feat: move build-service tests to this repo#586
Conversation
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
|
/retest |
|
@psturc could you add reasoning why this change is made? |
|
@mmorhun please see the related jira ticket and feature for more details |
|
I still don't see clear explanation why. Please update the PR description, not all people can access Jira. |
|
@mmorhun Is related to https://redhat.atlassian.net/browse/KONFLUX-9276 The centralized repo(konflux-ci/e2e-tests) had become a bottleneck, every team depended on it, changes from one team could break another's tests, and it created a single point of failure in CI. By moving tests into the service repos, each team has full ownership of their test lifecycle... The e2e tests repo remains like a package that contains global packages for all Konflux Teams if they want to use it |
|
@mmorhun ar we good here? |
|
@flacatus we discussed it with the team and still have a few concerns:
If we keep only build-service e2e tests here, it won't be Konflux e2e tests any more and we'll be missing some important use cases to check. |
|
Common test framework duplication. The plan is not to copy-paste the framework into every repo. The shared test framework (clients, utilities, helpers) will be extracted into a reusable Go module that teams can import as a dependency. Each team pulls in what they need without duplicating code. The e2e-tests repo is being refactored to serve as that common library — teams consume it, they don't fork it. Cross-component interaction tests. These are exactly the kind of tests that should not live in individual service repos. We distinguish between two types of tests:
|
|
Thank you for the response, @flacatus, a few additional questions:
|
|
@mmorhun let me clarify: Component-level e2e tests and duplication. You're right that even component-level tests often involve other services to get a full e2e flow. The key distinction is what you're asserting on. In build-service's repo, you test build-service behavior — even if that requires a running Integration Service or other components in the cluster. You're not testing that Integration Service works correctly, you're using it as part of the setup to validate your component. If two teams both need to trigger a build as part of their test setup, that's not duplication — they're testing different outcomes from the same trigger. Think of it as integration tests scoped to your component's responsibilities. Who maintains the conformance suite? The conformance suite in konflux-ci/konflux-ci will be maintained by the Vanguard team, but it's open for contribution from every team. If your team identifies a cross-component scenario that should be covered at the system level, you can contribute it there. This is the same model Kubernetes uses — SIG Testing maintains the conformance suite, but any SIG can contribute tests that validate cross-cutting behavior. Component-level tests vs conformance tests. These are complementary, not overlapping. Teams can also have their own conformance suite at the component level — a set of tests that define "this component is working correctly." The system-level conformance suite in konflux-ci/konflux-ci validates that all components work together as a whole. Again, this mirrors how Kubernetes works: each component has its own e2e tests, and then there's a separate conformance suite that validates the full cluster behavior. Both are valuable, and they serve different purposes. Edit: Teams are allow to setup their own Tests in Infra Deployments to run when their components get updated |
|
Scenario: konflux-e2e-build-service
Inspecting Test ArtifactsTo inspect your test artifacts, follow these steps:
mkdir -p oras-artifacts
cd oras-artifacts
oras pull quay.io/konflux-test-storage/konflux-team/build-service:konflux-e2e-build-service-gh772Test results analysis🚨 Error occurred while running the E2E tests, list of failed Spec(s): ➡️ [ Click to view logsExpected success, but got an error:
<*errors.errorString | 0xc0008f3a80>:
pod: go-component-lnptae-on-pull-request-l4hv2-build-container-pod | init container: prepare
2026/05/01 06:58:00 Entrypoint initialization
pod: go-component-lnptae-on-pull-request-l4hv2-build-container-pod | init container: place-scripts
2026/05/01 06:58:07 Decoded script /tekton/scripts/script-1-gnpm2
2026/05/01 06:58:07 Decoded script /tekton/scripts/script-2-7w8sf
2026/05/01 06:58:07 Decoded script /tekton/scripts/script-3-b4gmp
2026/05/01 06:58:07 Decoded script /tekton/scripts/script-4-8q8v2
2026/05/01 06:58:07 Decoded script /tekton/scripts/script-5-4qpld
pod: go-component-lnptae-on-pull-request-l4hv2-build-container-pod | container step-use-trusted-artifact:
Using token for quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae
Executing: oras blob fetch --registry-config /tmp/use-oci.sh.mUA1Cq/auth-DxV1Bl.json quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae@sha256:5c29d36ee5811e7ccb3d761e71e5738664ce2b3c88cd50fff884c40837245204 --output -
Restored artifact quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae@sha256:5c29d36ee5811e7ccb3d761e71e5738664ce2b3c88cd50fff884c40837245204 to /var/workdir/source
WARN: artifact URI not provided, (given: =/var/workdir/cachi2)
pod: go-component-lnptae-on-pull-request-l4hv2-build-container-pod | container step-build:
[2026-05-01T06:58:33,794319002+00:00] Validate context path
[2026-05-01T06:58:33,797496060+00:00] Update CA trust
[2026-05-01T06:58:33,798599789+00:00] Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt
'/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt'
[2026-05-01T06:58:40,417536226+00:00] Prepare Dockerfile
Checking if /var/workdir/cachi2/output/bom.json exists.
Could not find prefetched sbom. No content_sets found for ICM
[2026-05-01T06:58:40,492534543+00:00] Prepare system (architecture: x86_64)
[2026-05-01T06:58:40,634000885+00:00] Setup prefetched
Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.18.9-14...
Getting image source signatures
Checking if image destination supports signatures
Copying blob sha256:2a625e4afab51b49edb0e5f4ff37d8afbb20ec644ed1e68641358a6305557de3
Copying blob sha256:4a13c0e9217d70e608f2d5f5d3c5ffa6d9cd16908b3f83a7a97492d355d25a09
Copying blob sha256:0ab0ba77295aca9b12f463cb7198f0b8b6990b41151dbbd4e1b224fe85244b83
Copying blob sha256:e76793d6902ad1adb19ede3d720024cf0cd8427b3ff606554a4bcafba03dddf4
Copying config sha256:391a2eac28d98dc72726df1faa77db28f6899a77c91ad40f2bdad62baf041301
Writing manifest to image destination
Storing signatures
[2026-05-01T06:59:24,381428497+00:00] Unsetting proxy
{
"architecture": "x86_64",
"build-date": "2026-05-01T06:58:40Z",
"com.redhat.component": "go-toolset-container",
"com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI",
"description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.",
"distribution-scope": "public",
"io.buildah.version": "1.42.2",
"io.k8s.description": "Go Toolset available as a container is a base platform for building and running various Go applications and frameworks. Go is an easy to learn, powerful, statically typed language in the C/C++ tradition with garbage collection, concurrent programming support, and memory safety features.",
"io.k8s.display-name": "Go 1.18.9",
"io.openshift.expose-services": "",
"io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i",
"io.openshift.tags": "builder,golang,golang118,rh-golang118,go",
"io.s2i.scripts-url": "image:///usr/libexec/s2i",
"maintainer": "Red Hat, Inc.",
"name": "rhel9/go-toolset",
"release": "14",
"summary": "Platform for building and running Go Applications",
"url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhel9/go-toolset/images/1.18.9-14",
"vcs-ref": "5303912f1c5f6f418160634c6a3ab9934ab5f832",
"vcs-type": "git",
"vendor": "Red Hat, Inc.",
"version": "1.18.9",
"org.opencontainers.image.revision": "5303912f1c5f6f418160634c6a3ab9934ab5f832",
"org.opencontainers.image.source": "https://github.com/redhat-appstudio-qe/sample-multi-component",
"quay.expires-after": "5d",
"org.opencontainers.image.created": "2026-05-01T06:58:40Z"
}
[2026-05-01T06:59:24,424705247+00:00] Register sub-man
Adding the entitlement to the build
[2026-05-01T06:59:24,428163340+00:00] Add secrets
[2026-05-01T06:59:24,916101181+00:00] Run buildah build
[2026-05-01T06:59:24,917339343+00:00] buildah build --volume /tmp/entitlement:/etc/pki/entitlement --security-opt=unmask=/proc/interrupts --label architecture=x86_64 --label vcs-type=git --label vcs-ref=5303912f1c5f6f418160634c6a3ab9934ab5f832 --label org.opencontainers.image.revision=5303912f1c5f6f418160634c6a3ab9934ab5f832 --label org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --label quay.expires-after=5d --label build-date=2026-05-01T06:58:40Z --label org.opencontainers.image.created=2026-05-01T06:58:40Z --annotation org.opencontainers.image.revision=5303912f1c5f6f418160634c6a3ab9934ab5f832 --annotation org.opencontainers.image.source=https://github.com/redhat-appstudio-qe/sample-multi-component --annotation org.opencontainers.image.created=2026-05-01T06:58:40Z --tls-verify=true --no-cache --ulimit nofile=4096:4096 --http-proxy=false -f /tmp/Dockerfile.j42XKX -t quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae:on-pr-5303912f1c5f6f418160634c6a3ab9934ab5f832 .
STEP 1/10: FROM registry.access.redhat.com/ubi9/go-toolset:1.18.9-14
STEP 2/10: COPY . .
