azaion/ui
1
0
Fork 0
mirror of https://github.com/azaion/ui.git synced 2026-06-21 20:31:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
401f43d845d875ee8c90e1fd95abb7db52f98323
ui/e2e/tests/prod_image_nginx_ram.e2e.ts
T
Oleksandr Bezdieniezhnykh f2451944fd [AZ-474] [AZ-480] Batch 8 - tile-split + nginx/image static checks (Phase A close) 
- AZ-474 tile-split + YOLO parser + auto-zoom + indicator +
  malformed (FT-P-51..55, FT-N-10): 13 fast (6 it.fails for
  AC-1..6 + 7 controls) + 2 e2e (test.fail for FT-P-51 +
  FT-P-53). The split surface is QUARANTINED today (D11) —
  no Split-tile button, no parser, no <TileViewer>; all 6
  ACs are documented drift, every it.fails paired with a
  control PASS pinning current behaviour.
- AZ-480 prod image + nginx routing + RAM (NFT-RES-LIM-02
  /03/08/09/10): 4 new static checks promoted into the
  per-commit profile (STC-RES02 500M cap, STC-RES03
  Dockerfile final-stage nginx:alpine no Node, STC-RES09
  exactly 9 /api/* location blocks, STC-RES10 prefix-strip
  on every route). 3 e2e (docker-no-Node probe, runtime
  prefix-strip, long-running RAM soak — all gated on docker
  availability + image build; RAM soak also on
  RUN_LONG_RUNNING=1).

Phase A — One-time baseline setup is now COMPLETE. The
todo/ directory is empty after this batch's archival.
Cumulative review for batches 07-08 is the next autodev
action; after that, Step 7 (Run Tests) auto-chains.

Code review: PASS (0 findings). Fast: 26/26 files, 163
passed / 13 skipped. Static: 29/29 PASS (incl. 4 new
STC-RES* gates).

