cleanup(tests): simplify review pass

- fixtures/fs.py: testdata path resolved to tests/testdata after the
  fixture move; integration tests with data-driven parametrize (e.g.
  alerts/02_basic_alert_conditions.py) were all failing with
  FileNotFoundError. Walk to tests/integration/testdata now.
- fixtures/auth.py: extract _login helper so apply_license stops
  duplicating the GET /sessions/context + POST /sessions/email_password
  pair. Add a retry loop on POST /api/v3/licenses so a BE that isn't
  quite ready at bring-up time doesn't fail the fixture.
- seeder/server.py: use FastAPI lifespan to open+close the ClickHouse
  client instead of a lazy module-level global; collapse the verbose
  module docstring.
- fixtures/seeder.py + e2e/bootstrap/setup.py: trim docstrings/comments
  that narrated WHAT the code does — per-repo convention keeps only
  non-obvious WHY.
- .github/workflows/integrationci.yaml: gate the Chrome + chromedriver
  install on matrix.suite == 'callbackauthn' (the only suite that uses
  Selenium). Saves ~30s × 50 jobs on every PR run.

.github/workflows/e2eci.yaml

@@ -0,0 +1,70 @@
+name: e2eci
+
+on:
+  pull_request:
+    types:
+      - labeled
+  pull_request_target:
+    types:
+      - labeled
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        project:
+          - chromium
+    if: |
+      ((github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork && github.event.pull_request.user.login != 'dependabot[bot]' && ! contains(github.event.pull_request.labels.*.name, 'safe-to-test')) ||
+      (github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'safe-to-test'))) && contains(github.event.pull_request.labels.*.name, 'safe-to-e2e')
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+      - name: python
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.13
+      - name: uv
+        uses: astral-sh/setup-uv@v4
+      - name: node
+        uses: actions/setup-node@v4
+        with:
+          node-version: lts/*
+      - name: python-install
+        run: |
+          cd tests && uv sync
+      - name: yarn-install
+        run: |
+          cd tests/e2e && yarn install --frozen-lockfile
+      - name: playwright-browsers
+        run: |
+          cd tests/e2e && yarn playwright install --with-deps ${{ matrix.project }}
+      - name: bring-up-stack
+        run: |
+          cd tests && \
+            uv run pytest \
+            --basetemp=./tmp/ \
+            -vv --reuse --with-web \
+            e2e/bootstrap/setup.py::test_setup
+      - name: playwright-test
+        run: |
+          cd tests/e2e && \
+            yarn playwright test --project=${{ matrix.project }}
+      - name: teardown-stack
+        if: always()
+        run: |
+          cd tests && \
+            uv run pytest \
+            --basetemp=./tmp/ \
+            -vv --teardown \
+            e2e/bootstrap/setup.py::test_teardown
+      - name: upload-artifacts
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: playwright-artifacts-${{ matrix.project }}
+          path: tests/e2e/artifacts/
+          retention-days: 5

.github/workflows/integrationci.yaml

@@ -25,11 +25,11 @@ jobs:
         uses: astral-sh/setup-uv@v4
       - name: install
         run: |
-          cd tests/integration && uv sync
+          cd tests && uv sync
       - name: fmt
         run: |
           make py-fmt
-          git diff --exit-code -- tests/integration/
+          git diff --exit-code -- tests/
       - name: lint
         run: |
           make py-lint
@@ -37,21 +37,21 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        src:
-          - bootstrap
-          - passwordauthn
+        suite:
+          - alerts
           - callbackauthn
           - cloudintegrations
           - dashboard
+          - ingestionkeys
           - logspipelines
+          - passwordauthn
           - preference
           - querier
+          - rawexportdata
           - role
-          - ttl
-          - alerts
-          - ingestionkeys
           - rootuser
           - serviceaccount
+          - ttl
         sqlstore-provider:
           - postgres
           - sqlite
@@ -79,8 +79,9 @@ jobs:
         uses: astral-sh/setup-uv@v4
       - name: install
         run: |
-          cd tests/integration && uv sync
+          cd tests && uv sync
       - name: webdriver
+        if: matrix.suite == 'callbackauthn'
         run: |
           wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
           echo "deb http://dl.google.com/linux/chrome/deb/ stable main" | sudo tee -a /etc/apt/sources.list.d/google-chrome.list
@@ -99,10 +100,10 @@ jobs:
           google-chrome-stable --version
       - name: run
         run: |
-          cd tests/integration && \
+          cd tests && \
             uv run pytest \
             --basetemp=./tmp/ \
-            src/${{matrix.src}} \
+            integration/tests/${{matrix.suite}} \
             --sqlstore-provider ${{matrix.sqlstore-provider}} \
             --sqlite-mode ${{matrix.sqlite-mode}} \
             --postgres-version ${{matrix.postgres-version}} \

.github/workflows/run-e2e.yaml

@@ -1,62 +0,0 @@
-name: e2eci
-
-on:
-  workflow_dispatch:
-    inputs:
-      userRole:
-        description: "Role of the user (ADMIN, EDITOR, VIEWER)"
-        required: true
-        type: choice
-        options:
-          - ADMIN
-          - EDITOR
-          - VIEWER
-
-jobs:
-  test:
-    name: Run Playwright Tests
-    runs-on: ubuntu-latest
-    timeout-minutes: 60
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: lts/*
-
-      - name: Mask secrets and input
-        run: |
-          echo "::add-mask::${{ secrets.BASE_URL }}"
-          echo "::add-mask::${{ secrets.LOGIN_USERNAME }}"
-          echo "::add-mask::${{ secrets.LOGIN_PASSWORD }}"
-          echo "::add-mask::${{ github.event.inputs.userRole }}"
-
-      - name: Install dependencies
-        working-directory: frontend
-        run: |
-          npm install -g yarn
-          yarn
-
-      - name: Install Playwright Browsers
-        working-directory: frontend
-        run: yarn playwright install --with-deps
-
-      - name: Run Playwright Tests
-        working-directory: frontend
-        run: |
-          BASE_URL="${{ secrets.BASE_URL }}" \
-          LOGIN_USERNAME="${{ secrets.LOGIN_USERNAME }}" \
-          LOGIN_PASSWORD="${{ secrets.LOGIN_PASSWORD }}" \
-          USER_ROLE="${{ github.event.inputs.userRole }}" \
-          yarn playwright test
-
-      - name: Upload Playwright Report
-        uses: actions/upload-artifact@v4
-        if: always()
-        with:
-          name: playwright-report
-          path: frontend/playwright-report/
-          retention-days: 30

Makefile

@@ -201,26 +201,26 @@ docker-buildx-enterprise: go-build-enterprise js-build
 # python commands
 ##############################################################
 .PHONY: py-fmt
-py-fmt: ## Run black for integration tests
-	@cd tests/integration && uv run black .
+py-fmt: ## Run black across the shared tests project
+	@cd tests && uv run black .
 
 .PHONY: py-lint
-py-lint: ## Run lint for integration tests
-	@cd tests/integration && uv run isort .
-	@cd tests/integration && uv run autoflake .
-	@cd tests/integration && uv run pylint .
+py-lint: ## Run lint across the shared tests project
+	@cd tests && uv run isort .
+	@cd tests && uv run autoflake .
+	@cd tests && uv run pylint .
 
 .PHONY: py-test-setup
-py-test-setup: ## Runs integration tests
-	@cd tests/integration && uv run pytest --basetemp=./tmp/ -vv --reuse --capture=no src/bootstrap/setup.py::test_setup
+py-test-setup: ## Bring up the shared SigNoz backend used by integration and e2e tests
+	@cd tests && uv run pytest --basetemp=./tmp/ -vv --reuse --capture=no integration/bootstrap/setup.py::test_setup
 
 .PHONY: py-test-teardown
-py-test-teardown: ## Runs integration tests with teardown
-	@cd tests/integration && uv run pytest --basetemp=./tmp/ -vv --teardown --capture=no  src/bootstrap/setup.py::test_teardown
+py-test-teardown: ## Tear down the shared SigNoz backend
+	@cd tests && uv run pytest --basetemp=./tmp/ -vv --teardown --capture=no  integration/bootstrap/setup.py::test_teardown
 
 .PHONY: py-test
 py-test: ## Runs integration tests
-	@cd tests/integration && uv run pytest --basetemp=./tmp/ -vv --capture=no src/
+	@cd tests && uv run pytest --basetemp=./tmp/ -vv --capture=no integration/tests/
 
 .PHONY: py-clean
 py-clean: ## Clear all pycache and pytest cache from tests directory recursively

docs/contributing/go/integration.md

@@ -1,216 +0,0 @@
-# Integration Tests
-
-SigNoz uses integration tests to verify that different components work together correctly in a real environment. These tests run against actual services (ClickHouse, PostgreSQL, etc.) to ensure end-to-end functionality.
-
-## How to set up the integration test environment?
-
-### Prerequisites
-
-Before running integration tests, ensure you have the following installed:
-
-- Python 3.13+
-- [uv](https://docs.astral.sh/uv/getting-started/installation/)
-- Docker (for containerized services)
-
-### Initial Setup
-
-1. Navigate to the integration tests directory:
-```bash
-cd tests/integration
-```
-
-2. Install dependencies using uv:
-```bash
-uv sync
-```
-
-> **_NOTE:_**  the build backend could throw an error while installing `psycopg2`, pleae see https://www.psycopg.org/docs/install.html#build-prerequisites
-
-### Starting the Test Environment
-
-To spin up all the containers necessary for writing integration tests and keep them running:
-
-```bash
-uv run pytest --basetemp=./tmp/ -vv --reuse src/bootstrap/setup.py::test_setup
-```
-
-This command will:
-- Start all required services (ClickHouse, PostgreSQL, Zookeeper, etc.)
-- Keep containers running due to the `--reuse` flag
-- Verify that the setup is working correctly
-
-### Stopping the Test Environment
-
-When you're done writing integration tests, clean up the environment:
-
-```bash
-uv run pytest --basetemp=./tmp/ -vv --teardown -s src/bootstrap/setup.py::test_teardown
-```
-
-This will destroy the running integration test setup and clean up resources.
-
-## Understanding the Integration Test Framework
-
-Python and pytest form the foundation of the integration testing framework. Testcontainers are used to spin up disposable integration environments. Wiremock is used to spin up **test doubles** of other services.
-
-- **Why Python/pytest?** It's expressive, low-boilerplate, and has powerful fixture capabilities that make integration testing straightforward. Extensive libraries for HTTP requests, JSON handling, and data analysis (numpy) make it easier to test APIs and verify data
-- **Why testcontainers?** They let us spin up isolated dependencies that match our production environment without complex setup.
-- **Why wiremock?** Well maintained, documented and extensible.
-
-```
-.
-├── conftest.py
-├── fixtures
-│   ├── __init__.py
-│   ├── auth.py
-│   ├── clickhouse.py
-│   ├── fs.py
-│   ├── http.py
-│   ├── migrator.py
-│   ├── network.py
-│   ├── postgres.py
-│   ├── signoz.py
-│   ├── sql.py
-│   ├── sqlite.py
-│   ├── types.py
-│   └── zookeeper.py
-├── uv.lock
-├── pyproject.toml
-└── src
-    └── bootstrap
-        ├── __init__.py
-        ├── 01_database.py
-        ├── 02_register.py
-        └── 03_license.py
-```
-
-Each test suite follows some important principles:
-
-1. **Organization**: Test suites live under `src/` in self-contained packages. Fixtures (a pytest concept) live inside `fixtures/`.
-2. **Execution Order**: Files are prefixed with two-digit numbers (`01_`, `02_`, `03_`) to ensure sequential execution.
-3. **Time Constraints**: Each suite should complete in under 10 minutes (setup takes ~4 mins).
-
-### Test Suite Design
-
-Test suites should target functional domains or subsystems within SigNoz. When designing a test suite, consider these principles:
-
-- **Functional Cohesion**: Group tests around a specific capability or service boundary
-- **Data Flow**: Follow the path of data through related components
-- **Change Patterns**: Components frequently modified together should be tested together
-
-The exact boundaries for modules are intentionally flexible, allowing teams to define logical groupings based on their specific context and knowledge of the system.
-
-Eg: The **bootstrap** integration test suite validates core system functionality:
-
-- Database initialization
-- Version check
-
-Other test suites can be **pipelines, auth, querier.**
-
-## How to write an integration test?
-
-Now start writing an integration test. Create a new file `src/bootstrap/05_version.py` and paste the following:
-
-```python
-import requests
-
-from fixtures import types
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-def test_version(signoz: types.SigNoz) -> None:
-    response = requests.get(signoz.self.host_config.get("/api/v1/version"), timeout=2)
-    logger.info(response)
-```
-
-We have written a simple test which calls the `version` endpoint of the container in step 1. In **order to just run this function, run the following command:**
-
-```bash
-uv run pytest --basetemp=./tmp/ -vv --reuse src/bootstrap/05_version.py::test_version
-```
-
-> Note: The `--reuse` flag is used to reuse the environment if it is already running. Always use this flag when writing and running integration tests. If you don't use this flag, the environment will be destroyed and recreated every time you run the test.
-
-Here's another example of how to write a more comprehensive integration test:
-
-```python
-from http import HTTPStatus
-import requests
-from fixtures import types
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-def test_user_registration(signoz: types.SigNoz) -> None:
-    """Test user registration functionality."""
-    response = requests.post(
-        signoz.self.host_configs["8080"].get("/api/v1/register"),
-        json={
-            "name": "testuser",
-            "orgId": "",
-            "orgName": "test.org",
-            "email": "test@example.com",
-            "password": "password123Z$",
-        },
-        timeout=2,
-    )
-
-    assert response.status_code == HTTPStatus.OK
-    assert response.json()["setupCompleted"] is True
-```
-
-## How to run integration tests?
-
-### Running All Tests
-
-```bash
-uv run pytest --basetemp=./tmp/ -vv --reuse src/
-```
-
-### Running Specific Test Categories
-
-```bash
-uv run pytest --basetemp=./tmp/ -vv --reuse src/<suite>
-
-# Run querier tests
-uv run pytest --basetemp=./tmp/ -vv --reuse src/querier/
-# Run auth tests
-uv run pytest --basetemp=./tmp/ -vv --reuse src/auth/
-```
-
-### Running Individual Tests
-
-```bash
-uv run pytest --basetemp=./tmp/ -vv --reuse src/<suite>/<file>.py::test_name
-
-# Run test_register in file 01_register.py in passwordauthn suite
-uv run pytest --basetemp=./tmp/ -vv --reuse src/passwordauthn/01_register.py::test_register
-```
-
-## How to configure different options for integration tests?
-
-Tests can be configured using pytest options:
-
-- `--sqlstore-provider` - Choose database provider (default: postgres)
-- `--sqlite-mode` - SQLite journal mode: `delete` or `wal` (default: delete). Only relevant when `--sqlstore-provider=sqlite`.
-- `--postgres-version` - PostgreSQL version (default: 15)
-- `--clickhouse-version` - ClickHouse version (default: 25.5.6)
-- `--zookeeper-version` - Zookeeper version (default: 3.7.1)
-
-Example:
-```bash
-uv run pytest --basetemp=./tmp/ -vv --reuse --sqlstore-provider=postgres --postgres-version=14 src/auth/
-```
-
-## What should I remember?
-
-- **Always use the `--reuse` flag** when setting up the environment to keep containers running
-- **Use the `--teardown` flag** when cleaning up to avoid resource leaks
-- **Follow the naming convention** with two-digit numeric prefixes (`01_`, `02_`) for test execution order
-- **Use proper timeouts** in HTTP requests to avoid hanging tests
-- **Clean up test data** between tests to avoid interference
-- **Use descriptive test names** that clearly indicate what is being tested
-- **Leverage fixtures** for common setup and authentication
-- **Test both success and failure scenarios** to ensure robust functionality
-- **`--sqlite-mode=wal` does not work on macOS.** The integration test environment runs SigNoz inside a Linux container with the SQLite database file mounted from the macOS host. WAL mode requires shared memory between connections, and connections crossing the VM boundary (macOS host ↔ Linux container) cannot share the WAL index, resulting in `SQLITE_IOERR_SHORT_READ`. WAL mode is tested in CI on Linux only.

docs/contributing/go/readme.md

@@ -15,7 +15,6 @@ We **recommend** (almost enforce) reviewing these guides before contributing to
 - [Endpoint](endpoint.md) - HTTP endpoint patterns
 - [Flagger](flagger.md) - Feature flag patterns
 - [Handler](handler.md) - HTTP handler patterns
-- [Integration](integration.md) - Integration testing
 - [Provider](provider.md) - Dependency injection and provider patterns
 - [Packages](packages.md) - Naming, layout, and conventions for `pkg/` packages
 - [Service](service.md) - Managed service lifecycle with `factory.Service`

