🧪 Add preview command to static-site SDK E2E tests

[Robdel12]

Summary

• Adds vizzly preview step to the static-site SDK E2E workflow
• Uploads the test-site as a preview after cloud mode tests complete
• Tests the preview command in real CI conditions

Test plan

• CI runs the static-site SDK E2E job
• Preview upload step succeeds after vizzly run
• Preview URL is generated and linked to the build

[claude]

PR Review

Overview

This PR adds the vizzly preview command to the static-site SDK E2E workflow, testing the preview upload functionality in real CI conditions after cloud mode tests complete.

Code Quality: ✅ Good

Strengths:

• Clean, focused change that adds a single step to test preview functionality
• Follows existing workflow patterns (working directory, token usage)
• Uses the same token secret that's already established for cloud mode tests

Potential Issues: ⚠️ Minor Concerns

1. Missing Git Context Environment Variables

The preview command runs after the cloud mode tests, but it's missing the git context environment variables that were set in the previous step. The cloud mode step includes:

• VIZZLY_COMMIT_MESSAGE
• VIZZLY_COMMIT_SHA

While the preview command itself (src/commands/preview.js:1-459) doesn't directly use these variables, it relies on the build ID from the session file created by the previous vizzly run command. If the session file stores git context, this might be fine. However, for consistency and completeness, consider adding these same environment variables to the preview step.

2. Working Directory Path Resolution

The command runs from ./clients/static-site and references ../../test-site. Verification:

• ✅ Confirmed: test-site/ exists at repo root with HTML files for a test SaaS marketing site
• ✅ Path resolution is correct: from clients/static-site → ../../test-site = repo root

3. Error Handling

The preview step has no error handling. If the preview upload fails:

• Will the entire workflow fail?
• Should it be marked with continue-on-error: true since this is a new feature being tested?

Consider whether preview upload failure should block the workflow or just be reported.

Security: ✅ Good

• Uses existing secret token (VIZZLY_STATIC_SITE_CLIENT_TOKEN)
• No new credentials exposed
• Path validation in preview.js (isPathSafe function) prevents command injection
• Symlink protection prevents path traversal attacks

Performance: ✅ Good

• Sequential execution is appropriate (preview depends on build from previous step)
• Timeout already set at job level (8 minutes)

Test Coverage: ℹ️ Info

• This PR IS the test - it adds E2E coverage for the preview command in CI
• No unit tests found for preview command itself (search shows no tests/commands/preview.spec.js)
• Consider adding unit tests for the preview command separately if not already covered

Documentation: ✅ Covered

• PR description clearly explains the purpose
• Test plan is clear and actionable

Recommendations

Priority: Medium

1. Add git context environment variables (VIZZLY_COMMIT_MESSAGE, VIZZLY_COMMIT_SHA) for consistency with cloud mode step
2. Decide on error handling strategy (fail vs. continue-on-error)

Priority: Low
3. Consider capturing preview URL as output for potential use in subsequent steps
4. Add unit tests for preview command if not already present

Verdict: ✅ Approve with Suggestions

This is a solid addition to the E2E test suite. The change is minimal, focused, and follows existing patterns. The suggestions above would make it more robust, but the PR is functional as-is for testing the preview command in CI.

Note: The preview command implementation (src/commands/preview.js) shows good security practices with path validation, symlink protection, and command injection prevention. Nice work on that front!

[vizzly-testing]

Vizzly - Visual Test Results

CLI Reporter - 7 changes need review

Status	Count
Passed	12
Changed	7
Auto-approved	12

Changes needing review (7)

filter-failed-only · Firefox · 1920×1080 · 0.1% diff

fullscreen-viewer · Firefox · 1920×1080 · 1.6% diff

bulk-accept-dialog · Firefox · 1920×1080 · 10.4% diff

viewer-slide-mode · Firefox · 1920×1080 · 0.5% diff

bulk-accept-dialog · Firefox · 375×892 · 159.2% diff

search-homepage · Firefox · 375×696 · 2.0% diff

...and 1 more in Vizzly.

Review changes

CLI TUI - 1 change needs review

Status	Count
Passed	4
Changed	1
Auto-approved	4

Changes needing review (1)

vizzly-help · 1202×1430 · 166.0% diff

Review changes

---

_{test-preview-e2e · 3ef9136e}