fix(e2e): fix EACCES permission denied from envtest binaries on self-hosted runners (RHOAIENG-55511)

[lucferbux]

https://issues.redhat.com/browse/RHOAIENG-55511

Description

After PR #6865 enabled Make + Go on CI so BFF services actually start, the make run target in every BFF Makefile downloads setup-envtest binaries (etcd, kube-apiserver, kubectl) with read-only permissions into packages/*/bff/bin/k8s/. On the next e2e run on the same self-hosted Fedora runner, actions/checkout@v4 (which defaults to clean: true) tries to git clean -ffdx the workspace but cannot remove the read-only files, failing with EACCES and blocking subsequent CI runs.

This fix adds two defensive find ... chmod u+w commands in the CI workflow:

1. Before checkout (in the "Cleanup old test artifacts" step) — ensures any leftover read-only envtest binaries from previous runs are made writable so git clean succeeds.
2. After BFF shutdown (in the "Stop BFF Services" cleanup step) — ensures envtest binaries created during the current run are writable for the next run's checkout cleanup.

Both commands use 2>/dev/null || true so they are safe even when the paths don't exist.

How Has This Been Tested?

• Verified that the find command correctly targets only files lacking user-write permission under packages/*/bff/bin
• Confirmed the commands are defensive (|| true) and cannot break existing runs even if no matching files exist
• The fix addresses the exact EACCES error reported in the Jira ticket

Test Impact

No new tests are needed — this is a CI workflow-only change that fixes file permission handling on self-hosted runners. The fix is transparent to all existing tests.

Request review criteria:

Self checklist (all need to be checked):

• The developer has manually tested the changes and verified that the changes work
• Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
• The developer has added tests or explained why testing cannot be added (unit or cypress tests for related changes)
• The code follows our Best Practices (React coding standards, PatternFly usage, performance considerations)

After the PR is posted & before it merges:

• The developer has tested their solution on a cluster by using the image produced by the PR to main

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• .github/workflows/cypress-e2e-test.yml is excluded by !.github/**

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: b6769203-224a-4846-ad6f-55e4c955302a

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign dgutride for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[lucferbux]

Testing the workflow dispatch in https://github.com/opendatahub-io/odh-dashboard/actions/runs/23612109185

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 64.45%. Comparing base (73c340b) to head (261e991).
⚠️ Report is 6 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #6921      +/-   ##
==========================================
+ Coverage   64.43%   64.45%   +0.01%     
==========================================
  Files        2503     2503              
  Lines       76998    77046      +48     
  Branches    19117    19137      +20     
==========================================
+ Hits        49615    49660      +45     
- Misses      27383    27386       +3     

see 29 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 73c340b...261e991. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.