ci: add basic reusable e2e workflow

Signed-off-by: Jorge <jorge@garnet.ai>

.github/workflows/call-run-e2e.yaml

@@ -0,0 +1,103 @@
+name: Reusable workflow to run e2e tests
+on:
+  workflow_call:
+    inputs:
+      ref:
+        description: The git commit, sha or other ref to checkout of the e2e repo.
+        required: false
+        type: string
+        default: main
+      jibril-image:
+        description: The Jibril image to use for testing.
+        required: false
+        type: string
+        default: ghcr.io/listendev/jibril:main
+      jibril-server-image:
+        description: The Jibril-server image to use for testing.
+        required: false
+        type: string
+        default: ghcr.io/listendev/jibril-server:main
+      lstn-use-release:
+        description: Use the public release of lstn rather than a local uploaded version.
+        required: false
+        type: boolean
+        default: true
+      lstn-binary-artefact:
+        description: An uploaded artefact to download from this current run if lstn-use-release is false.
+        required: false
+        type: string
+        default: artifact-linux
+    secrets:
+      github-token:
+        description: The Github token to checkout the repo and access container images.
+        required: true
+
+jobs:
+  run-e2e:
+    name: Run e2e tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          repository: listendev/listen-e2e
+          ref: ${{ inputs.ref }}
+          token: ${{ secrets.github-token }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to the GHCR registry
+        uses: docker/#-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.github-token }}
+
+      - name: Pull images
+        run: |
+          docker pull ${{ inputs.jibril-image }}
+          docker pull ${{ inputs.jibril-server-image }}
+        shell: bash
+
+      - name: Get CLI binary from local artefacts
+        if: ${{ !inputs.lstn-use-release }}
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ inputs.lstn-binary-artefact }}
+          path: bin/
+
+      - name: Add CLI to path
+        if: ${{ !inputs.lstn-use-release }}
+        run: echo "$PWD/bin" >> $GITHUB_PATH
+        shell: bash
+
+      - name: Install released CLI
+        if: inputs.lstn-use-release
+        run: curl -sSfL https://lstn.dev/get | sh -s -- -b /usr/local/bin
+        shell: bash
+
+      - name: Verify CLI version
+        run: lstn version
+        shell: bash
+
+      - name: Setup Bats and bats libs
+        id: setup-bats
+        uses: bats-core/bats-action@3.0.0
+        with:
+          support-path: "${{ github.workspace }}/bats/bats-support"
+          assert-path: "${{ github.workspace }}/bats/bats-assert"
+          detik-path: "${{ github.workspace }}/bats/bats-detik"
+          file-path: "${{ github.workspace }}/bats/bats-file"
+
+      - name: Run e2e tests
+        run: ./run-bats.sh
+        shell: bash
+        env:
+          JIBRIL_IMAGE: ${{ inputs.jibril-image }}
+          JIBRIL_SERVER_IMAGE: ${{ inputs.jibril-server-image }}
+          BATS_LIB_PATH: ${{ steps.setup-bats.outputs.lib-path }}
+          TERM: xterm

.github/workflows/ci.yaml

@@ -172,7 +172,7 @@ jobs:
     permissions:
       contents: read
     strategy:
-      fail-fast: true
+      fail-fast: false
       matrix:
         os: [ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
@@ -191,6 +191,25 @@ jobs:
       - name: Run tests
         run: go test -race ./...
 
+  test-e2e:
+    name: Run e2e tests
+    needs:
+      - build
+    uses: ./.github/workflows/call-run-e2e.yaml
+    with:
+      # The Github ref to checkout for the listen-e2e repo.
+      ref: main
+      # We want to use binaries built here.
+      lstn-use-release: false
+      # The artifact to use we built previously.
+      lstn-binary-artefact: artifact-linux
+      # Once https://github.com/listendev/jibril/pull/369 is merged we can use main.
+      jibril-image: ghcr.io/listendev/jibril:sha-196b297
+    secrets:
+      # We have to use a PAT to ensure we can checkout the other repo and access containers from other repos.
+      github-token: ${{ secrets.CI_PAT }}
+
+
   release:
     name: Create official release
     if: startsWith(github.ref, 'refs/tags/v')
@@ -236,19 +255,18 @@ jobs:
           generate_release_notes: true
           make_latest: true
 
-  # this job provides the single required status for PRs to be merged into main.
-  # instead of updating the protected branch status in github, developers can update the needs section below
-  # to require additional status checks to protect main.
-  # the job uses the alls-green action to get around the github issue that treats a "skipped" required status check
-  # as passed. github will skip a job if an upstream needed job fails, which would defeat the purpose of this required
-  # status check.
+  # This job provides the single required status for PRs to be merged into main.
+  # Instead of updating the protected branch status in github, we can just update the "needs" section below
+  # to require additional/remove existing status checks to protect main via a simple GitOps process.
+  # We can use the alls-green action to get around the github assumption that a "skipped" required status check
+  # counts as passed. 
   test-required-checks-complete:
-    # note: this step always has to run in order to check if the dependent jobs passed. by default github skips running a job
-    # if the needed jobs upstream failed.
+    # This step always has to run in order to check if the dependent jobs passed even if upstream jobs are skipped.
     if: always()
     needs:
       - build
       - test
+      - test-e2e
     name: Build checks complete
     runs-on: ubuntu-latest
     permissions: {}