8f15bb1362
All checks were successful
Security Scan / Secret Scanning (gitleaks) (push) Successful in 4m13s
Veza CI / Rust (Stream Server) (push) Successful in 6m25s
Veza CI / Backend (Go) (push) Successful in 6m36s
Veza CI / Frontend (Web) (push) Successful in 20m57s
Veza CI / Notify on failure (push) Has been skipped
Two changes in one commit because they address the same root cause: the
Forgejo self-hosted runner doesn't expose a Docker socket, and the legacy
backend-ci.yml workflow both required Docker for its integration tests
AND enforced a 75% coverage gate that the codebase has never met (actual
~33%). The consolidated Veza CI workflow (ci.yml) already covers the
same Go build / test / govulncheck surface and is now green — there's
no reason to keep the legacy duplicate red in parallel.
1. .github/workflows/backend-ci.yml → backend-ci.yml.disabled
Renamed, not deleted. Reactivation path:
- Raise real coverage closer to 75%, OR lower the threshold in the
workflow file to a realistic value (30–40%)
- Provide Docker socket access on the runner OR gate the
integration job on a docker-in-docker service
- `git mv` it back to .yml
This finishes the CI consolidation that started in
|
||
|---|---|---|
| .. | ||
| accessibility.yml.disabled | ||
| backend-ci.yml.disabled | ||
| cd.yml.disabled | ||
| chromatic.yml.disabled | ||
| ci.yml | ||
| commitlint.yml.disabled | ||
| container-scan.yml.disabled | ||
| contract-testing.yml.disabled | ||
| flaky-report.yml.disabled | ||
| frontend-ci.yml | ||
| go-fuzz.yml | ||
| load-test-nightly.yml.disabled | ||
| mutation-testing.yml.disabled | ||
| openapi-lint.yml.disabled | ||
| performance.yml.disabled | ||
| rust-mutation.yml.disabled | ||
| sast.yml.disabled | ||
| security-scan.yml | ||
| semgrep.yml.disabled | ||
| staging-validation.yml.disabled | ||
| storybook-audit.yml.disabled | ||
| trivy-fs.yml | ||
| visual-regression.yml.disabled | ||
| zap-dast.yml.disabled | ||