0c2e2f7214
This change hardens certificate handler test execution so repeated CI runs are deterministic and no longer fail intermittently under concurrent scheduling and race-mode pressure. It was necessary because initialization timing and test setup ordering created nondeterministic behavior that produced sporadic failures in the backend test suite. The result is a stable certificate list test path with explicit validation gates and reproducible test artifacts for auditing. Known container vulnerability findings remain documented and are treated as an accepted exception for this hotfix scope, with remediation deferred to the dedicated security track.
947 lines
40 KiB
JSON
947 lines
40 KiB
JSON
{
|
|
"version": "2.0.0",
|
|
"tasks": [
|
|
{
|
|
"label": "Docker Compose Up",
|
|
"type": "shell",
|
|
"command": "docker compose -f /root/docker/containers/charon/docker-compose.yml up -d && echo 'Charon running at http://localhost:8787'",
|
|
"group": "build",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Build & Run: Local Docker Image",
|
|
"type": "shell",
|
|
"command": "docker build -t charon:local . && docker compose -f /root/docker/containers/charon/docker-compose.yml up -d && echo 'Charon running at http://localhost:8787'",
|
|
"group": "build",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Build & Run: Local Docker Image No-Cache",
|
|
"type": "shell",
|
|
"command": "docker build --no-cache -t charon:local . && docker compose -f /root/docker/containers/charon/docker-compose.yml up -d && echo 'Charon running at http://localhost:8787'",
|
|
"group": "build",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Build: Backend",
|
|
"type": "shell",
|
|
"command": "cd backend && go build ./...",
|
|
"group": "build",
|
|
"problemMatcher": ["$go"]
|
|
},
|
|
{
|
|
"label": "Build: Frontend",
|
|
"type": "shell",
|
|
"command": "cd frontend && npm run build",
|
|
"group": "build",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Build: All",
|
|
"type": "shell",
|
|
"dependsOn": ["Build: Backend", "Build: Frontend"],
|
|
"dependsOrder": "sequence",
|
|
"command": "echo 'Build complete'",
|
|
"group": {
|
|
"kind": "build",
|
|
"isDefault": true
|
|
},
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Backend Unit Tests",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-backend-unit",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Backend Unit (Verbose)",
|
|
"type": "shell",
|
|
"command": "cd backend && if command -v gotestsum &> /dev/null; then gotestsum --format testdox ./...; else go test -v ./...; fi",
|
|
"group": "test",
|
|
"problemMatcher": ["$go"]
|
|
},
|
|
{
|
|
"label": "Test: Backend Unit (Quick)",
|
|
"type": "shell",
|
|
"command": "cd backend && go test -short ./...",
|
|
"group": "test",
|
|
"problemMatcher": ["$go"]
|
|
},
|
|
{
|
|
"label": "Test: Backend with Coverage",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-backend-coverage",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Frontend",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-frontend-unit",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Frontend Unit (Vitest)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-frontend-unit",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Frontend Unit (Vitest) - AccessListForm",
|
|
"type": "shell",
|
|
"command": "cd frontend && npx vitest run src/components/__tests__/AccessListForm.test.tsx --reporter=json --outputFile /projects/Charon/test-results/vitest-accesslist.json",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Frontend Unit (Vitest) - ProxyHostForm",
|
|
"type": "shell",
|
|
"command": "cd frontend && npx vitest run src/components/__tests__/ProxyHostForm.test.tsx --reporter=json --outputFile /projects/Charon/test-results/vitest-proxyhost.json",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Frontend Unit (Vitest) - ProxyHostForm DNS",
|
|
"type": "shell",
|
|
"command": "cd frontend && npx vitest run src/components/__tests__/ProxyHostForm-dns.test.tsx --reporter=json --outputFile /projects/Charon/test-results/vitest-proxyhost-dns.json",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Frontend with Coverage",
|
|
"type": "shell",
|
|
"command": "bash scripts/frontend-test-coverage.sh",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Frontend Coverage (Vitest)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-frontend-coverage",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Local Patch Report",
|
|
"type": "shell",
|
|
"command": "bash scripts/local-patch-report.sh",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Backend Flaky - Certificate List Stability Loop",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && mkdir -p test-results/flaky && go test ./backend/internal/api/handlers -run '^TestCertificateHandler_List_WithCertificates$' -count=100 -shuffle=on -parallel=8 -json 2>&1 | tee test-results/flaky/cert-list-stability.jsonl",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Backend Flaky - Certificate List Race Loop",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && mkdir -p test-results/flaky && go test -race ./backend/internal/api/handlers -run '^TestCertificateHandler_List_WithCertificates$' -count=30 -shuffle=on -parallel=8 -json 2>&1 | tee