akanealw
eec8c28fb3
Some checks failed
Go Benchmark / Performance Regression Check (push) Has been cancelled
Cerberus Integration / Cerberus Security Stack Integration (push) Has been cancelled
Upload Coverage to Codecov / Backend Codecov Upload (push) Has been cancelled
Upload Coverage to Codecov / Frontend Codecov Upload (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (go) (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Has been cancelled
CrowdSec Integration / CrowdSec Bouncer Integration (push) Has been cancelled
Docker Build, Publish & Test / build-and-push (push) Has been cancelled
Quality Checks / Auth Route Protection Contract (push) Has been cancelled
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Has been cancelled
Quality Checks / Backend (Go) (push) Has been cancelled
Quality Checks / Frontend (React) (push) Has been cancelled
Rate Limit integration / Rate Limiting Integration (push) Has been cancelled
Security Scan (PR) / Trivy Binary Scan (push) Has been cancelled
Supply Chain Verification (PR) / Verify Supply Chain (push) Has been cancelled
WAF integration / Coraza WAF Integration (push) Has been cancelled
Docker Build, Publish & Test / Security Scan PR Image (push) Has been cancelled
Repo Health Check / Repo health (push) Has been cancelled
History Rewrite Dry-Run / Dry-run preview for history rewrite (push) Has been cancelled
Prune Renovate Branches / prune (push) Has been cancelled
Renovate / renovate (push) Has been cancelled
Nightly Build & Package / sync-development-to-nightly (push) Has been cancelled
Nightly Build & Package / Trigger Nightly Validation Workflows (push) Has been cancelled
Nightly Build & Package / build-and-push-nightly (push) Has been cancelled
Nightly Build & Package / test-nightly-image (push) Has been cancelled
Nightly Build & Package / verify-nightly-supply-chain (push) Has been cancelled
Update GeoLite2 Checksum / update-checksum (push) Has been cancelled
Container Registry Prune / prune-ghcr (push) Has been cancelled
Container Registry Prune / prune-dockerhub (push) Has been cancelled
Container Registry Prune / summarize (push) Has been cancelled
1.9 KiB
Executable File
1.9 KiB
Executable File
CI Remediation Summary
Date: February 5, 2026 Task: Stabilize E2E testing pipeline and fix workflow timeouts.
Problem
The end-to-end (E2E) testing pipeline was experiencing significant instability, characterized by:
- Workflow Timeouts: Shard 4 was consistently timing out (>20 minutes), obstructing the CI process.
- Missing Dependencies: Security jobs for Firefox and WebKit were failing because they lacked the required Chromium dependency.
- Flaky Tests:
certificates.spec.tsfailed intermittently due to race conditions when ensuring either an empty state or a table was visible.crowdsec-import.spec.tsfailed due to transient locks on the backend API.
Solution
Workflow Optimization
- Shard Rebalancing: Reduced the number of shards from 4 to 3. This seemingly counter-intuitive move rebalanced the test load, preventing the specific bottlenecks that were causing Shard 4 to hang.
- Dependency Fix: Explicitly added the Chromium installation step to Firefox and WebKit security jobs to ensure all shared test utilities function correctly.
Test Logic Improvements
- Robust Empty State Detection: Replaced fragile boolean checks with Playwright's
.or()locator pattern.- Old:
isVisible().catch()(Bypassed auto-waits, led to race conditions) - New:
expect(locatorA.or(locatorB)).toBeVisible()(Leverages built-in retry logic)
- Old:
- Resilient API Retries: Implemented
.toPass()for the CrowdSec import test.- This allows the test to automatically retry the import request with exponential backoff if the backend is temporarily locked or busy, significantly reducing flakes.
Results
- Stability: The "Empty State OR Table" flake in certificates is resolved.
- Reliability: CrowdSec import tests now handle transient backend states gracefully.
- Performance: CI jobs now complete within the allocated time budget with balanced shards.