docs/contributing/tests/e2e.md

@@ -0,0 +1,261 @@
+# E2E Tests
+
+SigNoz uses end-to-end tests to verify the frontend works correctly against a real backend. These tests use Playwright to drive a real browser against a containerized SigNoz stack that pytest brings up — the same fixture graph integration tests use, with an extra HTTP seeder container for per-spec telemetry seeding.
+
+## How to set up the E2E test environment?
+
+### Prerequisites
+
+Before running E2E tests, ensure you have the following installed:
+
+- Python 3.13+
+- [uv](https://docs.astral.sh/uv/getting-started/installation/)
+- Docker (for containerized services)
+- Node 18+ and Yarn
+
+### Initial Setup
+
+1. Install Python deps for the shared tests project:
+```bash
+cd tests
+uv sync
+```
+
+2. Install Node deps and Playwright browsers:
+```bash
+cd e2e
+yarn install
+yarn install:browsers   # one-time Playwright browser install
+```
+
+### Starting the Test Environment
+
+To spin up the backend stack (SigNoz, ClickHouse, Postgres, Zookeeper, Zeus mock, gateway mock, seeder, migrator-with-web) and keep it running:
+
+```bash
+cd tests
+uv run pytest --basetemp=./tmp/ -vv --reuse --with-web \
+  e2e/bootstrap/setup.py::test_setup
+```
+
+This command will:
+- Bring up all containers via pytest fixtures
+- Register the admin user (`admin@integration.test` / `password123Z$`)
+- Apply the enterprise license (via a WireMock stub of Zeus) and dismiss the org-onboarding prompt so specs can navigate directly to feature pages
+- Start the HTTP seeder container (`tests/seeder/` — exposing `/telemetry/{traces,logs,metrics}` POST + DELETE)
+- Write backend coordinates to `tests/e2e/.env.local` (loaded by `playwright.config.ts` via dotenv)
+- Keep containers running via the `--reuse` flag
+
+The `--with-web` flag builds the frontend into the SigNoz container — required for E2E. The build takes ~4 mins on a cold start.
+
+### Stopping the Test Environment
+
+When you're done writing E2E tests, clean up the environment:
+
+```bash
+cd tests
+uv run pytest --basetemp=./tmp/ -vv --teardown \
+  e2e/bootstrap/setup.py::test_teardown
+```
+
+## Understanding the E2E Test Framework
+
+Playwright drives a real browser (Chromium / Firefox / WebKit) against the running SigNoz frontend. The backend is brought up by the same pytest fixture graph integration tests use, so both suites share one source of truth for container lifecycle, license seeding, and test-user accounts.
+
+- **Why Playwright?** First-class TypeScript support, network interception, automatic wait-for-visibility, built-in trace viewer that captures every request/response the UI triggers — so specs rarely need separate API probes alongside UI clicks.
+- **Why pytest for lifecycle?** The integration suite already owns container bring-up. Reusing it keeps the E2E stack exactly in sync with the integration stack and avoids a parallel lifecycle framework.
+- **Why a separate seeder container?** Per-spec telemetry seeding (traces / logs / metrics) needs a thin HTTP wrapper around the ClickHouse insert helpers so a browser spec can POST from inside the test. The seeder lives at `tests/seeder/`, is built from `tests/Dockerfile.seeder`, and reuses the same `fixtures/{traces,logs,metrics}.py` as integration tests.
+
+```
+tests/
+├── fixtures/                  # shared with integration (see integration.md)
+├── integration/               # pytest integration suite
+├── seeder/                    # standalone HTTP seeder container
+│   ├── __init__.py
+│   ├── Dockerfile
+│   └── server.py              # FastAPI app wrapping fixtures.{traces,logs,metrics}
+└── e2e/
+    ├── package.json
+    ├── playwright.config.ts   # loads .env + .env.local via dotenv
+    ├── .env.example           # staging-mode template
+    ├── .env.local             # generated by bootstrap/setup.py (gitignored)
+    ├── bootstrap/
+    │   └── setup.py           # test_setup / test_teardown — pytest lifecycle
+    ├── fixtures/
+    │   └── auth.ts            # authedPage Playwright fixture + per-worker storageState cache
+    ├── tests/                 # Playwright .spec.ts files, one dir per feature area
+    │   └── alerts/
+    │       └── alerts.spec.ts
+    └── artifacts/             # per-run output (gitignored)
+        ├── html/              # HTML reporter output
+        ├── json/              # JSON reporter output
+        └── results/           # per-test traces / screenshots / videos on failure
+```
+
+Each spec follows these principles:
+
+1. **Directory per feature**: `tests/e2e/tests/<feature>/*.spec.ts`. Cross-resource junction concerns (e.g. cascade-delete) go in their own file, not packed into one giant spec.
+2. **Test titles use `TC-NN`**: `test('TC-01 alerts page — tabs render', ...)`. Preserves ordering at a glance and maps to external coverage tracking.
+3. **UI-first**: drive flows through the UI. Playwright traces capture every BE request/response the UI triggers, so asserting on UI outcomes implicitly validates BE contracts. Reach for direct `page.request.*` only when the test's *purpose* is asserting a response contract (use `page.waitForResponse` on a UI click) or when a specific UI step is structurally flaky (e.g. Ant DatePicker calendar-cell indices) — and even then try UI first.
+4. **Self-contained state**: each spec creates what it needs and cleans up in `try/finally`. No global pre-seeding fixtures.
+
+## How to write an E2E test?
+
+Create a new file `tests/e2e/tests/alerts/smoke.spec.ts`:
+
+```typescript
+import { test, expect } from '../../fixtures/auth';
+
+test('TC-01 alerts page — tabs render', async ({ authedPage: page }) => {
+  await page.goto('/alerts');
+  await expect(page.getByRole('tab', { name: /alert rules/i })).toBeVisible();
+  await expect(page.getByRole('tab', { name: /configuration/i })).toBeVisible();
+});
+```
+
+The `authedPage` fixture (from `tests/e2e/fixtures/auth.ts`) gives you a `Page` whose browser context is already authenticated as the admin user. First use per worker triggers one login; the resulting `storageState` is held in memory and reused for later requests.
+
+To run just this test (assuming the stack is up via `test_setup`):
+
+```bash
+cd tests/e2e
+npx playwright test tests/alerts/smoke.spec.ts --project=chromium
+```
+
+Here's a more comprehensive example that exercises a CRUD flow via the UI:
+
+```typescript
+import { test, expect } from '../../fixtures/auth';
+
+test.describe.configure({ mode: 'serial' });
+
+test('TC-02 alerts list — create, toggle, delete', async ({ authedPage: page }) => {
+  await page.goto('/alerts?tab=AlertRules');
+  const name = 'smoke-rule';
+
+  // Seed via UI — click "New Alert", fill form, save.
+  await page.getByRole('button', { name: /new alert/i }).click();
+  await page.getByTestId('alert-name-input').fill(name);
+  // ... fill metric / threshold / save ...
+
+  // Find the row and exercise the action menu.
+  const row = page.locator('tr', { hasText: name });
+  await expect(row).toBeVisible();
+  await row.locator('[data-testid="alert-actions"] button').first().click();
+
+  // waitForResponse captures the network call the UI triggers — no parallel fetch needed.
+  const patchWait = page.waitForResponse(
+    (r) => r.url().includes('/rules/') && r.request().method() === 'PATCH',
+  );
+  await page.getByRole('menuitem').filter({ hasText: /^disable$/i }).click();
+  await patchWait;
+  await expect(row).toContainText(/disabled/i);
+});
+```
+
+### Locator priority
+
+1. `getByRole('button', { name: 'Submit' })`
+2. `getByLabel('Email')`
+3. `getByPlaceholder('...')`
+4. `getByText('...')`
+5. `getByTestId('...')`
+6. `locator('.ant-select')` — last resort (Ant Design dropdowns often have no semantic alternative)
+
+## How to run E2E tests?
+
+### Running All Tests
+
+With the stack already up, from `tests/e2e/`:
+
+```bash
+yarn test                 # headless, all projects
+```
+
+### Running Specific Projects
+
+```bash
+yarn test:chromium        # chromium only
+yarn test:firefox
+yarn test:webkit
+```
+
+### Running Specific Tests
+
+```bash
+cd tests/e2e
+
+# Single feature dir
+npx playwright test tests/alerts/ --project=chromium
+
+# Single file
+npx playwright test tests/alerts/alerts.spec.ts --project=chromium
+
+# Single test by title grep
+npx playwright test --project=chromium -g "TC-01"
+```
+
+### Iterative modes
+
+```bash
+yarn test:ui              # Playwright UI mode — watch + step through
+yarn test:headed          # headed browser
+yarn test:debug           # Playwright inspector, pause-on-breakpoint
+yarn codegen              # record-and-replay locator generation
+yarn report               # open the last HTML report (artifacts/html)
+```
+
+### Staging fallback
+
+Point `SIGNOZ_E2E_BASE_URL` at a remote env via `.env` — no local backend bring-up, no `.env.local` generated, Playwright hits the URL directly:
+
+```bash
+cd tests/e2e
+cp .env.example .env      # fill SIGNOZ_E2E_USERNAME / PASSWORD
+yarn test:staging
+```
+
+## How to configure different options for E2E tests?
+
+### Environment variables
+
+| Variable | Description |
+|---|---|
+| `SIGNOZ_E2E_BASE_URL` | Base URL the browser targets. Written by `bootstrap/setup.py` for local mode; set manually for staging. |
+| `SIGNOZ_E2E_USERNAME` | Admin email. Bootstrap writes `admin@integration.test`. |
+| `SIGNOZ_E2E_PASSWORD` | Admin password. Bootstrap writes the integration-test default. |
+| `SIGNOZ_E2E_SEEDER_URL` | Seeder HTTP base URL — hit by specs that need per-test telemetry. |
+
+Loading order in `playwright.config.ts`: `.env` first (user-provided, staging), then `.env.local` with `override: true` (bootstrap-generated, local mode). Anything already set in `process.env` at yarn-test time wins because dotenv doesn't touch vars that are already present.
+
+### Playwright options
+
+The full `playwright.config.ts` is the source of truth. Common things to tweak:
+
+- `projects` — Chromium / Firefox / WebKit are enabled by default. Disable to speed up iteration.
+- `retries` — `2` on CI (`process.env.CI`), `0` locally.
+- `fullyParallel: true` — files run in parallel by worker; within a file, use `test.describe.configure({ mode: 'serial' })` if tests share list pages / mutate shared state.
+- `trace: 'on-first-retry'`, `screenshot: 'only-on-failure'`, `video: 'retain-on-failure'` — default diagnostic artifacts land in `artifacts/results/<test>/`.
+
+### Pytest options (bootstrap side)
+
+The same pytest flags integration tests expose work here, since E2E reuses the shared fixture graph:
+
+- `--reuse` — keep containers warm between runs (required for all iteration).
+- `--teardown` — tear everything down.
+- `--with-web` — build the frontend into the SigNoz container. **Required for E2E**; integration tests don't need it.
+- `--sqlstore-provider`, `--postgres-version`, `--clickhouse-version`, etc. — see `docs/contributing/integration.md`.
+
+## What should I remember?
+
+- **Always use the `--reuse` flag** when setting up the E2E stack. `--with-web` adds a ~4 min frontend build; you only want to pay that once.
+- **Don't teardown before setup.** `--reuse` correctly handles partially-set-up state, so chaining teardown → setup wastes time.
+- **Prefer UI-driven flows.** Playwright captures BE requests in the trace; a parallel `fetch` probe is almost always redundant. Drop to `page.request.*` only when the UI can't reach what you need.
+- **Use `page.waitForResponse` on UI clicks** to assert BE contracts — it still exercises the UI trigger path.
+- **Title every test `TC-NN <short description>`** — keeps the suite navigable and reportable.
+- **Split by resource, not by regression suite.** One spec per feature resource; cross-resource junction concerns (cascade-delete, linked-edit) get their own file.
+- **Use short descriptive resource names** (`alerts-list-rule`, `labels-rule`, `downtime-once`) — no timestamp disambiguation. Each test owns its resources and cleans up in `try/finally`.
+- **Never commit `test.only`** — a pre-commit check or CI runs with `forbidOnly: true`.
+- **Prefer explicit waits over `page.waitForTimeout(ms)`.** `await expect(locator).toBeVisible()` is always better than `waitForTimeout(5000)`.
+- **Unique test names won't save you from shared-tenant state.** When two tests hit the same list page, either serialize (`describe.configure({ mode: 'serial' })`) or isolate cleanup religiously.
+- **Artifacts go to `tests/e2e/artifacts/`** — HTML report at `artifacts/html`, traces at `artifacts/results/<test>/`. All gitignored; archive the dir in CI.

docs/contributing/tests/integration.md

@@ -0,0 +1,251 @@
+# Integration Tests
+
+SigNoz uses integration tests to verify that different components work together correctly in a real environment. These tests run against actual services (ClickHouse, PostgreSQL, SigNoz, Zeus mock, Keycloak, etc.) spun up as containers, so suites exercise the same code paths production does.
+
+## How to set up the integration test environment?
+
+### Prerequisites
+
+Before running integration tests, ensure you have the following installed:
+
+- Python 3.13+
+- [uv](https://docs.astral.sh/uv/getting-started/installation/)
+- Docker (for containerized services)
+
+### Initial Setup
+
+1. Navigate to the shared tests project:
+```bash
+cd tests
+```
+
+2. Install dependencies using uv:
+```bash
+uv sync
+```
+
+> **_NOTE:_** the build backend could throw an error while installing `psycopg2`, please see https://www.psycopg.org/docs/install.html#build-prerequisites
+
+### Starting the Test Environment
+
+To spin up all the containers necessary for writing integration tests and keep them running:
+
+```bash
+make py-test-setup
+```
+
+Under the hood this runs, from `tests/`:
+
+```bash
+uv run pytest --basetemp=./tmp/ -vv --reuse integration/bootstrap/setup.py::test_setup
+```
+
+This command will:
+- Start all required services (ClickHouse, PostgreSQL, Zookeeper, SigNoz, Zeus mock, gateway mock)
+- Register an admin user
+- Keep containers running via the `--reuse` flag
+
+### Stopping the Test Environment
+
+When you're done writing integration tests, clean up the environment:
+
+```bash
+make py-test-teardown
+```
+
+Which runs:
+
+```bash
+uv run pytest --basetemp=./tmp/ -vv --teardown integration/bootstrap/setup.py::test_teardown
+```
+
+This destroys the running integration test setup and cleans up resources.
+
+## Understanding the Integration Test Framework
+
+Python and pytest form the foundation of the integration testing framework. Testcontainers are used to spin up disposable integration environments. WireMock is used to spin up **test doubles** of external services (Zeus cloud API, gateway, etc.).
+
+- **Why Python/pytest?** It's expressive, low-boilerplate, and has powerful fixture capabilities that make integration testing straightforward. Extensive libraries for HTTP requests, JSON handling, and data analysis (numpy) make it easier to test APIs and verify data.
+- **Why testcontainers?** They let us spin up isolated dependencies that match our production environment without complex setup.
+- **Why WireMock?** Well maintained, documented, and extensible.
+
+```
+tests/
+├── conftest.py              # pytest_plugins registration
+├── pyproject.toml
+├── uv.lock
+├── fixtures/                # shared fixture library (flat package)
+│   ├── __init__.py
+│   ├── auth.py              # admin/editor/viewer users, tokens, license
+│   ├── clickhouse.py
+│   ├── http.py              # WireMock helpers
+│   ├── keycloak.py          # IdP container
+│   ├── postgres.py
+│   ├── signoz.py            # SigNoz-backend container
+│   ├── sql.py
+│   ├── types.py
+│   └── ...                  # logs, metrics, traces, alerts, dashboards, ...
+├── integration/
+│   ├── bootstrap/
+│   │   └── setup.py         # test_setup / test_teardown
+│   ├── testdata/            # JSON / JSONL / YAML inputs per suite
+│   └── tests/               # one directory per feature area
+│       ├── alerts/
+│       │   ├── 01_*.py      # numbered suite files
+│       │   └── conftest.py  # optional suite-local fixtures
+│       ├── auditquerier/
+│       ├── cloudintegrations/
+│       ├── dashboard/
+│       ├── passwordauthn/
+│       ├── querier/
+│       └── ...
+└── e2e/                     # Playwright suite (see docs/contributing/e2e.md)
+```
+
+Each test suite follows these principles:
+
+1. **Organization**: Suites live under `tests/integration/tests/` in self-contained packages. Shared fixtures live in the top-level `tests/fixtures/` package so the e2e tree can reuse them.
+2. **Execution Order**: Files are prefixed with two-digit numbers (`01_`, `02_`, `03_`) to ensure sequential execution when tests depend on ordering.
+3. **Time Constraints**: Each suite should complete in under 10 minutes (setup takes ~4 mins).
+
+### Test Suite Design
+
+Test suites should target functional domains or subsystems within SigNoz. When designing a test suite, consider these principles:
+
+- **Functional Cohesion**: Group tests around a specific capability or service boundary
+- **Data Flow**: Follow the path of data through related components
+- **Change Patterns**: Components frequently modified together should be tested together
+
+The exact boundaries for suites are intentionally flexible, allowing contributors to define logical groupings based on their domain knowledge. Current suites cover alerts, audit querier, callback authn, cloud integrations, dashboards, ingestion keys, logs pipelines, password authn, preferences, querier, raw export data, roles, root user, service accounts, and TTL.
+
+## How to write an integration test?
+
+Now start writing an integration test. Create a new file `tests/integration/tests/bootstrap/01_version.py` and paste the following:
+
+```python
+import requests
+
+from fixtures import types
+from fixtures.logger import setup_logger
+
+logger = setup_logger(__name__)
+
+
+def test_version(signoz: types.SigNoz) -> None:
+    response = requests.get(
+        signoz.self.host_configs["8080"].get("/api/v1/version"),
+        timeout=2,
+    )
+    logger.info(response)
+```
+
+We have written a simple test which calls the `version` endpoint of the SigNoz backend. **To run just this function, run the following command:**
+
+```bash
+cd tests
+uv run pytest --basetemp=./tmp/ -vv --reuse \
+  integration/tests/bootstrap/01_version.py::test_version
+```
+
+> **Note:** The `--reuse` flag is used to reuse the environment if it is already running. Always use this flag when writing and running integration tests. Without it the environment is destroyed and recreated every run.
+
+Here's another example of how to write a more comprehensive integration test:
+
+```python
+from http import HTTPStatus
+import requests
+from fixtures import types
+from fixtures.logger import setup_logger
+
+logger = setup_logger(__name__)
+
+
+def test_user_registration(signoz: types.SigNoz) -> None:
+    """Test user registration functionality."""
+    response = requests.post(
+        signoz.self.host_configs["8080"].get("/api/v1/register"),
+        json={
+            "name": "testuser",
+            "orgId": "",
+            "orgName": "test.org",
+            "email": "test@example.com",
+            "password": "password123Z$",
+        },
+        timeout=2,
+    )
+
+    assert response.status_code == HTTPStatus.OK
+    assert response.json()["setupCompleted"] is True
+```
+
+Test inputs (JSON fixtures, expected payloads) go under `tests/integration/testdata/<suite>/` and are loaded via `fixtures.fs.get_testdata_file_path`.
+
+## How to run integration tests?
+
+### Running All Tests
+
+```bash
+make py-test
+```
+
+Which runs:
+
+```bash
+uv run pytest --basetemp=./tmp/ -vv integration/tests/
+```
+
+### Running Specific Test Categories
+
+```bash
+cd tests
+uv run pytest --basetemp=./tmp/ -vv --reuse integration/tests/<suite>/
+
+# Run querier tests
+uv run pytest --basetemp=./tmp/ -vv --reuse integration/tests/querier/
+# Run passwordauthn tests
+uv run pytest --basetemp=./tmp/ -vv --reuse integration/tests/passwordauthn/
+```
+
+### Running Individual Tests
+
+```bash
+uv run pytest --basetemp=./tmp/ -vv --reuse \
+  integration/tests/<suite>/<file>.py::test_name
+
+# Run test_register in 01_register.py in the passwordauthn suite
+uv run pytest --basetemp=./tmp/ -vv --reuse \
+  integration/tests/passwordauthn/01_register.py::test_register
+```
+
+## How to configure different options for integration tests?
+
+Tests can be configured using pytest options:
+
+- `--sqlstore-provider` — Choose the SQL store provider (default: `postgres`)
+- `--sqlite-mode` — SQLite journal mode: `delete` or `wal` (default: `delete`). Only relevant when `--sqlstore-provider=sqlite`.
+- `--postgres-version` — PostgreSQL version (default: `15`)
+- `--clickhouse-version` — ClickHouse version (default: `25.5.6`)
+- `--zookeeper-version` — Zookeeper version (default: `3.7.1`)
+- `--schema-migrator-version` — SigNoz schema migrator version (default: `v0.144.2`)
+
+Example:
+
+```bash
+uv run pytest --basetemp=./tmp/ -vv --reuse \
+  --sqlstore-provider=postgres --postgres-version=14 \
+  integration/tests/passwordauthn/
+```
+
+## What should I remember?
+
+- **Always use the `--reuse` flag** when setting up the environment or running tests to keep containers warm. Without it every run rebuilds the stack (~4 mins).
+- **Use the `--teardown` flag** only when cleaning up — mixing `--teardown` with `--reuse` is a contradiction.
+- **Do not pre-emptively teardown before setup.** If the stack is partially up, `--reuse` picks up from wherever it is. `make py-test-teardown` then `make py-test-setup` wastes minutes.
+- **Follow the naming convention** with two-digit numeric prefixes (`01_`, `02_`) for ordered test execution within a suite.
+- **Use proper timeouts** in HTTP requests to avoid hanging tests (`timeout=5` is typical).
+- **Clean up test data** between tests in the same suite to avoid interference — or rely on a fresh SigNoz container if you need full isolation.
+- **Use descriptive test names** that clearly indicate what is being tested.
+- **Leverage fixtures** for common setup. The shared fixture package is at `tests/fixtures/` — reuse before adding new ones.
+- **Test both success and failure scenarios** (4xx / 5xx paths) to ensure robust functionality.
+- **Run `make py-fmt` and `make py-lint` before committing** Python changes — black + isort + autoflake + pylint.
+- **`--sqlite-mode=wal` does not work on macOS.** The integration test environment runs SigNoz inside a Linux container with the SQLite database file mounted from the macOS host. WAL mode requires shared memory between connections, and connections crossing the VM boundary (macOS host ↔ Linux container) cannot share the WAL index, resulting in `SQLITE_IOERR_SHORT_READ`. WAL mode is tested in CI on Linux only.

tests/.dockerignore

@@ -0,0 +1,19 @@
+# Build context for tests/Dockerfile.seeder. Keep the context lean — the
+# seeder image only needs fixtures/ to be importable alongside seeder/,
+# plus pyproject.toml + uv.lock for dep install.
+
+.venv
+.pytest_cache
+tmp
+**/__pycache__
+**/*.pyc
+
+# e2e Playwright outputs and deps
+e2e/node_modules
+e2e/artifacts
+e2e/.auth
+e2e/.playwright-cli
+
+# Integration-side outputs (if any stale dirs remain)
+integration/tmp
+integration/testdata

tests/Dockerfile.seeder

@@ -0,0 +1,35 @@
+# HTTP seeder for Playwright e2e tests. Wraps the direct-ClickHouse-insert
+# helpers in tests/fixtures/{traces,logs,metrics}.py so a browser test can
+# seed telemetry with fine-grained control.
+#
+# Build context is tests/ (this file sits at its root) so `fixtures/` is
+# importable inside the image alongside `seeder/`.
+
+FROM python:3.13-slim
+
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
+
+WORKDIR /app
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends gcc libpq-dev python3-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install project dependencies from the pytest project's pyproject.toml +
+# uv.lock so the seeder container's Python env matches local dev exactly
+# (single source of truth for versions; no parallel requirements.txt).
+# --no-install-project skips building the signoz-tests project itself
+# (there is no buildable package here — pyproject is used purely for dep
+# management alongside pythonpath = ["."]).
+COPY pyproject.toml uv.lock /app/
+RUN uv sync --frozen --no-install-project --no-dev
+ENV PATH="/app/.venv/bin:$PATH"
+
+# Ship the whole fixtures/ package so server.py can `from fixtures.traces
+# import ...` with the same module path the pytest side uses.
+COPY fixtures /app/fixtures
+COPY seeder /app/seeder
+
+EXPOSE 8080
+
+CMD ["uvicorn", "seeder.server:app", "--host", "0.0.0.0", "--port", "8080"]

tests/conftest.py

@@ -17,12 +17,13 @@ pytest_plugins = [
     "fixtures.traces",
     "fixtures.metrics",
     "fixtures.meter",
-    "fixtures.driver",
+    "fixtures.browser",
+    "fixtures.keycloak",
     "fixtures.idp",
-    "fixtures.idputils",
     "fixtures.notification_channel",
     "fixtures.alerts",
     "fixtures.cloudintegrations",
+    "fixtures.seeder",
 ]
 
 

tests/e2e/.env.example

@@ -0,0 +1,15 @@
+# Copy this to .env and fill in values for staging-mode runs.
+#
+# This file (.env) holds user-provided defaults — staging credentials, role
+# override. It is loaded by playwright.config.ts via dotenv.
+#
+# Local-mode runs (`cd tests && uv run pytest ... e2e/bootstrap/setup.py::test_setup`)
+# bring up a containerized backend and write .env.local, which overrides .env.
+# You do NOT need to touch this file for local mode.
+
+# Staging base URL (set to opt out of local backend bring-up)
+SIGNOZ_E2E_BASE_URL=https://app.us.staging.signoz.cloud
+
+# Test credentials (required only when SIGNOZ_E2E_BASE_URL is set — i.e. staging mode)
+SIGNOZ_E2E_USERNAME=
+SIGNOZ_E2E_PASSWORD=

tests/e2e/.eslintignore

@@ -0,0 +1,38 @@
+# Dependencies
+node_modules/
+
+# Build outputs
+dist/
+build/
+
+# Test results
+test-results/
+playwright-report/
+coverage/
+
+# Environment files
+.env
+.env.local
+.env.production
+
+# Editor files
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS files
+.DS_Store
+Thumbs.db
+
+# Logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock

tests/e2e/.eslintrc.js

@@ -0,0 +1,68 @@
+module.exports = {
+  parser: '@typescript-eslint/parser',
+  parserOptions: {
+    ecmaVersion: 2022,
+    sourceType: 'module',
+  },
+  extends: [
+    'eslint:recommended',
+    'plugin:@typescript-eslint/recommended',
+    'plugin:playwright/recommended',
+  ],
+  env: {
+    node: true,
+    es2022: true,
+  },
+  rules: {
+    // Code Quality
+    '@typescript-eslint/no-unused-vars': 'error',
+    '@typescript-eslint/no-explicit-any': 'warn',
+    'prefer-const': 'error',
+    'no-var': 'error',
+
+    // Formatting Rules (ESLint handles formatting)
+    'semi': ['error', 'always'],
+    'quotes': ['error', 'single', { avoidEscape: true }],
+    'comma-dangle': ['error', 'always-multiline'],
+    'indent': ['error', 2, { SwitchCase: 1 }],
+    'object-curly-spacing': ['error', 'always'],
+    'array-bracket-spacing': ['error', 'never'],
+    'space-before-function-paren': ['error', {
+      anonymous: 'always',
+      named: 'never',
+      asyncArrow: 'always',
+    }],
+    'keyword-spacing': 'error',
+    'space-infix-ops': 'error',
+    'eol-last': 'error',
+    'no-trailing-spaces': 'error',
+    'no-multiple-empty-lines': ['error', { max: 2, maxEOF: 1 }],
+
+    // Playwright-specific (enhanced)
+    'playwright/expect-expect': 'error',
+    'playwright/no-conditional-in-test': 'error',
+    'playwright/no-page-pause': 'error',
+    'playwright/no-wait-for-timeout': 'warn',
+    'playwright/prefer-web-first-assertions': 'error',
+
+    // Console usage
+    'no-console': ['warn', { allow: ['warn', 'error'] }],
+  },
+  overrides: [
+    {
+      // Config files can use console and have relaxed formatting
+      files: ['*.config.{js,ts}', 'playwright.config.ts'],
+      rules: {
+        'no-console': 'off',
+        '@typescript-eslint/no-explicit-any': 'off',
+      },
+    },
+    {
+      // Test files specific rules
+      files: ['**/*.spec.ts', '**/*.test.ts'],
+      rules: {
+        '@typescript-eslint/no-explicit-any': 'off', // Page objects often need any
+      },
+    },
+  ],
+};

tests/e2e/.gitignore

@@ -0,0 +1,24 @@
+node_modules/
+# All Playwright output — HTML report, JSON summary, per-test traces /
+# screenshots / videos. Set via outputDir + reporter paths in playwright.config.ts.
+/artifacts/
+/playwright/.cache/
+.env
+dist/
+*.log
+yarn-error.log
+.yarn/cache
+.yarn/install-state.gz
+.vscode/
+
+# playwright-cli artifacts (snapshots, screenshots, videos, traces)
+.playwright-cli/
+
+# backend coordinates written by the pytest bootstrap (bootstrap/setup.py);
+# loaded by playwright.config.ts via dotenv override.
+.env.local
+
+# AI test-planner scratch (playwright-test-planner writes markdown plans
+# here before the generator turns them into .spec.ts files; the tests are
+# the source of truth, plans are regenerable).
+specs/

tests/e2e/.prettierignore

@@ -0,0 +1,30 @@
+# Dependencies
+node_modules/
+
+# Generated test outputs
+artifacts/
+playwright/.cache/
+
+# Build outputs
+dist/
+
+# Environment files
+.env
+.env.local
+.env*.local
+
+# Lock files
+yarn.lock
+package-lock.json
+pnpm-lock.yaml
+
+# Logs
+*.log
+yarn-error.log
+
+# IDE
+.vscode/
+.idea/
+
+# Other
+.DS_Store

tests/e2e/.prettierrc.json

@@ -0,0 +1,6 @@
+{
+  "useTabs": false,
+  "tabWidth": 2,
+  "singleQuote": true,
+  "trailingComma": "all"
+}

tests/e2e/bootstrap/setup.py

@@ -0,0 +1,44 @@
+import os
+from pathlib import Path
+
+import pytest
+
+from fixtures import types
+from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
+
+
+def _env_file(pytestconfig: pytest.Config) -> Path:
+    override = os.environ.get("SIGNOZ_E2E_ENV_FILE")
+    if override:
+        return Path(override)
+    return pytestconfig.rootpath / "e2e" / ".env.local"
+
+
+def test_setup(
+    signoz: types.SigNoz,
+    create_user_admin: types.Operation,  # pylint: disable=unused-argument
+    apply_license: types.Operation,  # pylint: disable=unused-argument
+    seeder: types.TestContainerDocker,
+    pytestconfig: pytest.Config,
+) -> None:
+    """Bring the backend up and write e2e coordinates to .env.local."""
+    host_cfg = signoz.self.host_configs["8080"]
+    seeder_cfg = seeder.host_configs["8080"]
+    out = _env_file(pytestconfig)
+    out.parent.mkdir(parents=True, exist_ok=True)
+    out.write_text(
+        "# Generated by tests/e2e/bootstrap/setup.py — do not edit.\n"
+        f"SIGNOZ_E2E_BASE_URL={host_cfg.base()}\n"
+        f"SIGNOZ_E2E_USERNAME={USER_ADMIN_EMAIL}\n"
+        f"SIGNOZ_E2E_PASSWORD={USER_ADMIN_PASSWORD}\n"
+        f"SIGNOZ_E2E_SEEDER_URL={seeder_cfg.base()}\n"
+    )
+
+
+def test_teardown(
+    signoz: types.SigNoz,  # pylint: disable=unused-argument
+    create_user_admin: types.Operation,  # pylint: disable=unused-argument
+    apply_license: types.Operation,  # pylint: disable=unused-argument
+    seeder: types.TestContainerDocker,  # pylint: disable=unused-argument
+) -> None:
+    """Fixture dependencies trigger container teardown via --teardown."""

tests/e2e/fixtures/auth.ts

@@ -0,0 +1,85 @@
+import {
+  test as base,
+  expect,
+  type Browser,
+  type BrowserContext,
+  type Page,
+} from '@playwright/test';
+
+export type User = { email: string; password: string };
+
+// Default user — admin from the pytest bootstrap (.env.local) or staging .env.
+export const ADMIN: User = {
+  email: process.env.SIGNOZ_E2E_USERNAME!,
+  password: process.env.SIGNOZ_E2E_PASSWORD!,
+};
+
+// Per-worker storageState cache. One login per unique user per worker.
+// Promise-valued so concurrent requests share the same in-flight work.
+// Held in memory only — no .auth/ dir, no JSON on disk.
+type StorageState = Awaited<ReturnType<BrowserContext['storageState']>>;
+const storageByUser = new Map<string, Promise<StorageState>>();
+
+async function storageFor(browser: Browser, user: User): Promise<StorageState> {
+  const cached = storageByUser.get(user.email);
+  if (cached) return cached;
+
+  const task = (async () => {
+    const ctx = await browser.newContext();
+    const page = await ctx.newPage();
+    await login(page, user);
+    const state = await ctx.storageState();
+    await ctx.close();
+    return state;
+  })();
+
+  storageByUser.set(user.email, task);
+  return task;
+}
+
+async function login(page: Page, user: User): Promise<void> {
+  if (!user.email || !user.password) {
+    throw new Error(
+      'User credentials missing. Set SIGNOZ_E2E_USERNAME / SIGNOZ_E2E_PASSWORD ' +
+        '(pytest bootstrap writes them to .env.local), or pass a User via test.use({ user: ... }).',
+    );
+  }
+  await page.goto('/login?password=Y');
+  await page.getByTestId('email').fill(user.email);
+  await page.getByTestId('initiate_login').click();
+  await page.getByTestId('password').fill(user.password);
+  await page.getByRole('button', { name: 'Sign in with Password' }).click();
+  // Post-login lands somewhere different depending on whether the org is
+  // licensed (onboarding flow on ENTERPRISE) or not (legacy "Hello there"
+  // welcome). Wait for URL to move off /login — whichever page follows
+  // is fine, each spec navigates to the feature under test anyway.
+  await page.waitForURL((url) => !url.pathname.startsWith('/login'));
+}
+
+export const test = base.extend<{
+  /**
+   * User identity for this test. Override with `test.use({ user: ... })` at
+   * the describe or test level to run the suite as a different user.
+   * Defaults to ADMIN (the pytest-bootstrap-seeded admin).
+   */
+  user: User;
+
+  /**
+   * A Page whose context is already authenticated as `user`. First request
+   * for a given user triggers one login per worker; the resulting
+   * storageState is held in memory and reused for all later requests.
+   */
+  authedPage: Page;
+}>({
+  user: [ADMIN, { option: true }],
+
+  authedPage: async ({ browser, user }, use) => {
+    const storageState = await storageFor(browser, user);
+    const ctx = await browser.newContext({ storageState });
+    const page = await ctx.newPage();
+    await use(page);
+    await ctx.close();
+  },
+});
+
+export { expect };

tests/e2e/package.json

@@ -0,0 +1,45 @@
+{
+  "name": "signoz-frontend-automation",
+  "version": "1.0.0",
+  "description": "E2E tests for SigNoz frontend with Playwright",
+  "main": "index.js",
+  "scripts": {
+    "test": "playwright test",
+    "test:staging": "SIGNOZ_E2E_BASE_URL=https://app.us.staging.signoz.cloud playwright test",
+    "test:ui": "playwright test --ui",
+    "test:headed": "playwright test --headed",
+    "test:debug": "playwright test --debug",
+    "test:chromium": "playwright test --project=chromium",
+    "test:firefox": "playwright test --project=firefox",
+    "test:webkit": "playwright test --project=webkit",
+    "report": "playwright show-report artifacts/html",
+    "codegen": "playwright codegen",
+    "install:browsers": "playwright install",
+    "install:cli": "npm install -g @playwright/cli@latest && playwright-cli install --skills",
+    "lint": "eslint . --ext .ts,.js",
+    "lint:fix": "eslint . --ext .ts,.js --fix",
+    "typecheck": "tsc --noEmit"
+  },
+  "keywords": [
+    "playwright",
+    "e2e",
+    "testing",
+    "signoz"
+  ],
+  "author": "",
+  "license": "MIT",
+  "devDependencies": {
+    "@playwright/test": "^1.57.0-alpha-2025-10-09",
+    "@types/node": "^20.0.0",
+    "@typescript-eslint/eslint-plugin": "^6.0.0",
+    "@typescript-eslint/parser": "^6.0.0",
+    "dotenv": "^16.0.0",
+    "eslint": "^9.26.0",
+    "eslint-plugin-playwright": "^0.16.0",
+    "typescript": "^5.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0",
+    "yarn": ">=1.22.0"
+  }
+}

tests/e2e/playwright-cli.json

@@ -0,0 +1,11 @@
+{
+  "browser": {
+    "browserName": "chromium",
+    "launchOptions": { "headless": true }
+  },
+  "timeouts": {
+    "action": 5000,
+    "navigation": 30000
+  },
+  "outputDir": ".playwright-cli"
+}

tests/e2e/playwright.config.ts

@@ -0,0 +1,61 @@
+import { defineConfig, devices } from '@playwright/test';
+import dotenv from 'dotenv';
+import path from 'path';
+
+// .env holds user-provided defaults (staging creds).
+// .env.local is written by tests/e2e/bootstrap/setup.py when the pytest
+// lifecycle brings the backend up locally; override=true so local-backend
+// coordinates win over any stale .env values. Subprocess-injected env
+// (e.g. when pytest shells out to `yarn test`) still takes priority —
+// dotenv doesn't touch vars that are already set in process.env.
+dotenv.config({ path: path.resolve(__dirname, '.env') });
+dotenv.config({ path: path.resolve(__dirname, '.env.local'), override: true });
+
+export default defineConfig({
+  testDir: './tests',
+
+  // All Playwright output lands under artifacts/. One subdir per reporter
+  // plus results/ for per-test artifacts (traces/screenshots/videos).
+  // CI can archive the whole dir with `tar czf artifacts.tgz tests/e2e/artifacts`.
+  outputDir: 'artifacts/results',
+
+  // Run tests in parallel
+  fullyParallel: true,
+
+  // Fail the build on CI if you accidentally left test.only
+  forbidOnly: !!process.env.CI,
+
+  // Retry on CI only
+  retries: process.env.CI ? 2 : 0,
+
+  // Workers
+  workers: process.env.CI ? 2 : undefined,
+
+  // Reporter
+  reporter: [
+    ['html', { outputFolder: 'artifacts/html', open: 'never' }],
+    ['json', { outputFile: 'artifacts/json/results.json' }],
+    ['list'],
+  ],
+
+  // Shared settings
+  use: {
+    baseURL:
+      process.env.SIGNOZ_E2E_BASE_URL || 'https://app.us.staging.signoz.cloud',
+    trace: 'on-first-retry',
+    screenshot: 'only-on-failure',
+    video: 'retain-on-failure',
+    colorScheme: 'dark',
+    locale: 'en-US',
+    viewport: { width: 1280, height: 720 },
+  },
+
+  // Browser projects. No project-level auth — specs opt in via the
+  // authedPage fixture in tests/e2e/fixtures/auth.ts, which logs a user
+  // in on first use and caches the resulting storageState per worker.
+  projects: [
+    { name: 'chromium', use: devices['Desktop Chrome'] },
+    { name: 'firefox', use: devices['Desktop Firefox'] },
+    { name: 'webkit', use: devices['Desktop Safari'] },
+  ],
+});

tests/e2e/tests/alerts/alerts.spec.ts

@@ -0,0 +1,7 @@
+import { test, expect } from '../../fixtures/auth';
+
+test('TC-01 alerts page — tabs render', async ({ authedPage: page }) => {
+  await page.goto('/alerts');
+  await expect(page.getByRole('tab', { name: /alert rules/i })).toBeVisible();
+  await expect(page.getByRole('tab', { name: /configuration/i })).toBeVisible();
+});

tests/e2e/tsconfig.json

@@ -0,0 +1,23 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "commonjs",
+    "moduleResolution": "bundler",
+    "lib": ["ES2020"],
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
+    "types": ["node", "@playwright/test"],
+    "paths": {
+      "@tests/*": ["./tests/*"],
+      "@utils/*": ["./utils/*"],
+      "@specs/*": ["./specs/*"]
+    },
+    "outDir": "./dist",
+    "rootDir": "."
+  },
+  "include": ["tests/**/*.ts", "utils/**/*.ts", "playwright.config.ts"],
+  "exclude": ["node_modules", "dist"]
+}

tests/fixtures/alerts.py

@@ -1,18 +1,118 @@
 import base64
 import json
 import time
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 from http import HTTPStatus
-from typing import List
+from typing import Callable, List
 
