Files

GitHub Actions e953053f41 chore(tests): implement Phase 5 TestDataManager auth validation infrastructure

Add cookie domain validation and warning infrastructure for TestDataManager:

Add domain validation to auth.setup.ts after saving storage state
Add mismatch warning to auth-fixtures.ts testData fixture
Document cookie domain requirements in playwright.config.js
Create validate-e2e-auth.sh validation script
Tests remain skipped due to environment configuration requirement:

PLAYWRIGHT_BASE_URL must be http://localhost:8080 for cookie auth
Cookie domain mismatch causes 401/403 on non-localhost URLs
Also skipped flaky keyboard navigation test (documented timing issue).

Files changed:

playwright.config.js (documentation)
auth.setup.ts (validation logic)
auth-fixtures.ts (mismatch warning)
user-management.spec.ts (test skips)
validate-e2e-auth.sh (new validation script)
skipped-tests-remediation.md (status update)
Refs: Phase 5 of skipped-tests-remediation plan

2026-01-24 22:22:40 +00:00

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

history-rewrite

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

pre-commit-hooks

fix; CVE-2025-68156 remediation

2026-01-11 19:33:25 +00:00

bump_beta.sh

fix: update deprecation warning messages to reflect removal in v2.0.0

2025-12-21 22:06:39 +00:00

cerberus_integration.sh

chore: replace wget with curl in various scripts for consistency and reliability

2026-01-24 22:22:39 +00:00

check_go_build.sh

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

check-version-match-tag.sh

fix: update deprecation warning messages to reflect removal in v2.0.0

2025-12-21 22:06:39 +00:00

clear-go-cache.sh

fix: update deprecation warning messages to reflect removal in v2.0.0

2025-12-21 22:06:39 +00:00

coraza_integration.sh

chore: replace wget with curl in various scripts for consistency and reliability

2026-01-24 22:22:39 +00:00

create_bulk_acl_issues.sh

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

crowdsec_decision_integration.sh

fix: update deprecation warning messages to reflect removal in v2.0.0

2025-12-21 22:06:39 +00:00

crowdsec_integration.sh

fix(security): resolve CrowdSec startup and permission issues

2025-12-23 01:59:21 +00:00

crowdsec_startup_test.sh

chore: replace wget with curl in various scripts for consistency and reliability

2026-01-24 22:22:39 +00:00

db-recovery.sh

fix: update deprecation warning messages to reflect removal in v2.0.0

2025-12-21 22:06:39 +00:00

debug_db.py

Add ImportSuccessModal tests, enhance AuthContext for token management, and improve useImport hook

2025-12-12 00:05:15 +00:00

debug_rate_limit.sh

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

frontend-test-coverage.sh

fix: update deprecation warning messages to reflect removal in v2.0.0

2025-12-21 22:06:39 +00:00

go-test-coverage.sh

fix: resolve 30 test failures and boost coverage to 85%+

2026-01-07 20:33:20 +00:00

gopls_collect.sh

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

install-go-1.25.5.sh

chore: replace wget with curl in various scripts for consistency and reliability

2026-01-24 22:22:39 +00:00

integration-test.sh

fix: update deprecation warning messages to reflect removal in v2.0.0

2025-12-21 22:06:39 +00:00

qa-test-auth-certificates.sh

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

rate_limit_integration.sh

chore: replace wget with curl in various scripts for consistency and reliability

2026-01-24 22:22:39 +00:00

README.md

Fix Rate Limiting Issues

2025-12-12 19:21:44 +00:00

release.sh

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

repo_health_check.sh

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

security-scan.sh

Add QA test outputs, build scripts, and Dockerfile validation

2025-12-11 18:26:24 +00:00

setup-e2e-env.sh

chore(e2e): implement Phase 0 E2E testing infrastructure

2026-01-20 06:11:59 +00:00

trivy-scan.sh

fix: update deprecation warning messages to reflect removal in v2.0.0

2025-12-21 22:06:39 +00:00

validate-e2e-auth.sh

chore(tests): implement Phase 5 TestDataManager auth validation infrastructure

2026-01-24 22:22:40 +00:00

verify_crowdsec_app_config.sh

feat: Enhance CrowdSec integration with configurable binary path and improved process validation

2025-12-15 22:10:28 +00:00

waf_integration.sh

chore: replace wget with curl in various scripts for consistency and reliability

2026-01-24 22:22:39 +00:00

README.md

Scripts Directory

Running Tests Locally Before Pushing to CI

WAF Integration Test

Always run this locally before pushing WAF-related changes to avoid CI failures:

# From project root
bash ./scripts/coraza_integration.sh

Or use the VS Code task: Ctrl+Shift+P → Tasks: Run Task → Coraza: Run Integration Script

Requirements:

Docker image charon:local must be built first:
```
docker build -t charon:local .
```
The script will:
1. Start a test container with WAF enabled
2. Create a backend container (httpbin)
3. Test WAF in block mode (expect HTTP 403)
4. Test WAF in monitor mode (expect HTTP 200)
5. Clean up all test containers

Expected output:

✓ httpbin backend is ready
✓ Coraza WAF blocked payload as expected (HTTP 403) in BLOCK mode
✓ Coraza WAF in MONITOR mode allowed payload through (HTTP 200) as expected
=== All Coraza integration tests passed ===

Other Test Scripts

Security Scan: bash ./scripts/security-scan.sh
Go Test Coverage: bash ./scripts/go-test-coverage.sh
Frontend Test Coverage: bash ./scripts/frontend-test-coverage.sh

CI/CD Workflows

Changes to these scripts may trigger CI workflows:

coraza_integration.sh → WAF Integration Tests workflow
Files in .github/workflows/ directory control CI behavior

Tip: Run tests locally to save CI minutes and catch issues faster!