test(e2e): hotfix scenario suite part 2 - guards, rejoin, stacked, prod-gate#117
Merged
Conversation
Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
Record the post-merge env branch tip as hotfix_head in merge_pr so a scenario can reference an off-trunk commit as a patch. Add a stage_divergence step that rewrites an environment's divergence fields in the live manifest mid-scenario, and a new hotfix-containment scenario that exercises both the patch-containment failure path (expect_failure) and the force override at the e2e level. Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
When RunWorkflowFromRepo dispatches a workflow_dispatch event, act does not
reliably populate github.event.inputs from --input flags alone when
--detect-event is set and no event file carries an inputs key. Job-level if:
conditions that inspect github.event.inputs (such as the hotfix apply job's
dry_run guard) mis-evaluate and the job runs when it should be skipped.
Add dispatchInputsEventJSON and resolveEventJSON helpers so RunWorkflowFromRepo
automatically synthesizes a minimal {"inputs":{...}} event payload and writes it
via the existing writeEventFile/-e path when the event is workflow_dispatch and
inputs are present. Explicit opts.EventJSON always wins.
Add dry_run: true to hotfix scenarios (guards, containment, rejoin, stacked)
that were missing it so the apply job is gated correctly in each one.
Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
Drive the patch-containment failure and force-override paths through a targeted dev-to-test cascade promote so the diverged-source guard does not mask the containment check, and point hotfix-guards at the dedicated containment scenario. Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
A second hotfix_apply onto an env branch the first finalize already advanced via squash-merge branched from a stale env tip and replayed an already-merged change, so the push was rejected non-fast-forward. Abort any half-finished cherry-pick, force-refresh the env tracking ref, drop any stale local hotfix branch, and force-push the uniquely-named per-apply branch. Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
The finalize job checks out the triggering SHA, so on a workflow_dispatch run HEAD is detached. A bare git push then fails with exit 128 because no upstream tracking branch exists, which broke the rejoin leg of the hotfix-rejoin e2e scenario. Push HEAD explicitly to refs/heads/<trunk> resolved from GITHUB_REF, and capture combined output so the real git error surfaces in the workflow log. Real GitHub is unaffected: that path writes state through the Contents REST API, not plain git. Signed-off-by: Joshua Temple <joshua.temple@stablekernel.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
e2e/scenarios/hotfix/and run against the act/gitea stack viaTestMultiStepScenarios.Scenarios
hotfix-guards.yaml: After a full hotfix apply+merge+merged sequence divergestest, asserts that a default-mode cascade promotion fails (diverged-source guard) and that a force-input promotion proceeds. The cherry-pick creates a new SHA on env/test that is not in trunk history; the patch containment "missing patch" failure cannot be engineered with real linear git history, so the scenario centers on the deterministic diverged-source guard (documented inline).hotfix-rejoin.yaml: After divergingtestvia a hotfix, promotes a trunk SHA that contains the recorded patch intotest. Asserts thatenv/testis deleted (rejoin side effect) and thatdev/prodare unchanged. Manifest-level clearing ofref/base_sha/patchesis covered byinternal/promoteunit tests (the harness assertion surface skips empty-string ref expects perassert.go:242).hotfix-stacked.yaml: Two assertions in one scenario: (1) single-flight guard - dispatching a secondhotfix_planwhile the first hotfix PR is still open fails (expect_failure: true, Q4); (2) after the first hotfix finalizes, a second hotfix goes through a full cycle and itshotfix_mergedstep seespatches: [commit2, commit3]- both trunk SHAs stacked.hotfix-prod-gate.yaml: Generator-shape only. An initial commit on a 3-env config assertscascade-hotfix.yamlcontainsenvironment: ${{ needs.context.outputs.target_env }}and the expecteddeploy-*/rollback-*job markers, verifying each hotfix deploy/rollback job binds to the target environment. Notes that runtime protection-rule enforcement is real-GHA-only.Verification
go build ./...cleancd e2e && go vet ./...cleangolangci-lint run ./e2e/...cleancfa/dxe/delivery, no em dashes, no Co-Authored-By)