openshift
diff --git a/‎web/cypress.config.ts‎
Lines changed: 12 additions & 3 deletions b/‎web/cypress.config.ts‎
Lines changed: 12 additions & 3 deletions
diff --git a/‎web/cypress/README.md‎
Lines changed: 2 additions & 1 deletion b/‎web/cypress/README.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎web/cypress/configure-env.sh‎
Lines changed: 9 additions & 2 deletions b/‎web/cypress/configure-env.sh‎
Lines changed: 9 additions & 2 deletions
diff --git a/‎web/cypress/e2e/perses/03.coo_create_perses_admin.cy.ts‎
Lines changed: 45 additions & 0 deletions b/‎web/cypress/e2e/perses/03.coo_create_perses_admin.cy.ts‎
Lines changed: 45 additions & 0 deletions
diff --git a/‎web/cypress/e2e/perses/99.coo_rbac_perses_user1.cy.ts‎
Lines changed: 78 additions & 0 deletions b/‎web/cypress/e2e/perses/99.coo_rbac_perses_user1.cy.ts‎
Lines changed: 78 additions & 0 deletions
diff --git a/‎web/cypress/e2e/perses/99.coo_rbac_perses_user2.cy.ts‎
Lines changed: 78 additions & 0 deletions b/‎web/cypress/e2e/perses/99.coo_rbac_perses_user2.cy.ts‎
Lines changed: 78 additions & 0 deletions
diff --git a/‎web/cypress/e2e/virtualization/04.coo_ivt_perses.cy.ts‎
Lines changed: 2 additions & 2 deletions b/‎web/cypress/e2e/virtualization/04.coo_ivt_perses.cy.ts‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎…/openshift-cluster-sample-dashboard.yaml‎ ‎…/openshift-cluster-sample-dashboard.yaml‎web/cypress/fixtures/coo/coo121_perses_dashboards/openshift-cluster-sample-dashboard.yaml renamed to web/cypress/fixtures/coo/coo121_perses/dashboards/openshift-cluster-sample-dashboard.yaml b/‎…/openshift-cluster-sample-dashboard.yaml‎ ‎…/openshift-cluster-sample-dashboard.yaml‎web/cypress/fixtures/coo/coo121_perses_dashboards/openshift-cluster-sample-dashboard.yaml renamed to web/cypress/fixtures/coo/coo121_perses/dashboards/openshift-cluster-sample-dashboard.yaml
diff --git a/‎…_dashboards/perses-dashboard-sample.yaml‎ ‎…/dashboards/perses-dashboard-sample.yaml‎web/cypress/fixtures/coo/coo121_perses_dashboards/perses-dashboard-sample.yaml renamed to web/cypress/fixtures/coo/coo121_perses/dashboards/perses-dashboard-sample.yaml b/‎…_dashboards/perses-dashboard-sample.yaml‎ ‎…/dashboards/perses-dashboard-sample.yaml‎web/cypress/fixtures/coo/coo121_perses_dashboards/perses-dashboard-sample.yaml renamed to web/cypress/fixtures/coo/coo121_perses/dashboards/perses-dashboard-sample.yaml
diff --git a/‎…oards/prometheus-overview-variables.yaml‎ ‎…oards/prometheus-overview-variables.yaml‎web/cypress/fixtures/coo/coo121_perses_dashboards/prometheus-overview-variables.yaml renamed to web/cypress/fixtures/coo/coo121_perses/dashboards/prometheus-overview-variables.yaml b/‎…oards/prometheus-overview-variables.yaml‎ ‎…oards/prometheus-overview-variables.yaml‎web/cypress/fixtures/coo/coo121_perses_dashboards/prometheus-overview-variables.yaml renamed to web/cypress/fixtures/coo/coo121_perses/dashboards/prometheus-overview-variables.yaml
@@ -17,11 +17,20 @@ export default defineConfig({
   },
   env: {
     grepFilterSpecs: true,
-    HOST_API: process.env.CYPRESS_BASE_URL.replace(/console-openshift-console.apps/, 'api').concat(
+    HOST_API: (process.env.CYPRESS_BASE_URL || '').replace(/console-openshift-console.apps/, 'api').concat(
       ':6443',
     ),
-    LOGIN_USERNAME: process.env.CYPRESS_LOGIN_USERS.split(',')[0].split(':')[0],
-    LOGIN_PASSWORD: process.env.CYPRESS_LOGIN_USERS.split(',')[0].split(':')[1],
+    // User 0 credentials - as kubeadmin or even non-admin user
+    // specifically for perses e2e tests, user0 is considered as console admin user to install COO and create RBAC roles and bindings
+    LOGIN_USERNAME: (process.env.CYPRESS_LOGIN_USERS || '').split(',')[0]?.split(':')[0] || '',
+    LOGIN_PASSWORD: (process.env.CYPRESS_LOGIN_USERS || '').split(',')[0]?.split(':')[1] || '',
+    // User 1 credentials
+    // User 2 credentials
+    // specifically for perses e2e tests, user1 and user2 are considered as perses e2e users to test RBAC access to dashboards
+    LOGIN_USERNAME1: (process.env.CYPRESS_LOGIN_USERS || '').split(',')[1]?.split(':')[0] || '',
+    LOGIN_PASSWORD1: (process.env.CYPRESS_LOGIN_USERS || '').split(',')[1]?.split(':')[1] || '',
+    LOGIN_USERNAME2: (process.env.CYPRESS_LOGIN_USERS || '').split(',')[2]?.split(':')[0] || '',
+    LOGIN_PASSWORD2: (process.env.CYPRESS_LOGIN_USERS || '').split(',')[2]?.split(':')[1] || '',
     TIMEZONE: process.env.CYPRESS_TIMEZONE || 'UTC',
     MOCK_NEW_METRICS: process.env.CYPRESS_MOCK_NEW_METRICS || 'false',
     COO_NAMESPACE: process.env.CYPRESS_COO_NAMESPACE || 'openshift-cluster-observability-operator',
 
