feat: e2e workflow, auth test (#3050)

Author: SkyeYoung

.devcontainer/devcontainer.json

@@ -50,7 +50,8 @@
         "lokalise.i18n-ally",
         "formulahendry.auto-close-tag",
         "formulahendry.auto-rename-tag",
-        "github.vscode-pull-request-github"
+        "github.vscode-pull-request-github",
+        "redhat.vscode-yaml"
       ]
     }
   }

.devcontainer/docker-compose.override.yml

@@ -0,0 +1,10 @@
+services:
+  apisix:
+    ports:
+      - '9180:9180/tcp'
+      - '9080:9080/tcp'
+      - '9091:9091/tcp'
+      - '9443:9443/tcp'
+  etcd:
+    ports:
+      - '2379:2379/tcp'

.devcontainer/docker-compose.yml

@@ -1,3 +1,7 @@
+include:
+  - path:
+    - ../e2e/server/docker-compose.common.yml
+    - docker-compose.override.yml
 services:
   apisix-dashboard:
     build:
@@ -11,40 +15,3 @@ services:
     ports:
       - '5173:5173'
       - '5174:5174'
-
-  apisix:
-    image: 'apache/apisix:3.12.0-debian'
-    restart: always
-    volumes:
-      - ./apisix_conf.yml:/usr/local/apisix/conf/config.yaml:ro
-    depends_on:
-      - etcd
-    ports:
-      - '9180:9180/tcp'
-      - '9080:9080/tcp'
-      - '9091:9091/tcp'
-      - '9443:9443/tcp'
-    networks:
-      - apisix
-
-  etcd:
-    image: bitnami/etcd:3.5
-    restart: always
-    volumes:
-      - etcd_data:/bitnami/etcd
-    environment:
-      ETCD_ENABLE_V2: 'true'
-      ALLOW_NONE_AUTHENTICATION: 'yes'
-      ETCD_ADVERTISE_CLIENT_URLS: 'http://etcd:2379'
-      ETCD_LISTEN_CLIENT_URLS: 'http://0.0.0.0:2379'
-    ports:
-      - '2379:2379/tcp'
-    networks:
-      - apisix
-
-networks:
-  apisix:
-    driver: bridge
-
-volumes:
-  etcd_data:

.github/workflows/e2e.yml

@@ -0,0 +1,94 @@
+name: Frontend e2e test
+
+on:
+  push:
+    branches:
+      - "**"
+  pull_request:
+    types: [labeled, synchronize]
+    branches:
+        - "**"
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  test:
+    if: ${{ contains(github.event.pull_request.labels.*.name, 'e2e-test') }}
+    timeout-minutes: 40
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Get PR Labels
+        id: get-labels
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const labels = context.payload.pull_request.labels.map(label => label.name);
+            core.setOutput("labels", labels.join(","));
+      - name: Set image label as environment variable
+        run: |
+          export LABELS=${{ steps.get-labels.outputs.labels }}
+          echo "LABELS=${LABELS}" >> $GITHUB_ENV
+        shell: bash
+
+      # ensure this in https://github.com/apache/infrastructure-actions/blob/main/actions.yml
+      - uses: pnpm/action-setup@v4
+        name: Install pnpm
+        with:
+          run_install: false
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+          cache: "pnpm"
+
+      - name: Install dependencies
+        run: |
+          pnpm install --frozen-lockfile
+
+      - name: Install Playwright Browsers
+        run: |
+          pnpm exec playwright install --with-deps
+
+      - name: Run e2e server
+        working-directory: ./e2e/server
+        run: |
+          docker compose up -d
+
+      - name: Waiting dashboard service to be healthy
+        working-directory: ./e2e/server
+        run: |
+          E2E_SERVER="dashboard-e2e"
+          TIMEOUT=30
+          timeout $TIMEOUT bash -c '
+            until [ "$(docker inspect --format="{{.State.Health.Status}}" $(docker compose ps -q '$E2E_SERVER'))" = "healthy" ]; do
+              echo "'$E2E_SERVER' is starting..."
+              sleep 5
+            done
+          ' || (echo "$E2E_SERVER not healthy after $TIMEOUT seconds" && exit 1)
+
+      - name: Run e2e tests
+        run: |
+          pnpm e2e
+
+      - uses: actions/upload-artifact@v4
+        if: ${{ !cancelled() }}
+        with:
+          name: test-results
+          path: apps/site-e2e/test-results/
+          retention-days: 7
+
+      - uses: actions/upload-artifact@v4
+        if: ${{ !cancelled() }}
+        with:
+          name: playwright-report
+          path: playwright-report/
+          retention-days: 7
+
+      - name: Print Components Logs
+        if: failure()
+        run: |
+          docker ps --format '{{.Names}}' | xargs -I{} bash -c "echo ================= {} ==================== &&  docker logs {} && echo ================= {} ===================="

.gitignore

@@ -24,3 +24,11 @@ dist-ssr
 *.sw?
 
