chore(ci): AB-2168 - manual CI workflow trigger, TestRail mapping improvements, and new test case IDs

[sievdokymov-virtru]

Summary

• Manual workflow trigger: Added workflow_dispatch input to ci.yaml so the E2E suite can be triggered manually with a custom TestRail run name, not only on push/schedule.
• Fix otdfctl-ref for manual runs: Changed github.event.pull_request.head.sha to github.event.pull_request.head.sha || github.sha so the ref resolves correctly when there is no pull request context (e.g. manual dispatch or schedule).
• TestRail upload gating: The TestRail result upload and artifact steps in action.yaml now only run on main branch or workflow_dispatch, preventing noise from PR runs.
• Auto-prefix tolerance in name matching: upload-bats-test-results-to-testrail.sh now strips [Auto] / (Auto) prefixes from mapping file keys before comparison, so TestRail case names can carry those prefixes without breaking the TAP→case-ID lookup.
• Colored output in upload script: Mapping results now print YES_MAPPING_FOUND (green) / MAPPING_NOT_FOUND (red) for easier visual scanning of the report.
• New test case IDs: testname-to-testrail-id.virtru.json updated with new case IDs for policy namespaces, obligation triggers, SCS namespace filters, and subject mapping namespace variants.

Test plan

• Trigger the workflow manually via GitHub Actions UI and verify the custom run name appears in TestRail.
• Confirm scheduled/push-to-main runs still upload results to TestRail.
• Confirm PR runs do not upload results to TestRail.
• Verify test cases with [Auto]/(Auto) prefixes in the mapping file are correctly matched against plain TAP names.
• Check that mapping logs in stdout shows colored output.

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Added manual workflow dispatch to CI with an optional TestRail input.
  • Made TestRail steps conditional to run only on main or manual triggers.
  • Expanded TestRail test-case mappings for additional scenarios.
  • Improved test-result reporting with color-coded output and more robust test-name normalization for reliable mapping.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR adds a manual workflow_dispatch trigger (with an optional TestRail input) to CI, updates the e2e action reference and otfdctl ref fallback, makes TestRail steps conditional on main or workflow_dispatch, extends TestRail mapping JSON, and adds colored output plus improved name-normalization in the upload script.

Changes

Cohort / File(s)	Summary
CI workflow .github/workflows/ci.yaml	Added workflow_dispatch with optional testrail-run-name-for-cli-test; extended push branches; set e2e action to opentdf/otdfctl/e2e pinned to ab-2168-otdfctl-manual-trigger; otdfctl-ref now falls back to ${{ github.sha }} when PR head sha is unavailable; passed through the new TestRail input.
e2e composite action e2e/action.yaml	Added conditionals so TestRail integration and mapping-report upload steps run only when on refs/heads/main or when triggered via workflow_dispatch.
Test-to-TestRail mappings e2e/testrail-integration/samples-for-virtru-instance/testname-to-testrail-id.virtru.json	Added multiple new test-name → TestRail ID mappings across Namespaces, Obligations, Subject Condition Sets, and Subject Mapping sections.
TestRail upload script e2e/testrail-integration/upload-bats-test-results-to-testrail.sh	Introduced ANSI color constants and replaced YES/NO with YES_MAPPING_FOUND (green) / MAPPING_NOT_FOUND (red) in outputs and mapping report; improved lookup by lowercasing and stripping leading "[auto] " and "(auto) " before comparisons.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  rect rgba(200,230,255,0.5)
    actor User as GitHub UI
    participant Actions as GitHub Actions CI
    participant E2E as opentdf/otdfctl/e2e
    participant Script as upload-bats-test-results-to-testrail.sh
    participant TestRail as TestRail API
  end
  User->>Actions: Trigger push or workflow_dispatch (optional testrail-run-name)
  Actions->>E2E: Run e2e job (otdfctl-ref -> PR head sha or github.sha)
  E2E->>Script: Produce test results & mapping-report.txt
  alt on main branch or workflow_dispatch
    Script->>TestRail: Upload mapping-report / test results
    TestRail-->>Script: Return upload status
  else other branches
    Script-->>Actions: Skip TestRail upload
  end
  Script-->>Actions: Persist mapping-report artifact

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Poem

🐰 I hopped to the CI with a twitch and a grin,

I added a button to let manual runs in,
I colored the logs with bright leafy green,
Trimmed auto-prefixes so names stay clean,
Now mappings parade with a confident spin. 🥕✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly reflects the main changes: adding manual CI workflow trigger (AB-2168), TestRail mapping improvements, and new test case IDs, which align with all modified files.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ab-2168-otdfctl-manual-trigger

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request restricts TestRail integration and report uploading to the main branch or manual workflow triggers. It also updates the test case mapping JSON with new entries and modifies the integration script to handle specific test name prefixes and include colored console output. Feedback was provided to ensure that ANSI color codes are not written to the report file artifact, as they can cause readability issues in standard text editors and browser previews.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

e2e/action.yaml (1)

82-97: ⚠️ Potential issue | 🟠 Major

Add always() to TestRail reporting steps to capture failed test results.

Lines 83 and 97 gate by branch/event but lack always(), so these steps skip after Run Bats tests fails. This means failed Bats results on main or manual runs are written to bats-results.tap but never uploaded to TestRail or included in the mapping-report artifact.

Modify the conditions to run regardless of prior test failures:

Proposed fix

    - name: Integrate Bats test results into TestRail
-      if: github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
+      if: always() && (github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch')
      shell: bash
      working-directory: otdfctl
      run: |
        cd e2e
        cp ./testrail-integration/samples-for-virtru-instance/testrail-virtru.config.json ./testrail-integration/testrail.config.json
        cp ./testrail-integration/samples-for-virtru-instance/testname-to-testrail-id.virtru.json ./testrail-integration/testname-to-testrail-id.json
        ./testrail-integration/upload-bats-test-results-to-testrail.sh
      continue-on-error: true
      env:
        TESTRAIL_USER: ${{ env.TESTRAIL_USER }}
        TESTRAIL_PASS: ${{ env.TESTRAIL_PASS }}
        TESTRAIL_CLI_RUN_NAME: ${{ inputs.testrail-run-name-for-cli-test }}
    - name: Upload TestRail mapping report
-      if: github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch'
+      if: always() && (github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch')
      uses: actions/upload-artifact@v4

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@e2e/action.yaml` around lines 82 - 97, The two workflow steps "Integrate Bats
test results into TestRail" and "Upload TestRail mapping report" are currently
gated by branch/event and will be skipped if earlier steps fail; change their if
conditions to include always() so they run regardless of prior failures, e.g.
update the if expressions for those steps to always() && (github.ref ==
'refs/heads/main' || github.event_name == 'workflow_dispatch') so that the Bats
TAP output is always uploaded to TestRail and included in the mapping-report
artifact.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@e2e/testrail-integration/upload-bats-test-results-to-testrail.sh`:
- Around line 139-144: Replace usages of echo -e that interpolate
user-controlled $name (and other variables) with printf to avoid interpreting
backslash sequences in test names; for each occurrence (the two echo -e lines
that print to console and the two that append to "$REPORT_FILE"), use printf
with a %b for the color sequence portion and %s for the $name/test data so only
the color codes are expanded and user input is printed verbatim; ensure the
messages that include $case_id/$section remain formatted the same and keep
appends to "$REPORT_FILE" using printf to avoid corrupting logs.

---

Outside diff comments:
In `@e2e/action.yaml`:
- Around line 82-97: The two workflow steps "Integrate Bats test results into
TestRail" and "Upload TestRail mapping report" are currently gated by
branch/event and will be skipped if earlier steps fail; change their if
conditions to include always() so they run regardless of prior failures, e.g.
update the if expressions for those steps to always() && (github.ref ==
'refs/heads/main' || github.event_name == 'workflow_dispatch') so that the Bats
TAP output is always uploaded to TestRail and included in the mapping-report
artifact.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 5868b528-6276-4eb2-863e-f43b5bceabff

📥 Commits

Reviewing files that changed from the base of the PR and between 8284997 and 7a509ac.

📒 Files selected for processing (4)

• .github/workflows/ci.yaml
• e2e/action.yaml
• e2e/testrail-integration/samples-for-virtru-instance/testname-to-testrail-id.virtru.json
• e2e/testrail-integration/upload-bats-test-results-to-testrail.sh

[github-actions]

X-Test Failure Report

test-cases-mapping-report
bats-test-results

[github-actions]

X-Test Results

✅ go-main
✅ go-v0.9.0
✅ java-main
✅ java-v0.9.0
✅ js-v0.9.0
✅ js-main
test-cases-mapping-report
bats-test-results

[sievdokymov-virtru]

Fix PR for blocking govulncheck: #796

[github-actions]

X-Test Failure Report

[github-actions]

X-Test Results

✅ go-main
✅ go-v0.9.0
✅ java-main
✅ js-main
✅ java-v0.9.0
✅ js-v0.9.0
test-cases-mapping-report
bats-test-results

[sievdokymov-virtru]

Closing in favour of opentdf/platform#3361.