- Remove type=sha tags that were producing invalid formats like ':-f0d0654'
- Keep latest/dev tags for branches and semver tags for releases
- SHA is still tracked via image digest and labels
- Add format=short to SHA tags to prevent malformed tags
- Standardize dev tag naming across workflows (was 'development')
- Ensure branch name is properly included in SHA prefix
- Add Trivy vulnerability scanner after image build
- Upload SARIF results to GitHub Security tab
- Display critical/high severity issues in workflow logs
- Add security-events permission for SARIF upload
- Skip scanning on pull requests to save time
- Wrap async mutations in act() across useImport, useProxyHosts, useRemoteServers tests
- Add npm_config_rollup_skip_nodejs_native=1 in Dockerfile to bypass native binary for arm64
- Enable Go module caching in CI via cache-dependency-path on setup-go action
- All frontend tests now pass cleanly (49/49) without React Testing Library warnings
Added custom Dockerfile validation script that detects mismatches between
base image OS (Debian vs Alpine) and package managers (apt vs apk).
This will catch errors like:
- Using golang:latest (Debian) with apk commands
- Using alpine images with apt commands
The hook runs automatically on commit and would have caught the recent
golang:latest + apk mismatch that caused Docker build failures.
The backend-builder stage was using golang:latest (Debian) but trying to
run Alpine's apk package manager, causing build failures with 'apk: not
found'. Changed to golang:alpine for consistency with the RUN commands.
Fixes Docker build workflow failures in GitHub Actions.
- Update docker-compose.yml to use ghcr.io/wikid82/caddyproxymanagerplus:latest
- Update docker-compose.dev.yml to use ghcr.io/wikid82/caddyproxymanagerplus:dev
- Fix backend test database isolation (remove shared cache mode)
- Add testConnection and enabledServers to useRemoteServers hook
- Fix frontend test assertions to wait for async state updates
- Wrap mutation assertions in waitFor for proper async handling
Backend tests: ✅ ALL PASSING (22 tests)
Frontend tests: ⚠️ 45/49 passing (4 useImport tests need mock refinement)
- Remove duplicate CaddyConfig in proxy_host.go (exists in caddy_config.go)
- Remove duplicate HealthHandler in proxy_host_handler.go
- Fix version variable names in health_handler.go (SemVer→Version, BuildDate→BuildTime)
- Update frontend package-lock.json to sync with package.json dependencies
- Backend now compiles successfully (1 test fails but will be fixed later)
This is a Go + React project, not Python. Updated CI workflow to:
- Run Go tests (backend)
- Run frontend tests with npm (React)
- Remove Python test coverage requirement
- Add @tanstack/react-query, axios, and clsx to frontend dependencies
- Remove trailing whitespace from multiple files to pass pre-commit hooks
- These were required but missing from package.json
- Change ruff>=0.15 to ruff>=0.6.0 (0.15 doesn't exist yet)
- Replace CPMP_GHCR_TOKEN with GITHUB_TOKEN for GHCR authentication
- GITHUB_TOKEN is automatically provided by GitHub Actions with correct permissions