 /.pnpm-store
+
+# Playwright
+/test-results/
+/playwright-report/
+/blob-report/
+/playwright/.cache/
+
+.eslintcache

e2e/auth.spec.ts

@@ -0,0 +1,67 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { expect } from '@playwright/test';
+import { test } from '@utils/test';
+
+import { getAPISIXConf } from './utils/common';
+
+// use empty storage state to avoid auth
+test.use({ storageState: { cookies: [], origins: [] } });
+
+test('can auth with admin key', { tag: '@auth' }, async ({ page }) => {
+  const settingsModal = page.getByRole('dialog', { name: 'Settings' });
+  const adminKeyInput = page.getByRole('textbox', { name: 'Admin Key' });
+  const failedMsg = page.getByText('failed to check token');
+
+  const checkSettingsModal = async () => {
+    await expect(failedMsg).toBeVisible();
+    await expect(settingsModal).toBeVisible();
+    await expect(page.getByText('UI Commit SHA')).toBeVisible();
+  };
+
+  await test.step('fill wrong admin key, settings modal always be visible', async () => {
+    await checkSettingsModal();
+
+    await expect(adminKeyInput).toBeEmpty();
+    await adminKeyInput.fill('wrong-admin-key');
+    await page
+      .getByRole('dialog', { name: 'Settings' })
+      .getByRole('button')
+      .click();
+
+    await page.reload();
+    await expect(failedMsg).toBeVisible();
+    await expect(settingsModal).toBeVisible();
+  });
+
+  await test.step('fill correct admin key, settings modal can be hidden', async () => {
+    await page.reload();
+    await checkSettingsModal();
+
+    const { adminKey } = await getAPISIXConf();
+    await adminKeyInput.clear();
+    await adminKeyInput.fill(adminKey);
+    await page
+      .getByRole('dialog', { name: 'Settings' })
+      .getByRole('button')
+      .click();
+
+    await page.reload();
+    await expect(failedMsg).toBeHidden();
+  });
+});

e2e/server/Dockerfile

@@ -0,0 +1,40 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+FROM node:22-alpine AS base
+
+# install deps
+FROM base AS deps
+WORKDIR /app
+COPY package.json pnpm-lock.yaml* ./
+RUN \
+  if [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm install; \
+  else echo 'Lockfile not found.' && exit 1; \
+  fi
+
+# build ui
+FROM base AS builder
+WORKDIR /app
+COPY --from=deps /app/node_modules ./node_modules
+COPY . .
+# we need git to get commit sha
+RUN apk add --no-cache git
+RUN corepack enable pnpm && pnpm build
+
+# serve ui
+FROM nginx:1.28.0-alpine-slim AS runner
+COPY --from=builder /app/dist /usr/share/nginx/html

.devcontainer/apisix_conf.yml renamed to e2e/server/apisix_conf.yml

@@ -0,0 +1,47 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+services:
+  apisix:
+    image: 'apache/apisix:3.12.0-debian'
+    restart: always
+    volumes:
+      - ./apisix_conf.yml:/usr/local/apisix/conf/config.yaml:ro
+    depends_on:
+      - etcd
+    networks:
+      - apisix
+
+  etcd:
+    image: bitnami/etcd:3.5
+    restart: always
+    volumes:
+      - etcd_data:/bitnami/etcd
+    environment:
+      ETCD_ENABLE_V2: 'true'
+      ALLOW_NONE_AUTHENTICATION: 'yes'
+      ETCD_ADVERTISE_CLIENT_URLS: 'http://etcd:2379'
+      ETCD_LISTEN_CLIENT_URLS: 'http://0.0.0.0:2379'
+    networks:
+      - apisix
+
+networks:
+  apisix:
+    driver: bridge
+
+volumes:
+  etcd_data:

e2e/server/docker-compose.common.yml

@@ -0,0 +1,46 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include:
+  - docker-compose.common.yml
+services:
+  dashboard-e2e:
+    build:
+      context: ../..
+      dockerfile: e2e/server/Dockerfile
+    volumes:
+      - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
+    networks:
+      - apisix
+    ports:
+      - '6174:6174'
+    depends_on:
+      - apisix
+    healthcheck:
+      test:
+        [
+          'CMD',
+          'wget',
+          '--quiet',
+          '--tries=1',
+          '--spider',
+          'http://127.0.0.1:6174/ui/',
+        ]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 10s