test-results/flaky/cert-list-race.jsonl",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Backend Flaky - Certificate DB Setup Ordering Loop",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && mkdir -p test-results/flaky && go test ./backend/internal/api/handlers -run '^TestCertificateHandler_DBSetupOrdering$' -count=50 -shuffle=on -parallel=8 -json 2>&1 | tee test-results/flaky/cert-db-setup-ordering.jsonl",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Backend Flaky - Certificate Handler Focused Regression",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && mkdir -p test-results/flaky && go test ./backend/internal/api/handlers -run '^TestCertificateHandler_' -count=1 -json 2>&1 | tee test-results/flaky/cert-handler-regression.jsonl",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Coverage Inputs for Local Patch Report",
|
|
"type": "shell",
|
|
"dependsOn": [
|
|
"Test: Backend with Coverage",
|
|
"Test: Frontend Coverage (Vitest)"
|
|
],
|
|
"dependsOrder": "sequence",
|
|
"command": "echo 'Coverage inputs for local patch report complete'",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Backend DoD + Local Patch Report",
|
|
"type": "shell",
|
|
"dependsOn": [
|
|
"Test: Backend with Coverage",
|
|
"Test: Local Patch Report"
|
|
],
|
|
"dependsOrder": "sequence",
|
|
"command": "echo 'Backend DoD + local patch report complete'",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Frontend DoD + Local Patch Report",
|
|
"type": "shell",
|
|
"dependsOn": [
|
|
"Test: Frontend Coverage (Vitest)",
|
|
"Test: Local Patch Report"
|
|
],
|
|
"dependsOrder": "sequence",
|
|
"command": "echo 'Frontend DoD + local patch report complete'",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: Full DoD Unit + Local Patch Report",
|
|
"type": "shell",
|
|
"dependsOn": [
|
|
"Test: Coverage Inputs for Local Patch Report",
|
|
"Test: Local Patch Report"
|
|
],
|
|
"dependsOrder": "sequence",
|
|
"command": "echo 'Full DoD + local patch report complete'",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox)",
|
|
"type": "shell",
|
|
"command": "npm run e2e",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox, Workers 1)",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox --workers=1",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Cerberus: Real-Time Logs",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox tests/monitoring/real-time-logs.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Cerberus: Security Dashboard",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=security-tests tests/security/security-dashboard.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Cerberus: Rate Limiting",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=security-tests tests/security/rate-limiting.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (All Browsers)",
|
|
"type": "shell",
|
|
"command": "npm run e2e:all",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Core: Access Lists",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox tests/core/access-lists-crud.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Core: Authentication",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox tests/core/authentication.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Core: Certificates",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox tests/core/certificates.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Core: Dashboard",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox tests/core/dashboard.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Core: Navigation",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox tests/core/navigation.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Core: Navigation Shard",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox --shard=1/1 tests/core/navigation.spec.ts",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (Headed)",
|
|
"type": "shell",
|
|
"command": "npm run e2e:headed",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated"
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (UI - Headless Server)",
|
|
"type": "shell",
|
|
"command": "npm run e2e:ui:headless-server",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Lint: Pre-commit (All Files)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh qa-precommit-all",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Lint: Go Vet",
|
|
"type": "shell",
|
|
"command": "cd backend && go vet ./...",
|
|
"group": "test",
|
|
"problemMatcher": ["$go"]
|
|
},
|
|
{
|
|
"label": "Lint: Staticcheck (Fast)",
|
|
"type": "shell",
|
|
"command": "cd backend && golangci-lint run --config .golangci-fast.yml ./...",
|
|
"group": "test",
|
|
"problemMatcher": ["$go"],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated"
|
|
}
|
|
},
|
|
{
|
|
"label": "Lint: Staticcheck Only",
|
|
"type": "shell",
|
|
"command": "cd backend && golangci-lint run --config .golangci-fast.yml --disable-all --enable staticcheck ./...",
|
|
"group": "test",
|
|
"problemMatcher": ["$go"]
|
|
},
|
|
{
|
|
"label": "Lint: GolangCI-Lint (Docker)",
|
|
"type": "shell",
|
|
"command": "cd backend && docker run --rm -v $(pwd):/app:ro -w /app golangci/golangci-lint:latest golangci-lint run -v",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Lint: Frontend",
|
|
"type": "shell",
|
|
