Skip to content

refactor(e2e): reduce the briklab E2E suite to orchestrator parity + real deploy#15

Merged
jeanjerome merged 11 commits into
mainfrom
refactor/reduce-e2e-suites
Jun 2, 2026
Merged

refactor(e2e): reduce the briklab E2E suite to orchestrator parity + real deploy#15
jeanjerome merged 11 commits into
mainfrom
refactor/reduce-e2e-suites

Conversation

@jeanjerome
Copy link
Copy Markdown
Member

@jeanjerome jeanjerome commented Jun 2, 2026

Summary

Trims and consolidates the briklab E2E suite. The per-stack and *-minimal
test-projects whose behavior is now covered by brik's notion-based L0 unit
contracts (shipped in getbrik/brik#23) are removed, leaving a focused set of
scenarios that exercise real orchestrator behavior (GitLab + Jenkins) and
real deploy/rollback rather than re-testing stack mechanics. Adds a
self-healing preflight, a stub-image mode, and registry-derived runner images.

(~276 files, +1.5k / -24k -- almost entirely deletions of redundant
test-projects; the runtime/CLI surface shrinks accordingly.)

E2E scope reduction

  • Reduce the E2E suites to orchestrator parity + real deploy (3cd325c).
  • Drop spec-covered test-projects and their wiring -- python-minimal, rust-complete, rust-minimal, etc. -- whose coverage now lives in brik's spec/ L0/unit contracts (4ad9564).
  • Add a node-full-stub scenario to the GitLab and Jenkins suites (09e25cb).

Scripts / preflight

  • Self-healing E2E preflight, stub mode, and registry-derived runner images (92ebe35).
  • Pre-register Jenkins build params when ci_vars are set (6864ef2).
  • Document the consolidated CLI and self-healing preflight (03f352d).

Fixtures

  • Gate node-full-cve on its medium CVE via security.severity_threshold: medium (d60c29f) -- pairs with the brik#23 change that makes the dependency scan honor the severity policy (a medium CVE under the default high floor is correctly ignored, so the fixture must opt into medium to prove CVE gating).
  • Bump node-complete jest-junit to 17 to clear the uuid advisory (e8e0bb9).

Docs

  • Reposition the README around the reduced E2E scope (5623847); remove superseded e2e validation notes and dead references to e2e-known-issues.md (c201321, 082e723).

Test plan

  • Full E2E suite on the live briklab lab (2026-06-02): GitLab 7/7 (node-full, node-deploy-gitops, node-plan-tag, node-full-cve, workflow-trunk-main, node-deploy-rollback, workflow-trunk-tag) + Jenkins 2/2 (node-full, node-complete).

Notes

jeanjerome added 11 commits May 29, 2026 12:27
@jeanjerome
refactor: reduce E2E suites to orchestrator parity and real deploy
3cd325c 
Per-stage, per-stack, planner and findings behavior is now covered by the brik
repo's contract/unit/integration suites and brik-images smoke tests, so the
GitLab and Jenkins E2E suites only keep the scenarios that need a live
orchestrator or real deploy infrastructure:

- GitLab: node-full (parity), node-deploy-gitops, node-deploy-rollback.
- Jenkins: node-full, node-complete (parity).
@jeanjerome
docs: reposition the README around the reduced E2E scope
5623847 
The lab now validates orchestrator parity and real ArgoCD/GitOps deploy and
rollback rather than the full fixture matrix. Update the tagline, badge,
rationale, feature sections, scenario tables and command list accordingly.
@jeanjerome
fix(e2e): bump node-complete jest-junit to 17 to clear the uuid advisory
e8e0bb9 
jest-junit@16 pulled a vulnerable uuid (<11.1.1, GHSA-w5hq-g745-h8pq), which
made the node-complete deps scan fail with exit 10. Bump to jest-junit@17 and
regenerate the lockfile; npm audit reports zero vulnerabilities again.
@jeanjerome
fix(e2e): pre-register Jenkins params when ci_vars are set
6864ef2 
trigger_build only pre-registered job parameters when the job had none,
but casc seeds node-full with BRIK_DRY_RUN and BRIK_TAG, so the gate
never fired and Jenkins silently dropped the undeclared
BRIK_RUNNER_CLASSES_FILE and BRIK_WITH_DEPLOY from buildWithParameters.
Pre-register whenever ci_vars are requested; pre_register_params merges
only the missing parameters and is a no-op otherwise.
@jeanjerome
test(e2e): add node-full-stub scenario to the gitlab and jenkins suites
09e25cb 
Exercises the full shared-library workflow (context, planner, gates,
needs, image parity) on the real orchestrator with every stage pinned to
the single brik-runner-stub image via BRIK_RUNNER_CLASSES_FILE, without
pulling the heavy stack images. GitLab passes an absolute override path;
Jenkins passes a path relative to the brik library root (resolved per
stage container against brikHome).
@jeanjerome
docs: remove superseded e2e validation notes
c201321 
The 2026-05-20 validation campaign, the v0.6.0 validation writeup, and
the standalone known-issues file are obsolete after the e2e suite
reduction. Living e2e status is tracked with the suites themselves.
@jeanjerome
refactor(e2e): drop dead references to removed e2e-known-issues.md
082e723 
The tag.gpgsign trap is already explained inline at each call site; the
pointers to the deleted doc are now dead. Drop them and reference the
e2e.git.tag header instead.
@jeanjerome
feat(scripts): self-healing E2E preflight, stub mode, registry-derive…
92ebe35 
…d images

Decompose briklab.sh into a thin dispatcher plus lib/cli modules
(lifecycle, setup, test, reset). Add a readiness gate: pure predicates
(checks.sh) composed by preflight.sh, covering PAT, Nexus, ArgoCD,
k3d node and application-controller health. With --fix the gate heals
each failure (recovery.sh: regenerate token, restart a NotReady node,
reschedule a stranded controller) and re-verifies; test runs it by
default so a deploy run no longer hangs on a bad-state lab.

Derive the runner-image pre-pull set from briks registry instead of a
hardcoded mirror. Add --stub to run any scenario on the single stub
image. Deduplicate the PAT/token probes so verify_* and the ensure_*
fast paths share one implementation. Remove the dead jenkins_reload_casc.
@jeanjerome
test(e2e): drop spec-covered test-projects and their wiring
4ad9564 
Remove 28 test-projects whose per-stage and per-stack behaviour is now
covered by brik/spec, keeping only fixtures that need a live
orchestrator or real infrastructure (full pipeline, gitops, rollback,
promote-on-tag, CVE scan gating, trunk workflow). Drop their Jenkins
CasC jobs and prune the reset repo list to match the surviving set.
@jeanjerome
docs(briklab): document consolidated CLI and self-healing preflight
03f352d 
Update the README CLI tables and feature notes for preflight,
--fix/--no-repair/--stub and the self-heal behaviour; refresh the
architecture module tree for the thin dispatcher, lib/cli and the new
lib/{checks,preflight,recovery,runner-images} modules; add the E2E
coverage map (stage/feature -> brik/spec vs live scenario).
@jeanjerome
test: gate node-full-cve on its medium CVE via severity_threshold
d60c29f 
The fixture's vulnerable dependency (brace-expansion, GHSA-jxxr-4gwj-5jf2) is
rated medium, but the default gating floor is high, so the dependency scan now
correctly passes it as below-threshold. Set severity_threshold: medium so the
scan gates on it and fails, restoring this project's purpose of proving CVE
gating.
@jeanjerome jeanjerome self-assigned this Jun 2, 2026
@jeanjerome jeanjerome merged commit d8dfaf2 into main Jun 2, 2026
2 checks passed
@jeanjerome jeanjerome deleted the refactor/reduce-e2e-suites branch June 2, 2026 20:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jeanjerome jeanjerome

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jeanjerome