NETOBSERV-2653: TLS Tracking automation

[Amoghrd]

Description

• TLS Tracking UI test-case OCP-88966 automation
• Updating Operator install check from UI to CLI to reduce flakyness when switching pages/tabs. Also skipping catalog and IDMS creation if operator already present
• Removing visitFlowCollector post flowcollector deployment. It was added when we were checking for loki pods deployment in UI, since we moved it to CLI, we are on flowcollector tab and dont need to switch pages
• Use ID's when enabling columns from columns modal as well instead of data-test=th
• Fix flaky visitFlowcollector func

Dependencies

#1478

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
  • Standard QE validation, with pre-merge tests unless stated otherwise.
  • Regression tests only (e.g. refactoring with no user-facing change).
  • No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Test Results

 Spec                                              Tests  Passing  Failing  Pending  Skipped                                                                                                               
┌────────────────────────────────────────────────────────────────────────────────────────────────┐                                                                                                             
│ ✔  dns_dashboards.cy.ts                     03:07        2        2        -        -        - │                                                                                                             
├────────────────────────────────────────────────────────────────────────────────────────────────┤                                                                                                             
│ ✔  dns_tracking.cy.ts                       03:57        2        2        -        -        - │                                                                                                             
├────────────────────────────────────────────────────────────────────────────────────────────────┤                                                                                                             
│ ✔  netflow_cluster_admin_group.cy.ts         36ms        2        -        -        2        - │                                                                                                             
├────────────────────────────────────────────────────────────────────────────────────────────────┤                                                                                                             
│ ✔  netflow_external_subnet.cy.ts            03:20        1        1        -        -        - │
├────────────────────────────────────────────────────────────────────────────────────────────────┤                                                                                                             
│ ✔  netflow_table.cy.ts                      05:00        5        5        -        -        - │
├────────────────────────────────────────────────────────────────────────────────────────────────┤                                                                                                             
│ ✔  netflow_zone_multiCluster.cy.ts          04:18        2        2        -        -        - │
├────────────────────────────────────────────────────────────────────────────────────────────────┤                                                                                                             
│ ✔  table_queryopts.cy.ts                    03:25        3        3        -        -        - │
├────────────────────────────────────────────────────────────────────────────────────────────────┤                                                                                                             
│ ✔  tls_dashboards.cy.ts                     04:01        1        1        -        -        - │                                                                                                             
├────────────────────────────────────────────────────────────────────────────────────────────────┤                                                                                                             
│ ✔  tls_tracking.cy.ts                       03:17        2        2        -        -        - │                                                                                                             
└────────────────────────────────────────────────────────────────────────────────────────────────┘                                                                                                             
  ✔  All specs passed!                        30:28       20       18        -        2        -

Jenkins run: noo-frontend-tests#75/ Failing tests fixed and they are passing on rerun.
Also tested tests with downstream and upstream operator not installed prior to running tests. Both passed

Summary by CodeRabbit

Release Notes

• New Features

  • Added TLS tracking functionality with new test fixtures and comprehensive test suites validating TLS dashboards and network flow data
  • Extended dashboards to display TLS-related metrics including traffic patterns by TLS version, cipher suite, and TLS group

• Tests

  • Added test coverage for TLS tracking with dashboard panel verification and traffic flow table column validation
  • Updated integration tests across multiple modules with improved, robust selectors for better test maintainability

[openshift-ci-robot]

@Amoghrd: This pull request references NETOBSERV-2653 which is a valid jira issue.

Details

In response to this:

Description

TLS Tracking UI test-case OCP-88966 automation

Dependencies

#1478

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Title check	✅ Passed	The title 'NETOBSERV-2653: TLS Tracking automation' directly describes the main change: adding test automation for TLS Tracking functionality with a specific Jira ticket reference.
Description check	✅ Passed	PR description covers key changes and includes proper checklist completion, though environment setup details are not fully specified.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign memodi for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• DOWNSTREAM_OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

web/cypress/integration-tests/tls_dashboards.cy.ts (1)

22-33: 💤 Low value

Consider adding explicit wait after scroll.

Line 30 scrolls to bottom, then line 32 immediately checks panels. If panels need time to render after scroll, add a wait:

cy.get('#content-scrollable').scrollTo('bottom')
cy.wait(1000) // Allow panels to render
cy.checkDashboards(TLSPanels)

However, if cy.checkDashboards() already includes retry logic, this may be unnecessary.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@web/cypress/integration-tests/tls_dashboards.cy.ts` around lines 22 - 33,
After scrolling to bottom in the test
(cy.get('#content-scrollable').scrollTo('bottom')), add a short explicit wait
before calling cy.checkDashboards(TLSPanels) to allow panels to render (e.g., a
cy.wait(1000)), or alternatively ensure the helper cy.checkDashboards (used
earlier) includes retry/assertion logic to tolerate post-scroll rendering
latency; update the test to either insert the wait after .scrollTo or enhance
checkDashboards to retry until panels in TLSPanels are present.

web/cypress/views/netobserv.ts (1)

61-61: 💤 Low value

Consider explicit undefined handling for environment variables.

The template literal ${Cypress.env('...')} converts undefined to "undefined" string. While safe, explicit checks would be clearer:

if (Cypress.env('NOO_CATALOG_SOURCE') === 'upstream') {

Also applies to: 73-73, 90-90

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@web/cypress/views/netobserv.ts` at line 61, The current checks use template
literals like `${Cypress.env('NOO_CATALOG_SOURCE')}` which turn undefined into
the string "undefined"; update the conditionals to compare the raw env value
directly (e.g., Cypress.env('NOO_CATALOG_SOURCE') === 'upstream') and, where
appropriate, add an explicit undefined/null guard (e.g., store const src =
Cypress.env('NOO_CATALOG_SOURCE') and check src !== undefined && src ===
'upstream') to avoid accidental stringified "undefined"; apply the same change
for the other occurrences that use `${Cypress.env(...)}` (the checks around the
same logic at the other two locations).

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@web/cypress/integration-tests/tls_tracking.cy.ts`:
- Around line 56-87: The test applies filters but never asserts any rows exist,
so the subsequent .each() checks can be skipped silently; update the TLS column
checks (the cy.get calls using '[data-test-td-column-id="TLSVersion"]',
'[data-test-td-column-id="TLSTypes"]', '[data-test-td-column-id="TLSGroup"]',
and '[data-test-td-column-id="TLSCipherSuite"]') to first assert there is at
least one cell (e.g., should('have.length.greaterThan', 0)) before calling
.each(), then keep the existing content/non-empty assertions inside the .each()
callbacks to ensure the filters returned results and the TLS data is validated.

In `@web/cypress/views/netobserv.ts`:
- Around line 96-101: Replace the unnecessary use of the any type in the
cy.adminCLI promise callback by changing the callback signature to use
Cypress.Exec (i.e., update the .then((result: any) => { ... }) handler to
.then((result: Cypress.Exec) => { ... }) so the CLI result is properly typed;
update the callback in the cy.adminCLI invocation inside netobserv.ts near the
block checking result.stdout/includes('netobserv-operator') and
result.stdout/includes('Succeeded') to use the Cypress.Exec type.

---

Nitpick comments:
In `@web/cypress/integration-tests/tls_dashboards.cy.ts`:
- Around line 22-33: After scrolling to bottom in the test
(cy.get('#content-scrollable').scrollTo('bottom')), add a short explicit wait
before calling cy.checkDashboards(TLSPanels) to allow panels to render (e.g., a
cy.wait(1000)), or alternatively ensure the helper cy.checkDashboards (used
earlier) includes retry/assertion logic to tolerate post-scroll rendering
latency; update the test to either insert the wait after .scrollTo or enhance
checkDashboards to retry until panels in TLSPanels are present.