"command": "cd frontend && npm run lint",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Lint: Frontend (Fix)",
|
|
"type": "shell",
|
|
"command": "cd frontend && npm run lint -- --fix",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Lint: TypeScript Check",
|
|
"type": "shell",
|
|
"command": "cd frontend && npm run type-check",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Lint: Markdownlint",
|
|
"type": "shell",
|
|
"command": "markdownlint '**/*.md' --ignore node_modules --ignore frontend/node_modules --ignore .venv --ignore test-results --ignore codeql-db --ignore codeql-agent-results",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Lint: Markdownlint (Fix)",
|
|
"type": "shell",
|
|
"command": "markdownlint '**/*.md' --fix --ignore node_modules --ignore frontend/node_modules --ignore .venv --ignore test-results --ignore codeql-db --ignore codeql-agent-results",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Lint: Hadolint Dockerfile",
|
|
"type": "shell",
|
|
"command": "docker run --rm -i hadolint/hadolint < Dockerfile",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Trivy Scan",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh security-scan-trivy",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Semgrep Scan (Manual Script)",
|
|
"type": "shell",
|
|
"command": "bash scripts/pre-commit-hooks/semgrep-scan.sh",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Semgrep Scan (Manual Hook)",
|
|
"type": "shell",
|
|
"command": "pre-commit run --hook-stage manual semgrep-scan --all-files",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Gitleaks Scan (Tuned Manual Script)",
|
|
"type": "shell",
|
|
"command": "bash scripts/pre-commit-hooks/gitleaks-tuned-scan.sh",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Gitleaks Scan (Tuned Manual Hook)",
|
|
"type": "shell",
|
|
"command": "pre-commit run --hook-stage manual gitleaks-tuned-scan --all-files",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Scan Docker Image (Local)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh security-scan-docker-image",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Security: CodeQL Go Scan (DEPRECATED)",
|
|
"type": "shell",
|
|
"command": "codeql database create codeql-db-go --language=go --source-root=backend --overwrite && codeql database analyze codeql-db-go /projects/codeql/codeql/go/ql/src/codeql-suites/go-security-extended.qls --format=sarif-latest --output=codeql-results-go.sarif",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: CodeQL JS Scan (DEPRECATED)",
|
|
"type": "shell",
|
|
"command": "codeql database create codeql-db-js --language=javascript --source-root=frontend --overwrite && codeql database analyze codeql-db-js /projects/codeql/codeql/javascript/ql/src/codeql-suites/javascript-security-extended.qls --format=sarif-latest --output=codeql-results-js.sarif",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: CodeQL Go Scan (CI-Aligned) [~60s]",
|
|
"type": "shell",
|
|
"command": "bash scripts/pre-commit-hooks/codeql-go-scan.sh",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: CodeQL JS Scan (CI-Aligned) [~90s]",
|
|
"type": "shell",
|
|
"command": "bash scripts/pre-commit-hooks/codeql-js-scan.sh",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: CodeQL All (CI-Aligned)",
|
|
"type": "shell",
|
|
"dependsOn": ["Security: CodeQL Go Scan (CI-Aligned) [~60s]", "Security: CodeQL JS Scan (CI-Aligned) [~90s]"],
|
|
"dependsOrder": "sequence",
|
|
"command": "echo 'CodeQL complete'",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: CodeQL Scan (Skill)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh security-scan-codeql",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Go Vulnerability Check",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh security-scan-go-vuln",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Docker: Start Dev Environment",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh docker-start-dev",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Docker: Stop Dev Environment",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh docker-stop-dev",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Docker: Start Local Environment",
|
|
"type": "shell",
|
|
"command": "docker compose -f .docker/compose/docker-compose.local.yml up -d",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Docker: Stop Local Environment",
|
|
"type": "shell",
|
|
"command": "docker compose -f .docker/compose/docker-compose.local.yml down",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Docker: View Logs",
|
|
"type": "shell",
|
|
"command": "docker compose -f .docker/compose/docker-compose.yml logs -f",
|
|
"group": "none",
|
|
"problemMatcher": [],
|
|
"isBackground": true
|
|
},
|
|
{
|
|
