chore: clean .gitignore cache
This commit is contained in:
GitHub Actions
@@ -1,217 +0,0 @@
|
||||
# Merge Conflict Resolution Plan: `feature/beta-release` → `main`
|
||||
|
||||
**Plan ID**: MERGE-2026-001
|
||||
**Status**: 🔄 PENDING
|
||||
**Priority**: High
|
||||
**Created**: 2026-01-25
|
||||
|
||||
---
|
||||
|
||||
## 🔴 Workflow Failure Analysis (Added 2026-01-25)
|
||||
|
||||
### Issue Identified: docker-build.yml Failure
|
||||
|
||||
**Workflow Run**: https://github.com/Wikid82/Charon/actions/runs/21326638353
|
||||
|
||||
**Root Cause**: Base image mismatch after Debian Trixie migration (PR #550)
|
||||
|
||||
| Component | Before Fix | After Fix |
|
||||
|-----------|-----------|-----------|
|
||||
| Workflow `docker-build.yml` | `debian:bookworm-slim` | `debian:trixie-slim` |
|
||||
| Dockerfile `CADDY_IMAGE` | `debian:trixie-slim` | `debian:trixie-slim` ✓ |
|
||||
|
||||
**Problem**: The workflow step "Resolve Debian base image digest" was still pulling `debian:bookworm-slim` while the Dockerfile was updated to use `debian:trixie-slim`. This caused inconsistency in the build.
|
||||
|
||||
**Fix Applied**: Updated [.github/workflows/docker-build.yml](.github/workflows/docker-build.yml#L54-L57):
|
||||
```yaml
|
||||
- name: Resolve Debian base image digest
|
||||
run: |
|
||||
docker pull debian:trixie-slim
|
||||
DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' debian:trixie-slim)
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Summary
|
||||
|
||||
This plan addresses merge conflicts in the `feature/beta-release` branch that need resolution against `main`. After analyzing all conflicting files, here is the recommended resolution strategy.
|
||||
|
||||
---
|
||||
|
||||
## File Analysis
|
||||
|
||||
### 1. `.github/workflows/codeql.yml`
|
||||
|
||||
**Conflict Likelihood**: Low-Medium
|
||||
**Current State**: No visible conflict markers
|
||||
|
||||
**Key Features in Current Version**:
|
||||
- Go version: `1.25.6`
|
||||
- Forked PR handling (skips when `fork == true`)
|
||||
- CodeQL config file: `.github/codeql/codeql-config.yml`
|
||||
- SARIF analysis with error/warning/note counting
|
||||
|
||||
**Resolution Strategy**: **Accept feature branch changes**
|
||||
- Feature branch likely has updated Go version and security improvements
|
||||
- Verify `GO_VERSION` env var matches other workflows after merge
|
||||
|
||||
---
|
||||
|
||||
### 2. `.github/workflows/docker-build.yml`
|
||||
|
||||
**Conflict Likelihood**: Medium
|
||||
**Current State**: No visible conflict markers
|
||||
|
||||
**Key Features in Current Version**:
|
||||
- SBOM generation and attestation
|
||||
- CVE-2025-68156 verification for Caddy/CrowdSec
|
||||
- Feature branch detection and artifact handling
|
||||
- Multi-platform builds (amd64/arm64)
|
||||
- Trivy vulnerability scanning
|
||||
|
||||
**Resolution Strategy**: **Accept feature branch changes**
|
||||
- Feature branch contains critical security patches
|
||||
- Verify image tag logic matches expected patterns
|
||||
- Confirm `SYFT_VERSION` and `GRYPE_VERSION` are current
|
||||
|
||||
---
|
||||
|
||||
### 3. `Dockerfile`
|
||||
|
||||
**Conflict Likelihood**: High (likely PR #550 Debian Trixie migration)
|
||||
**Current State**: Already using `debian:trixie-slim`
|
||||
|
||||
**Key Features in Current Version**:
|
||||
- Base image: `debian:trixie-slim` (Debian 13 testing)
|
||||
- Go version: `1.25` (builder stages)
|
||||
- Caddy version: `2.11.0-beta.2`
|
||||
- CrowdSec version: `1.7.6`
|
||||
- gosu version: `1.17`
|
||||
- Security patches for `expr-lang/expr@v1.17.7`
|
||||
- Multi-stage build with cross-compilation helpers
|
||||
|
||||
**Resolution Strategy**: **Accept feature branch changes (post-Trixie migration)**
|
||||
- If main still uses `bookworm-slim`, take feature branch version
|
||||
- Critical: Preserve all CVE patches (CVE-2025-68156, CVE-2025-58183, etc.)
