# Triggers after the layered build has finished, taking the artifact and running cypress on it # # Also called by a workflow in matrix-js-sdk. # name: Cypress End to End Tests on: workflow_run: workflows: ["Element Web - Build"] types: - completed # support calls from other workflows workflow_call: inputs: react-sdk-repository: type: string required: true description: "The name of the github repository to check out and build." secrets: KNAPSACK_PRO_TEST_SUITE_TOKEN_CYPRESS_RUST: required: true KNAPSACK_PRO_TEST_SUITE_TOKEN_CYPRESS_LEGACY: required: true TCMS_USERNAME: required: true TCMS_PASSWORD: required: true concurrency: group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.run_id }} cancel-in-progress: ${{ github.event.workflow_run.event == 'pull_request' }} jobs: prepare: name: Prepare if: github.event.workflow_run.conclusion == 'success' runs-on: ubuntu-latest permissions: actions: read issues: read statuses: write pull-requests: read outputs: uuid: ${{ steps.uuid.outputs.value }} pr_id: ${{ steps.prdetails.outputs.pr_id }} percy_enable: ${{ steps.percy.outputs.value || '0' }} steps: # We create the status here and then update it to success/failure in the `report` stage # This provides an easy link to this workflow_run from the PR before Cypress is done. - uses: Sibz/github-status-action@071b5370da85afbb16637d6eed8524a06bc2053e # v1 with: authToken: ${{ secrets.GITHUB_TOKEN }} state: pending context: ${{ github.workflow }} / cypress sha: ${{ github.event.workflow_run.head_sha }} target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} - id: prdetails if: github.event.workflow_run.event == 'pull_request' || github.event.workflow_run.event == 'merge_group' uses: matrix-org/pr-details-action@v1.3 with: owner: ${{ github.event.workflow_run.head_repository.owner.login }} branch: ${{ github.event.workflow_run.head_branch }} # Percy is disabled while we're figuring out https://github.com/vector-im/wat-internal/issues/36 # and https://github.com/vector-im/wat-internal/issues/56. We're hoping to turn it back on or switch # to an alternative in the future. # # Only run Percy when it is demanded or we are running the daily build # - name: Enable Percy # id: percy # if: | # github.event.workflow_run.event == 'schedule' || # ( # github.event.workflow_run.event == 'merge_group' && # contains(fromJSON(steps.prdetails.outputs.data).labels.*.name, 'X-Needs-Percy') # ) # run: echo "value=1" >> $GITHUB_OUTPUT - name: Generate unique ID 💎 id: uuid run: echo "value=sha-$GITHUB_SHA-time-$(date +"%s")" >> $GITHUB_OUTPUT tests: name: "Run Tests (${{ matrix.crypto }} crypto)" needs: prepare runs-on: ubuntu-latest permissions: actions: read issues: read pull-requests: read environment: Cypress strategy: fail-fast: false matrix: # Run tests using both crypto stacks crypto: [legacy, rust] ci_node_total: [3] ci_node_index: [0, 1, 2] steps: # The version of chrome shipped by default may not be consistent across runners # so we explicitly use a specific version of chrome here. - uses: browser-actions/setup-chrome@803ef6dfb4fdf22089c9563225d95e4a515820a0 # v1 - run: echo "BROWSER_PATH=$(which chrome)" >> $GITHUB_ENV # There's a 'download artifact' action, but it hasn't been updated for the workflow_run action # (https://github.com/actions/download-artifact/issues/60) so instead we get this mess: - name: 📥 Download artifact uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2 with: run_id: ${{ github.event.workflow_run.id }} name: previewbuild path: webapp # The workflow_run.head_sha is the sha of the head commit but the element-web was built using a simulated # merge commit - https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request # so use the sha from the tarball for the checkout of the cypress tests # to make sure we get a matching set of code and tests. - name: Grab sha from webapp id: sha run: | echo "sha=$(cat webapp/sha)" >> $GITHUB_OUTPUT - uses: actions/checkout@v4 with: # XXX: We're checking out untrusted