In `@web/cypress/views/netobserv.ts`:
- Line 61: The current checks use template literals like
`${Cypress.env('NOO_CATALOG_SOURCE')}` which turn undefined into the string
"undefined"; update the conditionals to compare the raw env value directly
(e.g., Cypress.env('NOO_CATALOG_SOURCE') === 'upstream') and, where appropriate,
add an explicit undefined/null guard (e.g., store const src =
Cypress.env('NOO_CATALOG_SOURCE') and check src !== undefined && src ===
'upstream') to avoid accidental stringified "undefined"; apply the same change
for the other occurrences that use `${Cypress.env(...)}` (the checks around the
same logic at the other two locations).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: dea91e58-4b0c-4800-b1ac-31b538760753

📥 Commits

Reviewing files that changed from the base of the PR and between 747f4d2 and ba80cae.

📒 Files selected for processing (6)

• web/cypress/fixtures/flowcollector/fc_TLSTracking.yaml
• web/cypress/integration-tests/dns_dashboards.cy.ts
• web/cypress/integration-tests/tls_dashboards.cy.ts
• web/cypress/integration-tests/tls_tracking.cy.ts
• web/cypress/views/netflow-page.ts
• web/cypress/views/netobserv.ts

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 52.33%. Comparing base (747f4d2) to head (a56235d).
⚠️ Report is 3 commits behind head on main-pf5.

Additional details and impacted files

@@             Coverage Diff              @@
##           main-pf5    #1514      +/-   ##
============================================
- Coverage     52.53%   52.33%   -0.21%     
============================================
  Files           232      232              
  Lines         12355    12454      +99     
  Branches       1551     1562      +11     
============================================
+ Hits           6491     6518      +27     
- Misses         5269     5337      +68     
- Partials        595      599       +4     

Flag	Coverage Δ
uitests	56.45% <ø> (-0.29%)	⬇️
unittests	40.92% <ø> (-0.05%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 21 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

web/cypress/integration-tests/tls_tracking.cy.ts (1)

81-89: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Guard remaining TLS column .each() checks with non-empty assertions.

Only TLSVersion asserts non-empty before .each(). TLSTypes, TLSGroup, and TLSCipherSuite can still pass silently with zero matches.

Suggested fix

-        cy.get('[data-test-td-column-id="TLSTypes"]').each((td) => {
+        cy.get('[data-test-td-column-id="TLSTypes"]')
+            .should('have.length.greaterThan', 0)
+            .each((td) => {
             expect(td).to.contain('ServerHello')
         })
-        cy.get('[data-test-td-column-id="TLSGroup"]').each((td) => {
+        cy.get('[data-test-td-column-id="TLSGroup"]')
+            .should('have.length.greaterThan', 0)
+            .each((td) => {
             expect(td.text().trim()).to.not.be.empty
         })
-        cy.get('[data-test-td-column-id="TLSCipherSuite"]').each((td) => {
+        cy.get('[data-test-td-column-id="TLSCipherSuite"]')
+            .should('have.length.greaterThan', 0)
+            .each((td) => {
             expect(td.text().trim()).to.not.be.empty
         })

As per coding guidelines, "web/cypress/**/*.ts: Verify E2E test stability, proper waits, and selector resilience".

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@web/cypress/integration-tests/tls_tracking.cy.ts` around lines 81 - 89, The
three Cypress checks using the selectors TLSTypes, TLSGroup, and TLSCipherSuite
can silently pass if there are zero matches; before calling .each() on
cy.get('[data-test-td-column-id="TLSTypes"]'),
cy.get('[data-test-td-column-id="TLSGroup"]'), and
cy.get('[data-test-td-column-id="TLSCipherSuite"]') add a guard assertion that
the query returns at least one element (e.g., .should('have.length.greaterThan',
0) or equivalent) so the subsequent .each() actually iterates over results,
mirroring the existing TLSVersion non-empty check.

🧹 Nitpick comments (1)

web/cypress/integration-tests/netflow_table.cy.ts (1)

71-71: ⚡ Quick win

Inconsistent selector usage.

Line 71 uses a hard-coded selector '#SrcK8S_Namespace[type="checkbox"]' while the rest of the test uses colSelectors. Line 81 references the same column via colSelectors.srcNS. Use the centralized selector here for consistency.

