fix(ci): More refactoring

trezor · Mar 6, 2025 · 35d5e8e · 35d5e8e
1 parent 4575b0c
commit 35d5e8e
Show file tree

Hide file tree

Showing 6 changed files with 53 additions and 79 deletions.
diff --git a/.github/actions/build-web/action.yml b/.github/actions/build-web/action.yml
@@ -1,5 +1,5 @@
-name: 'Build and Upload Suite Web'
-description: 'Builds the Trezor Suite Web app and uploads it to S3'
+name: 'Build and Upload Suite Web app'
+description: 'Builds the Trezor Suite Web app and uploads it to S3 for e2e testing.'
 inputs:
   aws-role:
     description: 'AWS IAM role to assume'

diff --git a/.github/actions/run-e2e-web-tests/action.yml b/.github/actions/run-e2e-web-tests/action.yml
@@ -1,12 +1,22 @@
 name: 'Run Playwright E2E Web Tests'
 description: 'Runs Playwright E2E tests with Docker and uploads logs'
 inputs:
+  project: 
+    description: 'Playwright project name. (web|desktop)'
+    required: true
   containers:
     description: 'Docker containers to pull'
     required: true
   test-group:
     description: 'Test group to run'
     required: true
+  additional-grep:
+    description: 'Additional grep for PW tests. Use regexp groups with positive lookahead. Example: (?=.*@webOnly)'
+    default: ''
+    required: false
+  currents-project-id:
+    description: 'Currents project ID for reporting'
+    required: true
   currents-record-key:
     description: 'Currents record key for reporting'
     required: true
@@ -21,38 +31,51 @@ runs:
       shell: bash
       run: |
         echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_ENV
+    
+    # Electron requires unprivileged user namespaces to function properly. 
+    # Disabling this security rule allows Electron to create sandboxed processes
+    # without requiring elevated privileges, which is essential for running the application.
+    # This is workaround until electron builder solves this issue in future release.
+    - name: Disable security rule 'Restricted unprivileged user namespaces'
+      if: ${{ inputs.project == 'desktop' }}
+      shell: bash
+      run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
 
     - name: Setup Node.js
       uses: actions/setup-node@v4
       with:
         node-version-file: ".nvmrc"
         cache: yarn
 
-    - name: Install Dependencies & Pull Docker Images
+    - name: Install PW Dependencies
+      if: ${{ inputs.project == 'web' }}
       shell: bash
-      env:
-        COMPOSE_FILE: ./docker/docker-compose.suite-ci-pw.yml
       run: |
         echo -e "\nenableScripts: false" >> .yarnrc.yml
         echo -e "\nenableHardenedMode: false" >> .yarnrc.yml
         yarn workspaces focus @trezor/suite-desktop-core
         npx playwright install --with-deps
-        docker compose pull ${{ inputs.containers }}
+    
+    - name: Pull Docker Images
+      shell: bash
+      env:
+        COMPOSE_FILE: ./docker/docker-compose.suite-ci-e2e.yml
+      run: docker compose pull ${{ inputs.containers }}
 
-    - name: Run Playwright E2E Web Tests
+    - name: Run Playwright E2E Tests
       shell: bash
       env:
-        COMPOSE_FILE: ./docker/docker-compose.suite-ci-pw.yml
+        COMPOSE_FILE: ./docker/docker-compose.suite-ci-e2e.yml
         BASE_URL: https://dev.suite.sldev.cz/suite-web/${{ env.branch }}/web/
         GITHUB_ACTION: true
-        CURRENTS_PROJECT_ID: Og0NOQ
+        CURRENTS_PROJECT_ID: ${{ inputs.currents-project-id }}
         CURRENTS_RECORD_KEY: ${{ inputs.currents-record-key }}
         CURRENTS_CI_BUILD_ID: pr-run-${{ github.run_id }}
         PASSPHRASE: ${{ inputs.e2e-passphrase }}
       run: |
         docker compose up -d trezor-user-env-unix
-        echo "Starting Playwright Web test group ${{ inputs.test-group }}"
-        yarn workspace @trezor/suite-desktop-core test:e2e:web --forbid-only --grep="(?=.*${{ inputs.test-group }})(?=.*@webOnly)"
+        echo "Starting Playwright project ${{ inputs.project }} for test group ${{ inputs.test-group }}"
+        yarn workspace @trezor/suite-desktop-core test:e2e:${{ inputs.project }} --forbid-only --grep="(?=.*${{ inputs.test-group }})${{ inputs.additional-grep }}" 
     
     - name: Extract and Upload Logs
       if: ${{ !cancelled() }}
@@ -63,5 +86,5 @@ runs:
     - name: Docker Compose Down
       shell: bash
       env:
-        COMPOSE_FILE: ./docker/docker-compose.suite-ci-pw.yml
+        COMPOSE_FILE: ./docker/docker-compose.suite-ci-e2e.yml
       run: docker compose down
diff --git a/.github/workflows/test-suite-desktop-e2e.yml b/.github/workflows/test-suite-desktop-e2e.yml
@@ -27,7 +27,7 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  run-desktop-tests:
+  run-e2e-suite-desktop-tests:
     if: github.repository == 'trezor/trezor-suite'
     runs-on: ubuntu-24.04
     strategy:
@@ -50,7 +50,11 @@ jobs:
           #   CONTAINERS: "trezor-user-env-unix bitcoin-regtest"
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
       - name: Check previous runs
         id: check-previous-runs
         if: github.event_name == 'pull_request' && github.run_attempt == 1
@@ -63,66 +67,24 @@ jobs:
           workflow_name: ${{ github.workflow }}
           job_name: "${{ github.job }} (${{ join(matrix.*, ', ') }})"
 
-      # Electron requires unprivileged user namespaces to function properly. 
-      # Disabling this security rule allows Electron to create sandboxed processes
-      # without requiring elevated privileges, which is essential for running the application.
-      # This is workaround until electron builder solves this issue in future release.
-      - name: Disable security rule 'Restricted unprivileged user namespaces'
-        if: steps.check-previous-runs.outputs.skip_tests != 'true'
-        run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
-
-      - name: Checkout
-        if: steps.check-previous-runs.outputs.skip_tests != 'true'
-        uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-
       - name: Setup node
         if: steps.check-previous-runs.outputs.skip_tests != 'true'
         uses: actions/setup-node@v4
         with:
           node-version-file: ".nvmrc"
           cache: yarn
 
-      - name: Install dependencies, build libs and pull docker images
-        if: steps.check-previous-runs.outputs.skip_tests != 'true'
-        env:
-          COMPOSE_FILE: ./docker/docker-compose.suite-desktop-ci.yml
-        run: |
-          yarn install --immutable
-          yarn message-system-sign-config
-          yarn workspace @trezor/suite-data build:lib
-          yarn workspace @trezor/transport-bridge build:lib
-          docker compose pull  ${{ matrix.CONTAINERS }}
-
-      - name: Build electron app.js for tests
+      - name: Build desktop app
         if: steps.check-previous-runs.outputs.skip_tests != 'true'
-        run: |
-          yarn workspace @trezor/suite-desktop build:app
-          yarn workspace @trezor/suite-desktop build:ui
+        uses: ./.github/actions/build-electron
 
-      - name: Run Playwright e2e desktop tests
+      - name: Run Playwright E2E Tests
         if: steps.check-previous-runs.outputs.skip_tests != 'true'
-        env:
-          COMPOSE_FILE: ./docker/docker-compose.suite-desktop-ci.yml
-          GITHUB_ACTION: true
-          CURRENTS_PROJECT_ID: 4ytF0E
-          CURRENTS_RECORD_KEY: ${{ secrets.CURRENTS_RECORD_KEY }}
-          CURRENTS_CI_BUILD_ID: pr-run-${{github.run_id}}
-        run: |
-          docker compose up -d ${{ matrix.CONTAINERS }}
-          echo "Starting Playwright Desktop test group ${{ matrix.TEST_GROUP }}"
-          yarn workspace @trezor/suite-desktop-core test:e2e:desktop --forbid-only --grep=${{ matrix.TEST_GROUP }}
-
-      - name: Extract and Upload Logs
-        if: ${{ !cancelled() }}
-        uses: ./.github/actions/upload-test-logs
+        uses: ./.github/actions/run-e2e-web-tests
         with:
+          project: 'desktop'
+          containers: ${{ matrix.CONTAINERS }}
           test-group: ${{ matrix.TEST_GROUP }}
-
-      - name: Docker compose down
-        if: steps.check-previous-runs.outputs.skip_tests != 'true'
-        env:
-          COMPOSE_FILE: ./docker/docker-compose.suite-desktop-ci.yml
-        run: docker compose down
-
+          currents-project-id: '4ytF0E'
+          currents-record-key: ${{ secrets.CURRENTS_RECORD_KEY }}
+          e2e-passphrase: ${{ secrets.E2E_TEST_PASSPHRASE }} 
diff --git a/.github/workflows/test-suite-web-e2e-pw.yml b/.github/workflows/test-suite-web-e2e-pw.yml
@@ -61,7 +61,7 @@ jobs:
           aws-role: arn:aws:iam::538326561891:role/gh_actions_trezor_suite_dev_deploy
           aws-region: "eu-central-1"
 
-  e2e-test-suite-web:
+  run-e2e-suite-web-tests:
     if: github.repository == 'trezor/trezor-suite'
     runs-on: ubuntu-latest
     needs:
@@ -110,5 +110,7 @@ jobs:
         with:
           containers: ${{ matrix.CONTAINERS }}
           test-group: ${{ matrix.TEST_GROUP }}
+          additional-grep: '(?=.*@webOnly)'
+          currents-project-id: 'Og0NOQ'
           currents-record-key: ${{ secrets.CURRENTS_RECORD_KEY }}
           e2e-passphrase: ${{ secrets.E2E_TEST_PASSPHRASE }}
diff --git a/docker/docker-compose.suite-ci-pw.yml → docker/docker-compose.suite-ci-e2e.yml b/docker/docker-compose.suite-ci-pw.yml → docker/docker-compose.suite-ci-e2e.yml
diff --git a/docker/docker-compose.suite-desktop-ci.yml b/docker/docker-compose.suite-desktop-ci.yml