Add smoketest for bpt secrets

[alb-rl]

User description

This adds a smoketest for secrets used in BPTs. I created a fine-grained personal access token with only read permissions for this to work e2e. Plus the test will not expose any secrets.

---

CodeAnt-AI Description

Add smoketest that verifies blueprint builds using Dockerfile secrets

What Changed

• Added a smoketest that creates a blueprint containing a Dockerfile ARG for GITHUB_TOKEN, supplies the secret, and waits for the build to finish.
• The test checks the blueprint build reaches "build_complete" and that the provided secret value is present in the blueprint's stored parameters.
• The test deletes the created blueprint after completion to avoid leaving test artifacts.
• The smoketest allows a longer build wait (up to ~30 minutes) so real image builds and remote repo cloning can complete.

Impact

✅ Fewer blueprint secret regressions
✅ Clearer failure signals when Dockerfile secrets break
✅ Faster detection of blueprint build regressions

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

[codeant-ai]

CodeAnt AI is reviewing your PR.

---

Thanks for using CodeAnt! 🎉

We're free for open-source projects. if you're enjoying it, help us grow by sharing.

Share on X ·
Reddit ·
LinkedIn

[codeant-ai]

Pull Request Feedback 🔍

🔒 No security issues identified

⚡ Recommended areas for review Test Timeout The test's Jest timeout parameter uses THIRTY_SECOND_TIMEOUT while the polling options allow a build wait of up to ~30 minutes (polling maxAttempts and timeoutMs). If THIRTY_SECOND_TIMEOUT is actually ~30s the test will timeout long before the long-running polling completes causing false failures. Ensure the Jest test timeout matches the expected maximum runtime of the polling operation. E2E Flakiness / External Dependency The Dockerfile in the test clones an external GitHub repository during the build. Network flakiness, rate limits, or GitHub outages can cause intermittent test failures and very long runtimes. Consider making the test more robust or providing a lightweight local fixture.

[codeant-ai]

CodeAnt AI finished reviewing your PR.

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	98.96%	100%	❌
Lines	91.73%	-	ℹ️
Branches	38.18%	-	ℹ️
Statements	90.98%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

⚠️ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	98.96%	100%	❌
Lines	91.73%	-	ℹ️
Branches	38.18%	-	ℹ️
Statements	90.98%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

⚠️ Some object methods are not covered in smoke tests. Please add tests that call all public methods.

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run

[github-actions]

✅ Object Smoke Tests & Coverage Report

Test Results

✅ All smoke tests passed

Coverage Results

Metric	Coverage	Required	Status
Functions	100%	100%	✅
Lines	92.14%	-	ℹ️
Branches	38.18%	-	ℹ️
Statements	91.39%	-	ℹ️

Coverage Requirement: 100% function coverage (all public methods must be called in smoke tests)

✅ All tests passed and all object methods are covered!

View detailed coverage report

Coverage reports are available in the workflow artifacts. Lines/branches/statements coverage is tracked but not required to be 100%.

📋 View workflow run