akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity
Files
ac5d8199965b954a73336781909107ddda1bec3d
Charon/scripts
History
GitHub Actions 67c93ff6b5 hotfix: Route-Aware Verification and jq Dependency 
- Added a new implementation report for the Cerberus TC-2 test fix detailing the changes made to handle the break glass protocol's dual-route structure.
- Modified `scripts/cerberus_integration.sh` to replace naive byte-position checking with route-aware verification.
- Introduced a hard requirement for jq, including error handling for its absence.
- Implemented emergency route detection using exact path matching.
- Enhanced defensive programming practices with JSON validation, route structure checks, and numeric validations.
- Improved logging and output for better debugging and clarity.
- Verified handler order within main routes while skipping emergency routes.
- Updated test results and compliance with specifications in the implementation report.
2026-01-28 21:46:11 +00:00
..
ci
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
history-rewrite
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
pre-commit-hooks
chore: add GORM security scanner and pre-commit hook
2026-01-28 10:30:03 +00:00
bump_beta.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
cerberus_integration.sh
hotfix: Route-Aware Verification and jq Dependency
2026-01-28 21:46:11 +00:00
check_go_build.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
check-version-match-tag.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
clear-go-cache.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
coraza_integration.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
create_bulk_acl_issues.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
crowdsec_decision_integration.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
crowdsec_integration.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
crowdsec_startup_test.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
db-recovery.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
debug_db.py
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
debug_rate_limit.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
frontend-test-coverage.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
go-test-coverage.sh
chore: add GORM security scanner and pre-commit hook
2026-01-28 10:30:03 +00:00
gopls_collect.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
install-go-1.25.6.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
integration-test.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
prune-container-images.sh
fix(e2e): prevent redundant image builds in CI shards
2026-01-26 21:51:23 +00:00
qa-test-auth-certificates.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
rate_limit_integration.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
README.md
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
release.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
repo_health_check.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
scan-gorm-security.sh
chore: GORM remediation
2026-01-28 18:47:52 +00:00
scan-gorm-security.sh.backup
chore: add GORM security scanner and pre-commit hook
2026-01-28 10:30:03 +00:00
security-scan.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
setup-e2e-env.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
trivy-scan.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
validate-e2e-auth.sh
fix: restore PATCH endpoints used by E2E + emergency-token fallback
2026-01-27 22:43:33 +00:00
verify_crowdsec_app_config.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00
waf_integration.sh
chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00

README.md

Scripts Directory

Running Tests Locally Before Pushing to CI

WAF Integration Test

Always run this locally before pushing WAF-related changes to avoid CI failures:

# From project root
bash ./scripts/coraza_integration.sh

Or use the VS Code task: Ctrl+Shift+PTasks: Run TaskCoraza: Run Integration Script

Requirements:

  • Docker image charon:local must be built first:

    docker build -t charon:local .

  • The script will:

    1. Start a test container with WAF enabled
    2. Create a backend container (httpbin)
    3. Test WAF in block mode (expect HTTP 403)
    4. Test WAF in monitor mode (expect HTTP 200)
    5. Clean up all test containers

Expected output:

✓ httpbin backend is ready
✓ Coraza WAF blocked payload as expected (HTTP 403) in BLOCK mode
✓ Coraza WAF in MONITOR mode allowed payload through (HTTP 200) as expected
=== All Coraza integration tests passed ===

Other Test Scripts

  • Security Scan: bash ./scripts/security-scan.sh
  • Go Test Coverage: bash ./scripts/go-test-coverage.sh
  • Frontend Test Coverage: bash ./scripts/frontend-test-coverage.sh

CI/CD Workflows

Changes to these scripts may trigger CI workflows:

  • coraza_integration.sh → WAF Integration Tests workflow
  • Files in .github/workflows/ directory control CI behavior

Tip: Run tests locally to save CI minutes and catch issues faster!

Reference in New Issue View Git Blame Copy Permalink