+import pytest
 import requests
 
 from fixtures import types
+from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
+from fixtures.fs import get_testdata_file_path
 from fixtures.logger import setup_logger
+from fixtures.logs import Logs
+from fixtures.metrics import Metrics
+from fixtures.traces import Traces
 
 logger = setup_logger(__name__)
 
 
+@pytest.fixture(name="create_alert_rule", scope="function")
+def create_alert_rule(
+    signoz: types.SigNoz, get_token: Callable[[str, str], str]
+) -> Callable[[dict], str]:
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    rule_ids = []
+
+    def _create_alert_rule(rule_data: dict) -> str:
+        response = requests.post(
+            signoz.self.host_configs["8080"].get("/api/v1/rules"),
+            json=rule_data,
+            headers={"Authorization": f"Bearer {admin_token}"},
+            timeout=5,
+        )
+        assert (
+            response.status_code == HTTPStatus.OK
+        ), f"Failed to create rule, api returned {response.status_code} with response: {response.text}"
+        rule_id = response.json()["data"]["id"]
+        rule_ids.append(rule_id)
+        return rule_id
+
+    def _delete_alert_rule(rule_id: str):
+        logger.info("Deleting rule: %s", {"rule_id": rule_id})
+        response = requests.delete(
+            signoz.self.host_configs["8080"].get(f"/api/v1/rules/{rule_id}"),
+            headers={"Authorization": f"Bearer {admin_token}"},
+            timeout=5,
+        )
+        if response.status_code != HTTPStatus.OK:
+            raise Exception(  # pylint: disable=broad-exception-raised
+                f"Failed to delete rule, api returned {response.status_code} with response: {response.text}"
+            )
+
+    yield _create_alert_rule
+    # delete the rule on cleanup
+    for rule_id in rule_ids:
+        try:
+            _delete_alert_rule(rule_id)
+        except Exception as e:  # pylint: disable=broad-exception-caught
+            logger.error("Error deleting rule: %s", {"rule_id": rule_id, "error": e})
+
+
+@pytest.fixture(name="insert_alert_data", scope="function")
+def insert_alert_data(
+    insert_metrics: Callable[[List[Metrics]], None],
+    insert_traces: Callable[[List[Traces]], None],
+    insert_logs: Callable[[List[Logs]], None],
+) -> Callable[[List[types.AlertData]], None]:
+
+    def _insert_alert_data(
+        alert_data_items: List[types.AlertData],
+        base_time: datetime = None,
+    ) -> None:
+
+        metrics: List[Metrics] = []
+        traces: List[Traces] = []
+        logs: List[Logs] = []
+
+        now = base_time or datetime.now(tz=timezone.utc).replace(
+            second=0, microsecond=0
+        )
+
+        for data_item in alert_data_items:
+            if data_item.type == "metrics":
+                _metrics = Metrics.load_from_file(
+                    get_testdata_file_path(data_item.data_path),
+                    base_time=now,
+                )
+                metrics.extend(_metrics)
+            elif data_item.type == "traces":
+                _traces = Traces.load_from_file(
+                    get_testdata_file_path(data_item.data_path),
+                    base_time=now,
+                )
+                traces.extend(_traces)
+            elif data_item.type == "logs":
+                _logs = Logs.load_from_file(
+                    get_testdata_file_path(data_item.data_path),
+                    base_time=now,
+                )
+                logs.extend(_logs)
+
+        # Add data to ClickHouse if any data is present
+        if len(metrics) > 0:
+            insert_metrics(metrics)
+        if len(traces) > 0:
+            insert_traces(traces)
+        if len(logs) > 0:
+            insert_logs(logs)
+
+    yield _insert_alert_data
+
+
 def collect_webhook_firing_alerts(
     webhook_test_container: types.TestContainerDocker, notification_channel_name: str
 ) -> List[types.FiringAlert]:

tests/fixtures/auth.py

@@ -0,0 +1,445 @@
+import time
+from http import HTTPStatus
+from typing import Callable, Dict, List, Tuple
+
+import pytest
+import requests
+from wiremock.client import Mappings
+from wiremock.constants import Config
+from wiremock.resources.mappings import (
+    HttpMethods,
+    Mapping,
+    MappingRequest,
+    MappingResponse,
+    WireMockMatchers,
+)
+
+from fixtures import reuse, types
+from fixtures.logger import setup_logger
+
+logger = setup_logger(__name__)
+
+USER_ADMIN_NAME = "admin"
+USER_ADMIN_EMAIL = "admin@integration.test"
+USER_ADMIN_PASSWORD = "password123Z$"
+
+USER_EDITOR_NAME = "editor"
+USER_EDITOR_EMAIL = "editor@integration.test"
+USER_EDITOR_PASSWORD = "password123Z$"
+
+USER_VIEWER_NAME = "viewer"
+USER_VIEWER_EMAIL = "viewer@integration.test"
+USER_VIEWER_PASSWORD = "password123Z$"
+
+USERS_BASE = "/api/v2/users"
+
+
+def _login(signoz: types.SigNoz, email: str, password: str) -> str:
+    """Complete GET /sessions/context + POST /sessions/email_password; return accessToken."""
+    ctx = requests.get(
+        signoz.self.host_configs["8080"].get("/api/v2/sessions/context"),
+        params={
+            "email": email,
+            "ref": f"{signoz.self.host_configs['8080'].base()}",
+        },
+        timeout=5,
+    )
+    assert ctx.status_code == HTTPStatus.OK
+    org_id = ctx.json()["data"]["orgs"][0]["id"]
+
+    login = requests.post(
+        signoz.self.host_configs["8080"].get("/api/v2/sessions/email_password"),
+        json={"email": email, "password": password, "orgId": org_id},
+        timeout=5,
+    )
+    assert login.status_code == HTTPStatus.OK
+    return login.json()["data"]["accessToken"]
+
+
+@pytest.fixture(name="create_user_admin", scope="package")
+def create_user_admin(
+    signoz: types.SigNoz, request: pytest.FixtureRequest, pytestconfig: pytest.Config
+) -> types.Operation:
+    def create() -> None:
+        response = requests.post(
+            signoz.self.host_configs["8080"].get("/api/v1/register"),
+            json={
+                "name": USER_ADMIN_NAME,
+                "orgName": "",
+                "email": USER_ADMIN_EMAIL,
+                "password": USER_ADMIN_PASSWORD,
+            },
+            timeout=5,
+        )
+
+        assert response.status_code == HTTPStatus.OK
+
+        return types.Operation(name="create_user_admin")
+
+    def delete(_: types.Operation) -> None:
+        pass
+
+    def restore(cache: dict) -> types.Operation:
+        return types.Operation(name=cache["name"])
+
+    return reuse.wrap(
+        request,
+        pytestconfig,
+        "create_user_admin",
+        lambda: types.Operation(name=""),
+        create,
+        delete,
+        restore,
+    )
+
+
+@pytest.fixture(name="get_session_context", scope="function")
+def get_session_context(signoz: types.SigNoz) -> Callable[[str, str], str]:
+    def _get_session_context(email: str) -> str:
+        response = requests.get(
+            signoz.self.host_configs["8080"].get("/api/v2/sessions/context"),
+            params={
+                "email": email,
+                "ref": f"{signoz.self.host_configs['8080'].base()}",
+            },
+            timeout=5,
+        )
+
+        assert response.status_code == HTTPStatus.OK
+        return response.json()["data"]
+
+    return _get_session_context
+
+
+@pytest.fixture(name="get_token", scope="function")
+def get_token(signoz: types.SigNoz) -> Callable[[str, str], str]:
+    def _get_token(email: str, password: str) -> str:
+        response = requests.get(
+            signoz.self.host_configs["8080"].get("/api/v2/sessions/context"),
+            params={
+                "email": email,
+                "ref": f"{signoz.self.host_configs['8080'].base()}",
+            },
+            timeout=5,
+        )
+
+        assert response.status_code == HTTPStatus.OK
+        org_id = response.json()["data"]["orgs"][0]["id"]
+
+        response = requests.post(
+            signoz.self.host_configs["8080"].get("/api/v2/sessions/email_password"),
+            json={
+                "email": email,
+                "password": password,
+                "orgId": org_id,
+            },
+            timeout=5,
+        )
+
+        assert response.status_code == HTTPStatus.OK
+        return response.json()["data"]["accessToken"]
+
+    return _get_token
+
+
+@pytest.fixture(name="get_tokens", scope="function")
+def get_tokens(signoz: types.SigNoz) -> Callable[[str, str], Tuple[str, str]]:
+    def _get_tokens(email: str, password: str) -> str:
+        response = requests.get(
+            signoz.self.host_configs["8080"].get("/api/v2/sessions/context"),
+            params={
+                "email": email,
+                "ref": f"{signoz.self.host_configs['8080'].base()}",
+            },
+            timeout=5,
+        )
+
+        assert response.status_code == HTTPStatus.OK
+        org_id = response.json()["data"]["orgs"][0]["id"]
+
+        response = requests.post(
+            signoz.self.host_configs["8080"].get("/api/v2/sessions/email_password"),
+            json={
+                "email": email,
+                "password": password,
+                "orgId": org_id,
+            },
+            timeout=5,
+        )
+
+        assert response.status_code == HTTPStatus.OK
+        access_token = response.json()["data"]["accessToken"]
+        refresh_token = response.json()["data"]["refreshToken"]
+        return access_token, refresh_token
+
+    return _get_tokens
+
+
+@pytest.fixture(name="apply_license", scope="package")
+def apply_license(
+    signoz: types.SigNoz,
+    create_user_admin: types.Operation,  # pylint: disable=unused-argument,redefined-outer-name
+    request: pytest.FixtureRequest,
+    pytestconfig: pytest.Config,
+) -> types.Operation:
+    """Stub Zeus license-lookup, then POST /api/v3/licenses so the BE flips
+    to ENTERPRISE. Package-scoped so an e2e bootstrap can pull it in and
+    every spec inherits the licensed state."""
+
+    def create() -> types.Operation:
+        Config.base_url = signoz.zeus.host_configs["8080"].get("/__admin")
+        Mappings.create_mapping(
+            mapping=Mapping(
+                request=MappingRequest(
+                    method=HttpMethods.GET,
+                    url="/v2/licenses/me",
+                    headers={
+                        "X-Signoz-Cloud-Api-Key": {
+                            WireMockMatchers.EQUAL_TO: "secret-key"
+                        }
+                    },
+                ),
+                response=MappingResponse(
+                    status=200,
+                    json_body={
+                        "status": "success",
+                        "data": {
+                            "id": "0196360e-90cd-7a74-8313-1aa815ce2a67",
+                            "key": "secret-key",
+                            "valid_from": 1732146923,
+                            "valid_until": -1,
+                            "status": "VALID",
+                            "state": "EVALUATING",
+                            "plan": {"name": "ENTERPRISE"},
+                            "platform": "CLOUD",
+                            "features": [],
+                            "event_queue": {},
+                        },
+                    },
+                ),
+                persistent=False,
+            )
+        )
+
+        access_token = _login(signoz, USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+        # 202 = applied, 409 = already applied. Retry transient failures —
+        # the BE occasionally 5xxs right after startup before the license
+        # sync goroutine is ready.
+        license_url = signoz.self.host_configs["8080"].get("/api/v3/licenses")
+        auth_header = {"Authorization": f"Bearer {access_token}"}
+        for attempt in range(10):
+            resp = requests.post(
+                license_url,
+                json={"key": "secret-key"},
+                headers=auth_header,
+                timeout=5,
+            )
+            if resp.status_code in (HTTPStatus.ACCEPTED, HTTPStatus.CONFLICT):
+                break
+            if attempt == 9:
+                resp.raise_for_status()
+            time.sleep(1)
+
+        # The ENTERPRISE license flips on the `onboarding` feature which
+        # redirects first-time admins to a questionnaire. Mark the preference
+        # complete so specs can navigate directly to the feature under test.
+        pref_resp = requests.put(
+            signoz.self.host_configs["8080"].get(
+                "/api/v1/org/preferences/org_onboarding"
+            ),
+            json={"value": True},
+            headers=auth_header,
+            timeout=5,
+        )
+        assert pref_resp.status_code in (HTTPStatus.OK, HTTPStatus.NO_CONTENT)
+        return types.Operation(name="apply_license")
+
+    def delete(_: types.Operation) -> None:
+        pass
+
+    def restore(cache: dict) -> types.Operation:
+        return types.Operation(name=cache["name"])
+
+    return reuse.wrap(
+        request,
+        pytestconfig,
+        "apply_license",
+        lambda: types.Operation(name=""),
+        create,
+        delete,
+        restore,
+    )
+
+
+# This is not a fixture purposefully, we just want to add a license to the signoz instance.
+# This is also idempotent in nature.
+def add_license(
+    signoz: types.SigNoz,
+    make_http_mocks: Callable[[types.TestContainerDocker, List[Mapping]], None],
+    get_token: Callable[[str, str], str],  # pylint: disable=redefined-outer-name
+) -> None:
+    make_http_mocks(
+        signoz.zeus,
+        [
+            Mapping(
+                request=MappingRequest(
+                    method=HttpMethods.GET,
+                    url="/v2/licenses/me",
+                    headers={
+                        "X-Signoz-Cloud-Api-Key": {
+                            WireMockMatchers.EQUAL_TO: "secret-key"
+                        }
+                    },
+                ),
+                response=MappingResponse(
+                    status=200,
+                    json_body={
+                        "status": "success",
+                        "data": {
+                            "id": "0196360e-90cd-7a74-8313-1aa815ce2a67",
+                            "key": "secret-key",
+                            "valid_from": 1732146923,
+                            "valid_until": -1,
+                            "status": "VALID",
+                            "state": "EVALUATING",
+                            "plan": {
+                                "name": "ENTERPRISE",
+                            },
+                            "platform": "CLOUD",
+                            "features": [],
+                            "event_queue": {},
+                        },
+                    },
+                ),
+                persistent=False,
+            )
+        ],
+    )
+
+    access_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = requests.post(
+        url=signoz.self.host_configs["8080"].get("/api/v3/licenses"),
+        json={"key": "secret-key"},
+        headers={"Authorization": "Bearer " + access_token},
+        timeout=5,
+    )
+
+    if response.status_code == HTTPStatus.CONFLICT:
+        return
+
+    assert response.status_code == HTTPStatus.ACCEPTED
+
+    response = requests.post(
+        url=signoz.zeus.host_configs["8080"].get("/__admin/requests/count"),
+        json={"method": "GET", "url": "/v2/licenses/me"},
+        timeout=5,
+    )
+
+    assert response.json()["count"] == 1
+
+
+def create_active_user(
+    signoz: types.SigNoz,
+    admin_token: str,
+    email: str,
+    role: str,
+    password: str,
+    name: str = "",
+) -> str:
+    """Invite a user and activate via resetPassword. Returns user ID."""
+    response = requests.post(
+        signoz.self.host_configs["8080"].get("/api/v1/invite"),
+        json={"email": email, "role": role, "name": name},
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=5,
+    )
+    assert response.status_code == HTTPStatus.CREATED, response.text
+    invited_user = response.json()["data"]
+
+    response = requests.post(
+        signoz.self.host_configs["8080"].get("/api/v1/resetPassword"),
+        json={"password": password, "token": invited_user["token"]},
+        timeout=5,
+    )
+    assert response.status_code == HTTPStatus.NO_CONTENT, response.text
+
+    return invited_user["id"]
+
+
+def find_user_by_email(signoz: types.SigNoz, token: str, email: str) -> Dict:
+    """Find a user by email from the user list. Raises AssertionError if not found."""
+    response = requests.get(
+        signoz.self.host_configs["8080"].get(USERS_BASE),
+        headers={"Authorization": f"Bearer {token}"},
+        timeout=5,
+    )
+    assert response.status_code == HTTPStatus.OK, response.text
+    user = next((u for u in response.json()["data"] if u["email"] == email), None)
+    assert user is not None, f"User with email '{email}' not found"
+    return user
+
+
+def find_user_with_roles_by_email(signoz: types.SigNoz, token: str, email: str) -> Dict:
+    """Find a user by email and return UserWithRoles (user fields + userRoles).
+
+    Raises AssertionError if the user is not found.
+    """
+    user = find_user_by_email(signoz, token, email)
+    response = requests.get(
+        signoz.self.host_configs["8080"].get(f"{USERS_BASE}/{user['id']}"),
+        headers={"Authorization": f"Bearer {token}"},
+        timeout=5,
+    )
+    assert response.status_code == HTTPStatus.OK, response.text
+    return response.json()["data"]
+
+
+def assert_user_has_role(data: Dict, role_name: str) -> None:
+    """Assert that a UserWithRoles response contains the expected managed role."""
+    role_names = {ur["role"]["name"] for ur in data.get("userRoles", [])}
+    assert role_name in role_names, f"Expected role '{role_name}' in {role_names}"
+
+
+def change_user_role(
+    signoz: types.SigNoz,
+    admin_token: str,
+    user_id: str,
+    old_role: str,
+    new_role: str,
+) -> None:
+    """Change a user's role (remove old, assign new).
+
+    Role names should be managed role names (e.g. signoz-editor).
+    """
+    # Get current roles to find the old role's ID
+    response = requests.get(
+        signoz.self.host_configs["8080"].get(f"{USERS_BASE}/{user_id}/roles"),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=5,
+    )
+    assert response.status_code == HTTPStatus.OK, response.text
+    roles = response.json()["data"]
+
+    old_role_entry = next((r for r in roles if r["name"] == old_role), None)
+    assert old_role_entry is not None, f"User does not have role '{old_role}'"
+
+    # Remove old role
+    response = requests.delete(
+        signoz.self.host_configs["8080"].get(
+            f"{USERS_BASE}/{user_id}/roles/{old_role_entry['id']}"
+        ),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=5,
+    )
+    assert response.status_code == HTTPStatus.NO_CONTENT, response.text
+
+    # Assign new role
+    response = requests.post(
+        signoz.self.host_configs["8080"].get(f"{USERS_BASE}/{user_id}/roles"),
+        json={"name": new_role},
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=5,
+    )
+    assert response.status_code == HTTPStatus.OK, response.text

tests/fixtures/clickhouse.py

@@ -10,7 +10,7 @@ import pytest
 from testcontainers.clickhouse import ClickHouseContainer
 from testcontainers.core.container import Network
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -256,7 +256,7 @@ def clickhouse(
             env=env,
         )
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "clickhouse",

