NO-JIRA: enable Cypress Cloud in CI

[rhamilto]

Summary by CodeRabbit

• Chores
  • Enhanced integration test infrastructure by enabling Cypress cloud recording across multiple test suites, improving test result tracking and debugging capabilities.

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request enables Cypress cloud recording across multiple frontend integration test suites. The test-cypress-headless npm scripts in nine integration test packages are updated with --record and --key ${CYPRESS_RECORD_KEY} command-line flags. Additionally, the Cypress common configuration file is updated with a projectId field to identify the recorded project. These changes maintain existing test execution logic and specifications while adding cloud dashboard recording capabilities.

🚥 Pre-merge checks | ✅ 10

✅ Passed checks (10 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	Custom check for Ginkgo test patterns validates Go tests, but this PR only modifies Cypress frontend configuration files (package.json and cypress-common-config.js), which fall outside the scope of this check.
Test Structure And Quality	✅ Passed	The custom check for Ginkgo test code quality is not applicable to this pull request. The PR exclusively modifies Cypress configuration files (package.json npm scripts and cypress-common-config.js)—a JavaScript-based end-to-end testing framework used in the frontend. Ginkgo is a Go testing framework for backend/server-side tests. The investigation confirms the repository contains Go code in the vendor directory, but none of the changes in this PR touch Go test files or Ginkgo test specifications. Since this check is specifically designed to review Ginkgo It/Describe blocks, BeforeEach/AfterEach patterns, cluster operation timeouts, and assertion messages—none of which apply to Cypress configuration—the check is not applicable and therefore passes.
Microshift Test Compatibility	✅ Passed	PR modifies Cypress test infrastructure only; no Ginkgo e2e tests or OpenShift API references added, making this check non-applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	PR modifies only Cypress test configuration (package.json, cypress-common-config.js); contains no new Ginkgo e2e tests, so SNO Test Compatibility check does not apply.
Topology-Aware Scheduling Compatibility	✅ Passed	Pull request modifications are confined to integration test infrastructure (npm scripts and Cypress configuration files); no Kubernetes deployment manifests, operator code, controllers, or scheduling-related resources are added or modified.
Ote Binary Stdout Contract	✅ Passed	This custom check is not applicable to the provided pull request. The OTE Binary Stdout Contract check targets Go binary implementations and their stdout communication patterns with OpenShift Test Extension, but this PR exclusively modifies JavaScript/Node.js configuration files across integration-test packages and Cypress configuration.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	PR modifies only frontend Cypress test configurations (JavaScript/TypeScript), not Ginkgo Go e2e tests, making this check non-applicable.
Title check	✅ Passed	The title 'NO-JIRA: enable Cypress Cloud in CI' accurately and concisely describes the main change—enabling Cypress Cloud recording across multiple integration test suites in the CI pipeline.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@frontend/packages/shipwright-plugin/integration-tests/package.json`:
- Line 11: The npm script test-cypress-headless is passing the secret via the
CLI --key flag (using ${CYPRESS_RECORD_KEY}) which leaks the key; remove the
--key argument and let Cypress read CYPRESS_RECORD_KEY from the environment, and
make the --record flag conditional so the script only passes --record when
CYPRESS_RECORD_KEY is set (avoid failing when the env var is absent); update the
test-cypress-headless entry to drop --key, and build the command so it appends
--record only if CYPRESS_RECORD_KEY exists.

In `@frontend/packages/topology/integration-tests/package.json`:
- Line 11: Remove the explicit --key ${CYPRESS_RECORD_KEY} argument from the
"test-cypress-headless" npm script so the record key is only provided via the
environment (CYPRESS_RECORD_KEY) and not exposed on the command line; update the
"test-cypress-headless" script string to keep --record and rely on Cypress to
read CYPRESS_RECORD_KEY from process.env, which also prevents malformed flags
when the variable is empty; apply the same change pattern to other scripts that
include --key ${CYPRESS_RECORD_KEY} across the repo (e.g., other package.json
test scripts) to centralize secret handling via environment variables.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Pro Plus

Run ID: 7ffbc44d-2967-4b91-89c9-c1fc1f70a6c4

📥 Commits

Reviewing files that changed from the base of the PR and between 52099b4 and 185bbda.

