test: enable rekor search ui tests

[kdacosta0]

User description

Summary by Sourcery

Enable Rekor search UI end-to-end tests in the main CI workflow by installing Playwright dependencies and running the full e2e test suite.

CI:

• Update main workflow e2e job to install Playwright with dependencies for UI tests.
• Adjust e2e test invocation to run the full ./test/... suite instead of excluding Rekor search UI tests.

---

PR Type

Tests

---

Description

• Enable Rekor search UI tests in CI pipeline

• Install Playwright with dependencies for browser automation

• Remove exclusion filter for UI tests in test execution

• Fix whitespace formatting in CLI_STRATEGY export

---

Diagram Walkthrough

flowchart LR
  A["CI Workflow"] -->|"Install Playwright"| B["Browser Setup"]
  B -->|"Run all tests"| C["UI Tests Enabled"]
  A -->|"Remove grep filter"| C

Loading

File Walkthrough

	Relevant files
Tests	main.yml Enable UI tests and install Playwright in CI                          .github/workflows/main.yml Added Playwright installation step with dependencies for UI test support Removed grep filter that excluded rekorsearchui tests from execution Changed test command to run all tests including UI tests Fixed whitespace formatting in CLI_STRATEGY environment variable export +4/-3

---

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Main CI workflow updated so e2e job now installs Playwright (with system dependencies) and runs the full Go e2e test suite including Rekor search UI tests, instead of excluding them.

Flow diagram for updated e2e job execution with Playwright and full test suite

flowchart TD
  A[Start_e2e_job] --> B[Set_environment_variables]
  B --> C[Export_TUF_URL]
  C --> D[Export_TSA_URL]
  D --> E[Export_CLI_STRATEGY_cli_server]
  E --> F[Export_CLI_SERVER_URL]
  F --> G[Change_directory_to_e2e]
  G --> H[Source_tas_env_variables]
  H --> I[Install_Playwright_with_dependencies_using_go_run]
  I --> J[Run_go_test_v_test_all_packages]
  J --> K[Execute_Rekor_search_UI_tests]
  J --> L[Execute_other_e2e_tests]
  K --> M[Collect_test_results]
  L --> M
  M --> N[End_e2e_job]

Loading

File-Level Changes

Change	Details	Files
Enable Rekor search UI e2e tests in the main CI workflow and ensure Playwright is installed with its dependencies before running tests.	Fix minor formatting of CLI_STRATEGY environment variable export. Add a step in the e2e test run to install Playwright (via playwright-go) with all required dependencies. Change the go test invocation from excluding Rekor search UI tests to running the entire ./test/... suite.	.github/workflows/main.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Lacks Auditing: The added CI steps execute Playwright installation and tests without adding any audit/logging of critical actions beyond default tooling, making it unclear if critical operations are recorded. Referred Code # Install Playwright with dependencies for UI tests go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps go test -v ./test/... Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Missing Fail Handling: The workflow runs Playwright installation and tests without explicit error handling or retries, relying on default step failure behavior without contextual messages. Referred Code # Install Playwright with dependencies for UI tests go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps go test -v ./test/... Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Potential Log Exposure: Running verbose tests ('go test -v') may emit environment-derived URLs or secrets to logs, but the diff does not show safeguards like log redaction. Referred Code go test -v ./test/... Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Env Input Trust: Newly added steps rely on environment-derived URLs and cluster outputs without validation or sanitization before being consumed by tests and tools. Referred Code run: | export OIDC_ISSUER_URL="http://${{ steps.kind.outputs.oidc_host }}/auth/realms/trusted-artifact-signer" export FULCIO_URL=$(kubectl get fulcio -o jsonpath='{.items[0].status.url}' -n ${{ env.TEST_NAMESPACE }}) export REKOR_URL=$(kubectl get rekor -o jsonpath='{.items[0].status.url}' -n ${{ env.TEST_NAMESPACE }}) export REKOR_UI_URL=$(kubectl get rekor -o jsonpath='{.items[0].status.rekorSearchUIUrl}' -n ${{ env.TEST_NAMESPACE }}) export TUF_URL=$(kubectl get tuf -o jsonpath='{.items[0].status.url}' -n ${{ env.TEST_NAMESPACE }}) export TSA_URL=$(kubectl get timestampauthorities -o jsonpath='{.items[0].status.url}' -n ${{ env.TEST_NAMESPACE }})/api/v1/timestamp export CLI_STRATEGY=cli_server export CLI_SERVER_URL="http://cli-server.local" Learn more about managing compliance generic rules or creating your own custom rules
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• The go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps invocation pulls the latest version on every run; consider pinning a specific module version (e.g. @vX.Y.Z) to keep CI runs reproducible and avoid unexpected breakages from upstream changes.
• Installing Playwright with --with-deps on every main workflow run could add noticeable time and potential flakiness; consider caching the Playwright binaries or moving the heavy installation to a reusable setup step so subsequent jobs can reuse the installation.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The `go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps` invocation pulls the latest version on every run; consider pinning a specific module version (e.g. `@vX.Y.Z`) to keep CI runs reproducible and avoid unexpected breakages from upstream changes.
- Installing Playwright with `--with-deps` on every main workflow run could add noticeable time and potential flakiness; consider caching the Playwright binaries or moving the heavy installation to a reusable setup step so subsequent jobs can reuse the installation.

## Individual Comments

### Comment 1
<location> `.github/workflows/main.yml:610` </location>
<code_context>
-          # exclude UI tests
-          go test -v $(go list ./test/... | grep -v rekorsearchui)
+          # Install Playwright with dependencies for UI tests
+          go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps
+          go test -v ./test/...

</code_context>

<issue_to_address>
**suggestion (bug_risk):** Pin the Playwright Go CLI dependency to a specific version instead of using `latest`.

`go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps` without a version suffix will always pull the latest CLI, which can cause unexpected CI failures when upstream changes. Please pin a specific version, e.g. `.../cmd/[email protected]`, and update it deliberately as needed.

Suggested implementation:

```
          # Install Playwright with dependencies for UI tests (pinned version)
          go run github.com/playwright-community/playwright-go/cmd/[email protected] install --with-deps

```

1. Confirm `v0.430.0` (or whichever version you choose) is a valid tag for `github.com/playwright-community/playwright-go` and matches the version used elsewhere in your project (e.g. in `go.mod`).
2. Optionally, document in your CONTRIBUTING.md or a CI README which version is pinned and how/when to update it.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Cache Playwright binaries to speed up CI Cache Playwright binaries to optimize the CI workflow. Add a caching step before test execution, using the go.sum file for the cache key, to avoid re-downloading browsers on every run. .github/workflows/main.yml [609-611] # Install Playwright with dependencies for UI tests +# Caching is handled in a previous step. This command will be fast if cache is hit. go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps go test -v ./test/... [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 7 __ Why: This is a valuable performance optimization for the CI workflow, correctly identifying that caching Playwright binaries will speed up execution and reduce costs.	Medium
General	Enforce strict shell error handling Add set -euo pipefail before sourcing tas-env-variables.sh. This enforces strict error handling, causing the script to exit on any command failure or use of unset variables, which prevents tests from running with an incomplete environment. .github/workflows/main.yml [604-611] export CLI_STRATEGY=cli_server export CLI_SERVER_URL="http://cli-server.local" cd e2e +set -euo pipefail source ./tas-env-variables.sh # Install Playwright with dependencies for UI tests -go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps +export CI=1 +if ! go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps; then + echo "Playwright installation failed. Ensure system dependencies are available." >&2 + exit 1 +fi go test -v ./test/... [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 7 __ Why: The suggestion to add set -euo pipefail is a best practice for shell scripts in CI, significantly improving the workflow's robustness by ensuring it fails immediately on errors or unset variables within the sourced script.	Medium
Possible issue	Fail fast on Playwright install issues Add explicit error handling for the Playwright installation command and set the CI=1 environment variable. This will cause the job to fail fast with a clear message on installation failure and ensure Playwright runs in headless mode. .github/workflows/main.yml [609-611] # Install Playwright with dependencies for UI tests -go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps +export CI=1 +if ! go run github.com/playwright-community/playwright-go/cmd/playwright install --with-deps; then + echo "Playwright installation failed. Ensure system dependencies are available." >&2 + exit 1 +fi go test -v ./test/... [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 6 __ Why: This suggestion correctly identifies the need for robust error handling for the new Playwright installation step and the importance of setting CI=1 for headless execution, which improves the reliability and debuggability of the CI workflow.	Low
Update