- Add EnvironmentFile=/home/txeo/Git/yo/cv/.env to systemd unit
- Add production overrides (GO_ENV, BEHIND_PROXY, ALLOWED_ORIGINS)
- Deploy workflow now auto-updates systemd service file on each deploy
- Fix golangci-lint errcheck errors by using t.Setenv() instead of os.Setenv()
- Add CSS bundle build step to deploy workflow for production
- Add graceful fallback to modular CSS if bundle doesn't exist
- Remove unused os import from preferences_test.go
PDF generation tests require a running HTTP server for chromedp to connect to.
This is not available in CI environment, causing tests to fail with ERR_CONNECTION_REFUSED.
Changes:
- Added skip condition to TestDefaultCVShortcut when running in short mode
- Updated CI workflow to use -short flag for tests and benchmarks
- Removed Chrome installation from CI (not needed for unit tests)
- Integration tests can still run locally without -short flag
- Add findDataFile() helper to search up directory tree for data files
- Fixes tests running from subdirectories (internal/handlers)
- Install Chrome in GitHub Actions for PDF generation tests
This resolves test failures that have existed since PDF tests were introduced:
- Error: 'open data/cv-es.json: no such file or directory'
- Error: 'chrome failed to start'
Tests now properly locate data files from any working directory and
have Chrome available for PDF generation in CI environment.
- Enhanced CI/CD pipeline with coverage reporting, benchmarks, and artifact uploads
- Implemented rate limiter IP validation with proxy support and spoofing protection
- Added extensive Makefile test targets for coverage, benchmarks, and continuous testing
- Expanded middleware chain with request validation, size limits, and suspicious activity logging
- Check for uncommitted changes (both staged and unstaged)
- Auto-stash with timestamp before pulling
- Prevents "Your local changes would be overwritten" errors
- Commented-out option to reapply stash after pull if needed
Server changes are preserved in git stash for recovery if needed.
Fixes: "error: Your local changes to the following files would be overwritten by merge"
- Change from fixing only .git/ to fixing entire repository (.)
- Prevents "unable to unlink" errors on workflow files
- Ensures deployment user has write access to all files
- Run unconditionally as it's fast and prevents all permission issues
Fixes: "error: unable to unlink old '.github/workflows/deploy.yml': Permission denied"
Replace manual SSH setup with proven appleboy/ssh-action@v1.0.3
- Automatically handles SSH key formatting and permissions
- No manual key validation or cleanup needed
- Consistent with working commando-web deployment
- Pass environment variables via 'envs' parameter
- Simplifies both deploy and verify steps
This eliminates "error in libcrypto" and permission issues.
- Use printf instead of echo for proper SSH key formatting
- Add ssh-keygen validation before attempting connection
- Show first 50 chars of key on validation failure for debugging
- Maintains proper line endings and key structure
This will help identify if the SSH_PRIVATE_KEY secret is malformed.
Test workflow:
- Upgrade golangci-lint-action from v6 to v7
- v7 is required for golangci-lint v2.x support
- Remove skip-cache as v7 handles caching better
Deploy workflow:
- Fix SSH heredoc to use unquoted ENDSSH delimiter
- Allows environment variables to expand in remote session
- Fixes "Permission denied" by properly passing REPO_PATH and SERVICE_NAME
- Update golangci-lint from v1.65.1 to v2.6.0
- v2.6.0 is built with Go 1.25 and supports Go 1.25.1
- Resolves 404 error from non-existent v1.65.1 release
- Update matrix Go version from 1.25 to 1.25.1 to match go.mod
- Specify golangci-lint v1.65.1 explicitly (supports Go 1.25+)
- Add skip-cache to force fresh download and avoid cached v1.64.8
- Update golangci-lint-action from v3 to v6
- Remove redundant cache skip flags (v6 has better defaults)
- Fixes compatibility with Go 1.25.1 specified in go.mod
juanatsap
root