📒 Files selected for processing (10)

• frontend/packages/console-telemetry-plugin/integration-tests/package.json
• frontend/packages/dev-console/integration-tests/package.json
• frontend/packages/helm-plugin/integration-tests/package.json
• frontend/packages/integration-tests/cypress-common-config.js
• frontend/packages/integration-tests/package.json
• frontend/packages/knative-plugin/integration-tests/package.json
• frontend/packages/operator-lifecycle-manager/integration-tests/package.json
• frontend/packages/shipwright-plugin/integration-tests/package.json
• frontend/packages/topology/integration-tests/package.json
• frontend/packages/webterminal-plugin/integration-tests/package.json

📜 Review details

🔇 Additional comments (8)

frontend/packages/integration-tests/package.json (1)

8-8: Same CLI key-handling issue as above.

Line 8 repeats the --key ${CYPRESS_RECORD_KEY} pattern; please apply the same env-only/conditional recording approach here for consistency and safer secret handling.

frontend/packages/console-telemetry-plugin/integration-tests/package.json (1)

11-11: Same CLI key-handling issue as above.

Line 11 repeats the --key ${CYPRESS_RECORD_KEY} pattern; please apply the same env-only/conditional recording approach here as well.

frontend/packages/helm-plugin/integration-tests/package.json (1)

11-11: Same CLI key-handling issue as above.

Line 11 repeats the --key ${CYPRESS_RECORD_KEY} pattern; please apply the same env-only/conditional recording approach here too.

frontend/packages/knative-plugin/integration-tests/package.json (1)

11-11: Same CLI key-handling issue as above.

Line 11 repeats the --key ${CYPRESS_RECORD_KEY} pattern; please apply the same env-only/conditional recording approach here as well.

frontend/packages/operator-lifecycle-manager/integration-tests/package.json (1)

8-8: Same CLI key-handling issue as above.

Line 8 repeats the --key ${CYPRESS_RECORD_KEY} pattern; please apply the same env-only/conditional recording approach here too.

frontend/packages/webterminal-plugin/integration-tests/package.json (1)

11-11: Same CLI key-handling issue as above.

Line 11 repeats the --key ${CYPRESS_RECORD_KEY} pattern; please apply the same env-only/conditional recording approach here as well.

frontend/packages/integration-tests/cypress-common-config.js (1)

108-108: Good placement for Cypress Cloud project binding.

Line 108 sets projectId in the shared config, which keeps per-package configs consistent and avoids drift.

frontend/packages/dev-console/integration-tests/package.json (1)

14-14: Apply the same record-key handling fix here.

Line 14 repeats the same --key ${CYPRESS_RECORD_KEY} pattern; remove --key and keep --record so the key is sourced from environment injection.

Suggested patch

-    "test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run --record --key ${CYPRESS_RECORD_KEY}  --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/e2e/enable-dev-perspective-ci.feature,features/e2e/add-flow-ci.feature\"; yarn posttest-cypress-headless",
+    "test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run --record --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/e2e/enable-dev-perspective-ci.feature,features/e2e/add-flow-ci.feature\"; yarn posttest-cypress-headless",

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

For Cypress 15.x, when running cypress run --record, does Cypress automatically read CYPRESS_RECORD_KEYfrom environment without--key, and what does Cypress recommend for keeping the record key out of CI logs/process arguments?

💡 Result:

Yes, for Cypress 15.x, when running cypress run --record, Cypress automatically reads the CYPRESS_RECORD_KEY environment variable, allowing you to omit the --key flag. Cypress recommends setting the CYPRESS_RECORD_KEY as an environment variable in your CI provider's secret management system (e.g., GitHub Actions secrets, CircleCI environment variables) to prevent exposing the record key in CI logs or process arguments. This way, you run cypress run --record without passing --key= on the command line. Do not hardcode it in config files, scripts, or commit it to version control, as it could lead to unauthorized recording and billable usage.