|
||||
- Ensure all `renovate:` comments are preserved for automated updates
|
||||
|
||||
---
|
||||
|
||||
### 4. `backend/go.sum`
|
||||
|
||||
**Conflict Likelihood**: High
|
||||
**Current State**: 167 packages, no conflict markers
|
||||
|
||||
**Key Versions Detected**:
|
||||
- `golang.org/x/crypto@v0.47.0`
|
||||
- `google.golang.org/grpc@v1.75.0`
|
||||
- `gorm.io/gorm@v1.31.1`
|
||||
- `github.com/gin-gonic/gin@v1.11.0`
|
||||
|
||||
**Resolution Strategy**: **Regenerate after merge**
|
||||
- Dependency lock files should never be manually merged
|
||||
- After resolving other conflicts, run:
|
||||
```bash
|
||||
cd backend && go mod tidy && go mod download
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
### 5. `frontend/package-lock.json` ⚠️ (Not `backend/`)
|
||||
|
||||
**Conflict Likelihood**: High
|
||||
**Current State**: 7499 lines, lockfileVersion 3
|
||||
|
||||
**Resolution Strategy**: **Regenerate after merge**
|
||||
- Delete the file and regenerate:
|
||||
```bash
|
||||
cd frontend && rm package-lock.json && npm install
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
### 6. `frontend/package.json` ⚠️ (Not `backend/`)
|
||||
|
||||
**Conflict Likelihood**: Medium
|
||||
**Current State**: Version `0.3.0`, no conflict markers
|
||||
|
||||
**Key Dependencies**:
|
||||
- React: `^19.2.3`
|
||||
- Vite: `^7.3.1`
|
||||
- Playwright: `^1.57.0`
|
||||
- TypeScript: `^5.9.3`
|
||||
|
||||
**Resolution Strategy**: **Manual review required**
|
||||
- Compare `main` and feature branch versions
|
||||
- Keep higher version numbers when there are conflicts
|
||||
- Ensure no duplicate entries
|
||||
|
||||
---
|
||||
|
||||
## Command Sequence for Resolution
|
||||
|
||||
```bash
|
||||
# 1. Ensure you're on the feature branch
|
||||
git checkout feature/beta-release
|
||||
|
||||
# 2. Fetch latest main
|
||||
git fetch origin main
|
||||
|
||||
# 3. Start the merge (this will show conflicts)
|
||||
git merge origin/main
|
||||
|
||||
# 4. For workflow files (if conflicts exist):
|
||||
# Accept feature branch changes, then verify
|
||||
git checkout --theirs .github/workflows/codeql.yml
|
||||
git checkout --theirs .github/workflows/docker-build.yml
|
||||
git add .github/workflows/
|
||||
|
||||
# 5. For Dockerfile (if conflicts exist):
|
||||
# Accept feature branch (Trixie migration)
|
||||
git checkout --theirs Dockerfile
|
||||
git add Dockerfile
|
||||
|
||||
# 6. For Go dependencies:
|
||||
git checkout --theirs backend/go.sum
|
||||
cd backend && go mod tidy
|
||||
cd ..
|
||||
git add backend/go.sum backend/go.mod
|
||||
|
||||
# 7. For frontend dependencies:
|
||||
cd frontend
|
||||
rm -f package-lock.json
|
||||
# Manually resolve package.json if needed
|
||||
npm install
|
||||
cd ..
|
||||
git add frontend/package.json frontend/package-lock.json
|
||||
|
||||
# 8. Complete the merge
|
||||
git commit -m "Merge main into feature/beta-release - resolve conflicts"
|
||||
|
||||
# 9. Validate
|
||||
make lint
|
||||
make test
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Post-Merge Validation Checklist
|
||||
|
||||
- [ ] `go mod tidy` completes without errors
|
||||
- [ ] `npm install` (frontend) completes without errors
|
||||
- [ ] Docker build succeeds: `docker build -t charon:test .`
|
||||
- [ ] CI workflows pass on push
|
||||
- [ ] Go version consistent across all workflows (`1.25.6`)
|
||||
- [ ] Debian Trixie base image in Dockerfile
|
||||
|
||||
---
|
||||
|
||||
## Notes
|
||||
|
||||
1. **File Path Correction**: The conflicting package files are in `frontend/`, not `backend/`. The Go backend uses `go.mod`/`go.sum`, not npm.
|
||||
|
||||
2. **Conflict markers not visible**: The files read don't show `<<<<<<<` markers, suggesting either:
|
||||
- The merge hasn't been attempted yet
|
||||
- Conflicts would appear after running `git merge`
|
||||
|
||||
3. **PR #550 Reference**: The Dockerfile already shows Trixie migration is complete in the current branch.
|
||||
Reference in New Issue
Block a user