Skip to content

Commit f237fa5

Browse files
authored
Merge pull request #873 from Wikid82/feature/beta-release
fix(certificates): allow deletion of expired and unused certificates
2 parents 6c6c3f3 + 77511b0 commit f237fa5

82 files changed

Lines changed: 4104 additions & 1039 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.docker/compose/docker-compose.playwright-local.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,8 @@ services:
4848
tmpfs:
4949
# True tmpfs for E2E test data - fresh on every run, in-memory only
5050
# mode=1777 allows any user to write (container runs as non-root)
51-
- /app/data:size=100M,mode=1777
51+
# 256M gives headroom for the backup service's 100MB disk-space check
52+
- /app/data:size=256M,mode=1777
5253
volumes:
5354
- /var/run/docker.sock:/var/run/docker.sock:ro # For container discovery in tests
5455
healthcheck:

.github/renovate.json

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -130,6 +130,32 @@
130130
"datasourceTemplate": "go",
131131
"versioningTemplate": "semver"
132132
},
133+
{
134+
"customType": "regex",
135+
"description": "Track gotestsum version in codecov workflow",
136+
"managerFilePatterns": [
137+
"/^\\.github/workflows/codecov-upload\\.yml$/"
138+
],
139+
"matchStrings": [
140+
"gotestsum@v(?<currentValue>[^\\s]+)"
141+
],
142+
"depNameTemplate": "gotest.tools/gotestsum",
143+
"datasourceTemplate": "go",
144+
"versioningTemplate": "semver"
145+
},
146+
{
147+
"customType": "regex",
148+
"description": "Track gotestsum version in quality checks workflow",
149+
"managerFilePatterns": [
150+
"/^\\.github/workflows/quality-checks\\.yml$/"
151+
],
152+
"matchStrings": [
153+
"gotestsum@v(?<currentValue>[^\\s]+)"
154+
],
155+
"depNameTemplate": "gotest.tools/gotestsum",
156+
"datasourceTemplate": "go",
157+
"versioningTemplate": "semver"
158+
},
133159
{
134160
"customType": "regex",
135161
"description": "Track govulncheck version in scripts",
@@ -255,6 +281,12 @@
255281
"matchUpdateTypes": ["major"],
256282
"automerge": false,
257283
"labels": ["manual-review"]
284+
},
285+
{
286+
"description": "Fix Renovate lookup for geoip2-golang v2 module path",
287+
"matchDatasources": ["go"],
288+
"matchPackageNames": ["github.com/oschwald/geoip2-golang/v2"],
289+
"sourceUrl": "https://github.com/oschwald/geoip2-golang"
258290
}
259291
]
260292
}

.github/workflows/codecov-upload.yml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -126,6 +126,9 @@ jobs:
126126
echo "__CHARON_EOF__"
127127
} >> "$GITHUB_ENV"
128128
129+
- name: Install gotestsum
130+
run: go install gotest.tools/gotestsum@v1.13.0
131+
129132
- name: Run Go tests with coverage
130133
working-directory: ${{ github.workspace }}
131134
env:
@@ -134,6 +137,14 @@ jobs:
134137
bash scripts/go-test-coverage.sh 2>&1 | tee backend/test-output.txt
135138
exit "${PIPESTATUS[0]}"
136139
140+
- name: Upload test output artifact
141+
if: always()
142+
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
143+
with:
144+
name: backend-test-output
145+
path: backend/test-output.txt
146+
retention-days: 7
147+
137148
- name: Upload backend coverage to Codecov
138149
uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5
139150
with:

.github/workflows/quality-checks.yml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -148,6 +148,9 @@ jobs:
148148
run: |
149149
bash "scripts/repo_health_check.sh"
150150
151+
- name: Install gotestsum
152+
run: go install gotest.tools/gotestsum@v1.13.0
153+
151154
- name: Run Go tests
152155
id: go-tests
153156
working-directory: ${{ github.workspace }}
@@ -156,6 +159,14 @@ jobs:
156159
run: |
157160
bash "scripts/go-test-coverage.sh" 2>&1 | tee backend/test-output.txt; exit "${PIPESTATUS[0]}"
158161
162+
- name: Upload test output artifact
163+
if: always()
164+
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
165+
with:
166+
name: backend-test-output
167+
path: backend/test-output.txt
168+
retention-days: 7
169+
159170
- name: Go Test Summary
160171
if: always()
161172
working-directory: backend

.github/workflows/renovate.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525
fetch-depth: 1
2626

2727
- name: Run Renovate
28-
uses: renovatebot/github-action@abd08c7549b2a864af5df4a2e369c43f035a6a9d # v46.1.5
28+
uses: renovatebot/github-action@68a3ea99af6ad249940b5a9fdf44fc6d7f14378b # v46.1.6
2929
with:
3030
configurationFile: .github/renovate.json
3131
token: ${{ secrets.RENOVATE_TOKEN || secrets.GITHUB_TOKEN }}

.github/workflows/security-pr.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -385,7 +385,7 @@ jobs:
385385
- name: Upload Trivy SARIF to GitHub Security
386386
if: always() && steps.trivy-sarif-check.outputs.exists == 'true'
387387
# github/codeql-action v4
388-
uses: github/codeql-action/upload-sarif@05b1a5d28f8763fd11e77388fe57846f1ba8e766
388+
uses: github/codeql-action/upload-sarif@eedab83377f873ae39009d167a89b7a5aab4638b
389389
with:
390390
sarif_file: 'trivy-binary-results.sarif'
391391
category: ${{ steps.pr-info.outputs.is_push == 'true' && format('security-scan-{0}', github.event_name == 'workflow_run' && github.event.workflow_run.head_branch || github.ref_name) || format('security-scan-pr-{0}', steps.pr-info.outputs.pr_number) }}

0 commit comments

Comments
 (0)