STEP 3/10: RUN go mod download
go: no module dependencies to download
STEP 4/10: RUN go build -o ./main
STEP 5/10: ENV PORT 8081
STEP 6/10: EXPOSE 8081
STEP 7/10: CMD [ "./main" ]
STEP 8/10: COPY labels.json /usr/share/buildinfo/labels.json
STEP 9/10: COPY labels.json /root/buildinfo/labels.json
STEP 10/10: LABEL "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="5303912f1c5f6f418160634c6a3ab9934ab5f832" "org.opencontainers.image.revision"="5303912f1c5f6f418160634c6a3ab9934ab5f832" "org.opencontainers.image.source"="https://github.com/redhat-appstudio-qe/sample-multi-component" "quay.expires-after"="5d" "build-date"="2026-05-01T06:58:40Z" "org.opencontainers.image.created"="2026-05-01T06:58:40Z"
COMMIT quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae:on-pr-5303912f1c5f6f418160634c6a3ab9934ab5f832
--> 5013721df6f2
Successfully tagged quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae:on-pr-5303912f1c5f6f418160634c6a3ab9934ab5f832
5013721df6f29bc83c1ff61735a3bdd9c28bc82c2fd942d3595559f874e29401
[2026-05-01T06:59:35,349215727+00:00] Unsetting proxy
[2026-05-01T06:59:35,350520051+00:00] Add metadata
Recording base image digests used
registry.access.redhat.com/ubi9/go-toolset:1.18.9-14 registry.access.redhat.com/ubi9/go-toolset:1.18.9-14@sha256:4e320bd8b62e406dfc567886aeab4914db125c73fe9ec308b306c72883101d51
Getting image source signatures
Copying blob sha256:a95089dec43982ca50019e0fde4e250fe3bdd153c39544e2d988451866bb93d6
Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49
Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5
Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22
Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3
Copying config sha256:5013721df6f29bc83c1ff61735a3bdd9c28bc82c2fd942d3595559f874e29401
Writing manifest to image destination
[2026-05-01T06:59:59,526390250+00:00] End build
pod: go-component-lnptae-on-pull-request-l4hv2-build-container-pod | container step-push:
[2026-05-01T07:00:00,024140441+00:00] Update CA trust
INFO: Using mounted CA bundle: /mnt/trusted-ca/ca-bundle.crt
'/mnt/trusted-ca/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt'
[2026-05-01T07:00:04,954439247+00:00] Convert image
[2026-05-01T07:00:04,955569986+00:00] Push image with unique tag
Pushing to quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae:go-component-lnptae-on-pull-request-l4hv2-build-container
[retry] executing: buildah push --format=docker --retry 3 --tls-verify=true quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae:on-pr-5303912f1c5f6f418160634c6a3ab9934ab5f832 docker://quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae:go-component-lnptae-on-pull-request-l4hv2-build-container
Getting image source signatures
Copying blob sha256:a95089dec43982ca50019e0fde4e250fe3bdd153c39544e2d988451866bb93d6
Copying blob sha256:314640f419c581ddcac8f3618af39342a4571d5dc7a4e1f5b64d60f37e630b49
Copying blob sha256:a653a5ff4eaef6037f4f354414ab251ac7218d2d42fc8326743fc63ecf2cabd5
Copying blob sha256:d3f6a420cbadfb30033dc481690b39191ce6d2d841ccd54434c352f474ea54c3
Copying blob sha256:db77b3de17313a3fab2620178c01a4ef8eb60cbe722a6e9390f3cbb1132a7d22
Copying config sha256:5013721df6f29bc83c1ff61735a3bdd9c28bc82c2fd942d3595559f874e29401
Writing manifest to image destination
[2026-05-01T07:00:54,646293161+00:00] Push image with git revision
Pushing to quay.io/redhat-appstudio-qe/build-e2e-fbuk/go-component-lnptae:on-pr-5303912f1c5f6f418160634c6a3ab9934ab5f832
[retry] executing: buildah push --format=docker --retry ... the content is too long - please download the artifact to see the full content
OCI Artifact Browser URL |
mmorhun
left a comment
There was a problem hiding this comment.
We have test and integration-tests in the repository root which probably should be under the same dir?
Assisted-by: Cursor
The Forgejo API returns file content as base64-encoded strings, but downloadFileContent was returning the raw base64 bytes without decoding. This caused filesUpToDate to always return false, since it compared raw YAML against base64-encoded content. As a result, the controller would create duplicate PaC PRs when a component was recreated, even though the configuration already existed in the target branch. Assisted-by: Cursor
|
@psturc seeing only lint check is failed, can we please fix and merge this PR? since we changed ITS, till we merge this, other PR CI will continue to fail. |
Replace "golang.org/x/exp/slices" with "slices" standard library
fixed |
JIRA
KFLUXDP-872
Why
As part of the Konflux CI test decentralization effort, this PR migrates all build-service E2E tests from the shared konflux-ci/e2e-tests repository into the build-service repository itself.
Faster feedback loop
Test changes ship in the same PR as the code they validate, eliminating the need for cross-repo coordination between build-service and e2e-tests.
Clearer ownership
Build-service developers own and maintain their tests alongside the code, making it easier to understand, update, and review test changes in context.
Reduced coupling
The shared e2e-tests repo becomes a source of friction when multiple service teams need to land changes simultaneously. Decentralizing tests removes this bottleneck.
Scalable pattern
This follows the same decentralization approach planned for other services (integration-service, release-service, etc.), where each repo will own its E2E tests and consume only shared helper packages from e2e-tests.
Summary
Changes
Fixes
Differences from upstream e2e-tests (excluding import paths):
Checklist:
make testpasses