Skip to content

Phase 5 – CI/CD Pipeline Design & Acceptance Guide #33

Description

@jenniferoko

Ready for Review -

Excel:

Phase5_CICD_Pipeline_Validation_Workbook.xlsx

Document:

Phase5_CICD_Pipeline_Design_and_Acceptance_Guide.docx

Phase 5 – CI/CD Pipeline Design & Acceptance Guide

Executive Overview

Phase 5 integrates the entire smoke test suite into GitHub Actions to provide continuous validation after every code change and nightly regression testing.

The engineer is responsible for implementing the complete CI/CD pipeline based on the approved workflow specification.

Jennifer is responsible for validating that the pipeline design aligns with the team's operational requirements before enabling automated execution.


Phase Objectives

At the completion of Phase 5:

  • All smoke tests execute automatically through GitHub Actions.
  • Every pipeline produces an HTML Playwright report.
  • Reports are retained as workflow artifacts.
  • Failed nightly runs generate Slack notifications.
  • Secrets are securely stored in GitHub.
  • Jennifer approves the first successful nightly execution before production use.

Jennifer's Deliverables

Before implementation is approved, Jennifer should review the following with the engineering team.

Pipeline Review

Confirm:

  • Job names match team standards.
  • Trigger conditions are correct.
  • Schedule matches expected execution time.
  • Runtime estimates are reasonable.
  • HTML reports are uploaded.
  • Failure notifications are sent to the correct Slack channel.
  • Required GitHub secrets exist.
  • Pipeline follows repository conventions.

Jennifer should also review the first nightly report before enabling ongoing automation.


Pipeline Architecture


Developer Push
│
▼
Critical Smoke
(~10 sec)

Pull Request


Critical Smoke
(~10 sec)


Manual Trigger
│
▼
Single Service Smoke
(~5 min)

Nightly (03:00 ET)


Complete Smoke Suite
(~20 min)


Upload Report
│
▼
Slack Notification (if failed)


GitHub Actions Workflow


.github/workflows/smoke.yml

Pipeline Name


ZCP API Smoke Tests


Job Overview

Job Purpose Trigger Estimated Runtime
Critical Authentication validation Push / Pull Request ~10 seconds
Service Smoke Individual service validation Manual ~5 minutes
Nightly Complete smoke suite Scheduled ~20 minutes

Job 1 — Critical

Purpose

Provides immediate validation after every code change.

Runs only the critical authentication tests.


Tag

@critical

Triggers

  • Push to main
  • Pull Request

Expected runtime


10 seconds

Validation

  • Checkout repository
  • Install Node
  • Install dependencies
  • Execute

npx playwright test --grep @critical


Job 2 — Service Smoke

Purpose

Allows engineers to validate one service independently.

Example


@compute

or


@storage

or


@networking

Trigger


workflow_dispatch

Engineer supplies


tag

Example


@dns

Expected runtime


5 minutes

Validation

  • Execute only selected tag
  • Upload Playwright HTML report
  • Retain artifact for 14 days

Job 3 — Nightly

Purpose

Runs the complete regression suite every night.

Tag


@smoke

Trigger


03:00 ET

Cron


0 7 * * *

Expected runtime


20 minutes

Timeout


30 minutes

Validation

  • Execute every smoke test
  • Upload HTML report
  • Retain report for 30 days
  • Notify Slack if failed

Pipeline Lifecycle


Push / PR
│
▼
Critical Job

Manual


Service Smoke


Nightly
│
▼
Run All Smoke Tests

Generate HTML Report


Upload Artifact


Slack Notification (Failures Only)


---

# Required GitHub Secrets

| Secret | Purpose |
|----------|----------|
| `ZCP_SMOKE_TOKEN` | Smoke test API token |
| `ZCP_SMOKE_PROJECT` | Project slug |
| `SLACK_QA_WEBHOOK` | Slack Incoming Webhook |
| `ZCP_SMOKE_REGION` | Default cloud region |

