# ───────────────────────────────────────────────────────────────────────────── # e2e.yml — run the FULL browser-driving e2e suite (the 127 @pytest.mark.e2e) # on GitHub, on every push/PR to main. # # Why this can run on CI when the drive-gate had to stay light: the drive-gate # launched Firefox in true HEADLESS mode, which is content-process unstable on # the hosted runners (eval-CSP / context-destroyed). The stealth wrapper instead # launches Firefox HEADED on a real display; under `xvfb-run` (a virtual X # server) that's exactly what we get on a headless CI box — stable, and the same # thing webrtc-e2e.yml already relies on. # # Secret-free, so it's safe in public CI: the binary is the PUBLIC firefox-9 # release (no token), and the webrtc e2e fake a local TCP-only SOCKS. The proxy # realness gate (fppro / smartproxy) is NOT here — it needs secrets and stays a # local pre-release gate. # ───────────────────────────────────────────────────────────────────────────── name: e2e on: push: branches: [main] pull_request: branches: [main] workflow_dispatch: permissions: contents: read jobs: e2e: name: e2e (linux, xvfb) runs-on: ubuntu-24.04 timeout-minutes: 40 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: { fetch-depth: 1 } - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5 with: { python-version: '3.11' } - name: Install wrapper + test deps (+ pinned Playwright) run: | python -m pip install --upgrade pip python -m pip install ".[dev]" python -m pip install "playwright==$(cat scripts/playwright_pin.txt)" - name: System deps (xvfb + Firefox runtime libs) run: | sudo apt-get update sudo apt-get install -y xvfb sudo "$(which python)" -m playwright install-deps firefox - name: Fetch the published firefox binary run: echo "FF=$(python -m invisible_playwright fetch | tail -1)" >> "$GITHUB_ENV" - name: Run the full e2e suite under a virtual display run: xvfb-run -a python scripts/run_e2e.py "$FF"