fix: resolve WAF integration failure and E2E ACL deadlock
Fix integration scripts using wget-style curl options after Alpine→Debian migration (PR #550). Add Playwright security test helpers to prevent ACL from blocking subsequent tests. Fix curl syntax in 5 scripts: -q -O- → -sf Create security-helpers.ts with state capture/restore Add emergency ACL reset to global-setup.ts Fix fixture reuse bug in security-dashboard.spec.ts Add security-helpers.md usage guide Resolves WAF workflow "httpbin backend failed to start" error
This commit is contained in:
GitHub Actions
@@ -4,10 +4,13 @@
|
||||
* This setup ensures a clean test environment by:
|
||||
* 1. Cleaning up any orphaned test data from previous runs
|
||||
* 2. Verifying the application is accessible
|
||||
* 3. Performing emergency ACL reset to prevent deadlock from previous failed runs
|
||||
*/
|
||||
|
||||
import { request } from '@playwright/test';
|
||||
import { existsSync } from 'fs';
|
||||
import { TestDataManager } from './utils/TestDataManager';
|
||||
import { STORAGE_STATE } from './constants';
|
||||
|
||||
/**
|
||||
* Get the base URL for the application
|
||||
@@ -83,6 +86,38 @@ async function globalSetup(): Promise<void> {
|
||||
} finally {
|
||||
await requestContext.dispose();
|
||||
}
|
||||
|
||||
// Emergency ACL reset to prevent deadlock from previous failed runs
|
||||
await emergencySecurityReset(baseURL);
|
||||
}
|
||||
|
||||
/**
|
||||
* Perform emergency security reset to disable ACL.
|
||||
* This prevents deadlock if a previous test run left ACL enabled.
|
||||
*/
|
||||
async function emergencySecurityReset(baseURL: string): Promise<void> {
|
||||
// Only run if auth state exists (meaning we can make authenticated requests)
|
||||
if (!existsSync(STORAGE_STATE)) {
|
||||
console.log('⏭️ Skipping security reset (no auth state file)');
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
const authenticatedContext = await request.newContext({
|
||||
baseURL,
|
||||
storageState: STORAGE_STATE,
|
||||
});
|
||||
|
||||
// Disable ACL to prevent deadlock from previous failed runs
|
||||
await authenticatedContext.post('/api/v1/settings', {
|
||||
data: { key: 'security.acl.enabled', value: 'false' },
|
||||
});
|
||||
|
||||
await authenticatedContext.dispose();
|
||||
console.log('✓ Security reset: ACL disabled');
|
||||
} catch (error) {
|
||||
console.warn('⚠️ Could not reset security state:', error);
|
||||
}
|
||||
}
|
||||
|
||||
export default globalSetup;
|
||||
|
||||
Reference in New Issue
Block a user