|
echo "Running cache integration tests with Redis/Valkey..."
|
|
cd packages/cache && pnpm vitest run src/cache-integration.test.ts
|
|
shell: bash
|
|
|
|
- name: Check for Enterprise License
|
|
run: |
|
|
LICENSE_KEY=$(grep '^ENTERPRISE_LICENSE_KEY=' .env | cut -d'=' -f2-)
|
|
if [ -z "$LICENSE_KEY" ]; then
|
|
echo "::error::ENTERPRISE_LICENSE_KEY in .env is empty. Please check your secret configuration."
|
|
exit 1
|
|
fi
|
|
echo "License key length: ${#LICENSE_KEY}"
|
|
|
|
- name: Disable rate limiting for E2E tests
|
|
run: |
|
|
echo "RATE_LIMITING_DISABLED=1" >> .env
|
|
echo "Rate limiting disabled for E2E tests"
|
|
shell: bash
|
|
|
|
- name: Run App
|
|
run: |
|
|
echo "Starting app with enterprise license..."
|
|
NODE_ENV=test pnpm start --filter=@formbricks/web | tee app.log 2>&1 &
|
|
sleep 10 # Optional: gives some buffer for the app to start
|
|
for attempt in {1..10}; do
|
|
if [ $(curl -o /dev/null -s -w "%{http_code}" http://localhost:3000/health) -eq 200 ]; then
|
|
echo "Application is ready."
|
|
break
|
|
fi
|
|
if [ $attempt -eq 10 ]; then
|
|
echo "Application failed to start in time."
|
|
exit 1
|
|
fi
|
|
echo "Still waiting for the application to be ready..."
|
|
sleep 10
|
|
done
|
|
|
|
- name: Install Playwright
|
|
run: pnpm exec playwright install --with-deps
|
|
|
|
- name: Determine Playwright execution mode
|
|
shell: bash
|
|
env:
|
|
PLAYWRIGHT_SERVICE_URL: ${{ secrets.PLAYWRIGHT_SERVICE_URL }}
|
|
PLAYWRIGHT_SERVICE_ACCESS_TOKEN: ${{ secrets.PLAYWRIGHT_SERVICE_ACCESS_TOKEN }}
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
if [[ -n "${PLAYWRIGHT_SERVICE_URL}" && -n "${PLAYWRIGHT_SERVICE_ACCESS_TOKEN}" ]]; then
|
|
echo "PW_MODE=service" >> "$GITHUB_ENV"
|
|
else
|
|
echo "PW_MODE=local" >> "$GITHUB_ENV"
|
|
fi
|
|
|
|
- name: Run E2E Tests (Playwright Service)
|
|
if: env.PW_MODE == 'service'
|
|
env:
|
|
PLAYWRIGHT_SERVICE_URL: ${{ secrets.PLAYWRIGHT_SERVICE_URL }}
|
|
PLAYWRIGHT_SERVICE_ACCESS_TOKEN: ${{ secrets.PLAYWRIGHT_SERVICE_ACCESS_TOKEN }}
|
|
CI: true
|
|
run: pnpm test-e2e:azure
|
|
|
|
- name: Run E2E Tests (Local)
|
|
if: env.PW_MODE == 'local'
|
|
env:
|
|
CI: true
|
|
run: |
|
|
pnpm test:e2e
|
|
|
|
- uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
|
|
if: always()
|
|
with:
|
|
name: playwright-report
|
|
path: playwright-report/
|
|
retention-days: 30
|
|
|
|
- uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
|
|
if: failure()
|
|
with:
|
|
name: app-logs
|
|
if-no-files-found: ignore
|
|
path: app.log
|
|
|
|
- name: Output App Logs
|
|
if: failure()
|
|
run: |
|
|
if [ -f app.log ]; then
|
|
cat app.log
|
|
else
|
|
echo "app.log not found because the Run App step did not execute or failed before log creation."
|
|
fi
|