fix: add Playwright, Valkey, and mock-OIDC to CI pipelines

- Add valkey and mock-oidc services to both release and dev workflows
- Install Playwright with Chromium deps for headless e2e tests
- Set WG_REDIS_URL and MOCK_OIDC_HOST env vars for CI
- Make mock OIDC discovery URL configurable via MOCK_OIDC_HOST env var
- Add full test job (unit + e2e) to dev pipeline before Docker build

.forgejo/workflows/dev.yml

@@ -6,7 +6,66 @@ on:
       - dev
 
 jobs:
+  test:
+    runs-on: docker
+    container:
+      image: python:3.13-slim
+    services:
+      postgres:
+        image: postgres:17
+        env:
+          POSTGRES_USER: wiregui
+          POSTGRES_PASSWORD: wiregui
+          POSTGRES_DB: wiregui
+        options: >-
+          --health-cmd "pg_isready -U wiregui"
+          --health-interval 5s
+          --health-timeout 5s
+          --health-retries 5
+      valkey:
+        image: valkey/valkey:8
+        options: >-
+          --health-cmd "valkey-cli ping"
+          --health-interval 5s
+          --health-timeout 5s
+          --health-retries 5
+      mock-oidc:
+        image: ghcr.io/navikt/mock-oauth2-server:2.1.10
+        env:
+          SERVER_PORT: "9000"
+          JSON_CONFIG: '{"interactiveLogin":true,"httpServer":"NettyWrapper","tokenCallbacks":[{"issuerId":"test-idp","tokenExpiry":3600,"requestMappings":[{"requestParam":"scope","match":"*","claims":{"sub":"$${claim:sub}","email":"$${claim:sub}@test.local","name":"Test User"}}]}]}'
+    env:
+      CI: "true"
+      WG_DATABASE_URL: postgresql+asyncpg://wiregui:wiregui@postgres/wiregui
+      WG_REDIS_URL: redis://valkey:6379/0
+      MOCK_OIDC_HOST: mock-oidc
+    steps:
+      - name: Install system dependencies and checkout
+        run: |
+          apt-get update && apt-get install -y --no-install-recommends \
+            git wireguard-tools pkg-config libxml2-dev libxmlsec1-dev libxmlsec1-openssl
+          git clone --depth=1 ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .
+          git checkout ${GITHUB_SHA}
+
+      - name: Install uv
+        run: pip install uv
+
+      - name: Install dependencies
+        run: uv sync
+
+      - name: Install Playwright browsers
+        run: uv run playwright install --with-deps chromium
+
+      - name: Run unit tests
+        run: uv run pytest tests/ --ignore=tests/e2e -v --tb=short
+
+      - name: Run E2E tests
+        run: |
+          uv run alembic upgrade head
+          uv run pytest tests/e2e/ -v --tb=short
+
   docker:
+    needs: test
     runs-on: docker
     container:
       image: catthehacker/ubuntu:act-latest
@@ -46,4 +105,4 @@ jobs:
           docker push "${IMAGE}:v${VERSION}"
           docker push "${IMAGE}:dev"
 
-          echo "Pushed ${IMAGE}:v${VERSION}, ${IMAGE}:dev"
+          echo "Pushed ${IMAGE}:v${VERSION}, ${IMAGE}:dev"

.forgejo/workflows/release.yml

@@ -23,9 +23,23 @@ jobs:
           --health-interval 5s
           --health-timeout 5s
           --health-retries 5
+      valkey:
+        image: valkey/valkey:8
+        options: >-
+          --health-cmd "valkey-cli ping"
+          --health-interval 5s
+          --health-timeout 5s
+          --health-retries 5
+      mock-oidc:
+        image: ghcr.io/navikt/mock-oauth2-server:2.1.10
+        env:
+          SERVER_PORT: "9000"
+          JSON_CONFIG: '{"interactiveLogin":true,"httpServer":"NettyWrapper","tokenCallbacks":[{"issuerId":"test-idp","tokenExpiry":3600,"requestMappings":[{"requestParam":"scope","match":"*","claims":{"sub":"$${claim:sub}","email":"$${claim:sub}@test.local","name":"Test User"}}]}]}'
     env:
       CI: "true"
       WG_DATABASE_URL: postgresql+asyncpg://wiregui:wiregui@postgres/wiregui
+      WG_REDIS_URL: redis://valkey:6379/0
+      MOCK_OIDC_HOST: mock-oidc
     steps:
       - name: Install system dependencies and checkout
         run: |
@@ -40,6 +54,9 @@ jobs:
       - name: Install dependencies
         run: uv sync
 
+      - name: Install Playwright browsers
+        run: uv run playwright install --with-deps chromium
+
       - name: Run unit tests
         run: uv run pytest tests/ --ignore=tests/e2e -v --tb=short
 

tests/e2e/test_idp_seed.py

@@ -22,7 +22,8 @@ from wiregui.models.configuration import Configuration
 from tests.e2e.conftest import FAKE_SERVER_KEY
 
 
-MOCK_OIDC_DISCOVERY = "http://localhost:9000/test-idp/.well-known/openid-configuration"
+MOCK_OIDC_HOST = os.environ.get("MOCK_OIDC_HOST", "localhost")
+MOCK_OIDC_DISCOVERY = f"http://{MOCK_OIDC_HOST}:9000/test-idp/.well-known/openid-configuration"
 
 # Separate port for the IdP-seeded app instance
 IDP_APP_PORT = 13002