Skip to content

Runtime Smoke Test

This directory contains a fast end-to-end smoke test flow for runtime behavior.

Purpose

The smoke test catches runtime breaks that syntax checks cannot detect.

For shell script quality gates (syntax/format/lint and AGENTS.md checklist), use the separate quality check flow:

  • Local: ./scripts/ci-quality-checks.sh
  • CI workflow: .github/workflows/quality-checks.yml
  • Default behavior uses a temporary shellcheck baseline for known legacy findings.
  • Strict mode (no excludes): SHELLCHECK_EXCLUDES= ./scripts/ci-quality-checks.sh

It validates:

  • container starts successfully
  • NZBGet web UI port 6789/tcp is reachable
  • Privoxy port 8118/tcp is reachable when ENABLE_PRIVOXY=yes
  • base self-test exits successfully (/root/healthcheck.sh and /home/nobody/vpn-selftest.sh)
  • doctor.sh --heal can recover managed script drift and writes recovery backups under /data/backups/doctor-heal-*

Files

  • docker-compose.smoke.yml: isolated smoke-test stack for CI and local runs.
  • ../scripts/ci-smoke-test.sh: orchestrates startup, checks, and cleanup.
  • ../.github/workflows/smoke-test.yml: runs the smoke test on push and pull_request.
  • ../scripts/ci-drift-radar.sh: checks current pinned base/NZBGet versions against latest upstream values.
  • ../.github/workflows/drift-radar.yml: scheduled weekly dependency drift report (workflow_dispatch supported) and auto-create/update of a single open drift issue when updates are available.
  • ../.github/workflows/security-scan.yml: Trivy filesystem scan with SARIF upload to GitHub Security tab and severity gate (TRIVY_FAIL_SEVERITY, default CRITICAL).
  • ../.github/workflows/release-orchestration.yml: release-readiness orchestration workflow (quality + smoke + security gate) for manual runs and version tags.

Local Usage

From repository root:

./scripts/ci-smoke-test.sh

The smoke stack defaults to SMOKE_PLATFORM=linux/amd64 because the pinned base image is published for amd64.

If needed, you can override the platform:

SMOKE_PLATFORM=linux/amd64 ./scripts/ci-smoke-test.sh

Requirements on the host:

  • Docker with Compose support (docker compose)
  • nc (netcat) for TCP reachability checks

On success, the script prints Smoke test passed.

By default, the script cleans up the stack after exit.

To keep the stack running for debugging:

KEEP_SMOKE_STACK=yes ./scripts/ci-smoke-test.sh

Debugging

Useful commands:

docker compose -f ci/docker-compose.smoke.yml ps
docker compose -f ci/docker-compose.smoke.yml logs --no-color
docker compose -f ci/docker-compose.smoke.yml down -v --remove-orphans

If you see no match for platform in manifest, run with SMOKE_PLATFORM=linux/amd64.