tests/fixtures/cloudintegrations.py

@@ -5,6 +5,13 @@ from typing import Callable
 
 import pytest
 import requests
+from wiremock.client import (
+    HttpMethods,
+    Mapping,
+    MappingRequest,
+    MappingResponse,
+    WireMockMatchers,
+)
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
@@ -153,3 +160,140 @@ def create_cloud_integration_account(
                 logger.info("Cleaned up test account: %s", account_id)
         except Exception as exc:  # pylint: disable=broad-except
             logger.info("Post-test delete cleanup failed: %s", exc)
+
+
+def deprecated_simulate_agent_checkin(
+    signoz: types.SigNoz,
+    admin_token: str,
+    cloud_provider: str,
+    account_id: str,
+    cloud_account_id: str,
+) -> requests.Response:
+    endpoint = f"/api/v1/cloud-integrations/{cloud_provider}/agent-check-in"
+
+    checkin_payload = {
+        "account_id": account_id,
+        "cloud_account_id": cloud_account_id,
+        "data": {},
+    }
+
+    response = requests.post(
+        signoz.self.host_configs["8080"].get(endpoint),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        json=checkin_payload,
+        timeout=10,
+    )
+
+    if not response.ok:
+        logger.error(
+            "Agent check-in failed: %s, response: %s",
+            response.status_code,
+            response.text,
+        )
+
+    return response
+
+
+def setup_create_account_mocks(
+    signoz: types.SigNoz,
+    make_http_mocks: Callable,
+) -> None:
+    """Set up Zeus and Gateway mocks required by the CreateAccount endpoint."""
+    make_http_mocks(
+        signoz.zeus,
+        [
+            Mapping(
+                request=MappingRequest(
+                    method=HttpMethods.GET,
+                    url="/v2/deployments/me",
+                    headers={
+                        "X-Signoz-Cloud-Api-Key": {
+                            WireMockMatchers.EQUAL_TO: "secret-key"
+                        }
+                    },
+                ),
+                response=MappingResponse(
+                    status=200,
+                    json_body={
+                        "status": "success",
+                        "data": {
+                            "name": "test-deployment",
+                            "cluster": {"region": {"dns": "test.signoz.cloud"}},
+                        },
+                    },
+                ),
+                persistent=False,
+            )
+        ],
+    )
+    make_http_mocks(
+        signoz.gateway,
+        [
+            Mapping(
+                request=MappingRequest(
+                    method=HttpMethods.GET,
+                    url="/v1/workspaces/me/keys/search?name=aws-integration&page=1&per_page=10",
+                ),
+                response=MappingResponse(
+                    status=200,
+                    json_body={
+                        "status": "success",
+                        "data": [],
+                        "_pagination": {"page": 1, "per_page": 10, "total": 0},
+                    },
+                ),
+                persistent=False,
+            ),
+            Mapping(
+                request=MappingRequest(
+                    method=HttpMethods.POST,
+                    url="/v1/workspaces/me/keys",
+                ),
+                response=MappingResponse(
+                    status=200,
+                    json_body={
+                        "status": "success",
+                        "data": {
+                            "name": "aws-integration",
+                            "value": "test-ingestion-key-123456",
+                        },
+                        "error": "",
+                    },
+                ),
+                persistent=False,
+            ),
+        ],
+    )
+
+
+def simulate_agent_checkin(
+    signoz: types.SigNoz,
+    admin_token: str,
+    cloud_provider: str,
+    account_id: str,
+    cloud_account_id: str,
+    data: dict | None = None,
+) -> requests.Response:
+    endpoint = f"/api/v1/cloud_integrations/{cloud_provider}/accounts/check_in"
+
+    checkin_payload = {
+        "cloudIntegrationId": account_id,
+        "providerAccountId": cloud_account_id,
+        "data": data or {},
+    }
+
+    response = requests.post(
+        signoz.self.host_configs["8080"].get(endpoint),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        json=checkin_payload,
+        timeout=10,
+    )
+
+    if not response.ok:
+        logger.error(
+            "Agent check-in failed: %s, response: %s",
+            response.status_code,
+            response.text,
+        )
+
+    return response

tests/fixtures/fs.py

@@ -0,0 +1,25 @@
+import os
+from typing import Any, Generator
+
+import pytest
+
+from fixtures import types
+
+
+@pytest.fixture(scope="package")
+def tmpfs(
+    tmp_path_factory: pytest.TempPathFactory,
+) -> Generator[types.LegacyPath, Any, None]:
+    def _tmp(basename: str):
+        return tmp_path_factory.mktemp(basename)
+
+    yield _tmp
+
+
+def get_testdata_file_path(file: str) -> str:
+    # Integration testdata lives at tests/integration/testdata/. This helper
+    # resolves from tests/fixtures/fs.py, so walk up to tests/ and across.
+    testdata_dir = os.path.join(
+        os.path.dirname(__file__), "..", "integration", "testdata"
+    )
+    return os.path.join(testdata_dir, file)

tests/fixtures/http.py

@@ -12,7 +12,7 @@ from wiremock.client import (
 from wiremock.constants import Config
 from wiremock.testing.testcontainer import WireMockContainer
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -63,7 +63,7 @@ def zeus(
     def restore(cache: dict) -> types.TestContainerDocker:
         return types.TestContainerDocker.from_cache(cache)
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "zeus",
@@ -120,7 +120,7 @@ def gateway(
     def restore(cache: dict) -> types.TestContainerDocker:
         return types.TestContainerDocker.from_cache(cache)
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "gateway",

tests/fixtures/idp.py

@@ -11,7 +11,7 @@ from selenium.webdriver.support import expected_conditions as EC
 from selenium.webdriver.support.wait import WebDriverWait
 
 from fixtures import types
-from fixtures.idp import IDP_ROOT_PASSWORD, IDP_ROOT_USERNAME
+from fixtures.keycloak import IDP_ROOT_PASSWORD, IDP_ROOT_USERNAME
 
 
 @pytest.fixture(name="create_saml_client", scope="function")

tests/fixtures/keycloak.py

@@ -4,7 +4,7 @@ import pytest
 from testcontainers.core.container import Network
 from testcontainers.keycloak import KeycloakContainer
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -80,7 +80,7 @@ def idp(
             container=container,
         )
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "idp",

tests/fixtures/logs.py

@@ -11,7 +11,7 @@ from ksuid import KsuidMs
 
 from fixtures import types
 from fixtures.fingerprint import LogsOrTracesFingerprint
-from fixtures.utils import parse_timestamp
+from fixtures.time import parse_timestamp
 
 
 class LogsResource(ABC):
@@ -391,112 +391,124 @@ class Logs(ABC):
         return logs
 
 
+def insert_logs_to_clickhouse(conn, logs: List[Logs]) -> None:
+    """
+    Insert logs into ClickHouse tables following the same logic as the Go exporter.
+    Handles insertion into:
+    - distributed_logs_v2 (main logs table)
+    - distributed_logs_v2_resource (resource fingerprints)
+    - distributed_tag_attributes_v2 (tag attributes)
+    - distributed_logs_attribute_keys (attribute keys)
+    - distributed_logs_resource_keys (resource keys)
+
+    Pure function so the seeder container can reuse the exact insert path
+    used by the pytest fixture. `conn` is a clickhouse-connect Client.
+    """
+    resources: List[LogsResource] = []
+    for log in logs:
+        resources.extend(log.resource)
+
+    if len(resources) > 0:
+        conn.insert(
+            database="signoz_logs",
+            table="distributed_logs_v2_resource",
+            data=[resource.np_arr() for resource in resources],
+            column_names=[
+                "labels",
+                "fingerprint",
+                "seen_at_ts_bucket_start",
+            ],
+        )
+
+    tag_attributes: List[LogsTagAttributes] = []
+    for log in logs:
+        tag_attributes.extend(log.tag_attributes)
+
+    if len(tag_attributes) > 0:
+        conn.insert(
+            database="signoz_logs",
+            table="distributed_tag_attributes_v2",
+            data=[tag_attribute.np_arr() for tag_attribute in tag_attributes],
+        )
+
+    attribute_keys: List[LogsResourceOrAttributeKeys] = []
+    for log in logs:
+        attribute_keys.extend(log.attribute_keys)
+
+    if len(attribute_keys) > 0:
+        conn.insert(
+            database="signoz_logs",
+            table="distributed_logs_attribute_keys",
+            data=[attribute_key.np_arr() for attribute_key in attribute_keys],
+        )
+
+    resource_keys: List[LogsResourceOrAttributeKeys] = []
+    for log in logs:
+        resource_keys.extend(log.resource_keys)
+
+    if len(resource_keys) > 0:
+        conn.insert(
+            database="signoz_logs",
+            table="distributed_logs_resource_keys",
+            data=[resource_key.np_arr() for resource_key in resource_keys],
+        )
+
+    conn.insert(
+        database="signoz_logs",
+        table="distributed_logs_v2",
+        data=[log.np_arr() for log in logs],
+        column_names=[
+            "ts_bucket_start",
+            "resource_fingerprint",
+            "timestamp",
+            "observed_timestamp",
+            "id",
+            "trace_id",
+            "span_id",
+            "trace_flags",
+            "severity_text",
+            "severity_number",
+            "body",
+            "attributes_string",
+            "attributes_number",
+            "attributes_bool",
+            "resources_string",
+            "scope_name",
+            "scope_version",
+            "scope_string",
+            "resource",
+        ],
+    )
+
+
+_LOGS_TABLES_TO_TRUNCATE = [
+    "logs_v2",
+    "logs_v2_resource",
+    "tag_attributes_v2",
+    "logs_attribute_keys",
+    "logs_resource_keys",
+]
+
+
+def truncate_logs_tables(conn, cluster: str) -> None:
+    """Truncate all logs tables. Used by the pytest fixture teardown and by
+    the seeder's DELETE /telemetry/logs endpoint."""
+    for table in _LOGS_TABLES_TO_TRUNCATE:
+        conn.query(f"TRUNCATE TABLE signoz_logs.{table} ON CLUSTER '{cluster}' SYNC")
+
+
 @pytest.fixture(name="insert_logs", scope="function")
 def insert_logs(
     clickhouse: types.TestContainerClickhouse,
 ) -> Generator[Callable[[List[Logs]], None], Any, None]:
     def _insert_logs(logs: List[Logs]) -> None:
-        """
-        Insert logs into ClickHouse tables following the same logic as the Go exporter.
-        This function handles insertion into multiple tables:
-        - distributed_logs_v2 (main logs table)
-        - distributed_logs_v2_resource (resource fingerprints)
-        - distributed_tag_attributes_v2 (tag attributes)
-        - distributed_logs_attribute_keys (attribute keys)
-        - distributed_logs_resource_keys (resource keys)
-        """
-        resources: List[LogsResource] = []
-        for log in logs:
-            resources.extend(log.resource)
-
-        if len(resources) > 0:
-            clickhouse.conn.insert(
-                database="signoz_logs",
-                table="distributed_logs_v2_resource",
-                data=[resource.np_arr() for resource in resources],
-                column_names=[
-                    "labels",
-                    "fingerprint",
-                    "seen_at_ts_bucket_start",
-                ],
-            )
-
-        tag_attributes: List[LogsTagAttributes] = []
-        for log in logs:
-            tag_attributes.extend(log.tag_attributes)
-
-        if len(tag_attributes) > 0:
-            clickhouse.conn.insert(
-                database="signoz_logs",
-                table="distributed_tag_attributes_v2",
-                data=[tag_attribute.np_arr() for tag_attribute in tag_attributes],
-            )
-
-        attribute_keys: List[LogsResourceOrAttributeKeys] = []
-        for log in logs:
-            attribute_keys.extend(log.attribute_keys)
-
-        if len(attribute_keys) > 0:
-            clickhouse.conn.insert(
-                database="signoz_logs",
-                table="distributed_logs_attribute_keys",
-                data=[attribute_key.np_arr() for attribute_key in attribute_keys],
-            )
-
-        resource_keys: List[LogsResourceOrAttributeKeys] = []
-        for log in logs:
-            resource_keys.extend(log.resource_keys)
-
-        if len(resource_keys) > 0:
-            clickhouse.conn.insert(
-                database="signoz_logs",
-                table="distributed_logs_resource_keys",
-                data=[resource_key.np_arr() for resource_key in resource_keys],
-            )
-
-        clickhouse.conn.insert(
-            database="signoz_logs",
-            table="distributed_logs_v2",
-            data=[log.np_arr() for log in logs],
-            column_names=[
-                "ts_bucket_start",
-                "resource_fingerprint",
-                "timestamp",
-                "observed_timestamp",
-                "id",
-                "trace_id",
-                "span_id",
-                "trace_flags",
-                "severity_text",
-                "severity_number",
-                "body",
-                "attributes_string",
-                "attributes_number",
-                "attributes_bool",
-                "resources_string",
-                "scope_name",
-                "scope_version",
-                "scope_string",
-                "resource",
-            ],
-        )
+        insert_logs_to_clickhouse(clickhouse.conn, logs)
 
     yield _insert_logs
 
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_logs.logs_v2 ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
-    )
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_logs.logs_v2_resource ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
-    )
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_logs.tag_attributes_v2 ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
-    )
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_logs.logs_attribute_keys ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
-    )
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_logs.logs_resource_keys ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
+    truncate_logs_tables(
+        clickhouse.conn,
+        clickhouse.env["SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER"],
     )
 
 

tests/fixtures/metrics.py

@@ -8,7 +8,7 @@ import numpy as np
 import pytest
 
 from fixtures import types
-from fixtures.utils import parse_timestamp
+from fixtures.time import parse_timestamp
 
 
 class MetricsTimeSeries(ABC):
@@ -417,151 +417,166 @@ class Metrics(ABC):
         return metrics
 
 
+def insert_metrics_to_clickhouse(conn, metrics: List[Metrics]) -> None:
+    """
+    Insert metrics into ClickHouse tables.
+    Handles insertion into:
+    - distributed_time_series_v4 (time series metadata)
+    - distributed_samples_v4 (actual sample values)
+    - distributed_metadata (metric attribute metadata)
+
+    Pure function so the seeder container can reuse the exact insert path
+    used by the pytest fixture. `conn` is a clickhouse-connect Client.
+    """
+    time_series_map: dict[int, MetricsTimeSeries] = {}
+    for metric in metrics:
+        fp = int(metric.time_series.fingerprint)
+        if fp not in time_series_map:
+            time_series_map[fp] = metric.time_series
+
+    if len(time_series_map) > 0:
+        conn.insert(
+            database="signoz_metrics",
+            table="distributed_time_series_v4",
+            column_names=[
+                "env",
+                "temporality",
+                "metric_name",
+                "description",
+                "unit",
+                "type",
+                "is_monotonic",
+                "fingerprint",
+                "unix_milli",
+                "labels",
+                "attrs",
+                "scope_attrs",
+                "resource_attrs",
+                "__normalized",
+            ],
+            data=[ts.to_row() for ts in time_series_map.values()],
+        )
+
+    samples = [metric.sample for metric in metrics]
+    if len(samples) > 0:
+        conn.insert(
+            database="signoz_metrics",
+            table="distributed_samples_v4",
+            column_names=[
+                "env",
+                "temporality",
+                "metric_name",
+                "fingerprint",
+                "unix_milli",
+                "value",
+                "flags",
+            ],
+            data=[sample.to_row() for sample in samples],
+        )
+
+    # (metric_name, attr_type, attr_name, attr_value) -> MetricsMetadata
+    metadata_map: dict[tuple, MetricsMetadata] = {}
+    for metric in metrics:
+        ts = metric.time_series
+        for attr_name, attr_value in metric.labels.items():
+            key = (ts.metric_name, "point", attr_name, str(attr_value))
+            if key not in metadata_map:
+                metadata_map[key] = MetricsMetadata(
+                    metric_name=ts.metric_name,
+                    attr_name=attr_name,
+                    attr_type="point",
+                    attr_datatype="String",
+                    attr_string_value=str(attr_value),
+                    timestamp=metric.timestamp,
+                    temporality=ts.temporality,
+                    description=ts.description,
+                    unit=ts.unit,
+                    type_=ts.type,
+                    is_monotonic=ts.is_monotonic,
+                )
+        for attr_name, attr_value in ts.resource_attrs.items():
+            key = (ts.metric_name, "resource", attr_name, str(attr_value))
+            if key not in metadata_map:
+                metadata_map[key] = MetricsMetadata(
+                    metric_name=ts.metric_name,
+                    attr_name=attr_name,
+                    attr_type="resource",
+                    attr_datatype="String",
+                    attr_string_value=str(attr_value),
+                    timestamp=metric.timestamp,
+                    temporality=ts.temporality,
+                    description=ts.description,
+                    unit=ts.unit,
+                    type_=ts.type,
+                    is_monotonic=ts.is_monotonic,
+                )
+        for attr_name, attr_value in ts.scope_attrs.items():
+            key = (ts.metric_name, "scope", attr_name, str(attr_value))
+            if key not in metadata_map:
+                metadata_map[key] = MetricsMetadata(
+                    metric_name=ts.metric_name,
+                    attr_name=attr_name,
+                    attr_type="scope",
+                    attr_datatype="String",
+                    attr_string_value=str(attr_value),
+                    timestamp=metric.timestamp,
+                    temporality=ts.temporality,
+                    description=ts.description,
+                    unit=ts.unit,
+                    type_=ts.type,
+                    is_monotonic=ts.is_monotonic,
+                )
+
+    if len(metadata_map) > 0:
+        conn.insert(
+            database="signoz_metrics",
+            table="distributed_metadata",
+            column_names=[
+                "temporality",
+                "metric_name",
+                "description",
+                "unit",
+                "type",
+                "is_monotonic",
+                "attr_name",
+                "attr_type",
+                "attr_datatype",
+                "attr_string_value",
+                "first_reported_unix_milli",
+                "last_reported_unix_milli",
+            ],
+            data=[m.to_row() for m in metadata_map.values()],
+        )
+
+
+_METRICS_TABLES_TO_TRUNCATE = [
+    "time_series_v4",
+    "samples_v4",
+    "exp_hist",
+    "metadata",
+]
+
+
+def truncate_metrics_tables(conn, cluster: str) -> None:
+    """Truncate all metrics tables. Used by the pytest fixture teardown and by
+    the seeder's DELETE /telemetry/metrics endpoint."""
+    for table in _METRICS_TABLES_TO_TRUNCATE:
+        conn.query(f"TRUNCATE TABLE signoz_metrics.{table} ON CLUSTER '{cluster}' SYNC")
+
+
 @pytest.fixture(name="insert_metrics", scope="function")
 def insert_metrics(
     clickhouse: types.TestContainerClickhouse,
 ) -> Generator[Callable[[List[Metrics]], None], Any, None]:
     def _insert_metrics(metrics: List[Metrics]) -> None:
-        """
-        Insert metrics into ClickHouse tables.
-        This function handles insertion into:
-        - distributed_time_series_v4 (time series metadata)
-        - distributed_samples_v4 (actual sample values)
-        - distributed_metadata (metric attribute metadata)
-        """
-        time_series_map: dict[int, MetricsTimeSeries] = {}
-        for metric in metrics:
-            fp = int(metric.time_series.fingerprint)
-            if fp not in time_series_map:
-                time_series_map[fp] = metric.time_series
-
-        if len(time_series_map) > 0:
-            clickhouse.conn.insert(
-                database="signoz_metrics",
-                table="distributed_time_series_v4",
-                column_names=[
-                    "env",
-                    "temporality",
-                    "metric_name",
-                    "description",
-                    "unit",
-                    "type",
-                    "is_monotonic",
-                    "fingerprint",
-                    "unix_milli",
-                    "labels",
-                    "attrs",
-                    "scope_attrs",
-                    "resource_attrs",
-                    "__normalized",
-                ],
-                data=[ts.to_row() for ts in time_series_map.values()],
-            )
-
-        samples = [metric.sample for metric in metrics]
-        if len(samples) > 0:
-            clickhouse.conn.insert(
-                database="signoz_metrics",
-                table="distributed_samples_v4",
-                column_names=[
-                    "env",
-                    "temporality",
-                    "metric_name",
-                    "fingerprint",
-                    "unix_milli",
-                    "value",
-                    "flags",
-                ],
-                data=[sample.to_row() for sample in samples],
-            )
-
-        # (metric_name, attr_type, attr_name, attr_value) -> MetricsMetadata
-        metadata_map: dict[tuple, MetricsMetadata] = {}
-        for metric in metrics:
-            ts = metric.time_series
-            for attr_name, attr_value in metric.labels.items():
-                key = (ts.metric_name, "point", attr_name, str(attr_value))
-                if key not in metadata_map:
-                    metadata_map[key] = MetricsMetadata(
-                        metric_name=ts.metric_name,
-                        attr_name=attr_name,
-                        attr_type="point",
-                        attr_datatype="String",
-                        attr_string_value=str(attr_value),
-                        timestamp=metric.timestamp,
-                        temporality=ts.temporality,
-                        description=ts.description,
-                        unit=ts.unit,
-                        type_=ts.type,
-                        is_monotonic=ts.is_monotonic,
-                    )
-            for attr_name, attr_value in ts.resource_attrs.items():
-                key = (ts.metric_name, "resource", attr_name, str(attr_value))
-                if key not in metadata_map:
-                    metadata_map[key] = MetricsMetadata(
-                        metric_name=ts.metric_name,
-                        attr_name=attr_name,
-                        attr_type="resource",
-                        attr_datatype="String",
-                        attr_string_value=str(attr_value),
-                        timestamp=metric.timestamp,
-                        temporality=ts.temporality,
-                        description=ts.description,
-                        unit=ts.unit,
-                        type_=ts.type,
-                        is_monotonic=ts.is_monotonic,
-                    )
-            for attr_name, attr_value in ts.scope_attrs.items():
-                key = (ts.metric_name, "scope", attr_name, str(attr_value))
-                if key not in metadata_map:
-                    metadata_map[key] = MetricsMetadata(
-                        metric_name=ts.metric_name,
-                        attr_name=attr_name,
-                        attr_type="scope",
-                        attr_datatype="String",
-                        attr_string_value=str(attr_value),
-                        timestamp=metric.timestamp,
-                        temporality=ts.temporality,
-                        description=ts.description,
-                        unit=ts.unit,
-                        type_=ts.type,
-                        is_monotonic=ts.is_monotonic,
-                    )
-
-        if len(metadata_map) > 0:
-            clickhouse.conn.insert(
-                database="signoz_metrics",
-                table="distributed_metadata",
-                column_names=[
-                    "temporality",
-                    "metric_name",
-                    "description",
-                    "unit",
-                    "type",
-                    "is_monotonic",
-                    "attr_name",
-                    "attr_type",
-                    "attr_datatype",
-                    "attr_string_value",
-                    "first_reported_unix_milli",
-                    "last_reported_unix_milli",
-                ],
-                data=[m.to_row() for m in metadata_map.values()],
-            )
+        insert_metrics_to_clickhouse(clickhouse.conn, metrics)
 
