ci: decouple heavy smoke tests into dedicated qa pipeline and add api checks

2026-02-27 14:04:45 +01:00
parent 08425a3a42
commit 7f106b1fa7
4 changed files with 137 additions and 47 deletions
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -523,55 +523,12 @@ jobs:
          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD || 'klz2026' }}
        run: pnpm run check:locale

-      # ── Quality Gates (informational, don't block pipeline) ───────────────
-      - name: 🌐 HTML DOM Validation
+      - name: 🌐 External API Smoke Test (Umami & Sentry)
        if: always() && steps.deps.outcome == 'success'
-        continue-on-error: true
        env:
-          NEXT_PUBLIC_BASE_URL: ${{ needs.prepare.outputs.next_public_url }}
-          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD || 'klz2026' }}
-        run: pnpm check:html
-      - name: 🔒 Security Headers Scan
-        if: always() && steps.deps.outcome == 'success'
-        continue-on-error: true
-        env:
-          NEXT_PUBLIC_BASE_URL: ${{ needs.prepare.outputs.next_public_url }}
-          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD || 'klz2026' }}
-        run: pnpm check:security
-      - name: 🔗 Lychee Deep Link Crawl
-        if: always() && steps.deps.outcome == 'success'
-        continue-on-error: true
-        env:
-          NEXT_PUBLIC_BASE_URL: ${{ needs.prepare.outputs.next_public_url }}
-          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD || 'klz2026' }}
-        run: pnpm check:links
-      - name: 🖼️ Dynamic Asset & Image Integrity Scan
-        if: always() && steps.deps.outcome == 'success'
-        continue-on-error: true
-        env:
-          NEXT_PUBLIC_BASE_URL: ${{ needs.prepare.outputs.next_public_url }}
-          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD || 'klz2026' }}
-          PUPPETEER_EXECUTABLE_PATH: /usr/bin/chromium
-          CHROME_PATH: /usr/bin/chromium
-        run: pnpm check:assets
-      - name: ⚡ Lighthouse CI
-        if: always() && steps.deps.outcome == 'success'
-        continue-on-error: true
-        env:
-          NEXT_PUBLIC_BASE_URL: ${{ needs.prepare.outputs.next_public_url }}
-          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD || 'klz2026' }}
-          CHROME_PATH: /usr/bin/chromium
-          PAGESPEED_LIMIT: 8
-        run: pnpm run pagespeed:test
-      - name: ♿ WCAG Audit
-        if: always() && steps.deps.outcome == 'success'
-        continue-on-error: true
-        env:
-          NEXT_PUBLIC_BASE_URL: ${{ needs.prepare.outputs.next_public_url }}
-          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD || 'klz2026' }}
-          CHROME_PATH: /usr/bin/chromium
-          PAGESPEED_LIMIT: 8
-        run: pnpm run check:wcag
+          UMAMI_API_ENDPOINT:  ${{ secrets.UMAMI_API_ENDPOINT || vars.UMAMI_API_ENDPOINT || 'https://analytics.infra.mintel.me' }}
+          SENTRY_DSN:          ${{ secrets.SENTRY_DSN || vars.SENTRY_DSN }}
+        run: pnpm run check:apis

  # ──────────────────────────────────────────────────────────────────────────────
  # JOB 7: Notifications
--- a/.gitea/workflows/qa.yml
+++ b/.gitea/workflows/qa.yml
@@ -0,0 +1,12 @@
+name: Nightly QA
+
+on:
+  schedule:
+    - cron: '0 3 * * *'
+  workflow_dispatch:
+
+jobs:
+  run-qa:
+    name: 🛡️ Nightly Quality Assurance
+    uses: mmintel/at-mintel/.gitea/workflows/quality-assurance-template.yml@main
+    secrets: inherit