HardMax71 · HardMax71 · Feb 1, 2026 · Jan 31, 2026 · Jan 31, 2026 · Jan 31, 2026
@@ -0,0 +1,43 @@
+name: 'E2E Boot'
+description: 'Kick off slow background tasks: GHCR auth, image pull + infra pre-warm, k3s install'
+
+inputs:
+  image-tag:
+    description: 'GHCR image tag (e.g., sha-abc1234)'
+    required: true
+  github-token:
+    description: 'GitHub token for GHCR authentication'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Log in to GHCR
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ github.actor }}
+        password: ${{ inputs.github-token }}
+
+    - name: Pull images and pre-warm infra (background)
+      shell: bash
+      env:
+        IMAGE_TAG: ${{ inputs.image-tag }}
+      run: |
+        nohup bash -c '
+          IMAGE_TAG='"$IMAGE_TAG"' docker compose pull --quiet 2>&1
+          echo "--- pull done, starting infra ---"
+          docker compose up -d --no-build \
+            mongo redis shared-ca zookeeper-certgen zookeeper kafka schema-registry 2>&1
+          echo $? > /tmp/infra-pull.exit
+        ' > /tmp/infra-pull.log 2>&1 &
+        echo $! > /tmp/infra-pull.pid
+
+    - name: Install k3s
+      shell: bash
+      run: |
+        K3S_TAG=$(echo "$K3S_VERSION" | sed 's/+/%2B/g')
+        curl -sfL "https://raw.githubusercontent.com/k3s-io/k3s/${K3S_TAG}/install.sh" -o /tmp/k3s-install.sh
+        echo "$K3S_INSTALL_SHA256  /tmp/k3s-install.sh" | sha256sum -c -
+        chmod +x /tmp/k3s-install.sh
+        INSTALL_K3S_VERSION="$K3S_VERSION" INSTALL_K3S_EXEC="--disable=traefik --bind-address 0.0.0.0 --tls-san host.docker.internal" /tmp/k3s-install.sh
@@ -0,0 +1,85 @@
+name: 'E2E Ready'
+description: 'Finalize k3s, wait for infra, start compose stack, health-check, seed test users'
+
+inputs:
+  image-tag:
+    description: 'GHCR image tag (e.g., sha-abc1234)'
+    required: true
+  wait-for-frontend:
+    description: 'Also wait for frontend health check (default: false)'
+    required: false
+    default: 'false'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Finalize k3s
+      shell: bash
+      run: |
+        mkdir -p /home/runner/.kube
+        sudo k3s kubectl config view --raw > /home/runner/.kube/config
+        sudo chmod 600 /home/runner/.kube/config
+        export KUBECONFIG=/home/runner/.kube/config
+        timeout 90 bash -c 'until kubectl cluster-info 2>/dev/null; do sleep 3; done'
+        kubectl create namespace integr8scode --dry-run=client -o yaml | kubectl apply -f -
+        sed -E 's#https://(127\.0\.0\.1|0\.0\.0\.0):6443#https://host.docker.internal:6443#g' \
+          /home/runner/.kube/config > backend/kubeconfig.yaml
+        chmod 644 backend/kubeconfig.yaml
+
+    - name: Start cert-generator (background)
+      shell: bash
+      env:
+        IMAGE_TAG: ${{ inputs.image-tag }}
+      run: |
+        nohup docker compose up -d --no-build cert-generator \
+          > /tmp/cert-gen.log 2>&1 &
+
+    - name: Use test environment config
+      shell: bash
+      run: |
+        cp backend/config.test.toml backend/config.toml
+        cp backend/secrets.example.toml backend/secrets.toml
+
+    - name: Wait for image pull and infra
+      shell: bash
+      run: |
+        if [ -f /tmp/infra-pull.pid ]; then
+          PID=$(cat /tmp/infra-pull.pid)
+          if kill -0 "$PID" 2>/dev/null; then
+            echo "Waiting for image pull + infra startup..."
+            tail --pid="$PID" -f /dev/null 2>/dev/null || true
+          fi
+        fi
+        cat /tmp/infra-pull.log 2>/dev/null || true
+        cat /tmp/cert-gen.log 2>/dev/null || true
+        if [ -f /tmp/infra-pull.exit ]; then
+          EXIT_CODE=$(cat /tmp/infra-pull.exit)
+          if [ "$EXIT_CODE" != "0" ]; then
+            echo "::error::Background image pull / infra pre-warm failed (exit $EXIT_CODE)"
+            exit 1
+          fi
+        fi
+
+    - name: Start stack
+      shell: bash
+      env:
+        IMAGE_TAG: ${{ inputs.image-tag }}
+      run: docker compose up -d --no-build
+
+    - name: Wait for services
+      shell: bash
+      env:
+        WAIT_FOR_FRONTEND: ${{ inputs.wait-for-frontend }}
+      run: |
+        echo "Waiting for backend health..."
+        timeout 120 bash -c 'until curl -ksf https://localhost/api/v1/health/live 2>/dev/null; do sleep 2; done'
+        echo "Backend ready"
+        if [ "$WAIT_FOR_FRONTEND" = "true" ]; then
+          echo "Waiting for frontend health..."
+          timeout 60 bash -c 'until curl -ksf https://localhost:5001 2>/dev/null; do sleep 2; done'
+          echo "Frontend ready"
+        fi
+
+    - name: Seed test users
+      shell: bash
+      run: docker compose exec -T backend uv run python scripts/seed_users.py