@@ -66,7 +66,8 @@ Creates `export-env.sh` that you can source later: `source export-env.sh`
 |----------|-------------|---------|
 | `CYPRESS_BASE_URL` | OpenShift Console URL | `https://console-openshift-console.apps...` |
 | `CYPRESS_LOGIN_IDP` | Identity provider name | `flexy-htpasswd-provider` or `kube:admin` |
-| `CYPRESS_LOGIN_USERS` | Login credentials | `username:password` or `kubeadmin:password` |
+| `CYPRESS_LOGIN_IDP_DEV_USER`| Identity provider name for devuser |  `flexy-htpasswd-provider` or `my_htpasswd_provider`|
+| `CYPRESS_LOGIN_USERS` | Login credentials | `username:password` or `kubeadmin:password` or `kubeadmin:password,user1:password,user2:password` |
 | `CYPRESS_KUBECONFIG_PATH` | Path to kubeconfig file | `~/Downloads/kubeconfig` |
 
 ### Plugin Image Configuration
 
@@ -186,6 +186,7 @@ print_current_config() {
   print_var "CYPRESS_KONFLUX_KBV_BUNDLE_IMAGE" "${CYPRESS_KONFLUX_KBV_BUNDLE_IMAGE-}"
   print_var "CYPRESS_CUSTOM_KBV_BUNDLE_IMAGE" "${CYPRESS_CUSTOM_KBV_BUNDLE_IMAGE-}"
   print_var "CYPRESS_FBC_STAGE_KBV_IMAGE" "${CYPRESS_FBC_STAGE_KBV_IMAGE-}"
+  print_var "CYPRESS_LOGIN_IDP_DEV_USER" "${CYPRESS_LOGIN_IDP_DEV_USER-}"
 }
 
