61418fa9dd
- The security config Upsert update path copied all rate limit fields from the incoming request onto the existing database record except RateLimitMode, so the seeded default value of "disabled" always survived a POST regardless of what the caller sent - This silently prevented the Caddy rate_limit handler from being injected on any container with a pre-existing config record (i.e., every real deployment and every CI run after migration) - Added the missing field assignment so RateLimitMode is correctly persisted on update alongside all other rate limit settings - Integration test payload now also sends rate_limit_enable alongside rate_limit_mode so the handler sync logic fires via its explicit first branch, providing belt-and-suspenders correctness independent of which path the caller uses to express intent
Scripts Directory
Running Tests Locally Before Pushing to CI
WAF Integration Test
Always run this locally before pushing WAF-related changes to avoid CI failures:
# From project root
bash ./scripts/coraza_integration.sh
Or use the VS Code task: Ctrl+Shift+P → Tasks: Run Task → Coraza: Run Integration Script
Requirements:
-
Docker image
charon:localmust be built first:docker build -t charon:local . -
The script will:
- Start a test container with WAF enabled
- Create a backend container (httpbin)
- Test WAF in block mode (expect HTTP 403)
- Test WAF in monitor mode (expect HTTP 200)
- Clean up all test containers
Expected output:
✓ httpbin backend is ready
✓ Coraza WAF blocked payload as expected (HTTP 403) in BLOCK mode
✓ Coraza WAF in MONITOR mode allowed payload through (HTTP 200) as expected
=== All Coraza integration tests passed ===
Other Test Scripts
- Security Scan:
bash ./scripts/security-scan.sh - Go Test Coverage:
bash ./scripts/go-test-coverage.sh - Frontend Test Coverage:
bash ./scripts/frontend-test-coverage.sh
CI/CD Workflows
Changes to these scripts may trigger CI workflows:
coraza_integration.sh→ WAF Integration Tests workflow- Files in
.github/workflows/directory control CI behavior
Tip: Run tests locally to save CI minutes and catch issues faster!