Post-install smoke verification CLI for Backend.AI WebUI. See
.specs/FR-2871-webui-smoke-cli/spec.md
for the full spec. The operator-facing README (EN + KO) lands in FR-2883
(Phase 2).
Prefer reading the password from stdin or an env var — passing
--password on the command line exposes the secret to anything that
can read the host process's argv. The CLI scrubs the argv value at
startup, but the original invocation may still surface in shell history
or process listings before the scrub runs.
# Option 1 — password from stdin (recommended)
printf '%s' "$BAI_PASSWORD" | bai-smoke run \
--endpoint https://webui.example.com \
--webserver https://webui.example.com \
--email admin@example.com \
--password-stdin \
--output ./smoke-report
# Option 2 — password from env var
BAI_SMOKE_PASSWORD="$BAI_PASSWORD" bai-smoke run \
--endpoint https://webui.example.com \
--webserver https://webui.example.com \
--email admin@example.com \
--output ./smoke-reportTo widen the selection beyond the default @smoke* set, use
--also-include. To narrow the run, use --pages:
bai-smoke run \
--endpoint https://webui.example.com \
--email admin@example.com \
--password-stdin \
--also-include "@critical" \
--pages session,vfolder- Must be run from a
backend.ai-webuimonorepo checkout — the e2e specs are not bundled yet. Tarball / single-binary distribution is tracked in FR-2881. - Air-gap binary,
doctorcommand, and rich diagnostic reports → Phase 2. --also-includewidens the smoke set; to narrow it, use--pagesinstead. The legacy--includeflag is a deprecated hidden alias and will be removed in a future release.--insecure-tlsaccepts self-signed certs but does not pin fingerprints — only enable on trusted networks.
This is an alpha MVP. Full operator docs (EN + KO) land with FR-2883.