     yield _insert_metrics
 
-    cluster = clickhouse.env["SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER"]
-    tables_to_truncate = [
-        "time_series_v4",
-        "samples_v4",
-        "exp_hist",
-        "metadata",
-    ]
-    for table in tables_to_truncate:
-        clickhouse.conn.query(
-            f"TRUNCATE TABLE signoz_metrics.{table} ON CLUSTER '{cluster}' SYNC"
-        )
+    truncate_metrics_tables(
+        clickhouse.conn,
+        clickhouse.env["SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER"],
+    )
 
 
 @pytest.fixture(name="remove_metrics_ttl_and_storage_settings", scope="function")

tests/fixtures/migrator.py

@@ -2,7 +2,7 @@ import docker
 import pytest
 from testcontainers.core.container import Network
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -67,7 +67,7 @@ def migrator(
     def restore(cache: dict) -> types.Operation:
         return types.Operation(name=cache["name"])
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "migrator",

tests/fixtures/network.py

@@ -3,7 +3,7 @@ import docker.errors
 import pytest
 from testcontainers.core.network import Network
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -37,7 +37,7 @@ def network(
         nw = client.networks.get(network_id=existing.get("id"))
         return types.Network(id=nw.id, name=nw.name)
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "network",

tests/fixtures/notification_channel.py

@@ -8,7 +8,7 @@ import requests
 from testcontainers.core.container import Network
 from wiremock.testing.testcontainer import WireMockContainer
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
 from fixtures.logger import setup_logger
 
@@ -60,7 +60,7 @@ def notification_channel(
     def restore(cache: dict) -> types.TestContainerDocker:
         return types.TestContainerDocker.from_cache(cache)
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "notification_channel",

tests/fixtures/postgres.py

@@ -5,7 +5,7 @@ from sqlalchemy import create_engine, sql
 from testcontainers.core.container import Network
 from testcontainers.postgres import PostgresContainer
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -97,7 +97,7 @@ def postgres(
             env=env,
         )
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "postgres",

tests/fixtures/querier.py

@@ -1,10 +1,13 @@
 from dataclasses import dataclass
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
+from http import HTTPStatus
 from typing import Any, Dict, List, Optional, Union
 
 import requests
 
 from fixtures import types
+from fixtures.logs import Logs
+from fixtures.traces import TraceIdGenerator, Traces, TracesKind, TracesStatusCode
 
 DEFAULT_STEP_INTERVAL = 60  # seconds
 DEFAULT_TOLERANCE = 1e-9
@@ -583,3 +586,251 @@ def assert_scalar_column_order(
         f"{context}: Column {column_index} order mismatch. "
         f"Expected {expected_values}, got {actual_values}"
     )
+
+
+def format_timestamp(dt: datetime) -> str:
+    """
+    Format a datetime object to match the API's timestamp format.
+    The API returns timestamps with minimal fractional seconds precision.
+    Example: 2026-02-03T20:54:56.5Z for 500000 microseconds
+    """
+    base_str = dt.strftime("%Y-%m-%dT%H:%M:%S")
+    if dt.microsecond:
+        # Convert microseconds to fractional seconds and strip trailing zeros
+        fractional = f"{dt.microsecond / 1000000:.6f}"[2:].rstrip("0")
+        return f"{base_str}.{fractional}Z"
+    return f"{base_str}Z"
+
+
+def assert_identical_query_response(
+    response1: requests.Response, response2: requests.Response
+) -> None:
+    """
+    Assert that two query responses are identical in status and data.
+    """
+    assert response1.status_code == response2.status_code, "Status codes do not match"
+    if response1.status_code == HTTPStatus.OK:
+        assert (
+            response1.json()["status"] == response2.json()["status"]
+        ), "Response statuses do not match"
+        assert (
+            response1.json()["data"]["data"]["results"]
+            == response2.json()["data"]["data"]["results"]
+        ), "Response data do not match"
+
+
+def generate_logs_with_corrupt_metadata() -> List[Logs]:
+    """
+    Specifically, entries with 'id', 'timestamp', 'severity_text', 'severity_number' and 'body' fields in metadata
+    """
+    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
+
+    return [
+        Logs(
+            timestamp=now - timedelta(seconds=4),
+            body="POST /integration request received",
+            severity_text="INFO",
+            resources={
+                "deployment.environment": "production",
+                "service.name": "http-service",
+                "os.type": "linux",
+                "host.name": "linux-000",
+                "cloud.provider": "integration",
+                "cloud.account.id": "000",
+                "timestamp": "corrupt_data",
+            },
+            attributes={
+                "net.transport": "IP.TCP",
+                "http.scheme": "http",
+                "http.user_agent": "Integration Test",
+                "http.request.method": "POST",
+                "http.response.status_code": "200",
+                "severity_text": "corrupt_data",
+                "timestamp": "corrupt_data",
+            },
+            trace_id="1",
+        ),
+        Logs(
+            timestamp=now - timedelta(seconds=3),
+            body="SELECT query executed",
+            severity_text="DEBUG",
+            resources={
+                "deployment.environment": "production",
+                "service.name": "http-service",
+                "os.type": "linux",
+                "host.name": "linux-000",
+                "cloud.provider": "integration",
+                "cloud.account.id": "000",
+                "severity_number": "corrupt_data",
+                "id": "corrupt_data",
+            },
+            attributes={
+                "db.name": "integration",
+                "db.operation": "SELECT",
+                "db.statement": "SELECT * FROM integration",
+                "trace_id": "2",
+            },
+        ),
+        Logs(
+            timestamp=now - timedelta(seconds=2),
+            body="HTTP PATCH failed with 404",
+            severity_text="WARN",
+            resources={
+                "deployment.environment": "production",
+                "service.name": "http-service",
+                "os.type": "linux",
+                "host.name": "linux-000",
+                "cloud.provider": "integration",
+                "cloud.account.id": "000",
+                "body": "corrupt_data",
+                "trace_id": "3",
+            },
+            attributes={
+                "http.request.method": "PATCH",
+                "http.status_code": "404",
+                "id": "1",
+            },
+        ),
+        Logs(
+            timestamp=now - timedelta(seconds=1),
+            body="{'trace_id': '4'}",
+            severity_text="ERROR",
+            resources={
+                "deployment.environment": "production",
+                "service.name": "topic-service",
+                "os.type": "linux",
+                "host.name": "linux-001",
+                "cloud.provider": "integration",
+                "cloud.account.id": "001",
+            },
+            attributes={
+                "message.type": "SENT",
+                "messaging.operation": "publish",
+                "messaging.message.id": "001",
+                "body": "corrupt_data",
+                "timestamp": "corrupt_data",
+            },
+        ),
+    ]
+
+
+def generate_traces_with_corrupt_metadata() -> List[Traces]:
+    """
+    Specifically, entries with 'id', 'timestamp', 'trace_id' and 'duration_nano' fields in metadata
+    """
+    http_service_trace_id = TraceIdGenerator.trace_id()
+    http_service_span_id = TraceIdGenerator.span_id()
+    http_service_db_span_id = TraceIdGenerator.span_id()
+    http_service_patch_span_id = TraceIdGenerator.span_id()
+    topic_service_trace_id = TraceIdGenerator.trace_id()
+    topic_service_span_id = TraceIdGenerator.span_id()
+
+    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
+
+    return [
+        Traces(
+            timestamp=now - timedelta(seconds=4),
+            duration=timedelta(seconds=3),
+            trace_id=http_service_trace_id,
+            span_id=http_service_span_id,
+            parent_span_id="",
+            name="POST /integration",
+            kind=TracesKind.SPAN_KIND_SERVER,
+            status_code=TracesStatusCode.STATUS_CODE_OK,
+            status_message="",
+            resources={
+                "deployment.environment": "production",
+                "service.name": "http-service",
+                "os.type": "linux",
+                "host.name": "linux-000",
+                "cloud.provider": "integration",
+                "cloud.account.id": "000",
+                "trace_id": "corrupt_data",
+            },
+            attributes={
+                "net.transport": "IP.TCP",
+                "http.scheme": "http",
+                "http.user_agent": "Integration Test",
+                "http.request.method": "POST",
+                "http.response.status_code": "200",
+                "timestamp": "corrupt_data",
+            },
+        ),
+        Traces(
+            timestamp=now - timedelta(seconds=3.5),
+            duration=timedelta(seconds=5),
+            trace_id=http_service_trace_id,
+            span_id=http_service_db_span_id,
+            parent_span_id=http_service_span_id,
+            name="SELECT",
+            kind=TracesKind.SPAN_KIND_CLIENT,
+            status_code=TracesStatusCode.STATUS_CODE_OK,
+            status_message="",
+            resources={
+                "deployment.environment": "production",
+                "service.name": "http-service",
+                "os.type": "linux",
+                "host.name": "linux-000",
+                "cloud.provider": "integration",
+                "cloud.account.id": "000",
+                "timestamp": "corrupt_data",
+            },
+            attributes={
+                "db.name": "integration",
+                "db.operation": "SELECT",
+                "db.statement": "SELECT * FROM integration",
+                "trace_d": "corrupt_data",
+            },
+        ),
+        Traces(
+            timestamp=now - timedelta(seconds=3),
+            duration=timedelta(seconds=1),
+            trace_id=http_service_trace_id,
+            span_id=http_service_patch_span_id,
+            parent_span_id=http_service_span_id,
+            name="HTTP PATCH",
+            kind=TracesKind.SPAN_KIND_CLIENT,
+            status_code=TracesStatusCode.STATUS_CODE_OK,
+            status_message="",
+            resources={
+                "deployment.environment": "production",
+                "service.name": "http-service",
+                "os.type": "linux",
+                "host.name": "linux-000",
+                "cloud.provider": "integration",
+                "cloud.account.id": "000",
+                "duration_nano": "corrupt_data",
+            },
+            attributes={
+                "http.request.method": "PATCH",
+                "http.status_code": "404",
+                "id": "1",
+            },
+        ),
+        Traces(
+            timestamp=now - timedelta(seconds=1),
+            duration=timedelta(seconds=4),
+            trace_id=topic_service_trace_id,
+            span_id=topic_service_span_id,
+            parent_span_id="",
+            name="topic publish",
+            kind=TracesKind.SPAN_KIND_PRODUCER,
+            status_code=TracesStatusCode.STATUS_CODE_OK,
+            status_message="",
+            resources={
+                "deployment.environment": "production",
+                "service.name": "topic-service",
+                "os.type": "linux",
+                "host.name": "linux-001",
+                "cloud.provider": "integration",
+                "cloud.account.id": "001",
+            },
+            attributes={
+                "message.type": "SENT",
+                "messaging.operation": "publish",
+                "messaging.message.id": "001",
+                "duration_nano": "corrupt_data",
+                "id": 1,
+            },
+        ),
+    ]

tests/fixtures/seeder.py

@@ -0,0 +1,101 @@
+import time
+from http import HTTPStatus
+
+import docker
+import docker.errors
+import pytest
+import requests
+from testcontainers.core.container import DockerContainer, Network
+
+from fixtures import reuse, types
+from fixtures.logger import setup_logger
+
+logger = setup_logger(__name__)
+
+
+@pytest.fixture(name="seeder", scope="package")
+def seeder(
+    network: Network,
+    clickhouse: types.TestContainerClickhouse,
+    request: pytest.FixtureRequest,
+    pytestconfig: pytest.Config,
+) -> types.TestContainerDocker:
+    """HTTP seeder container exposing POST/DELETE endpoints for per-test telemetry."""
+
+    def create() -> types.TestContainerDocker:
+        docker_client = docker.from_env()
+        docker_client.images.build(
+            path=str(pytestconfig.rootpath),
+            dockerfile="Dockerfile.seeder",
+            tag="signoz-tests-seeder:latest",
+            rm=True,
+        )
+
+        container = DockerContainer("signoz-tests-seeder:latest")
+        container.with_env(
+            "CH_HOST", clickhouse.container.container_configs["8123"].address
+        )
+        container.with_env(
+            "CH_PORT", str(clickhouse.container.container_configs["8123"].port)
+        )
+        container.with_env(
+            "CH_USER", clickhouse.env["SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_USERNAME"]
+        )
+        container.with_env(
+            "CH_PASSWORD", clickhouse.env["SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_PASSWORD"]
+        )
+        container.with_env(
+            "CH_CLUSTER", clickhouse.env["SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER"]
+        )
+        container.with_exposed_ports(8080)
+        container.with_network(network=network)
+        container.start()
+
+        host = container.get_container_host_ip()
+        host_port = container.get_exposed_port(8080)
+
+        for attempt in range(20):
+            try:
+                response = requests.get(f"http://{host}:{host_port}/healthz", timeout=2)
+                if response.status_code == HTTPStatus.OK:
+                    break
+            except Exception as e:  # pylint: disable=broad-exception-caught
+                logger.info("seeder attempt %d: %s", attempt + 1, e)
+            time.sleep(1)
+        else:
+            raise TimeoutError("seeder container did not become ready")
+
+        return types.TestContainerDocker(
+            id=container.get_wrapped_container().id,
+            host_configs={
+                "8080": types.TestContainerUrlConfig("http", host, host_port),
+            },
+            container_configs={
+                "8080": types.TestContainerUrlConfig(
+                    "http", container.get_wrapped_container().name, 8080
+                ),
+            },
+        )
+
+    def delete(container: types.TestContainerDocker) -> None:
+        client = docker.from_env()
+        try:
+            client.containers.get(container_id=container.id).stop()
+            client.containers.get(container_id=container.id).remove(v=True)
+        except docker.errors.NotFound:
+            logger.info("Seeder container %s already gone", container.id)
+
+    def restore(cache: dict) -> types.TestContainerDocker:
+        return types.TestContainerDocker.from_cache(cache)
+
+    return reuse.wrap(
+        request,
+        pytestconfig,
+        "seeder",
+        empty=lambda: types.TestContainerDocker(
+            id="", host_configs={}, container_configs={}
+        ),
+        create=create,
+        delete=delete,
+        restore=restore,
+    )

tests/fixtures/signoz.py

@@ -11,7 +11,7 @@ import requests
 from testcontainers.core.container import DockerContainer, Network
 from testcontainers.core.image import DockerImage
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -49,8 +49,10 @@ def create_signoz(
         if with_web:
             dockerfile_path = "cmd/enterprise/Dockerfile.with-web.integration"
 
+        # Docker build context is the repo root — one up from pytest's
+        # rootdir (tests/).
         self = DockerImage(
-            path="../../",
+            path=str(pytestconfig.rootpath.parent),
             dockerfile_path=dockerfile_path,
             tag="signoz:integration",
             buildargs={
@@ -181,7 +183,7 @@ def create_signoz(
             gateway=gateway,
         )
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         cache_key,

tests/fixtures/sqlite.py

@@ -4,7 +4,7 @@ from typing import Any, Generator
 import pytest
 from sqlalchemy import create_engine, sql
 
-from fixtures import dev, types
+from fixtures import reuse, types
 
 ConnectionTuple = namedtuple("ConnectionTuple", "connection config")
 
@@ -64,7 +64,7 @@ def sqlite(
             env=cache["env"],
         )
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "sqlite",

tests/fixtures/time.py

@@ -1,5 +1,4 @@
 import datetime
-import os
 from typing import Any
 
 import isodate
@@ -26,8 +25,3 @@ def parse_duration(duration: Any) -> datetime.timedelta:
     if isinstance(duration, datetime.timedelta):
         return duration
     return datetime.timedelta(seconds=duration)
-
-
-def get_testdata_file_path(file: str) -> str:
-    testdata_dir = os.path.join(os.path.dirname(__file__), "..", "testdata")
-    return os.path.join(testdata_dir, file)

tests/fixtures/traces.py

@@ -13,7 +13,7 @@ import pytest
 
 from fixtures import types
 from fixtures.fingerprint import LogsOrTracesFingerprint
-from fixtures.utils import parse_duration, parse_timestamp
+from fixtures.time import parse_duration, parse_timestamp
 
 
 class TracesKind(Enum):
@@ -689,131 +689,142 @@ class Traces(ABC):
         return traces
 
 
+def insert_traces_to_clickhouse(conn, traces: List[Traces]) -> None:
+    """
+    Insert traces into ClickHouse tables following the same logic as the Go exporter.
+    Handles insertion into:
+    - distributed_signoz_index_v3 (main traces table)
+    - distributed_traces_v3_resource (resource fingerprints)
+    - distributed_tag_attributes_v2 (tag attributes)
+    - distributed_span_attributes_keys (attribute keys)
+    - distributed_signoz_error_index_v2 (error events)
+
+    Pure function so the seeder container (tests/seeder/) can reuse the
+    exact insert path used by the pytest fixtures. `conn` is a
+    clickhouse-connect Client.
+    """
+    resources: List[TracesResource] = []
+    for trace in traces:
+        resources.extend(trace.resource)
+
+    if len(resources) > 0:
+        conn.insert(
+            database="signoz_traces",
+            table="distributed_traces_v3_resource",
+            data=[resource.np_arr() for resource in resources],
+        )
+
+    tag_attributes: List[TracesTagAttributes] = []
+    for trace in traces:
+        tag_attributes.extend(trace.tag_attributes)
+
+    if len(tag_attributes) > 0:
+        conn.insert(
+            database="signoz_traces",
+            table="distributed_tag_attributes_v2",
+            data=[tag_attribute.np_arr() for tag_attribute in tag_attributes],
+        )
+
+    attribute_keys: List[TracesResourceOrAttributeKeys] = []
+    resource_keys: List[TracesResourceOrAttributeKeys] = []
+    for trace in traces:
+        attribute_keys.extend(trace.attribute_keys)
+        resource_keys.extend(trace.resource_keys)
+
+    if len(attribute_keys) > 0:
+        conn.insert(
+            database="signoz_traces",
+            table="distributed_span_attributes_keys",
+            data=[attribute_key.np_arr() for attribute_key in attribute_keys],
+        )
+
+    if len(resource_keys) > 0:
+        conn.insert(
+            database="signoz_traces",
+            table="distributed_span_attributes_keys",
+            data=[resource_key.np_arr() for resource_key in resource_keys],
+        )
+
+    conn.insert(
+        database="signoz_traces",
+        table="distributed_signoz_index_v3",
+        column_names=[
+            "ts_bucket_start",
+            "resource_fingerprint",
+            "timestamp",
+            "trace_id",
+            "span_id",
+            "trace_state",
+            "parent_span_id",
+            "flags",
+            "name",
+            "kind",
+            "kind_string",
+            "duration_nano",
+            "status_code",
+            "status_message",
+            "status_code_string",
+            "attributes_string",
+            "attributes_number",
+            "attributes_bool",
+            "resources_string",
+            "events",
+            "links",
+            "response_status_code",
+            "external_http_url",
+            "http_url",
+            "external_http_method",
+            "http_method",
+            "http_host",
+            "db_name",
+            "db_operation",
+            "has_error",
+            "is_remote",
+            "resource",
+        ],
+        data=[trace.np_arr() for trace in traces],
+    )
+
+    error_events: List[TracesErrorEvent] = []
+    for trace in traces:
+        error_events.extend(trace.error_events)
+
+    if len(error_events) > 0:
+        conn.insert(
+            database="signoz_traces",
+            table="distributed_signoz_error_index_v2",
+            data=[error_event.np_arr() for error_event in error_events],
+        )
+
+
+_TRACES_TABLES_TO_TRUNCATE = [
+    "signoz_index_v3",
+    "traces_v3_resource",
+    "tag_attributes_v2",
+    "span_attributes_keys",
+    "signoz_error_index_v2",
+]
+
+
+def truncate_traces_tables(conn, cluster: str) -> None:
+    """Truncate all traces tables. Used by the pytest fixture teardown and by
+    the seeder's DELETE /telemetry/traces endpoint."""
+    for table in _TRACES_TABLES_TO_TRUNCATE:
+        conn.query(f"TRUNCATE TABLE signoz_traces.{table} ON CLUSTER '{cluster}' SYNC")
+
+
 @pytest.fixture(name="insert_traces", scope="function")
 def insert_traces(
     clickhouse: types.TestContainerClickhouse,
 ) -> Generator[Callable[[List[Traces]], None], Any, None]:
     def _insert_traces(traces: List[Traces]) -> None:
-        """
-        Insert traces into ClickHouse tables following the same logic as the Go exporter.
-        This function handles insertion into multiple tables:
-        - distributed_signoz_index_v3 (main traces table)
-        - distributed_traces_v3_resource (resource fingerprints)
-        - distributed_tag_attributes_v2 (tag attributes)
-        - distributed_span_attributes_keys (attribute keys)
-        - distributed_signoz_error_index_v2 (error events)
-        """
-        resources: List[TracesResource] = []
-        for trace in traces:
-            resources.extend(trace.resource)
-
-        if len(resources) > 0:
-            clickhouse.conn.insert(
-                database="signoz_traces",
-                table="distributed_traces_v3_resource",
-                data=[resource.np_arr() for resource in resources],
-            )
-
-        tag_attributes: List[TracesTagAttributes] = []
-        for trace in traces:
-            tag_attributes.extend(trace.tag_attributes)
-
-        if len(tag_attributes) > 0:
-            clickhouse.conn.insert(
-                database="signoz_traces",
-                table="distributed_tag_attributes_v2",
-                data=[tag_attribute.np_arr() for tag_attribute in tag_attributes],
-            )
-
-        attribute_keys: List[TracesResourceOrAttributeKeys] = []
-        resource_keys: List[TracesResourceOrAttributeKeys] = []
-        for trace in traces:
-            attribute_keys.extend(trace.attribute_keys)
-            resource_keys.extend(trace.resource_keys)
-
-        if len(attribute_keys) > 0:
-            clickhouse.conn.insert(
-                database="signoz_traces",
-                table="distributed_span_attributes_keys",
-                data=[attribute_key.np_arr() for attribute_key in attribute_keys],
-            )
-
-        if len(resource_keys) > 0:
-            clickhouse.conn.insert(
-                database="signoz_traces",
-                table="distributed_span_attributes_keys",
-                data=[resource_key.np_arr() for resource_key in resource_keys],
-            )
-
-        # Insert main traces
-        clickhouse.conn.insert(
-            database="signoz_traces",
-            table="distributed_signoz_index_v3",
-            column_names=[
-                "ts_bucket_start",
-                "resource_fingerprint",
-                "timestamp",
-                "trace_id",
-                "span_id",
-                "trace_state",
-                "parent_span_id",
-                "flags",
-                "name",
-                "kind",
-                "kind_string",
-                "duration_nano",
-                "status_code",
-                "status_message",
-                "status_code_string",
-                "attributes_string",
-                "attributes_number",
-                "attributes_bool",
-                "resources_string",
-                "events",
-                "links",
-                "response_status_code",
-                "external_http_url",
-                "http_url",
-                "external_http_method",
-                "http_method",
-                "http_host",
-                "db_name",
-                "db_operation",
-                "has_error",
-                "is_remote",
-                "resource",
-            ],
-            data=[trace.np_arr() for trace in traces],
-        )
-
-        # Insert error events
-        error_events: List[TracesErrorEvent] = []
-        for trace in traces:
-            error_events.extend(trace.error_events)
-
-        if len(error_events) > 0:
-            clickhouse.conn.insert(
-                database="signoz_traces",
-                table="distributed_signoz_error_index_v2",
-                data=[error_event.np_arr() for error_event in error_events],
-            )
+        insert_traces_to_clickhouse(clickhouse.conn, traces)
 
     yield _insert_traces
 
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_traces.signoz_index_v3 ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
-    )
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_traces.traces_v3_resource ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
-    )
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_traces.tag_attributes_v2 ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
-    )
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_traces.span_attributes_keys ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
-    )
-    clickhouse.conn.query(
-        f"TRUNCATE TABLE signoz_traces.signoz_error_index_v2 ON CLUSTER '{clickhouse.env['SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER']}' SYNC"
+    truncate_traces_tables(
+        clickhouse.conn,
+        clickhouse.env["SIGNOZ_TELEMETRYSTORE_CLICKHOUSE_CLUSTER"],
     )
 
 

tests/fixtures/zookeeper.py

@@ -3,7 +3,7 @@ import docker.errors
 import pytest
 from testcontainers.core.container import DockerContainer, Network
 
-from fixtures import dev, types
+from fixtures import reuse, types
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)
@@ -58,7 +58,7 @@ def zookeeper(
     def restore(cache: dict) -> types.TestContainerDocker:
         return types.TestContainerDocker.from_cache(cache)
 
-    return dev.wrap(
+    return reuse.wrap(
         request,
         pytestconfig,
         "zookeeper",

tests/integration/fixtures/alerts.py

@@ -1,110 +0,0 @@
-from datetime import datetime, timezone
-from http import HTTPStatus
-from typing import Callable, List
-
-import pytest
-import requests
-
-from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.logger import setup_logger
-from fixtures.logs import Logs
-from fixtures.metrics import Metrics
-from fixtures.traces import Traces
-from fixtures.utils import get_testdata_file_path
-
-logger = setup_logger(__name__)
-
-
-@pytest.fixture(name="create_alert_rule", scope="function")
-def create_alert_rule(
-    signoz: types.SigNoz, get_token: Callable[[str, str], str]
-) -> Callable[[dict], str]:
-    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    rule_ids = []
-
-    def _create_alert_rule(rule_data: dict) -> str:
-        response = requests.post(
-            signoz.self.host_configs["8080"].get("/api/v1/rules"),
-            json=rule_data,
-            headers={"Authorization": f"Bearer {admin_token}"},
-            timeout=5,
-        )
-        assert (
-            response.status_code == HTTPStatus.OK
-        ), f"Failed to create rule, api returned {response.status_code} with response: {response.text}"
-        rule_id = response.json()["data"]["id"]
-        rule_ids.append(rule_id)
-        return rule_id
-
-    def _delete_alert_rule(rule_id: str):
-        logger.info("Deleting rule: %s", {"rule_id": rule_id})
-        response = requests.delete(
-            signoz.self.host_configs["8080"].get(f"/api/v1/rules/{rule_id}"),
-            headers={"Authorization": f"Bearer {admin_token}"},
-            timeout=5,
-        )
-        if response.status_code != HTTPStatus.OK:
-            raise Exception(  # pylint: disable=broad-exception-raised
-                f"Failed to delete rule, api returned {response.status_code} with response: {response.text}"
-            )
-
-    yield _create_alert_rule
-    # delete the rule on cleanup
-    for rule_id in rule_ids:
-        try:
-            _delete_alert_rule(rule_id)
-        except Exception as e:  # pylint: disable=broad-exception-caught
-            logger.error("Error deleting rule: %s", {"rule_id": rule_id, "error": e})
-
-
-@pytest.fixture(name="insert_alert_data", scope="function")
-def insert_alert_data(
-    insert_metrics: Callable[[List[Metrics]], None],
-    insert_traces: Callable[[List[Traces]], None],
-    insert_logs: Callable[[List[Logs]], None],
-) -> Callable[[List[types.AlertData]], None]:
-
-    def _insert_alert_data(
-        alert_data_items: List[types.AlertData],
-        base_time: datetime = None,
-    ) -> None:
-
-        metrics: List[Metrics] = []
-        traces: List[Traces] = []
-        logs: List[Logs] = []
-
-        now = base_time or datetime.now(tz=timezone.utc).replace(
-            second=0, microsecond=0
-        )
-
-        for data_item in alert_data_items:
-            if data_item.type == "metrics":
-                _metrics = Metrics.load_from_file(
-                    get_testdata_file_path(data_item.data_path),
-                    base_time=now,
-                )
-                metrics.extend(_metrics)
-            elif data_item.type == "traces":
-                _traces = Traces.load_from_file(
-                    get_testdata_file_path(data_item.data_path),
-                    base_time=now,
-                )
-                traces.extend(_traces)
-            elif data_item.type == "logs":
-                _logs = Logs.load_from_file(
-                    get_testdata_file_path(data_item.data_path),
-                    base_time=now,
-                )
-                logs.extend(_logs)
-
-        # Add data to ClickHouse if any data is present
-        if len(metrics) > 0:
-            insert_metrics(metrics)
-        if len(traces) > 0:
-            insert_traces(traces)
-        if len(logs) > 0:
-            insert_logs(logs)
-
-    yield _insert_alert_data

tests/integration/fixtures/auth.py

@@ -1,216 +0,0 @@
-from http import HTTPStatus
-from typing import Callable, List, Tuple
-
-import pytest
-import requests
-from wiremock.resources.mappings import (
-    HttpMethods,
-    Mapping,
-    MappingRequest,
-    MappingResponse,
-    WireMockMatchers,
-)
-
-from fixtures import dev, types
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-USER_ADMIN_NAME = "admin"
-USER_ADMIN_EMAIL = "admin@integration.test"
-USER_ADMIN_PASSWORD = "password123Z$"
-
-USER_EDITOR_NAME = "editor"
-USER_EDITOR_EMAIL = "editor@integration.test"
-USER_EDITOR_PASSWORD = "password123Z$"
-
-USER_VIEWER_NAME = "viewer"
-USER_VIEWER_EMAIL = "viewer@integration.test"
-USER_VIEWER_PASSWORD = "password123Z$"
-
-
-@pytest.fixture(name="create_user_admin", scope="package")
-def create_user_admin(
-    signoz: types.SigNoz, request: pytest.FixtureRequest, pytestconfig: pytest.Config
-) -> types.Operation:
-    def create() -> None:
-        response = requests.post(
-            signoz.self.host_configs["8080"].get("/api/v1/register"),
-            json={
-                "name": USER_ADMIN_NAME,
-                "orgName": "",
-                "email": USER_ADMIN_EMAIL,
-                "password": USER_ADMIN_PASSWORD,
-            },
-            timeout=5,
-        )
-
-        assert response.status_code == HTTPStatus.OK
-
-        return types.Operation(name="create_user_admin")
-
-    def delete(_: types.Operation) -> None:
-        pass
-
-    def restore(cache: dict) -> types.Operation:
-        return types.Operation(name=cache["name"])
-
-    return dev.wrap(
-        request,
-        pytestconfig,
-        "create_user_admin",
-        lambda: types.Operation(name=""),
-        create,
-        delete,
-        restore,
-    )
-
-
-@pytest.fixture(name="get_session_context", scope="function")
-def get_session_context(signoz: types.SigNoz) -> Callable[[str, str], str]:
-    def _get_session_context(email: str) -> str:
-        response = requests.get(
-            signoz.self.host_configs["8080"].get("/api/v2/sessions/context"),
-            params={
-                "email": email,
-                "ref": f"{signoz.self.host_configs['8080'].base()}",
-            },
-            timeout=5,
-        )
-
-        assert response.status_code == HTTPStatus.OK
-        return response.json()["data"]
-
-    return _get_session_context
-
-
-@pytest.fixture(name="get_token", scope="function")
-def get_token(signoz: types.SigNoz) -> Callable[[str, str], str]:
-    def _get_token(email: str, password: str) -> str:
-        response = requests.get(
-            signoz.self.host_configs["8080"].get("/api/v2/sessions/context"),
-            params={
-                "email": email,
-                "ref": f"{signoz.self.host_configs['8080'].base()}",
-            },
-            timeout=5,
-        )
-
-        assert response.status_code == HTTPStatus.OK
-        org_id = response.json()["data"]["orgs"][0]["id"]
-
-        response = requests.post(
-            signoz.self.host_configs["8080"].get("/api/v2/sessions/email_password"),
-            json={
-                "email": email,
-                "password": password,
-                "orgId": org_id,
-            },
-            timeout=5,
-        )
-
-        assert response.status_code == HTTPStatus.OK
-        return response.json()["data"]["accessToken"]
-
-    return _get_token
-
-
-@pytest.fixture(name="get_tokens", scope="function")
-def get_tokens(signoz: types.SigNoz) -> Callable[[str, str], Tuple[str, str]]:
-    def _get_tokens(email: str, password: str) -> str:
-        response = requests.get(
-            signoz.self.host_configs["8080"].get("/api/v2/sessions/context"),
-            params={
-                "email": email,
-                "ref": f"{signoz.self.host_configs['8080'].base()}",
-            },
-            timeout=5,
-        )
-
-        assert response.status_code == HTTPStatus.OK
-        org_id = response.json()["data"]["orgs"][0]["id"]
-
-        response = requests.post(
-            signoz.self.host_configs["8080"].get("/api/v2/sessions/email_password"),
-            json={
-                "email": email,
-                "password": password,
-                "orgId": org_id,
-            },
-            timeout=5,
-        )
-
-        assert response.status_code == HTTPStatus.OK
-        access_token = response.json()["data"]["accessToken"]
-        refresh_token = response.json()["data"]["refreshToken"]
-        return access_token, refresh_token
-
-    return _get_tokens
-
-
-# This is not a fixture purposefully, we just want to add a license to the signoz instance.
-# This is also idempotent in nature.
-def add_license(
-    signoz: types.SigNoz,
-    make_http_mocks: Callable[[types.TestContainerDocker, List[Mapping]], None],
-    get_token: Callable[[str, str], str],  # pylint: disable=redefined-outer-name
-) -> None:
-    make_http_mocks(
-        signoz.zeus,
-        [
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.GET,
-                    url="/v2/licenses/me",
-                    headers={
-                        "X-Signoz-Cloud-Api-Key": {
-                            WireMockMatchers.EQUAL_TO: "secret-key"
-                        }
-                    },
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": {
-                            "id": "0196360e-90cd-7a74-8313-1aa815ce2a67",
-                            "key": "secret-key",
-                            "valid_from": 1732146923,
-                            "valid_until": -1,
-                            "status": "VALID",
-                            "state": "EVALUATING",
-                            "plan": {
-                                "name": "ENTERPRISE",
-                            },
-                            "platform": "CLOUD",
-                            "features": [],
-                            "event_queue": {},
-                        },
-                    },
-                ),
-                persistent=False,
-            )
-        ],
-    )
-
-    access_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
-
-    response = requests.post(
-        url=signoz.self.host_configs["8080"].get("/api/v3/licenses"),
-        json={"key": "secret-key"},
-        headers={"Authorization": "Bearer " + access_token},
-        timeout=5,
-    )
-
-    if response.status_code == HTTPStatus.CONFLICT:
-        return
-
-    assert response.status_code == HTTPStatus.ACCEPTED
-
-    response = requests.post(
-        url=signoz.zeus.host_configs["8080"].get("/__admin/requests/count"),
-        json={"method": "GET", "url": "/v2/licenses/me"},
-        timeout=5,
-    )
-
-    assert response.json()["count"] == 1

tests/integration/fixtures/authutils.py

@@ -1,115 +0,0 @@
-"""Reusable helpers for user API tests."""
-
-from http import HTTPStatus
-from typing import Dict
-
-import requests
-
-from fixtures import types
-
-USERS_BASE = "/api/v2/users"
-
-
-def create_active_user(
-    signoz: types.SigNoz,
-    admin_token: str,
-    email: str,
-    role: str,
-    password: str,
-    name: str = "",
-) -> str:
-    """Invite a user and activate via resetPassword. Returns user ID."""
-    response = requests.post(
-        signoz.self.host_configs["8080"].get("/api/v1/invite"),
-        json={"email": email, "role": role, "name": name},
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=5,
-    )
-    assert response.status_code == HTTPStatus.CREATED, response.text
-    invited_user = response.json()["data"]
-
-    response = requests.post(
-        signoz.self.host_configs["8080"].get("/api/v1/resetPassword"),
-        json={"password": password, "token": invited_user["token"]},
-        timeout=5,
-    )
-    assert response.status_code == HTTPStatus.NO_CONTENT, response.text
-
-    return invited_user["id"]
-
-
-def find_user_by_email(signoz: types.SigNoz, token: str, email: str) -> Dict:
-    """Find a user by email from the user list. Raises AssertionError if not found."""
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(USERS_BASE),
-        headers={"Authorization": f"Bearer {token}"},
-        timeout=5,
-    )
-    assert response.status_code == HTTPStatus.OK, response.text
-    user = next((u for u in response.json()["data"] if u["email"] == email), None)
-    assert user is not None, f"User with email '{email}' not found"
-    return user
-
-
-def find_user_with_roles_by_email(signoz: types.SigNoz, token: str, email: str) -> Dict:
-    """Find a user by email and return UserWithRoles (user fields + userRoles).
-
-    Raises AssertionError if the user is not found.
-    """
-    user = find_user_by_email(signoz, token, email)
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(f"{USERS_BASE}/{user['id']}"),
-        headers={"Authorization": f"Bearer {token}"},
-        timeout=5,
-    )
-    assert response.status_code == HTTPStatus.OK, response.text
-    return response.json()["data"]
-
-
-def assert_user_has_role(data: Dict, role_name: str) -> None:
-    """Assert that a UserWithRoles response contains the expected managed role."""
-    role_names = {ur["role"]["name"] for ur in data.get("userRoles", [])}
-    assert role_name in role_names, f"Expected role '{role_name}' in {role_names}"
-
-
-def change_user_role(
-    signoz: types.SigNoz,
-    admin_token: str,
-    user_id: str,
-    old_role: str,
-    new_role: str,
-) -> None:
-    """Change a user's role (remove old, assign new).
-
-    Role names should be managed role names (e.g. signoz-editor).
-    """
-    # Get current roles to find the old role's ID
-    response = requests.get(
-        signoz.self.host_configs["8080"].get(f"{USERS_BASE}/{user_id}/roles"),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=5,
-    )
-    assert response.status_code == HTTPStatus.OK, response.text
-    roles = response.json()["data"]
-
-    old_role_entry = next((r for r in roles if r["name"] == old_role), None)
-    assert old_role_entry is not None, f"User does not have role '{old_role}'"
-
-    # Remove old role
-    response = requests.delete(
-        signoz.self.host_configs["8080"].get(
-            f"{USERS_BASE}/{user_id}/roles/{old_role_entry['id']}"
-        ),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=5,
-    )
-    assert response.status_code == HTTPStatus.NO_CONTENT, response.text
-
-    # Assign new role
-    response = requests.post(
-        signoz.self.host_configs["8080"].get(f"{USERS_BASE}/{user_id}/roles"),
-        json={"name": new_role},
-        headers={"Authorization": f"Bearer {admin_token}"},
-        timeout=5,
-    )
-    assert response.status_code == HTTPStatus.OK, response.text

tests/integration/fixtures/cloudintegrationsutils.py

@@ -1,154 +0,0 @@
-"""Fixtures for cloud integration tests."""
-
-from typing import Callable
-
-import requests
-from wiremock.client import (
-    HttpMethods,
-    Mapping,
-    MappingRequest,
-    MappingResponse,
-    WireMockMatchers,
-)
-
-from fixtures import types
-from fixtures.logger import setup_logger
-
-logger = setup_logger(__name__)
-
-
-def deprecated_simulate_agent_checkin(
-    signoz: types.SigNoz,
-    admin_token: str,
-    cloud_provider: str,
-    account_id: str,
-    cloud_account_id: str,
-) -> requests.Response:
-    endpoint = f"/api/v1/cloud-integrations/{cloud_provider}/agent-check-in"
-
-    checkin_payload = {
-        "account_id": account_id,
-        "cloud_account_id": cloud_account_id,
-        "data": {},
-    }
-
-    response = requests.post(
-        signoz.self.host_configs["8080"].get(endpoint),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json=checkin_payload,
-        timeout=10,
-    )
-
-    if not response.ok:
-        logger.error(
-            "Agent check-in failed: %s, response: %s",
-            response.status_code,
-            response.text,
-        )
-
-    return response
-
-
-def setup_create_account_mocks(
-    signoz: types.SigNoz,
-    make_http_mocks: Callable,
-) -> None:
-    """Set up Zeus and Gateway mocks required by the CreateAccount endpoint."""
-    make_http_mocks(
-        signoz.zeus,
-        [
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.GET,
-                    url="/v2/deployments/me",
-                    headers={
-                        "X-Signoz-Cloud-Api-Key": {
-                            WireMockMatchers.EQUAL_TO: "secret-key"
-                        }
-                    },
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": {
-                            "name": "test-deployment",
-                            "cluster": {"region": {"dns": "test.signoz.cloud"}},
-                        },
-                    },
-                ),
-                persistent=False,
-            )
-        ],
-    )
-    make_http_mocks(
-        signoz.gateway,
-        [
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.GET,
-                    url="/v1/workspaces/me/keys/search?name=aws-integration&page=1&per_page=10",
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": [],
-                        "_pagination": {"page": 1, "per_page": 10, "total": 0},
-                    },
-                ),
-                persistent=False,
-            ),
-            Mapping(
-                request=MappingRequest(
-                    method=HttpMethods.POST,
-                    url="/v1/workspaces/me/keys",
-                ),
-                response=MappingResponse(
-                    status=200,
-                    json_body={
-                        "status": "success",
-                        "data": {
-                            "name": "aws-integration",
-                            "value": "test-ingestion-key-123456",
-                        },
-                        "error": "",
-                    },
-                ),
-                persistent=False,
-            ),
-        ],
-    )
-
-
-def simulate_agent_checkin(
-    signoz: types.SigNoz,
-    admin_token: str,
-    cloud_provider: str,
-    account_id: str,
-    cloud_account_id: str,
-    data: dict | None = None,
-) -> requests.Response:
-    endpoint = f"/api/v1/cloud_integrations/{cloud_provider}/accounts/check_in"
-
-    checkin_payload = {
-        "cloudIntegrationId": account_id,
-        "providerAccountId": cloud_account_id,
-        "data": data or {},
-    }
-
-    response = requests.post(
-        signoz.self.host_configs["8080"].get(endpoint),
-        headers={"Authorization": f"Bearer {admin_token}"},
-        json=checkin_payload,
-        timeout=10,
-    )
-
-    if not response.ok:
-        logger.error(
-            "Agent check-in failed: %s, response: %s",
-            response.status_code,
-            response.text,
-        )
-
-    return response

tests/integration/fixtures/fs.py

@@ -1,15 +0,0 @@
-from typing import Any, Generator
-
-import pytest
-
-from fixtures import types
-
-
-@pytest.fixture(scope="package")
-def tmpfs(
-    tmp_path_factory: pytest.TempPathFactory,
-) -> Generator[types.LegacyPath, Any, None]:
-    def _tmp(basename: str):
-        return tmp_path_factory.mktemp(basename)
-
-    yield _tmp

tests/integration/src/querier/util.py

@@ -1,256 +0,0 @@
-from datetime import datetime, timedelta, timezone
-from http import HTTPStatus
-from typing import List
-
-import requests
-
-from fixtures.logs import Logs
-from fixtures.traces import TraceIdGenerator, Traces, TracesKind, TracesStatusCode
-
-
-def format_timestamp(dt: datetime) -> str:
-    """
-    Format a datetime object to match the API's timestamp format.
-    The API returns timestamps with minimal fractional seconds precision.
-    Example: 2026-02-03T20:54:56.5Z for 500000 microseconds
-    """
-    base_str = dt.strftime("%Y-%m-%dT%H:%M:%S")
-    if dt.microsecond:
-        # Convert microseconds to fractional seconds and strip trailing zeros
-        fractional = f"{dt.microsecond / 1000000:.6f}"[2:].rstrip("0")
-        return f"{base_str}.{fractional}Z"
-    return f"{base_str}Z"
-
-
-def assert_identical_query_response(
-    response1: requests.Response, response2: requests.Response
-) -> None:
-    """
-    Assert that two query responses are identical in status and data.
-    """
-    assert response1.status_code == response2.status_code, "Status codes do not match"
-    if response1.status_code == HTTPStatus.OK:
-        assert (
-            response1.json()["status"] == response2.json()["status"]
-        ), "Response statuses do not match"
-        assert (
-            response1.json()["data"]["data"]["results"]
-            == response2.json()["data"]["data"]["results"]
-        ), "Response data do not match"
-
-
-def generate_logs_with_corrupt_metadata() -> List[Logs]:
-    """
-    Specifically, entries with 'id', 'timestamp', 'severity_text', 'severity_number' and 'body' fields in metadata
-    """
-    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
-
-    return [
-        Logs(
-            timestamp=now - timedelta(seconds=4),
-            body="POST /integration request received",
-            severity_text="INFO",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "timestamp": "corrupt_data",
-            },
-            attributes={
-                "net.transport": "IP.TCP",
-                "http.scheme": "http",
-                "http.user_agent": "Integration Test",
-                "http.request.method": "POST",
-                "http.response.status_code": "200",
-                "severity_text": "corrupt_data",
-                "timestamp": "corrupt_data",
-            },
-            trace_id="1",
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=3),
-            body="SELECT query executed",
-            severity_text="DEBUG",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "severity_number": "corrupt_data",
-                "id": "corrupt_data",
-            },
-            attributes={
-                "db.name": "integration",
-                "db.operation": "SELECT",
-                "db.statement": "SELECT * FROM integration",
-                "trace_id": "2",
-            },
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=2),
-            body="HTTP PATCH failed with 404",
-            severity_text="WARN",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "body": "corrupt_data",
-                "trace_id": "3",
-            },
-            attributes={
-                "http.request.method": "PATCH",
-                "http.status_code": "404",
-                "id": "1",
-            },
-        ),
-        Logs(
-            timestamp=now - timedelta(seconds=1),
-            body="{'trace_id': '4'}",
-            severity_text="ERROR",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "topic-service",
-                "os.type": "linux",
-                "host.name": "linux-001",
-                "cloud.provider": "integration",
-                "cloud.account.id": "001",
-            },
-            attributes={
-                "message.type": "SENT",
-                "messaging.operation": "publish",
-                "messaging.message.id": "001",
-                "body": "corrupt_data",
-                "timestamp": "corrupt_data",
-            },
-        ),
-    ]
-
-
-def generate_traces_with_corrupt_metadata() -> List[Traces]:
-    """
-    Specifically, entries with 'id', 'timestamp', 'trace_id' and 'duration_nano' fields in metadata
-    """
-    http_service_trace_id = TraceIdGenerator.trace_id()
-    http_service_span_id = TraceIdGenerator.span_id()
-    http_service_db_span_id = TraceIdGenerator.span_id()
-    http_service_patch_span_id = TraceIdGenerator.span_id()
-    topic_service_trace_id = TraceIdGenerator.trace_id()
-    topic_service_span_id = TraceIdGenerator.span_id()
-
-    now = datetime.now(tz=timezone.utc).replace(second=0, microsecond=0)
-
-    return [
-        Traces(
-            timestamp=now - timedelta(seconds=4),
-            duration=timedelta(seconds=3),
-            trace_id=http_service_trace_id,
-            span_id=http_service_span_id,
-            parent_span_id="",
-            name="POST /integration",
-            kind=TracesKind.SPAN_KIND_SERVER,
-            status_code=TracesStatusCode.STATUS_CODE_OK,
-            status_message="",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "trace_id": "corrupt_data",
-            },
-            attributes={
-                "net.transport": "IP.TCP",
-                "http.scheme": "http",
-                "http.user_agent": "Integration Test",
-                "http.request.method": "POST",
-                "http.response.status_code": "200",
-                "timestamp": "corrupt_data",
-            },
-        ),
-        Traces(
-            timestamp=now - timedelta(seconds=3.5),
-            duration=timedelta(seconds=5),
-            trace_id=http_service_trace_id,
-            span_id=http_service_db_span_id,
-            parent_span_id=http_service_span_id,
-            name="SELECT",
-            kind=TracesKind.SPAN_KIND_CLIENT,
-            status_code=TracesStatusCode.STATUS_CODE_OK,
-            status_message="",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "timestamp": "corrupt_data",
-            },
-            attributes={
-                "db.name": "integration",
-                "db.operation": "SELECT",
-                "db.statement": "SELECT * FROM integration",
-                "trace_d": "corrupt_data",
-            },
-        ),
-        Traces(
-            timestamp=now - timedelta(seconds=3),
-            duration=timedelta(seconds=1),
-            trace_id=http_service_trace_id,
-            span_id=http_service_patch_span_id,
-            parent_span_id=http_service_span_id,
-            name="HTTP PATCH",
-            kind=TracesKind.SPAN_KIND_CLIENT,
-            status_code=TracesStatusCode.STATUS_CODE_OK,
-            status_message="",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "http-service",
-                "os.type": "linux",
-                "host.name": "linux-000",
-                "cloud.provider": "integration",
-                "cloud.account.id": "000",
-                "duration_nano": "corrupt_data",
-            },
-            attributes={
-                "http.request.method": "PATCH",
-                "http.status_code": "404",
-                "id": "1",
-            },
-        ),
-        Traces(
-            timestamp=now - timedelta(seconds=1),
-            duration=timedelta(seconds=4),
-            trace_id=topic_service_trace_id,
-            span_id=topic_service_span_id,
-            parent_span_id="",
-            name="topic publish",
-            kind=TracesKind.SPAN_KIND_PRODUCER,
-            status_code=TracesStatusCode.STATUS_CODE_OK,
-            status_message="",
-            resources={
-                "deployment.environment": "production",
-                "service.name": "topic-service",
-                "os.type": "linux",
-                "host.name": "linux-001",
-                "cloud.provider": "integration",
-                "cloud.account.id": "001",
-            },
-            attributes={
-                "message.type": "SENT",
-                "messaging.operation": "publish",
-                "messaging.message.id": "001",
-                "duration_nano": "corrupt_data",
-                "id": 1,
-            },
-        ),
-    ]

tests/integration/tests/alerts/02_basic_alert_conditions.py

@@ -7,12 +7,12 @@ import pytest
 from wiremock.client import HttpMethods, Mapping, MappingRequest, MappingResponse
 
 from fixtures import types
-from fixtures.alertutils import (
+from fixtures.alerts import (
     update_rule_channel_name,
     verify_webhook_alert_expectation,
 )
+from fixtures.fs import get_testdata_file_path
 from fixtures.logger import setup_logger
-from fixtures.utils import get_testdata_file_path
 
 # Alert test cases use a 30-second wait time to verify expected alert firing.
 # Alert data is set up to trigger on the first rule manager evaluation.

tests/integration/tests/callbackauthn/02_saml.py

@@ -11,12 +11,10 @@ from fixtures.auth import (
     USER_ADMIN_EMAIL,
     USER_ADMIN_PASSWORD,
     add_license,
-)
-from fixtures.authutils import (
     assert_user_has_role,
     find_user_with_roles_by_email,
 )
-from fixtures.idputils import (
+from fixtures.idp import (
     get_saml_domain,
     perform_saml_login,
 )

tests/integration/tests/callbackauthn/03_oidc.py

@@ -10,12 +10,10 @@ from fixtures.auth import (
     USER_ADMIN_EMAIL,
     USER_ADMIN_PASSWORD,
     add_license,
-)
-from fixtures.authutils import (
     assert_user_has_role,
     find_user_with_roles_by_email,
 )
-from fixtures.idputils import (
+from fixtures.idp import (
     get_oidc_domain,
     perform_oidc_login,
 )

tests/integration/tests/cloudintegrations/02_deprecated_generate_connection_url.py

@@ -6,7 +6,7 @@ import requests
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.cloudintegrationsutils import deprecated_simulate_agent_checkin
+from fixtures.cloudintegrations import deprecated_simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)

tests/integration/tests/cloudintegrations/03_deprecated_accounts.py

@@ -6,7 +6,7 @@ import requests
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.cloudintegrationsutils import deprecated_simulate_agent_checkin
+from fixtures.cloudintegrations import deprecated_simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)

tests/integration/tests/cloudintegrations/04_deprecated_services.py

@@ -6,7 +6,7 @@ import requests
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.cloudintegrationsutils import deprecated_simulate_agent_checkin
+from fixtures.cloudintegrations import deprecated_simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)

tests/integration/tests/cloudintegrations/05_credentials.py

@@ -11,7 +11,7 @@ from wiremock.client import (
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.cloudintegrationsutils import setup_create_account_mocks
+from fixtures.cloudintegrations import setup_create_account_mocks
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)

tests/integration/tests/cloudintegrations/07_agent_check_in.py

@@ -4,7 +4,7 @@ from typing import Callable
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.cloudintegrationsutils import simulate_agent_checkin
+from fixtures.cloudintegrations import simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)

tests/integration/tests/cloudintegrations/08_accounts.py

@@ -6,7 +6,7 @@ import requests
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.cloudintegrationsutils import simulate_agent_checkin
+from fixtures.cloudintegrations import simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)

tests/integration/tests/cloudintegrations/09_services.py

@@ -6,7 +6,7 @@ import requests
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.cloudintegrationsutils import simulate_agent_checkin
+from fixtures.cloudintegrations import simulate_agent_checkin
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)

tests/integration/tests/ingestionkeys/01_ingestion_keys.py

@@ -11,7 +11,7 @@ from wiremock.client import (
 
 from fixtures import types
 from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, add_license
-from fixtures.gatewayutils import (
+from fixtures.gateway import (
     TEST_KEY_ID,
     common_gateway_headers,
     get_gateway_requests,

tests/integration/tests/ingestionkeys/02_ingestion_keys_limits.py

@@ -11,7 +11,7 @@ from wiremock.client import (
 
 from fixtures import types
 from fixtures.auth import add_license
-from fixtures.gatewayutils import (
+from fixtures.gateway import (
     TEST_KEY_ID,
     TEST_LIMIT_ID,
     common_gateway_headers,

tests/integration/tests/passwordauthn/01_register.py

@@ -11,8 +11,6 @@ from fixtures.auth import (
     USER_EDITOR_NAME,
     USER_EDITOR_PASSWORD,
     USER_VIEWER_EMAIL,
-)
-from fixtures.authutils import (
     assert_user_has_role,
     find_user_with_roles_by_email,
 )

tests/integration/tests/passwordauthn/03_password.py

@@ -5,8 +5,7 @@ import requests
 from sqlalchemy import sql
 
 from fixtures import types
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.authutils import find_user_by_email
+from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, find_user_by_email
 from fixtures.logger import setup_logger
 
 logger = setup_logger(__name__)

tests/integration/tests/passwordauthn/04_role.py

@@ -9,8 +9,6 @@ from fixtures.auth import (
     USER_ADMIN_PASSWORD,
     USER_EDITOR_EMAIL,
     USER_EDITOR_PASSWORD,
-)
-from fixtures.authutils import (
     change_user_role,
     create_active_user,
 )

tests/integration/tests/passwordauthn/06_invite_status.py

@@ -3,8 +3,7 @@ from typing import Callable
 
 import requests
 
-from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
-from fixtures.authutils import create_active_user
+from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD, create_active_user
 from fixtures.types import SigNoz
 
 

tests/integration/tests/passwordauthn/08_user.py

@@ -9,8 +9,6 @@ from fixtures.auth import (
     USER_ADMIN_PASSWORD,
     USER_EDITOR_EMAIL,
     USER_EDITOR_PASSWORD,
-)
-from fixtures.authutils import (
     assert_user_has_role,
     find_user_by_email,
     find_user_with_roles_by_email,