akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity

Merge branch 'feature/beta-release' into development

Browse Source
This commit is contained in:
Jeremy
2026-02-04 05:26:47 -05:00
committed by GitHub
parent 55c8ebcc13 4f1637c115
commit 83a695fbdc
209 changed files with 53537 additions and 2309 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
.github/workflows/waf-integration.yml vendored
View File

@@ -1,5 +1,7 @@
name: WAF Integration Tests
name: WAF integration
# Phase 2-3: Build Once, Test Many - Use registry image instead of building
# This workflow now waits for docker-build.yml to complete and pulls the built image
on:
workflow_run:
workflows: ["Docker Build, Publish & Test"]
@@ -7,9 +9,16 @@ on:
branches: [main, development, 'feature/**'] # Explicit branch filter prevents unexpected triggers
# Allow manual trigger for debugging
workflow_dispatch:
inputs:
image_tag:
description: 'Docker image tag to test (e.g., pr-123-abc1234)'
required: false
type: string
# Prevent race conditions when PR is updated mid-test
# Cancels old test runs when new build completes with different SHA
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }}-${{ github.event.workflow_run.head_sha || github.sha }}
cancel-in-progress: true
jobs:
@@ -21,7 +30,68 @@ jobs:
if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }}
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
# Determine the correct image tag based on trigger context
# For PRs: pr-{number}-{sha}, For branches: {sanitized-branch}-{sha}
- name: Determine image tag
id: image
env:
EVENT: ${{ github.event_name == 'pull_request' && 'pull_request' || github.event.workflow_run.event }}
REF: ${{ github.event_name == 'pull_request' && github.head_ref || github.event.workflow_run.head_branch }}
SHA: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.event.workflow_run.head_sha }}
MANUAL_TAG: ${{ inputs.image_tag }}
run: |
# Manual trigger uses provided tag
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
if [[ -n "$MANUAL_TAG" ]]; then
echo "tag=${MANUAL_TAG}" >> $GITHUB_OUTPUT
else
# Default to latest if no tag provided
echo "tag=latest" >> $GITHUB_OUTPUT
fi
echo "source_type=manual" >> $GITHUB_OUTPUT
exit 0
fi
# Extract 7-character short SHA
SHORT_SHA=$(echo "$SHA" | cut -c1-7)
if [[ "$EVENT" == "pull_request" ]]; then
# Direct PR trigger uses github.event.pull_request.number
# workflow_run trigger uses pull_requests array
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
PR_NUM="${{ github.event.pull_request.number }}"
else
PR_NUM=$(echo '${{ toJson(github.event.workflow_run.pull_requests) }}' | jq -r '.[0].number')
fi
if [[ -z "$PR_NUM" || "$PR_NUM" == "null" ]]; then
echo "❌ ERROR: Could not determine PR number"
echo "Event: $EVENT"
echo "Ref: $REF"
echo "SHA: $SHA"
echo "Pull Requests JSON: ${{ toJson(github.event.workflow_run.pull_requests) }}"
exit 1
fi
# Immutable tag with SHA suffix prevents race conditions
echo "tag=pr-${PR_NUM}-${SHORT_SHA}" >> $GITHUB_OUTPUT
echo "source_type=pr" >> $GITHUB_OUTPUT
else
# Branch push: sanitize branch name and append SHA
# Sanitization: lowercase, replace / with -, remove special chars
SANITIZED=$(echo "$REF" | \
tr '[:upper:]' '[:lower:]' | \
tr '/' '-' | \
sed 's/[^a-z0-9-._]/-/g' | \
sed 's/^-//; s/-$//' | \
sed 's/--*/-/g' | \
cut -c1-121) # Leave room for -SHORT_SHA (7 chars)
echo "tag=${SANITIZED}-${SHORT_SHA}" >> $GITHUB_OUTPUT
echo "source_type=branch" >> $GITHUB_OUTPUT
fi
# Determine the correct image tag based on trigger context
# For PRs: pr-{number}-{sha}, For branches: {sanitized-branch}-{sha}