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-11 06:12:29 +03:00

194 lines
7.0 KiB
TypeScript
Raw Blame History

import { test, expect } from '@playwright/test'
// AZ-480 — e2e companion for the production-image runtime contracts.
//
// AC-2 (NFT-RES-LIM-03) — `nginx:alpine` final stage; `which node` returns
// non-zero inside the running container.
// AC-3 (NFT-RES-LIM-08) — steady-state RAM ≤ 200 MB after 5 min of idle
// traffic (documentary baseline per
// resource-limit-tests.md row 121).
// AC-5 (NFT-RES-LIM-10) — each /api/<S>/ route strips its prefix; verified
// against the running nginx by issuing a request
// to /api/<S>/probe and asserting the upstream
// sees `/probe`.
//
// These tests run the prod image directly via the Playwright host's docker
// socket. They are skipped on hosts without docker access (developer macOS
// with Docker Desktop is fine; CI runners without DinD will skip with a
// clear message).
//
// AC-3 is gated behind `RUN_LONG_RUNNING=1` because 5 min of idle traffic
// against a fresh container is not appropriate for the per-PR e2e lane.
import { exec as execCb } from 'node:child_process'
import { promisify } from 'node:util'
const exec = promisify(execCb)
const IMAGE = process.env.AZAION_UI_IMAGE ?? 'azaion/ui:test'
const RAM_BUDGET_MB = 200
const RAM_SAMPLE_INTERVAL_MS = 10_000
const RAM_SOAK_TOTAL_MS = 5 * 60 * 1000
async function dockerAvailable(): Promise<boolean> {
try {
await exec('docker version --format "{{.Server.Version}}"', { timeout: 5_000 })
return true
} catch {
return false
}
}
async function imageExists(image: string): Promise<boolean> {
try {
await exec(`docker image inspect ${image}`, { timeout: 5_000 })
return true
} catch {
return false
}
}
async function startContainer(): Promise<string> {
const { stdout } = await exec(
`docker run -d --rm -p 0:80 ${IMAGE}`,
{ timeout: 15_000 },
)
return stdout.trim()
}
async function stopContainer(id: string): Promise<void> {
try {
await exec(`docker stop ${id}`, { timeout: 10_000 })
} catch {
/* container may already be gone */
}
}
async function memUsageMb(id: string): Promise<number> {
// `docker stats --no-stream --format '{{.MemUsage}}'` returns e.g. "12.5MiB / 3.84GiB".
const { stdout } = await exec(
`docker stats ${id} --no-stream --format '{{.MemUsage}}'`,
{ timeout: 10_000 },
)
const match = stdout.match(/([\d.]+)\s*([KMG])iB/i)
if (!match) throw new Error(`unexpected docker stats output: ${stdout.trim()}`)
const value = Number(match[1])
const unit = match[2].toUpperCase()
if (unit === 'K') return value / 1024
if (unit === 'M') return value
if (unit === 'G') return value * 1024
throw new Error(`unhandled mem unit: ${unit}`)
}
test.describe('AZ-480 — prod image runtime contracts (e2e companion)', () => {
test('AC-2 (NFT-RES-LIM-03) — nginx:alpine final stage, no Node in the container', async () => {
test.setTimeout(60_000)
if (!(await dockerAvailable())) {
test.skip(true, 'docker not reachable from this runner')
}
if (!(await imageExists(IMAGE))) {
test.skip(true, `image ${IMAGE} not built (build with 'docker build -t ${IMAGE} .')`)
}
const id = await startContainer()
try {
// node should not be on PATH; this is the canonical "no Node in the
// image" probe per NFT-RES-LIM-03.
let nodeFound = true
try {
await exec(`docker exec ${id} which node`, { timeout: 5_000 })
} catch {
nodeFound = false
}
expect(nodeFound, 'node MUST NOT be on PATH inside the prod image').toBe(false)
// Sanity: nginx IS on PATH (defence-in-depth — proves the wrong
// container did not start by accident).
await exec(`docker exec ${id} which nginx`, { timeout: 5_000 })
} finally {
await stopContainer(id)
}
})
test('AC-5 (NFT-RES-LIM-10) — each /api/<S>/ request reaches upstream with the prefix stripped', async () => {
test.setTimeout(30_000)
if (!(await dockerAvailable())) {
test.skip(true, 'docker not reachable from this runner')
}
if (!(await imageExists(IMAGE))) {
test.skip(true, `image ${IMAGE} not built`)
}
// The static check (`STC-RES10`) already verifies every nginx
// location block emits `proxy_pass http://<host>:<port>/` (trailing
// slash). The e2e companion proves the runtime behaviour: a request
// to /api/<S>/probe arrives upstream with path `/probe`. We use the
// suite-e2e stack (already populated with echo endpoints) when
// available; on a developer host without the suite stack we skip
// with a clear reason rather than reporting a false PASS.
const suiteRunning = await exec(
'docker ps --filter "name=annotations" --format "{{.Names}}"',
{ timeout: 5_000 },
).then((r) => r.stdout.includes('annotations')).catch(() => false)
if (!suiteRunning) {
test.skip(true, 'suite-e2e docker stack not running (start with docker compose up)')
}
// The suite-e2e `annotations` service exposes /annotations/health which,
// through the prod nginx, is reachable as /api/annotations/annotations/health.
// If the prefix was NOT stripped, the upstream would 404 because it
// does not know about /api/annotations/annotations/health — only
// /annotations/health.
const probe = await fetch('http://localhost:80/api/annotations/health').catch(
() => null,
)
expect(probe?.status, 'prefix-strip should let /api/annotations/health reach upstream').toBeLessThan(
500,
)
})
test(
'@long-running AC-3 (NFT-RES-LIM-08) — steady-state RAM ≤ 200 MB after 5 min idle',
async () => {
const longRunning = process.env.RUN_LONG_RUNNING === '1'
if (!longRunning) {
test.skip(true, 'Long-running soak; set RUN_LONG_RUNNING=1 to enable')
}
if (!(await dockerAvailable())) {
test.skip(true, 'docker not reachable from this runner')
}
if (!(await imageExists(IMAGE))) {
test.skip(true, `image ${IMAGE} not built`)
}
test.setTimeout(RAM_SOAK_TOTAL_MS + 60_000)
const id = await startContainer()
try {
const start = Date.now()
const samples: { tMs: number; mb: number }[] = []
// First sample immediately, then every interval until 5 min.
samples.push({ tMs: 0, mb: await memUsageMb(id) })
while (Date.now() - start < RAM_SOAK_TOTAL_MS) {
await new Promise((r) => setTimeout(r, RAM_SAMPLE_INTERVAL_MS))
samples.push({ tMs: Date.now() - start, mb: await memUsageMb(id) })
}
const peakMb = samples.reduce((max, s) => Math.max(max, s.mb), 0)
test.info().annotations.push({
type: 'ram-samples-mb',
description: samples.map((s) => s.mb.toFixed(1)).join(','),
})
test.info().annotations.push({
type: 'ram-peak-mb',
description: peakMb.toFixed(1),
})
expect(peakMb).toBeLessThanOrEqual(RAM_BUDGET_MB)
} finally {
await stopContainer(id)
}
},
)
})
Reference in New Issue View Git Blame Copy Permalink