akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity
Files
fde59a94ae2785f4e0eec20a1ae76cc7b251840f
Charon/docs/plans/archive/merge-resolution-plan.md
GitHub Actions 27c252600a chore: git cache cleanup
2026-03-04 18:34:49 +00:00

218 lines
6.2 KiB
Markdown
Raw Blame History

# Merge Conflict Resolution Plan: `feature/beta-release` → `main`
**Plan ID**: MERGE-2026-001
**Status**: 🔄 PENDING
**Priority**: High
**Created**: 2026-01-25
---
## 🔴 Workflow Failure Analysis (Added 2026-01-25)
### Issue Identified: docker-build.yml Failure
**Workflow Run**: https://github.com/Wikid82/Charon/actions/runs/21326638353
**Root Cause**: Base image mismatch after Debian Trixie migration (PR #550)
| Component | Before Fix | After Fix |
|-----------|-----------|-----------|
| Workflow `docker-build.yml` | `debian:bookworm-slim` | `debian:trixie-slim` |
| Dockerfile `CADDY_IMAGE` | `debian:trixie-slim` | `debian:trixie-slim` ✓ |
**Problem**: The workflow step "Resolve Debian base image digest" was still pulling `debian:bookworm-slim` while the Dockerfile was updated to use `debian:trixie-slim`. This caused inconsistency in the build.
**Fix Applied**: Updated [.github/workflows/docker-build.yml](.github/workflows/docker-build.yml#L54-L57):
```yaml
- name: Resolve Debian base image digest
run: |
docker pull debian:trixie-slim
DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' debian:trixie-slim)
```
---
## Summary
This plan addresses merge conflicts in the `feature/beta-release` branch that need resolution against `main`. After analyzing all conflicting files, here is the recommended resolution strategy.
---
## File Analysis
### 1. `.github/workflows/codeql.yml`
**Conflict Likelihood**: Low-Medium
**Current State**: No visible conflict markers
**Key Features in Current Version**:
- Go version: `1.25.6`
- Forked PR handling (skips when `fork == true`)
- CodeQL config file: `.github/codeql/codeql-config.yml`
- SARIF analysis with error/warning/note counting
**Resolution Strategy**: **Accept feature branch changes**
- Feature branch likely has updated Go version and security improvements
- Verify `GO_VERSION` env var matches other workflows after merge
---
### 2. `.github/workflows/docker-build.yml`
**Conflict Likelihood**: Medium
**Current State**: No visible conflict markers
**Key Features in Current Version**:
- SBOM generation and attestation
- CVE-2025-68156 verification for Caddy/CrowdSec
- Feature branch detection and artifact handling
- Multi-platform builds (amd64/arm64)
- Trivy vulnerability scanning
**Resolution Strategy**: **Accept feature branch changes**
- Feature branch contains critical security patches
- Verify image tag logic matches expected patterns
- Confirm `SYFT_VERSION` and `GRYPE_VERSION` are current
---
### 3. `Dockerfile`
**Conflict Likelihood**: High (likely PR #550 Debian Trixie migration)
**Current State**: Already using `debian:trixie-slim`
**Key Features in Current Version**:
- Base image: `debian:trixie-slim` (Debian 13 testing)
- Go version: `1.25` (builder stages)
- Caddy version: `2.11.0-beta.2`
- CrowdSec version: `1.7.6`
- gosu version: `1.17`
- Security patches for `expr-lang/expr@v1.17.7`
- Multi-stage build with cross-compilation helpers
**Resolution Strategy**: **Accept feature branch changes (post-Trixie migration)**
- If main still uses `bookworm-slim`, take feature branch version
- Critical: Preserve all CVE patches (CVE-2025-68156, CVE-2025-58183, etc.)
- Ensure all `renovate:` comments are preserved for automated updates
---
### 4. `backend/go.sum`
**Conflict Likelihood**: High
**Current State**: 167 packages, no conflict markers
**Key Versions Detected**:
- `golang.org/x/crypto@v0.47.0`
- `google.golang.org/grpc@v1.75.0`
- `gorm.io/gorm@v1.31.1`
- `github.com/gin-gonic/gin@v1.11.0`
**Resolution Strategy**: **Regenerate after merge**
- Dependency lock files should never be manually merged
- After resolving other conflicts, run:
```bash
cd backend && go mod tidy && go mod download
```
---
### 5. `frontend/package-lock.json` ⚠️ (Not `backend/`)
**Conflict Likelihood**: High
**Current State**: 7499 lines, lockfileVersion 3
**Resolution Strategy**: **Regenerate after merge**
- Delete the file and regenerate:
```bash
cd frontend && rm package-lock.json && npm install
```
---
### 6. `frontend/package.json` ⚠️ (Not `backend/`)
**Conflict Likelihood**: Medium
**Current State**: Version `0.3.0`, no conflict markers
**Key Dependencies**:
- React: `^19.2.3`
- Vite: `^7.3.1`
- Playwright: `^1.57.0`
- TypeScript: `^5.9.3`
**Resolution Strategy**: **Manual review required**
- Compare `main` and feature branch versions
- Keep higher version numbers when there are conflicts
- Ensure no duplicate entries
---
## Command Sequence for Resolution
```bash
# 1. Ensure you're on the feature branch
git checkout feature/beta-release
# 2. Fetch latest main
git fetch origin main
# 3. Start the merge (this will show conflicts)
git merge origin/main
# 4. For workflow files (if conflicts exist):
# Accept feature branch changes, then verify
git checkout --theirs .github/workflows/codeql.yml
git checkout --theirs .github/workflows/docker-build.yml
git add .github/workflows/
# 5. For Dockerfile (if conflicts exist):
# Accept feature branch (Trixie migration)
git checkout --theirs Dockerfile
git add Dockerfile
# 6. For Go dependencies:
git checkout --theirs backend/go.sum
cd backend && go mod tidy
cd ..
git add backend/go.sum backend/go.mod
# 7. For frontend dependencies:
cd frontend
rm -f package-lock.json
# Manually resolve package.json if needed
npm install
cd ..
git add frontend/package.json frontend/package-lock.json
# 8. Complete the merge
git commit -m "Merge main into feature/beta-release - resolve conflicts"
# 9. Validate
make lint
make test
```
---
## Post-Merge Validation Checklist
- [ ] `go mod tidy` completes without errors
- [ ] `npm install` (frontend) completes without errors
- [ ] Docker build succeeds: `docker build -t charon:test .`
- [ ] CI workflows pass on push
- [ ] Go version consistent across all workflows (`1.25.6`)
- [ ] Debian Trixie base image in Dockerfile
---
## Notes
1. **File Path Correction**: The conflicting package files are in `frontend/`, not `backend/`. The Go backend uses `go.mod`/`go.sum`, not npm.
2. **Conflict markers not visible**: The files read don't show `<<<<<<<` markers, suggesting either:
- The merge hasn't been attempted yet
- Conflicts would appear after running `git merge`
3. **PR #550 Reference**: The Dockerfile already shows Trixie migration is complete in the current branch.
Reference in New Issue View Git Blame Copy Permalink