 main() {
@@ -238,6 +239,7 @@ main() {
   local def_konflux_kbv_bundle=${CYPRESS_KONFLUX_KBV_BUNDLE_IMAGE-}
   local def_custom_kbv_bundle=${CYPRESS_CUSTOM_KBV_BUNDLE_IMAGE-}
   local def_fbc_stage_kbv_image=${CYPRESS_FBC_STAGE_KBV_IMAGE-}
+  local def_login_idp_dev_user=${CYPRESS_LOGIN_IDP_DEV_USER-}
   # Required basics
   local base_url
   while true; do
@@ -481,7 +483,9 @@ main() {
   local fbc_stage_kbv_image
   fbc_stage_kbv_image=$(ask "KBV FBC image (CYPRESS_FBC_STAGE_KBV_IMAGE)" "$def_fbc_stage_kbv_image")
 
-
+  local login_idp_dev_user
+  login_idp_dev_user=$(ask "Login identity provider dev user (CYPRESS_LOGIN_IDP_DEV_USER)" "$def_login_idp_dev_user")
+  
   # Build export lines with safe quoting
   local -a export_lines
   export_lines+=("export CYPRESS_BASE_URL='$(printf %s "$base_url" | escape_for_single_quotes)'" )
@@ -531,7 +535,9 @@ main() {
   if [[ -n "$fbc_stage_kbv_image" ]]; then
     export_lines+=("export CYPRESS_FBC_STAGE_KBV_IMAGE='$(printf %s "$fbc_stage_kbv_image" | escape_for_single_quotes)'" )
   fi
-
+  if [[ -n "$login_idp_dev_user" ]]; then
+    export_lines+=("export CYPRESS_LOGIN_IDP_DEV_USER='$(printf %s "$login_idp_dev_user" | escape_for_single_quotes)'" )
+  fi
   echo ""
   if is_sourced; then
     # Export directly into current shell
@@ -553,6 +559,7 @@ main() {
   echo "  CYPRESS_BASE_URL=$base_url"
   echo "  CYPRESS_LOGIN_IDP=$login_idp"
   echo "  CYPRESS_LOGIN_USERS=$login_users"
+  echo "  CYPRESS_LOGIN_IDP_DEV_USER=$login_idp_dev_user"
   echo "  CYPRESS_KUBECONFIG_PATH=$kubeconfig"
   [[ -n "$mp_image" ]] && echo "  CYPRESS_MP_IMAGE=$mp_image"
   [[ -n "$coo_namespace" ]] && echo "  CYPRESS_COO_NAMESPACE=$coo_namespace"
 
