#!/usr/bin/env bash # # Walking-skeleton e2e (S-08d) against an ALREADY-RUNNING full stack: drive the self-service portal # in a real browser through mock-DigiD login → submit → confirmation (login → BFF → domain). # # Runs Playwright INSIDE the compose network (a node container on `cg`), so the browser reaches # Keycloak by service name (keycloak:8080) — the same authority the BFF validates against, so the # token issuer matches (ADR-0010). The spec is copied into the container (docker cp), not mounted, # so it leaves no root-owned files on the host. The caller owns stack bring-up + teardown. set -euo pipefail here="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" root="$(cd "$here/.." && pwd)" ss="$(docker ps -q --filter 'name=self-service' | head -1)" [ -n "$ss" ] || { echo "ERROR: no running self-service container — bring the stack up first" >&2; exit 1; } net="$(docker inspect -f '{{range $k,$_ := .NetworkSettings.Networks}}{{$k}}{{"\n"}}{{end}}' "$ss" | head -1)" echo ">> running Playwright e2e on network $net against http://self-service" cid="$(docker create --network "$net" -w /e2e --ipc=host \ -e SELF_SERVICE_URL=http://self-service \ node:24 sh -c 'npm install --no-audit --no-fund && npx playwright install --with-deps chromium && npx playwright test')" trap 'docker rm -f "$cid" >/dev/null 2>&1 || true' EXIT docker cp "$root/tests/e2e/." "$cid:/e2e" >/dev/null docker start -a "$cid"