Files

Adolfo Delorenzo 27146c621d docs(09-03): complete Gitea Actions CI pipeline plan

- 09-03-SUMMARY.md: CI pipeline with 2-job fail-fast backend+portal
- STATE.md: advanced to 09-03 complete, added CI decisions
- ROADMAP.md: Phase 9 marked 3/3 plans complete
- REQUIREMENTS.md: QA-07 marked complete

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-25 22:53:43 -06:00

5.7 KiB

Raw Blame History

phase, plan, subsystem, tags, requires, provides, affects, tech-stack, key-files, key-decisions, patterns-established, requirements-completed, duration, completed

phase

plan

subsystem

tags

requires

provides

affects

tech-stack

key-files

key-decisions

patterns-established

requirements-completed

duration

completed

09-testing-qa

infra

gitea-actions

playwright

lighthouse

pytest

ruff

e2e

pipeline

phase	provides
09-testing-qa/09-01	Playwright E2E infrastructure, playwright.config.ts, 7 flow specs, fixtures, auth setup

phase	provides
09-testing-qa/09-02	visual regression specs, a11y scans, lighthouserc.json config

Gitea Actions CI pipeline (2-job fail-fast
backend → portal)

Automated backend linting (ruff check + ruff format --check) and pytest in CI

Automated portal build (Next.js standalone) + Playwright E2E + Lighthouse CI in CI

JUnit XML, HTML report, and Lighthouse artifacts uploaded per run

Credentials managed via Gitea secrets (never hardcoded)

CI/CD

beta launch readiness

quality gates

added

patterns

Gitea Actions (.gitea/workflows/ci.yml) — CI pipeline runner

pgvector/pgvector:pg16 service container — CI DB with vector extension

redis:7-alpine service container — CI cache/pubsub

@lhci/cli — Lighthouse CI score assertions (already in portal devDeps)

Fail-fast pipeline: portal job needs backend — backend failures block E2E before spinning up portal

Service containers with health checks — postgres pg_isready + redis-cli ping before job starts

Standalone Next.js build in CI — cp -r .next/static + public into .next/standalone for self-hosted start

Secrets pattern — all credentials via ${{ secrets.* }}, never hardcoded in YAML

always() artifact uploads — test reports uploaded even on failure for debugging

created

modified

.gitea/workflows/ci.yml

No mypy --strict step in CI — existing codebase may not be fully strict-typed; ruff lint is sufficient gate for now

seed_admin call uses || true — may not exist in all environments; E2E auth setup handles user creation via login form

LLM_POOL_URL set to http://localhost:8004 in portal job — consistent with shared/config.py default

Browser install uses --with-deps chromium firefox webkit — installs OS dependencies for headful/headless rendering

Pattern 1: Backend job runs first, portal job depends on it — fail-fast prevents E2E overhead when backend is broken

Pattern 2: Service health checks with pg_isready and redis-cli ping — job steps only start when services are healthy

Pattern 3: Artifacts uploaded with always() condition — reports available for debugging even on test failure

QA-07

3min

2026-03-26

Phase 9 Plan 03: CI Pipeline Summary

Gitea Actions CI pipeline with 2-job fail-fast (backend lint+pytest gates portal E2E+Lighthouse) — all test artifacts uploaded as JUnit XML, HTML, and Lighthouse JSON

Performance

Duration: 3 min
Started: 2026-03-26T04:40:00Z
Completed: 2026-03-26T04:50:52Z
Tasks: 1 (+ 1 pre-approved checkpoint)
Files modified: 1

Accomplishments

Two-job Gitea Actions pipeline: backend (lint + pytest) → portal (build + E2E + Lighthouse), enforcing fail-fast ordering
Backend job runs ruff check, ruff format --check, and pytest with JUnit XML output
Portal job builds Next.js standalone, installs Playwright browsers, starts gateway, runs E2E flows + accessibility + Lighthouse CI
All credentials (AUTH_SECRET, E2E_* users) sourced from Gitea secrets — never hardcoded
Three artifact uploads with if: always(): playwright-report (HTML), playwright-junit (XML), lighthouse-report (JSON)

Task Commits

Each task was committed atomically:

Task 1: Create Gitea Actions CI workflow - 542ac51 (feat)

Plan metadata: (created in this session)

Files Created/Modified

.gitea/workflows/ci.yml — Full 2-job CI pipeline: backend tests (ruff + pytest) and portal E2E (Playwright + Lighthouse CI)

Decisions Made

No mypy --strict step — existing codebase may have type gaps; ruff lint is the CI gate for now (can add mypy incrementally)
seed_admin call wrapped in || true — function may not exist in all DB states; test users are created by E2E auth setup via the login form
Browser install includes --with-deps for all three engines — required for OS-level font/rendering dependencies in CI containers

Deviations from Plan

None — plan executed exactly as written. CI file matched all specifications: 2 jobs, fail-fast ordering, correct service containers, secrets-based credentials, artifact uploads, lint/pytest/E2E/Lighthouse steps.

Issues Encountered

None.

User Setup Required

Before CI pipeline runs in Gitea, add these repository secrets at git.oe74.net under Settings → Secrets:

Secret	Description
`AUTH_SECRET`	Next.js Auth.js secret (same as local .env)
`E2E_ADMIN_EMAIL`	Platform admin email for E2E tests
`E2E_ADMIN_PASSWORD`	Platform admin password
`E2E_CADMIN_EMAIL`	Customer admin email
`E2E_CADMIN_PASSWORD`	Customer admin password
`E2E_OPERATOR_EMAIL`	Customer operator email
`E2E_OPERATOR_PASSWORD`	Customer operator password

These users must exist in the database (seeded via seed_admin or manual migration).

Next Phase Readiness

CI pipeline is complete — pushing to main or opening a PR will trigger the full test suite automatically
Backend lint and pytest failures will block portal E2E from running (fail-fast enforced)
All QA requirements (QA-01 through QA-07) are now covered by automated infrastructure
Phase 9 is complete — project is beta-launch ready from a quality infrastructure standpoint

Phase: 09-testing-qa Completed: 2026-03-26

5.7 KiB Raw Blame History