Citations:

• 1: https://on.cypress.io/how-do-i-record-runs
• 2: https://docs.cypress.io/guides/dashboard/projects.html
• 3: https://docs.cypress.io/app/references/command-line
• 4: https://docs.cypress.io/app/continuous-integration/overview

---

🏁 Script executed:

#!/bin/bash
# Verify the file exists and check the relevant lines
if [ -f "frontend/packages/shipwright-plugin/integration-tests/package.json" ]; then
  echo "=== File exists, checking content ==="
  cat -n frontend/packages/shipwright-plugin/integration-tests/package.json | grep -A 2 -B 2 "test-cypress-headless"
else
  echo "File not found at expected path"
  # Try to locate it
  find . -name package.json -path "*shipwright*integration*" 2>/dev/null
fi

Repository: openshift/console

Length of output: 695

---

Remove the CLI --key argument and use environment-only record key handling.

Line 11 passes ${CYPRESS_RECORD_KEY} via --key flag, which exposes the key in process arguments (visible in logs and process inspection). Cypress automatically reads CYPRESS_RECORD_KEY from the environment without the --key flag. Additionally, make recording conditional so the script doesn't fail when the environment variable is unset:

Suggested fix

-    "test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run --record --key ${CYPRESS_RECORD_KEY}  --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/e2e/shipwright-ci.feature\";",
+    "test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run ${CYPRESS_RECORD_KEY:+--record} --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/e2e/shipwright-ci.feature\";",

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run --record --key ${CYPRESS_RECORD_KEY} --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/e2e/shipwright-ci.feature\";",
	"test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run ${CYPRESS_RECORD_KEY:+--record} --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/e2e/shipwright-ci.feature\";",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/packages/shipwright-plugin/integration-tests/package.json` at line
11, The npm script test-cypress-headless is passing the secret via the CLI --key
flag (using ${CYPRESS_RECORD_KEY}) which leaks the key; remove the --key
argument and let Cypress read CYPRESS_RECORD_KEY from the environment, and make
the --record flag conditional so the script only passes --record when
CYPRESS_RECORD_KEY is set (avoid failing when the env var is absent); update the
test-cypress-headless entry to drop --key, and build the command so it appends
--record only if CYPRESS_RECORD_KEY exists.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

For Cypress 15.13.0, does cypress run --recordautomatically useCYPRESS_RECORD_KEYfrom the environment without explicitly passing--key?

💡 Result:

Yes, for Cypress 15.13.0, cypress run --record automatically uses CYPRESS_RECORD_KEY from the environment without needing to explicitly pass --key.

Citations:

• 1: https://on.cypress.io/recording-project-runs
• 2: https://docs.cypress.io/guides/guides/command-line.html
• 3: https://docs.cypress.io/app/references/command-line

---

🏁 Script executed:

#!/bin/bash
# Check the actual line in package.json
echo "=== Current state of line 11 in package.json ==="
sed -n '11p' frontend/packages/topology/integration-tests/package.json

echo -e "\n=== Full package.json context (lines 1-20) ==="
head -20 frontend/packages/topology/integration-tests/package.json

echo -e "\n=== Check for Cypress version in this package or root ==="
grep -i "cypress" frontend/packages/topology/integration-tests/package.json || echo "Not found in topology integration-tests"
echo ""
grep -i "cypress" package.json | head -5 || echo "Not found in root package.json"

Repository: openshift/console

Length of output: 1923

---

🏁 Script executed:

#!/bin/bash
# Check root package.json for Cypress version
echo "=== Root package.json Cypress version ==="
rg -A 2 '"cypress"' package.json | head -20

echo -e "\n=== package-lock.json Cypress version check ==="
rg '"cypress"' package-lock.json | grep -E '^\s*"cypress"' | head -3

Repository: openshift/console

Length of output: 279

---

🏁 Script executed:

#!/bin/bash
# Find package.json files in the repo
echo "=== Finding package.json files ==="
find . -maxdepth 3 -name "package.json" -type f | sort

echo -e "\n=== Check root level for package management files ==="
ls -la | grep -E "package|yarn|pnpm"

Repository: openshift/console

Length of output: 240

---

🏁 Script executed:

#!/bin/bash
# Check root frontend package.json for Cypress version
echo "=== Frontend package.json Cypress version ==="
rg '"cypress"' frontend/package.json -A 1 -B 1

echo -e "\n=== Checking if CYPRESS_RECORD_KEY is used elsewhere in the codebase ==="
rg "CYPRESS_RECORD_KEY" . --max-count=10

Repository: openshift/console

Length of output: 3270

---

Remove --key ${CYPRESS_RECORD_KEY} from CLI—pass the secret via environment variable only.

The current command injects the record key directly into the CLI arguments, which exposes the secret in process listings and shell history. Moreover, when CYPRESS_RECORD_KEY is empty or unset, the malformed flag sequence (--record --key --env ...) can confuse downstream argument parsing.

Cypress 15.13.0 automatically reads CYPRESS_RECORD_KEY from the environment when --record is specified—no explicit --key flag is needed. This pattern appears across multiple test packages (topology, webterminal, shipwright, knative, helm, dev-console, console-telemetry, operator-lifecycle-manager, and integration-tests), so consider addressing all occurrences.

Suggested patch

-    "test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run --record --key ${CYPRESS_RECORD_KEY}  --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/*/topology-ci.feature\"",
+    "test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run --record --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/*/topology-ci.feature\"",

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run --record --key ${CYPRESS_RECORD_KEY} --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/*/topology-ci.feature\"",
	"test-cypress-headless": "node --max-old-space-size=4096 ../../../node_modules/.bin/cypress run --record --env openshift=true --browser ${BRIDGE_E2E_BROWSER_NAME:-electron} --headless --spec \"features/*/topology-ci.feature\"",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/packages/topology/integration-tests/package.json` at line 11, Remove
the explicit --key ${CYPRESS_RECORD_KEY} argument from the
"test-cypress-headless" npm script so the record key is only provided via the
environment (CYPRESS_RECORD_KEY) and not exposed on the command line; update the
"test-cypress-headless" script string to keep --record and rely on Cypress to
read CYPRESS_RECORD_KEY from process.env, which also prevents malformed flags
when the variable is empty; apply the same change pattern to other scripts that
include --key ${CYPRESS_RECORD_KEY} across the repo (e.g., other package.json
test scripts) to centralize secret handling via environment variables.

[logonoff]

/retitle NO-JIRA: enable Cypress Cloud in CI
/lgtm
/label px-approved
/label docs-approved
/test all

[openshift-ci-robot]

@rhamilto: This pull request explicitly references no jira issue.

Details

In response to this:

Summary by CodeRabbit

• Chores
• Enhanced integration test infrastructure by enabling Cypress cloud recording across multiple test suites, improving test result tracking and debugging capabilities.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: logonoff, rhamilto

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• frontend/OWNERS [logonoff,rhamilto]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[rhamilto]

/retest

[rhamilto]

/verified by @rhamilto
/overrride ci/prow/e2e-gcp-console

[openshift-ci-robot]

@rhamilto: This PR has been marked as verified by @rhamilto.

Details

In response to this:

/verified by @rhamilto
/overrride ci/prow/e2e-gcp-console

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[rhamilto]

/override ci/prow/e2e-gcp-console

[openshift-ci]

@rhamilto: Overrode contexts on behalf of rhamilto: ci/prow/e2e-gcp-console

Details

In response to this:

/override ci/prow/e2e-gcp-console

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

@rhamilto: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.