test: Add permissions and roles e2e tests #10353

Workflow file for this run

.github/workflows/platform-pull-request.yml at a7be3f7

	name: Platform Pull Requests

	on:
	pull_request:
	types: [opened, synchronize, reopened, ready_for_review]
	paths-ignore:
	- docs/**
	- infrastructure/**

	jobs:
	permissions-check:
	name: Check actor permissions
	runs-on: ubuntu-latest
	outputs:
	can-write: ${{ steps.check.outputs.require-result }}
	steps:
	- uses: actions-cool/check-user-permission@main
	id: check
	with:
	require: write

	conventional-commit-label:
	if: needs.permissions-check.outputs.can-write == 'true'
	name: Add Conventional Commit labels
	needs: permissions-check
	runs-on: ubuntu-latest
	permissions:
	pull-requests: write
	steps:
	- name: Auto-label PR with Conventional Commit title
	uses: kramen22/conventional-release-labels@v1
	with:
	type_labels: \|
	{
	"feat": "feature",
	"fix": "fix",
	"infra": "infrastructure",
	"ci": "ci-cd",
	"docs": "docs",
	"deps": "dependencies",
	"perf": "performance",
	"refactor": "refactor",
	"test": "testing",
	"chore": "chore"
	}
	ignored_types: '[]'

	docker-prepare-report-comment:
	if: github.event.pull_request.draft == false && needs.permissions-check.outputs.can-write == 'true'
	name: Prepare Docker report comment
	needs: permissions-check
	runs-on: ubuntu-latest
	permissions:
	pull-requests: write
	steps:
	- uses: actions/checkout@v4
	with:
	sparse-checkout: .github/
	sparse-checkout-cone-mode: false
	- uses: ./.github/actions/docker-build-report-to-pr

	docker-build-unified:
	if: github.event.pull_request.draft == false && !cancelled()
	needs: [permissions-check, docker-prepare-report-comment]
	name: Build Unified Image
	uses: ./.github/workflows/.reusable-docker-build.yml
	with:
	target: oss-unified
	image-name: flagsmith
	ephemeral: ${{ needs.permissions-check.outputs.can-write == 'false' }}
	comment: ${{ needs.docker-prepare-report-comment.result == 'success' }}

	docker-build-api:
	if: github.event.pull_request.draft == false && !cancelled()
	needs: [permissions-check, docker-prepare-report-comment]
	name: Build API Image
	uses: ./.github/workflows/.reusable-docker-build.yml
	with:
	target: oss-api
	image-name: flagsmith-api
	ephemeral: ${{ needs.permissions-check.outputs.can-write == 'false' }}
	comment: ${{ needs.docker-prepare-report-comment.result == 'success' }}

	docker-build-frontend:
	if: github.event.pull_request.draft == false && !cancelled()
	needs: [permissions-check, docker-prepare-report-comment]
	name: Build Frontend Image
	uses: ./.github/workflows/.reusable-docker-build.yml
	with:
	target: oss-frontend
	image-name: flagsmith-frontend
	ephemeral: ${{ needs.permissions-check.outputs.can-write == 'false' }}
	comment: ${{ needs.docker-prepare-report-comment.result == 'success' }}

	docker-build-api-test:
	if: github.event.pull_request.draft == false && !cancelled()
	needs: [permissions-check, docker-prepare-report-comment]
	name: Build API Test Image
	uses: ./.github/workflows/.reusable-docker-build.yml
	with:
	target: api-test
	image-name: flagsmith-api-test
	ephemeral: ${{ needs.permissions-check.outputs.can-write == 'false' }}
	comment: ${{ needs.docker-prepare-report-comment.result == 'success' }}
	scan: false

	docker-build-e2e:
	if: github.event.pull_request.draft == false && !cancelled()
	needs: [permissions-check, docker-prepare-report-comment]
	name: Build E2E Image
	uses: ./.github/workflows/.reusable-docker-build.yml
	with:
	file: frontend/Dockerfile.e2e
	image-name: flagsmith-e2e
	ephemeral: ${{ needs.permissions-check.outputs.can-write == 'false' }}
	comment: ${{ needs.docker-prepare-report-comment.result == 'success' }}
	scan: false

	docker-build-private-cloud:
	if: github.event.pull_request.draft == false && needs.permissions-check.outputs.can-write == 'true'
	needs: [permissions-check, docker-prepare-report-comment]
	name: Build Private Cloud Image
	uses: ./.github/workflows/.reusable-docker-build.yml
	with:
	target: private-cloud-unified
	image-name: flagsmith-private-cloud
	comment: true
	secrets:
	secrets: \|
	github_private_cloud_token=${{ secrets.GH_PRIVATE_ACCESS_TOKEN }}

	run-e2e-tests:
	if: '!cancelled()'
	needs: [permissions-check, docker-build-api, docker-build-e2e]
	uses: ./.github/workflows/.reusable-docker-e2e-tests.yml
	with:
	runs-on: ${{ matrix.runs-on }}
	e2e-image: ${{ needs.docker-build-e2e.outputs.image }}
	api-image: ${{ needs.docker-build-api.outputs.image }}
	concurrency: ${{ matrix.args.concurrency }}
	tests: ${{ matrix.args.tests }}
	secrets:
	gcr-token: ${{ needs.permissions-check.outputs.can-write == 'true' && secrets.GITHUB_TOKEN \|\| '' }}

	strategy:
	matrix:
	runs-on: [ubuntu-latest, ARM64-2c]
	args:
	- tests: segment-part-1 environment
	concurrency: 1
	- tests: segment-part-2
	concurrency: 1
	- tests: segment-part-3 signup flag invite project
	concurrency: 2
	- tests: versioning
	concurrency: 1
	- tests: organisation-permission environment-permission project-permission roles
	concurrency: 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

test: Add permissions and roles e2e tests #10353

Workflow file

test: Add permissions and roles e2e tests #10353

Jobs

Run details

Workflow file for this run