Skip to content

feat(fogclaw): E2E baseline tests, CI workflow, and OpenClaw API fix#3

Closed
sidmohan0 wants to merge 3 commits into
mainfrom
feat/e2e-baseline-test
Closed

feat(fogclaw): E2E baseline tests, CI workflow, and OpenClaw API fix#3
sidmohan0 wants to merge 3 commits into
mainfrom
feat/e2e-baseline-test

Conversation

@sidmohan0

Copy link
Copy Markdown
Contributor

Summary

  • E2E test suite: 6 Playwright tests covering all 3 PII scanning layers (inbound, tool-result, outbound), access request backlog lifecycle, and dashboard evidence capture
  • Isolated test profile: global-setup.ts / global-teardown.ts manage a fresh OpenClaw e2e-test profile per run — no interference with local dev state
  • OpenClaw plugin API fix: Changed schema:parameters: and handler:execute: across all 6 tool registrations to match the actual OpenClaw plugin contract
  • CI workflow: GitHub Actions on push/PR to main with Playwright, artifact uploads (screenshots, recordings, report), and Discord notifications
  • Discord notifier: notify-discord.sh posts pass/fail embeds to the team webhook

Test plan

  • All 6 E2E tests pass locally with real LLM responses (6 passed, 1.4m)
  • All 215 unit tests pass after API fix
  • Discord notification sends successfully (HTTP 204)
  • ANTHROPIC_API_KEY and DISCORD_WEBHOOK_URL secrets set in repo
  • CI workflow triggers on merge to main

🤖 Generated with Claude Code

sidmohan0 and others added 3 commits February 17, 2026 20:02
Validated OpenClaw Dashboard automation feasibility, CLI agent
interaction patterns, and plugin update mechanism. All spike
questions resolved: text/role selectors work for Playwright,
`openclaw agent --json` returns structured responses, plugin
update is a single CLI command.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
4-milestone plan: infrastructure setup, CLI-driven scanning layer
tests, access request backlog E2E, browser visual evidence with
video recording. Hybrid CLI + browser architecture.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…plugin API

- Add Playwright E2E test suite with isolated OpenClaw profile per run
- Fix tool registration: schema → parameters, handler → execute (OpenClaw API compat)
- Add GitHub Actions E2E workflow with Discord notifications
- Add global-setup/teardown for automated gateway lifecycle
- Tests cover all 3 scanning layers + access request backlog + dashboard

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@sidmohan0

Copy link
Copy Markdown
Contributor Author

Closing this after porting the load-bearing part: the tool-contract fix (schema:parameters:, handler:execute(toolCallId, params)) plus the unit-test updates landed in #5, verified against current upstream docs — that shape is still the correct contract as of OpenClaw v2026.6.11.

The E2E suite, CI workflow, and Discord notifier here are five months stale: before_agent_start (which the specs exercise) is now deprecated upstream in favor of before_prompt_build/before_agent_run, and the Playwright flows target the Feb-era UI. Rather than rebase, the E2E baseline should be rebuilt fresh against current OpenClaw as part of the hook migration — tracked in the 0.4.0 follow-ups in CHANGELOG.md.

@sidmohan0 sidmohan0 closed this Jul 2, 2026
sidmohan0 added a commit that referenced this pull request Jul 2, 2026
…esh (#5)

* fix: harden allowlist patterns against ReDoS, enforce full-match semantics

Port the datafog-python 4.7.0 allowlist hardening: reject quantified
groups containing nested quantifiers at config time (catastrophic
backtracking on attacker-influenced entity text), cap pattern length at
512 chars, anchor patterns so a partial match never suppresses a
finding, and skip pattern matching for entities longer than 512 chars
(fail-safe: the finding is kept).

* fix: register tools with parameters/execute to match OpenClaw plugin contract

All 6 tools were registered with schema:/handler:, which the OpenClaw
runtime does not recognize — tool calls failed before reaching the model
(verified against upstream docs/plugins/building-plugins.md; execute
receives (toolCallId, params)). Ported from PR #3, which discovered the
breakage during E2E testing in February. Also declares the six tools in
the manifest contracts.tools block, now required for tool discovery, and
bumps the manifest version to 0.4.0.

* chore: fix npm audit vulnerabilities, bump sharp and vitest

npm audit reported 10 vulnerabilities (2 critical). audit fix cleared
the protobufjs/rollup/tar transitives; the rest were the vitest 2.x dev
chain, cleared by vitest 4. sharp 0.34.5 -> 0.35.3. onnxruntime pins
stay as-is: gliner 0.0.19 (still latest) expects onnxruntime 1.19.x
internals, and the test suite mocks GLiNER so a runtime ABI break would
not be caught here. Adds the openclaw.compat block and Node >=22.19
engine floor now required by the plugin runtime. Version to 0.4.0.

* docs: changelog for 0.4.0
@sidmohan0 sidmohan0 deleted the feat/e2e-baseline-test branch July 2, 2026 23:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant