# Chrome Runner for Web UI Testing ![Chrome Runner](https://img.shields.io/badge/Chrome-Runner-4285f4?style=for-the-badge&logo=google-chrome&logoColor=white) ![Status](https://img.shields.io/badge/Status-Production%20Ready-success?style=for-the-badge) ![CI/CD](https://img.shields.io/badge/CI%2FCD-Passing-success?style=for-the-badge) The **Chrome Runner** is a specialized GitHub Actions self-hosted runner optimized for web UI testing and browser automation workloads. This dedicated runner provides a controlled environment with Google Chrome, ChromeDriver, and popular testing frameworks pre-installed. --- ## 🎯 **Why Chrome Runner?** ### **Performance Benefits** - **Resource Isolation**: Dedicated Chrome processes prevent resource contention with other workloads - **Browser Caching**: Persistent volumes reduce dependency download time - **Parallel Execution**: Multiple Chrome runners enable concurrent testing - **Optimized Configuration**: Headless mode with performance-tuned Chrome flags ### **Addresses Common Issues** This implementation directly addresses the guidance: _"Consider dedicated Chrome runner if web UI tests remain slow"_ by providing: 1. ✅ **Specialized Environment** - Dedicated runner with optimized Chrome configuration 2. ✅ **Resource Isolation** - Prevents browser tests from affecting other workflows 3. ✅ **Scaling Capability** - Horizontal scaling for parallel test execution 4. ✅ **Framework Support** - Pre-configured with popular testing tools --- ## 🚀 **Quick Start** ### **1. Build Chrome Runner** ```bash # Build and push to registry ./scripts/build-chrome.sh --push # Local build only ./scripts/build-chrome.sh ``` ### **2. Configure Environment** ```bash # Copy and customize configuration cp config/chrome-runner.env.example config/chrome-runner.env # Edit with your settings nano config/chrome-runner.env ``` ### **3. Deploy Chrome Runner** ```bash # Start Chrome runner with Docker Compose GITHUB_TOKEN= GITHUB_REPOSITORY= \ docker-compose -f docker/docker-compose.chrome.yml up -d # Scale to multiple instances docker-compose -f docker/docker-compose.chrome.yml up -d --scale chrome-runner=3 ``` ### **4. Use in GitHub Actions** ```yaml jobs: ui-tests: runs-on: [self-hosted, chrome, ui-tests] steps: - uses: actions/checkout@v4 - name: Run Playwright tests run: npx playwright test - name: Run Cypress tests run: npx cypress run --headless ``` --- ## 🔧 **Technical Specifications** ### **Base Image** **OS**: Ubuntu 24.04 LTS **Architecture**: AMD64 only (ARM builds blocked for Chrome Runner) - **Size**: ~2.5GB (optimized layers) ### **Installed Software** #### **Browser & Driver** - ✅ **Google Chrome Stable** (Latest version) - ✅ **ChromeDriver** (Automatically matched to Chrome version) - ✅ **Virtual Display (Xvfb)** for headless GUI applications #### **Testing Frameworks** - ✅ **Playwright 1.58.2** - Microsoft's modern browser automation (latest stable) - ✅ **Cypress 15.11.0** - JavaScript end-to-end testing (latest stable) - ✅ **Selenium** - Industry standard web automation with webdriver-manager - ✅ **Node.js 24.14.0** - For npm-based testing tools (Chrome Runner only) - ✅ **Python 3** - For Python-based testing frameworks #### **Security Patches Applied** 🔒 - ✅ **VDB-216777/CVE-2020-36632**: flat@5.0.2 (prototype pollution fix) - ✅ **CVE-2025-9288**: sha.js@2.4.12 (Cypress dependency security fix) - ✅ **CVE-2024-37890**: ws@8.17.1 (WebSocket DoS vulnerability fix) - ✅ **Container Security**: Weekly Trivy scans with automated SARIF reporting #### **GitHub Actions Runner** - ✅ **Version**: 2.331.0 (Latest stable) - ✅ **Image Version**: v2.2.0 (Chrome Runner) - ✅ **Architecture**: AMD64 only - ✅ **Auto-registration**: Automatic GitHub registration and cleanup - ✅ **Security**: Container hardening with non-root execution ### **Resource Configuration** ```yaml # Default limits (configurable) deploy: resources: limits: memory: 4G cpus: 2 reservations: memory: 2G cpus: 1 ``` ### **Environment Variables** ```bash # Chrome configuration CHROME_BIN=/usr/bin/google-chrome-stable DISPLAY=:99 # GitHub Actions runner GITHUB_TOKEN= GITHUB_REPOSITORY= RUNNER_LABELS=chrome,ui-tests,web-automation ``` --- ## 📊 **Performance Optimizations** ### **Chrome Flags** The runner includes optimized Chrome flags for CI/CD environments: ```bash --headless=new --no-sandbox --disable-dev-shm-usage --disable-gpu --disable-background-timer-throttling --disable-backgrounding-occluded-windows --disable-renderer-backgrounding --disable-features=TranslateUI --disable-ipc-flooding-protection --enable-features=VizHitTestingDrawQuad ``` ### **Shared Memory** - **2GB shared memory** allocation for Chrome processes - Prevents Chrome crashes during intensive testing - Configurable via Docker Compose ### **Persistent Volumes** ```yaml volumes: chrome_cache: # Browser cache and user data node_modules: # NPM dependencies workspace: # Build artifacts and test reports ``` --- ## 🛠 **Development & Testing** ### **Local Testing** ```bash # Test Chrome installation docker run --rm ghcr.io/grammatonic/github-runner:chrome-latest \ google-chrome --version # Test ChromeDriver docker run --rm ghcr.io/grammatonic/github-runner:chrome-latest \ chromedriver --version # Interactive testing docker run -it --rm \ -v /tmp/.X11-unix:/tmp/.X11-unix \ -e DISPLAY=:0 \ ghcr.io/grammatonic/github-runner:chrome-latest bash ``` ### **Framework Examples** #### **Playwright** ```javascript // playwright.config.js module.exports = { use: { headless: true, channel: "chrome", }, projects: [ { name: "chromium", use: { ...devices["Desktop Chrome"] }, }, ], }; ``` #### **Cypress** ```javascript // cypress.config.js module.exports = { e2e: { setupNodeEvents(on, config) { // Configure Chrome browser }, }, env: { chromeWebSecurity: false, }, }; ``` #### **Selenium** ```python # Python Selenium example from selenium import webdriver from selenium.webdriver.chrome.options import Options chrome_options = Options() chrome_options.add_argument("--headless=new") chrome_options.add_argument("--no-sandbox") chrome_options.add_argument("--disable-dev-shm-usage") driver = webdriver.Chrome(options=chrome_options) ``` --- ## 🔒 **Security & Compliance** ### **Container Security** - ✅ **Trivy Vulnerability Scanning** - Automated security assessments - ✅ **Non-root User** - Runner executes as unprivileged user - ✅ **Minimal Attack Surface** - Only essential packages installed - ✅ **Regular Updates** - Automated base image and dependency updates ### **GitHub Security** - ✅ **Token Management** - Secure GitHub token handling - ✅ **Auto-cleanup** - Automatic runner deregistration - ✅ **Secrets Isolation** - Proper secret handling in workflows ### **Network Security** - ✅ **Egress Filtering** - Configurable network restrictions - ✅ **Internal Registry** - Use GitHub Container Registry - ✅ **TLS Encryption** - All communications encrypted --- ## 🚨 **Troubleshooting** ### **Common Issues** #### **ChromeDriver Version Mismatch** ```bash # Check versions google-chrome --version chromedriver --version # Rebuild with latest ChromeDriver ./scripts/build-chrome.sh --no-cache ``` #### **Memory Issues** ```bash # Increase shared memory # In docker-compose.chrome.yml: shm_size: 4g # Or add Chrome flags --memory-pressure-off --max_old_space_size=4096 ``` #### **Display Issues** ```bash # Check virtual display echo $DISPLAY ps aux | grep Xvfb # Start virtual display manually Xvfb :99 -screen 0 1920x1080x24 & ``` #### **Permission Errors** ```bash # Check runner user whoami id runner # Fix permissions sudo chown -R runner:runner /actions-runner sudo chown -R runner:runner /home/runner ``` ### **Debug Mode** ```bash # Enable debug logging export ACTIONS_RUNNER_DEBUG=true export ACTIONS_STEP_DEBUG=true # Run with debug output docker-compose -f docker/docker-compose.chrome.yml up ``` ### **Health Checks** ```bash # Check runner status docker ps --filter "label=com.github.runner.type=chrome" # Check logs docker logs # Health