@@ -0,0 +1,45 @@
+import { nav } from '../../views/nav';
+import { runCOOCreatePersesTests } from '../../support/perses/03.coo_create_perses_admin.cy';
+
+// Set constants for the operators that need to be installed for tests.
+const MCP = {
+  namespace: 'openshift-cluster-observability-operator',
+  packageName: 'cluster-observability-operator',
+  operatorName: 'Cluster Observability Operator',
+  config: {
+    kind: 'UIPlugin',
+    name: 'monitoring',
+  },
+};
+
+const MP = {
+  namespace: 'openshift-monitoring',
+  operatorName: 'Cluster Monitoring Operator',
+};
+
+//TODO: change tag to @dashboards when customizable-dashboards gets merged
+describe('COO - Dashboards (Perses) - Create perses dashboard', { tags: ['@perses', '@dashboards-'] }, () => {
+
+  before(() => {
+    cy.beforeBlockCOO(MCP, MP);
+    cy.setupPersesRBACandExtraDashboards();
+  });
+
+  beforeEach(() => {
+    nav.sidenav.clickNavLink(['Observe', 'Dashboards (Perses)']);
+    cy.wait(5000);
+    cy.changeNamespace('All Projects');
+  });
+
+  after(() => {
+    cy.cleanupExtraDashboards();
+  });
+
+  runCOOCreatePersesTests({ 
+    name: 'Administrator',
+  });
+
+});
+
+
+
@@ -0,0 +1,78 @@
+import { nav } from '../../views/nav';
+import { runCOORBACPersesTestsDevUser1 } from '../../support/perses/99.coo_rbac_perses_user1.cy';
+
+
+// Set constants for the operators that need to be installed for tests.
+const MCP = {
+  namespace: 'openshift-cluster-observability-operator',
+  packageName: 'cluster-observability-operator',
+  operatorName: 'Cluster Observability Operator',
+  config: {
+    kind: 'UIPlugin',
+    name: 'monitoring',
+  },
+};
+
+const MP = {
+  namespace: 'openshift-monitoring',
+  operatorName: 'Cluster Monitoring Operator',
+};
+
+//TODO: change tag to @smoke, @dashboards, @perses when customizable-dashboards gets merged
+describe('BVT: COO - Dashboards (Perses) - Administrator perspective', { tags: ['@smoke-', '@dashboards-', '@perses-dev'] }, () => {
+
+  before(() => {
+    //TODO: https://issues.redhat.com/browse/OCPBUGS-58468 - when it gets fixed, installation can be don using non-admin user
+    // Step 1: Grant temporary cluster-admin role to dev user for COO/Perses installation
+    // cy.log('Granting temporary cluster-admin role to dev user for setup');
+    // cy.adminCLI(
+    //   `oc adm policy add-cluster-role-to-user cluster-admin ${Cypress.env('LOGIN_USERNAME')}`,
+    // );
+
+    // Step 2: Setup COO and Perses dashboards (requires admin privileges)
+    cy.beforeBlockCOO(MCP, MP);
+    cy.setupPersesRBACandExtraDashboards();
+
+    //TODO: https://issues.redhat.com/browse/OCPBUGS-58468 - when it gets fixed, installation can be don using non-admin user
+    // Step 3: Remove cluster-admin role - dev user now has limited permissions
+    // cy.log('Removing cluster-admin role from dev user');
+    // cy.adminCLI(
+    //   `oc adm policy remove-cluster-role-from-user cluster-admin ${Cypress.env('LOGIN_USERNAME')}`,
+    // );
+
+    // Step 4: Clear Cypress session cache and logout
+    // This is critical because beforeBlockCOO uses cy.session() which caches the login state
+    cy.log('Clearing Cypress session cache to ensure fresh login');
+    Cypress.session.clearAllSavedSessions();
+    
+    // Clear all cookies and storage to fully reset browser state
+    cy.clearAllCookies();
+    cy.clearAllLocalStorage();
+    cy.clearAllSessionStorage();
+
+    // Step 5: Re-login as dev user (now without cluster-admin role)
+    // Using cy.relogin() because it doesn't require oauthurl and handles the login page directly
+    cy.log('Re-logging in as dev user with limited permissions');
+    cy.relogin(
+      Cypress.env('LOGIN_IDP_DEV_USER'),
+      Cypress.env('LOGIN_USERNAME1'),
+      Cypress.env('LOGIN_PASSWORD1'),
+    );
+    cy.validateLogin();
+    cy.closeOnboardingModalIfPresent();
+  });
+
+  beforeEach(() => {
+    nav.sidenav.clickNavLink(['Observe', 'Dashboards (Perses)']);