"label": "Docker: Prune Unused Resources",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh docker-prune",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: Run All",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-all",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: Cerberus",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-cerberus",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: Cerberus Security Stack",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-cerberus",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: Coraza WAF",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-coraza",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: WAF (Legacy)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-waf",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: CrowdSec",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-crowdsec",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: CrowdSec Decisions",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-crowdsec-decisions",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: CrowdSec Startup",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-crowdsec-startup",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: Rate Limit",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-rate-limit",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Integration: Rate Limiting",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh integration-test-rate-limit",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Utility: Check Version Match Tag",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh utility-version-check",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Utility: Clear Go Cache",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh utility-clear-go-cache",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Utility: Bump Beta Version",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh utility-bump-beta",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Utility: Database Recovery",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh utility-db-recovery",
|
|
"group": "none",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Verify SBOM",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh security-verify-sbom ${input:dockerImage}",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Sign with Cosign",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh security-sign-cosign docker charon:local",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Generate SLSA Provenance",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh security-slsa-provenance generate ./backend/main",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Security: Full Supply Chain Audit",
|
|
"type": "shell",
|
|
"dependsOn": [
|
|
"Security: Verify SBOM",
|
|
"Security: Sign with Cosign",
|
|
"Security: Generate SLSA Provenance"
|
|
],
|
|
"dependsOrder": "sequence",
|
|
"command": "echo '✅ Supply chain audit complete'",
|
|
"group": "test",
|
|
"problemMatcher": []
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (Skill)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-e2e-playwright",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (Targeted Suite)",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && PLAYWRIGHT_HTML_OPEN=never PLAYWRIGHT_COVERAGE=0 PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 PLAYWRIGHT_SKIP_SECURITY_DEPS=1 npx playwright test --project=firefox ${input:playwrightSuitePath}",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Non-Security Shards 1/4-4/4",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && if [ -f .env ]; then set -a; . ./.env; set +a; fi && : \"${CHARON_EMERGENCY_TOKEN:?CHARON_EMERGENCY_TOKEN is required (set it in /projects/Charon/.env)}\" && CI=true PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 CHARON_SECURITY_TESTS_ENABLED=false PLAYWRIGHT_SKIP_SECURITY_DEPS=1 TEST_WORKER_INDEX=1 npx playwright test --project=firefox --shard=1/4 --output=playwright-output/firefox-shard-1 tests/core tests/dns-provider-crud.spec.ts tests/dns-provider-types.spec.ts tests/integration tests/manual-dns-provider.spec.ts tests/monitoring tests/settings tests/tasks && cd /projects/Charon && CI=true PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 CHARON_SECURITY_TESTS_ENABLED=false PLAYWRIGHT_SKIP_SECURITY_DEPS=1 TEST_WORKER_INDEX=2 npx playwright test --project=firefox --shard=2/4 --output=playwright-output/firefox-shard-2 tests/core tests/dns-provider-crud.spec.ts tests/dns-provider-types.spec.ts tests/integration tests/manual-dns-provider.spec.ts tests/monitoring tests/settings tests/tasks && cd /projects/Charon && CI=true PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 CHARON_SECURITY_TESTS_ENABLED=false PLAYWRIGHT_SKIP_SECURITY_DEPS=1 TEST_WORKER_INDEX=3 npx playwright test --project=firefox --shard=3/4 --output=playwright-output/firefox-shard-3 tests/core tests/dns-provider-crud.spec.ts tests/dns-provider-types.spec.ts tests/integration tests/manual-dns-provider.spec.ts tests/monitoring tests/settings tests/tasks && cd /projects/Charon && CI=true PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 CHARON_SECURITY_TESTS_ENABLED=false PLAYWRIGHT_SKIP_SECURITY_DEPS=1 TEST_WORKER_INDEX=4 npx playwright test --project=firefox --shard=4/4 --output=playwright-output/firefox-shard-4 tests/core tests/dns-provider-crud.spec.ts tests/dns-provider-types.spec.ts tests/integration tests/manual-dns-provider.spec.ts tests/monitoring tests/settings tests/tasks",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Non-Security Shard 1/4",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && if [ -f .env ]; then set -a; . ./.env; set +a; fi && : \"${CHARON_EMERGENCY_TOKEN:?CHARON_EMERGENCY_TOKEN is required (set it in /projects/Charon/.env)}\" && CI=true PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 