code in a secure context # We need to be careful to not trust anything this code outputs/may do # # Note that (in the absence of a `react-sdk-repository` input), # we check out from the default repository, which is (for this workflow) the # *target* repository for the pull request. # ref: ${{ steps.sha.outputs.sha }} persist-credentials: false path: matrix-react-sdk repository: ${{ inputs.react-sdk-repository || github.repository }} # Enable rust crypto if the calling workflow requests it - name: Enable rust crypto if: matrix.crypto == 'rust' run: | echo "CYPRESS_RUST_CRYPTO=1" >> "$GITHUB_ENV" - name: Run Cypress tests via knapsack pro uses: cypress-io/github-action@ebe8b24c4428922d0f793a5c4c96853a633180e3 # v6.6.0 with: working-directory: matrix-react-sdk headed: true start: npx serve -p 8080 -L ../webapp wait-on: "http://localhost:8080" record: false parallel: false # The built-in Electron runner seems to grind to a halt trying to run the tests, so use chrome. command: yarn percy exec --parallel -- npx knapsack-pro-cypress --config trashAssetsBeforeRuns=false --browser ${{ env.BROWSER_PATH }} env: # Knapsack token and config KNAPSACK_PRO_TEST_SUITE_TOKEN_CYPRESS: ${{ matrix.crypto == 'rust' && secrets.KNAPSACK_PRO_TEST_SUITE_TOKEN_CYPRESS_RUST || secrets.KNAPSACK_PRO_TEST_SUITE_TOKEN_CYPRESS_LEGACY }} KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }} KNAPSACK_PRO_CI_NODE_INDEX: ${{ matrix.ci_node_index }} KNAPSACK_PRO_TEST_FILE_PATTERN: cypress/e2e/**/*.spec.ts KNAPSACK_PRO_BRANCH: ${{ github.event.workflow_run.head_branch }} KNAPSACK_PRO_COMMIT_HASH: ${{ github.event.workflow_run.head_sha }} # Use existing chromium rather than downloading another PUPPETEER_SKIP_CHROMIUM_DOWNLOAD: true # pass GitHub token to allow accurately detecting a build vs a re-run build GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # make Node's os.tmpdir() return something where we actually have permissions TMPDIR: ${{ runner.temp }} # pass the Percy token as an environment variable PERCY_TOKEN: ${{ secrets.PERCY_TOKEN }} # only run percy on legacy crypto (for now) PERCY_ENABLE: ${{ matrix.crypto == 'legacy' && needs.prepare.outputs.percy_enable || 0 }} PERCY_BROWSER_EXECUTABLE: ${{ steps.setup-chrome.outputs.chrome-path }} # tell Percy more details about the context of this run PERCY_BRANCH: ${{ github.event.workflow_run.head_branch }} PERCY_COMMIT: ${{ github.event.workflow_run.head_sha }} PERCY_PULL_REQUEST: ${{ needs.prepare.outputs.pr_id }} PERCY_PARALLEL_NONCE: ${{ needs.prepare.outputs.uuid }} # We manually finalize the build in the report stage PERCY_PARALLEL_TOTAL: -1 - name: 📤 Upload results artifact if: failure() uses: actions/upload-artifact@v3 with: name: cypress-results-${{ matrix.crypto }}-crypto path: | matrix-react-sdk/cypress/screenshots matrix-react-sdk/cypress/videos matrix-react-sdk/cypress/synapselogs matrix-react-sdk/cypress/results/cypresslogs report: name: Finalize results needs: - prepare - tests runs-on: ubuntu-latest if: always() permissions: statuses: write steps: - name: Finalize Percy if: needs.prepare.outputs.percy_enable == '1' run: npx -p @percy/cli percy build:finalize env: PERCY_TOKEN: ${{ secrets.PERCY_TOKEN }} PERCY_PARALLEL_NONCE: ${{ needs.prepare.outputs.uuid }} - name: Skip Percy required check if: needs.prepare.outputs.percy_enable != '1' uses: Sibz/github-status-action@071b5370da85afbb16637d6eed8524a06bc2053e # v1 with: authToken: ${{ secrets.GITHUB_TOKEN }} state: success description: Percy skipped context: percy/matrix-react-sdk sha: ${{ github.event.workflow_run.head_sha }} target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} - uses: Sibz/github-status-action@071b5370da85afbb16637d6eed8524a06bc2053e # v1 with: authToken: ${{ secrets.GITHUB_TOKEN }} state: ${{ needs.tests.result == 'success' && 'success' || 'failure' }} context: ${{ github.workflow }} / cypress sha: ${{ github.event.workflow_run.head_sha }} target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}