♻️ Proposed fix

-            cy.get('#SrcK8S_Namespace[type="checkbox"]').uncheck()
+            cy.get(colSelectors.srcNS).uncheck()

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@web/cypress/integration-tests/netflow_table.cy.ts` at line 71, Replace the
hard-coded selector in the test (the
cy.get('#SrcK8S_Namespace[type="checkbox"]').uncheck() call) with the
centralized column selector used elsewhere; use colSelectors.srcNS (or the
appropriate property on colSelectors referencing SrcK8S_Namespace) so the line
becomes cy.get(colSelectors.srcNS).uncheck() to keep selector usage consistent
with the rest of the test.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@web/cypress/integration-tests/tls_tracking.cy.ts`:
- Around line 56-73: After typing the filters into
cy.get(filterSelectors.filterInput) (the two lines that call
.type("tls_version=...") and .type("tls_types=...")), add an explicit wait for
the Loki query response before opening the columns modal; intercept or alias the
Loki/network request used by the app (e.g., cy.intercept(...).as('lokiQuery'))
and call cy.wait('@lokiQuery') right after the second .type() to ensure the
filtered table has settled, then proceed to cy.openColumnsModal() and the
subsequent assertions on colSelectors.tlsCipherSuite, colSelectors.tlsGroup and
colSelectors.tlsTypes.

---

Duplicate comments:
In `@web/cypress/integration-tests/tls_tracking.cy.ts`:
- Around line 81-89: The three Cypress checks using the selectors TLSTypes,
TLSGroup, and TLSCipherSuite can silently pass if there are zero matches; before
calling .each() on cy.get('[data-test-td-column-id="TLSTypes"]'),
cy.get('[data-test-td-column-id="TLSGroup"]'), and
cy.get('[data-test-td-column-id="TLSCipherSuite"]') add a guard assertion that
the query returns at least one element (e.g., .should('have.length.greaterThan',
0) or equivalent) so the subsequent .each() actually iterates over results,
mirroring the existing TLSVersion non-empty check.

---

Nitpick comments:
In `@web/cypress/integration-tests/netflow_table.cy.ts`:
- Line 71: Replace the hard-coded selector in the test (the
cy.get('#SrcK8S_Namespace[type="checkbox"]').uncheck() call) with the
centralized column selector used elsewhere; use colSelectors.srcNS (or the
appropriate property on colSelectors referencing SrcK8S_Namespace) so the line
becomes cy.get(colSelectors.srcNS).uncheck() to keep selector usage consistent
with the rest of the test.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 6f08411d-7a04-44c6-8f26-43303cd3f4bb

📥 Commits

Reviewing files that changed from the base of the PR and between ba80cae and fbd1beb.

📒 Files selected for processing (12)

• web/cypress/fixtures/flowcollector/fc_TLSTracking.yaml
• web/cypress/integration-tests/dns_dashboards.cy.ts
• web/cypress/integration-tests/dns_tracking.cy.ts
• web/cypress/integration-tests/netflow_cluster_admin_group.cy.ts
• web/cypress/integration-tests/netflow_external_subnet.cy.ts
• web/cypress/integration-tests/netflow_table.cy.ts
• web/cypress/integration-tests/netflow_zone_multiCluster.cy.ts
• web/cypress/integration-tests/table_queryopts.cy.ts
• web/cypress/integration-tests/tls_dashboards.cy.ts
• web/cypress/integration-tests/tls_tracking.cy.ts
• web/cypress/views/netflow-page.ts
• web/cypress/views/netobserv.ts

✅ Files skipped from review due to trivial changes (2)

• web/cypress/integration-tests/netflow_external_subnet.cy.ts
• web/cypress/integration-tests/dns_dashboards.cy.ts

🚧 Files skipped from review as they are similar to previous changes (3)

• web/cypress/fixtures/flowcollector/fc_TLSTracking.yaml
• web/cypress/views/netflow-page.ts
• web/cypress/views/netobserv.ts

[Amoghrd]

Trying to simplify install and visitFlowCollector funcs. Running the whole suite to check if it works