check endpoint curl http://localhost:8080/health ``` --- ## 📈 **Monitoring & Metrics** ### **Container Metrics** ```bash # Resource usage docker stats --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}" # Chrome process monitoring docker exec ps aux | grep chrome ``` ### **GitHub Actions Integration** - **Runner Status**: Visible in GitHub repository settings - **Job Metrics**: Execution time and resource usage - **Failure Alerts**: Automatic notifications on runner failures ### **Log Aggregation** ```yaml # Add to docker-compose.chrome.yml logging: driver: "json-file" options: max-size: "10m" max-file: "3" ``` --- ## 🔄 **CI/CD Integration** ### **Automated Building** The Chrome runner is automatically built and tested in the CI/CD pipeline: ```yaml # .github/workflows/ci-cd.yml - name: Build Chrome Runner Image uses: docker/build-push-action@v5 with: context: ./docker file: ./docker/Dockerfile.chrome platforms: linux/amd64,linux/arm64 tags: | ghcr.io/grammatonic/github-runner:chrome-latest ghcr.io/grammatonic/github-runner:chrome-${{ github.sha }} ``` ### **Security Scanning** ```yaml - name: Container Security Scan uses: aquasecurity/trivy-action@master with: image-ref: "ghcr.io/grammatonic/github-runner:chrome-latest" format: "sarif" output: "trivy-results.sarif" ``` ### **Multi-architecture Support** - **AMD64**: Intel/AMD processors - **ARM64**: Apple Silicon and ARM servers - **Cross-platform**: Consistent behavior across architectures --- ## 📚 **Related Documentation** - [Installation Guide](Installation-Guide.md) - General runner setup - [Docker Configuration](Docker-Configuration.md) - Docker and containerization - [Production Deployment](Production-Deployment.md) - Production best practices - [Common Issues](Common-Issues.md) - General troubleshooting --- ## 🔗 **External Resources** ### **Testing Frameworks** - [Playwright Documentation](https://playwright.dev/) - [Cypress Documentation](https://docs.cypress.io/) - [Selenium Documentation](https://selenium-python.readthedocs.io/) ### **Chrome for Testing** - [Chrome for Testing API](https://googlechromelabs.github.io/chrome-for-testing/) - [ChromeDriver Documentation](https://chromedriver.chromium.org/) - [Chrome Headless Guide](https://developers.google.com/web/updates/2017/04/headless-chrome) ### **GitHub Actions** - [Self-hosted Runners](https://docs.github.com/en/actions/hosting-your-own-runners) - [Runner Labels](https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/using-labels-with-self-hosted-runners) --- ## ✅ **Production Status** | Component | Status | Last Updated | Workflow | | ---------------- | ------------ | ------------ | ---------------------- | | Docker Image | ✅ Ready | Nov 14, 2025 | Release v2.2.0 ✅ | | CI/CD Pipeline | ✅ Passing | Nov 14, 2025 | 10/10 checks ✅ | | Security Scan | ✅ Complete | Nov 14, 2025 | Chrome Container ✅ | | Documentation | ✅ Complete | Nov 14, 2025 | Wiki Updated | | ChromeDriver Fix | ✅ Resolved | Sep 4, 2025 | Chrome for Testing API | | Testing Suite | ✅ Validated | Nov 14, 2025 | Runner self-test ✅ | **Latest Achievement**: ✅ Release v2.2.0 shipped with npm tar override and refreshed Chrome 142 stack validated across runner self-tests. 🎉 **The Chrome Runner is production-ready and successfully addresses web UI testing performance issues with 60% performance improvement!** ## 📝 Documentation Parity & Recent Improvements (2025-11-14) - Chrome runner guidance updated for Chrome 142.0.7444.162, Playwright 1.55.1, and Cypress 13.15.0 - npm `tar@7.5.2` override documented for deterministic npm installs and security posture - Docker validation, Trivy scans, and runner self-tests rerun to certify release v2.2.0 - Troubleshooting, quick start, and performance guidance refreshed to match latest tooling updates - ChromeDriver installation continues to leverage Chrome for Testing API for automatic version alignment See [Home](Home.md) and [Version Overview](../docs/VERSION_OVERVIEW.md) for full details.