---

# Environment Configuration

Example

```text
ZCP_API_BASE=https://api.zcp.zsoftly.ca/api

ZCP_SMOKE_TOKEN=xxxxxxxxxxxxxxxx

ZCP_SMOKE_PROJECT=smoke-tests

ZCP_SMOKE_REGION=yow

Environment variables should never be committed into source control.

Use


GitHub Secrets

instead.


API Validation

Each workflow must verify

  • Successful authentication
  • Correct environment
  • Required secrets loaded
  • Playwright starts successfully
  • HTML report generated
  • Exit code returned correctly

Artifact Validation

Verify

  • HTML report uploaded
  • Artifact name includes workflow run ID
  • Report opens successfully
  • Screenshots included when failures occur
  • Trace files available (if enabled)

Slack Notification Validation

Notification should only occur when


failure()

returns true.

Verify

  • Correct Slack channel
  • Link opens GitHub Actions run
  • Message clearly identifies failed workflow
  • Only one notification per failed run

Example

ZCP nightly smoke FAILED

View Report

Security Validation

Verify

  • Secrets are never logged
  • API tokens are masked
  • Webhook URL is hidden
  • Reports contain no credentials

Performance Expectations

Job Maximum Runtime
Critical 30 seconds
Service Smoke 10 minutes
Nightly 30 minutes

Investigate significant runtime increases.


Cleanup Validation

Each workflow should verify

  • Temporary files removed
  • Playwright processes terminated
  • HTML report generated
  • No orphaned test resources remain

Acceptance Criteria

Category Acceptance Criteria Verification
Workflow File .github/workflows/smoke.yml committed Code Review
Critical Job Executes on every Push and PR GitHub Actions
Service Smoke Executes manually using tag input GitHub Actions
Nightly Job Executes on schedule GitHub Actions
HTML Reports Uploaded successfully Artifact Review
Artifact Retention 14-day and 30-day retention configured Workflow Review
Secrets Configured in GitHub Repository Settings
Slack Alerts Failure notifications delivered Slack Verification
Runtime Jobs complete within expected duration Pipeline Review
Regression All 50 smoke tests pass Nightly Run
Jennifer Approval Nightly report reviewed Sign-off

Engineer Checklist

Required Before Phase 5 Sign-off

  • smoke.yml implemented
  • Critical job executes successfully
  • Service Smoke executes successfully
  • Nightly job executes successfully
  • HTML reports generated
  • Artifacts uploaded
  • GitHub Secrets configured
  • Slack webhook configured
  • Failure notifications verified
  • Runtime within expected limits
  • Full smoke suite (Tests 1–50) passes
  • Jennifer reviews nightly report

Resource Verification

Resource Verified
HTML Report Uploaded - [ ]
Artifact Download Works - [ ]
Slack Notification Sent - [ ]
GitHub Secrets Configured - [ ]
Nightly Schedule Verified - [ ]

Engineer Sign-off

Field Value
Engineer
Reviewer (Jennifer)
Date
Build / Release Version
Git Commit / PR
GitHub Actions Run

Final Result

  • PASS – Pipeline Approved
  • FAIL – Rework Required

Reviewer Comments

_________________________________________________________

_________________________________________________________

_________________________________________________________

_________________________________________________________

Exit Rule

Phase 5 is complete only when:

  • All GitHub Actions jobs execute successfully.
  • The complete smoke suite (Tests 1–50) passes.
  • HTML reports are generated and uploaded as workflow artifacts.
  • Slack failure notifications are delivered to the approved QA channel.
  • GitHub Secrets are configured securely.
  • Jennifer reviews the first successful nightly execution and signs off.

Only then may the CI/CD pipeline be enabled for ongoing automated validation.

Metadata

Metadata

Labels

mediumRepresents tasks with moderate importance.

Type

Fields

No fields configured for Story.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions