fix(integration): migrate wget-style curl syntax for Debian compatibility

After migrating base image from Alpine to Debian Trixie (PR #550), integration test scripts were using wget-style options with curl that don't work correctly on Debian. Changed curl -q -O- (wget syntax) to curl -sf (proper curl): waf_integration.sh cerberus_integration.sh rate_limit_integration.sh crowdsec_startup_test.sh install-go-1.25.5.sh Also added future phase to plan for Playwright security test helpers to prevent ACL deadlock issues during E2E testing. Refs: #550
2026-01-25 09:17:50 +00:00
parent aa74d37a3a
commit a41cfaae10
12 changed files with 866 additions and 27 deletions
--- a/.github/workflows/crowdsec-integration.yml
+++ b/.github/workflows/crowdsec-integration.yml
@@ -0,0 +1,122 @@
+name: CrowdSec Integration Tests
+
+on:
+  push:
+    branches: [ main, development, 'feature/**' ]
+    paths:
+      - 'backend/internal/crowdsec/**'
+      - 'backend/internal/models/crowdsec*.go'
+      - 'configs/crowdsec/**'
+      - 'scripts/crowdsec_integration.sh'
+      - 'scripts/crowdsec_decision_integration.sh'
+      - 'scripts/crowdsec_startup_test.sh'
+      - '.github/skills/integration-test-crowdsec*/**'
+      - 'Dockerfile'
+      - '.github/workflows/crowdsec-integration.yml'
+  pull_request:
+    branches: [ main, development ]
+    paths:
+      - 'backend/internal/crowdsec/**'
+      - 'backend/internal/models/crowdsec*.go'
+      - 'configs/crowdsec/**'
+      - 'scripts/crowdsec_integration.sh'
+      - 'scripts/crowdsec_decision_integration.sh'
+      - 'scripts/crowdsec_startup_test.sh'
+      - '.github/skills/integration-test-crowdsec*/**'
+      - 'Dockerfile'
+      - '.github/workflows/crowdsec-integration.yml'
+  # Allow manual trigger
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  crowdsec-integration:
+    name: CrowdSec Bouncer Integration
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+
+    steps:
+      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
+
+      - name: Build Docker image
+        run: |
+          docker build \
+            --no-cache \
+            --build-arg VCS_REF=${{ github.sha }} \
+            -t charon:local .
+
+      - name: Run CrowdSec integration tests
+        id: crowdsec-test
+        run: |
+          chmod +x .github/skills/scripts/skill-runner.sh
+          .github/skills/scripts/skill-runner.sh integration-test-crowdsec 2>&1 | tee crowdsec-test-output.txt
+          exit ${PIPESTATUS[0]}
+
+      - name: Dump Debug Info on Failure
+        if: failure()
+        run: |
+          echo "## 🔍 Debug Information" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+
+          echo "### Container Status" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          docker ps -a --filter "name=charon" --filter "name=crowdsec" >> $GITHUB_STEP_SUMMARY 2>&1 || true
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+
+          echo "### CrowdSec LAPI Status" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          docker exec crowdsec cscli bouncers list 2>/dev/null >> $GITHUB_STEP_SUMMARY || echo "Could not retrieve bouncer list" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+
+          echo "### CrowdSec Decisions" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          docker exec crowdsec cscli decisions list 2>/dev/null >> $GITHUB_STEP_SUMMARY || echo "Could not retrieve decisions" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+
+          echo "### Charon Container Logs (last 100 lines)" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          docker logs charon-debug 2>&1 | tail -100 >> $GITHUB_STEP_SUMMARY || echo "No container logs available" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+
+          echo "### CrowdSec Container Logs (last 50 lines)" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+          docker logs crowdsec 2>&1 | tail -50 >> $GITHUB_STEP_SUMMARY || echo "No CrowdSec logs available" >> $GITHUB_STEP_SUMMARY
+          echo '```' >> $GITHUB_STEP_SUMMARY
+
+      - name: CrowdSec Integration Summary
+        if: always()
+        run: |
+          echo "## 🛡️ CrowdSec Integration Test Results" >> $GITHUB_STEP_SUMMARY
+          if [ "${{ steps.crowdsec-test.outcome }}" == "success" ]; then
+            echo "✅ **All CrowdSec tests passed**" >> $GITHUB_STEP_SUMMARY
+            echo "" >> $GITHUB_STEP_SUMMARY
+            echo "### Test Results:" >> $GITHUB_STEP_SUMMARY
+            echo '```' >> $GITHUB_STEP_SUMMARY
+            grep -E "^✓|^===|^Pull|^Apply" crowdsec-test-output.txt || echo "See logs for details"
+            grep -E "^✓|^===|^Pull|^Apply" crowdsec-test-output.txt >> $GITHUB_STEP_SUMMARY || echo "See logs for details" >> $GITHUB_STEP_SUMMARY
+            echo '```' >> $GITHUB_STEP_SUMMARY
+          else
+            echo "❌ **CrowdSec tests failed**" >> $GITHUB_STEP_SUMMARY
+            echo "" >> $GITHUB_STEP_SUMMARY
+            echo "### Failure Details:" >> $GITHUB_STEP_SUMMARY
+            echo '```' >> $GITHUB_STEP_SUMMARY
+            grep -E "^✗|Unexpected|Error|failed|FAIL" crowdsec-test-output.txt | head -20 >> $GITHUB_STEP_SUMMARY || echo "See logs for details" >> $GITHUB_STEP_SUMMARY
+            echo '```' >> $GITHUB_STEP_SUMMARY
+          fi
+
+      - name: Cleanup
+        if: always()
+        run: |
+          docker rm -f charon-debug || true
+          docker rm -f crowdsec || true
+          docker network rm containers_default || true