+  });
+
+  after(() => {
+    cy.cleanupExtraDashboards();
+  });
+
+  //TODO: rename after customizable-dashboards gets merged
+  runCOORBACPersesTestsDevUser1({
+    name: 'Administrator',
+  });
+
+});
@@ -0,0 +1,78 @@
+import { nav } from '../../views/nav';
+import { runCOORBACPersesTestsDevUser2 } from '../../support/perses/99.coo_rbac_perses_user2.cy';
+
+
+// Set constants for the operators that need to be installed for tests.
+const MCP = {
+  namespace: 'openshift-cluster-observability-operator',
+  packageName: 'cluster-observability-operator',
+  operatorName: 'Cluster Observability Operator',
+  config: {
+    kind: 'UIPlugin',
+    name: 'monitoring',
+  },
+};
+
+const MP = {
+  namespace: 'openshift-monitoring',
+  operatorName: 'Cluster Monitoring Operator',
+};
+
+//TODO: change tag to @smoke, @dashboards, @perses when customizable-dashboards gets merged
+describe('BVT: COO - Dashboards (Perses) - Administrator perspective', { tags: ['@smoke-', '@dashboards-', '@perses-dev'] }, () => {
+
+  before(() => {
+    //TODO: https://issues.redhat.com/browse/OCPBUGS-58468 - when it gets fixed, installation can be don using non-admin user
+    // Step 1: Grant temporary cluster-admin role to dev user for COO/Perses installation
+    // cy.log('Granting temporary cluster-admin role to dev user for setup');
+    // cy.adminCLI(
+    //   `oc adm policy add-cluster-role-to-user cluster-admin ${Cypress.env('LOGIN_USERNAME')}`,
+    // );
+
+    // Step 2: Setup COO and Perses dashboards (requires admin privileges)
+    cy.beforeBlockCOO(MCP, MP);
+    cy.setupPersesRBACandExtraDashboards();
+
+    //TODO: https://issues.redhat.com/browse/OCPBUGS-58468 - when it gets fixed, installation can be don using non-admin user
+    // Step 3: Remove cluster-admin role - dev user now has limited permissions
+    // cy.log('Removing cluster-admin role from dev user');
+    // cy.adminCLI(
+    //   `oc adm policy remove-cluster-role-from-user cluster-admin ${Cypress.env('LOGIN_USERNAME')}`,
+    // );
+
+    // Step 4: Clear Cypress session cache and logout
+    // This is critical because beforeBlockCOO uses cy.session() which caches the login state
+    cy.log('Clearing Cypress session cache to ensure fresh login');
+    Cypress.session.clearAllSavedSessions();
+    
+    // Clear all cookies and storage to fully reset browser state
+    cy.clearAllCookies();
+    cy.clearAllLocalStorage();
+    cy.clearAllSessionStorage();
+
+    // Step 5: Re-login as dev user (now without cluster-admin role)
+    // Using cy.relogin() because it doesn't require oauthurl and handles the login page directly
+    cy.log('Re-logging in as dev user with limited permissions');
+    cy.relogin(
+      Cypress.env('LOGIN_IDP_DEV_USER'),
+      Cypress.env('LOGIN_USERNAME2'),
+      Cypress.env('LOGIN_PASSWORD2'),
+    );
+    cy.validateLogin();
+    cy.closeOnboardingModalIfPresent();
+  });
+
+  beforeEach(() => {
+    nav.sidenav.clickNavLink(['Observe', 'Dashboards (Perses)']);
+  });
+
+  after(() => {
+    cy.cleanupExtraDashboards();
+  });
+
+  //TODO: rename after customizable-dashboards gets merged
+  runCOORBACPersesTestsDevUser2({
+    name: 'Administrator',
+  });
+
+});
@@ -1,5 +1,5 @@
 import { nav } from '../../views/nav';
-import { runBVTCOOPersesTests } from '../../support/perses/00.coo_bvt_perses.cy';
+import { runBVTCOOPersesTests } from '../../support/perses/00.coo_bvt_perses_admin.cy';
 import { guidedTour } from '../../views/tour';
 import { commonPages } from '../../views/common';
 
@@ -56,7 +56,7 @@ describe('Installation: Virtualization', { tags: ['@virtualization', '@slow'] },
   });
 });
 
-describe('IVT: COO - Dashboards (Perses) - Virtualization perspective', { tags: ['@virtualization', '@dashboards'] }, () => {
+describe('IVT: COO - Dashboards (Perses) - Virtualization perspective', { tags: ['@virtualization', '@perses'] }, () => {
 
   beforeEach(() => {
     cy.visit('/');