CHARON_SECURITY_TESTS_ENABLED=false PLAYWRIGHT_SKIP_SECURITY_DEPS=1 TEST_WORKER_INDEX=1 npx playwright test --project=firefox --shard=1/4 --output=playwright-output/firefox-shard-1 tests/core tests/dns-provider-crud.spec.ts tests/dns-provider-types.spec.ts tests/integration tests/manual-dns-provider.spec.ts tests/monitoring tests/settings tests/tasks",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Non-Security Shard 2/4",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && if [ -f .env ]; then set -a; . ./.env; set +a; fi && : \"${CHARON_EMERGENCY_TOKEN:?CHARON_EMERGENCY_TOKEN is required (set it in /projects/Charon/.env)}\" && CI=true PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 CHARON_SECURITY_TESTS_ENABLED=false PLAYWRIGHT_SKIP_SECURITY_DEPS=1 TEST_WORKER_INDEX=2 npx playwright test --project=firefox --shard=2/4 --output=playwright-output/firefox-shard-2 tests/core tests/dns-provider-crud.spec.ts tests/dns-provider-types.spec.ts tests/integration tests/manual-dns-provider.spec.ts tests/monitoring tests/settings tests/tasks",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Non-Security Shard 3/4",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && if [ -f .env ]; then set -a; . ./.env; set +a; fi && : \"${CHARON_EMERGENCY_TOKEN:?CHARON_EMERGENCY_TOKEN is required (set it in /projects/Charon/.env)}\" && CI=true PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 CHARON_SECURITY_TESTS_ENABLED=false PLAYWRIGHT_SKIP_SECURITY_DEPS=1 TEST_WORKER_INDEX=3 npx playwright test --project=firefox --shard=3/4 --output=playwright-output/firefox-shard-3 tests/core tests/dns-provider-crud.spec.ts tests/dns-provider-types.spec.ts tests/integration tests/manual-dns-provider.spec.ts tests/monitoring tests/settings tests/tasks",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (FireFox) - Non-Security Shard 4/4",
|
|
"type": "shell",
|
|
"command": "cd /projects/Charon && if [ -f .env ]; then set -a; . ./.env; set +a; fi && : \"${CHARON_EMERGENCY_TOKEN:?CHARON_EMERGENCY_TOKEN is required (set it in /projects/Charon/.env)}\" && CI=true PLAYWRIGHT_BASE_URL=http://127.0.0.1:8080 CHARON_SECURITY_TESTS_ENABLED=false PLAYWRIGHT_SKIP_SECURITY_DEPS=1 TEST_WORKER_INDEX=4 npx playwright test --project=firefox --shard=4/4 --output=playwright-output/firefox-shard-4 tests/core tests/dns-provider-crud.spec.ts tests/dns-provider-types.spec.ts tests/integration tests/manual-dns-provider.spec.ts tests/monitoring tests/settings tests/tasks",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright with Coverage",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-e2e-playwright-coverage",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright - View Report",
|
|
"type": "shell",
|
|
"command": "npx playwright show-report --port 9323",
|
|
"group": "none",
|
|
"problemMatcher": [],
|
|
"isBackground": true,
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Docker: Rebuild E2E Environment",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh docker-rebuild-e2e",
|
|
"group": "build",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Docker: Rebuild E2E Environment (Clean)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh docker-rebuild-e2e --clean --no-cache",
|
|
"group": "build",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (Debug Mode)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-e2e-playwright-debug",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Test: E2E Playwright (Debug with Inspector)",
|
|
"type": "shell",
|
|
"command": ".github/skills/scripts/skill-runner.sh test-e2e-playwright-debug --inspector",
|
|
"group": "test",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "dedicated",
|
|
"close": false
|
|
}
|
|
},
|
|
{
|
|
"label": "Utility: Update Go Version",
|
|
"type": "shell",
|
|
"command": "go env -w GOTOOLCHAIN=go$(go list -m -f '{{.Version}}' go@latest)+auto && go list -m -f '{{.Version}}' go@latest && go version",
|
|
"group": "none",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "shared"
|
|
}
|
|
},
|
|
{
|
|
"label": "Utility: Rebuild Go Tools",
|
|
"type": "shell",
|
|
"command": "./scripts/rebuild-go-tools.sh",
|
|
"group": "none",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "shared",
|
|
"close": false
|
|
},
|
|
"detail": "Rebuild Go development tools (golangci-lint, gopls, govulncheck, dlv) with the current Go version"
|
|
},
|
|
{
|
|
"label": "Utility: Update Grype Version",
|
|
"type": "shell",
|
|
"command": "curl -sSfL https://get.anchore.io/grype | sudo sh -s -- -b /usr/local/bin",
|
|
"group": "none",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "shared"
|
|
}
|
|
},
|
|
{
|
|
"label": "Utility: Update Syft Version",
|
|
"type": "shell",
|
|
"command": "curl -sSfL https://get.anchore.io/syft | sudo sh -s -- -b /usr/local/bin",
|
|
"group": "none",
|
|
"problemMatcher": [],
|
|
"presentation": {
|
|
"reveal": "always",
|
|
"panel": "shared"
|
|
}
|
|
}
|
|
|
|
],
|
|
"inputs": [
|
|
{
|
|
"id": "playwrightSuitePath",
|
|
"type": "promptString",
|
|
"description": "Target Playwright suite or test path",
|
|
"default": "tests/"
|
|
},
|
|
{
|
|
"id": "dockerImage",
|
|
"type": "promptString",
|
|
"description": "Docker image name or tag to verify",
|
|
"default": "charon:local"
|
|
}
|
|
]
|
|
}
|