* fix(provisioning): remove app from apps map when its provision failed
* Clean up failed app provisioning with defer
* fix(provisioning): record apps that failed to provision with their error
* save the error when an app fails to initialize and return this error when this app is requested by a module
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
* ci: reduce dependabot spam
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* group actions deps
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* fix dead link
* Update cmd/commands.go
Co-authored-by: Mohammed Al Sahaf <mohammed@caffeinatedwonders.com>
---------
Co-authored-by: Mohammed Al Sahaf <mohammed@caffeinatedwonders.com>
This commit adds support for LibreJS (https://en.wikipedia.org/wiki/GNU_LibreJS).
LibreJS would block this embedded JavaScript because its license is not stated in a machine-readable format.
Signed-off-by: Cédric Félizard <cedric@felizard.fr>
* fix: resolve http.request placeholders in header directive find operation
- Skip regex compilation during provision when placeholders are detected
- Compile regex at runtime after placeholder replacement
- Preserves performance for static regexes while enabling dynamic placeholders
- Fixes#7109
* test: add tests for placeholder detection in header replacements
- Test containsPlaceholders function edge cases
- Test provision skips compilation for dynamic regexes
- Test end-to-end placeholder replacement functionality
* httpcaddyfile: Validates TLS DNS challenge options
Adds validation to the TLS Caddyfile adapter to ensure that when DNS challenge options (such as propagation_delay or dns_ttl) are specified, a DNS provider is also configured.
Adds new integration tests to verify this validation logic, and implements a new mechanism for adapt tests to assert a config adapt error.
* Add some more AI-generated tests asserting config errors
* Parallel doesn't work here, we use global variables
* Windows fix
* chore: apply security best practices for CI
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* remove redundant codeql job
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* run scorecard flow on PRs
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* ci: add dep review action
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* sprinkle permissions on Actions jobs
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* README: add OpenSSF best practices badge
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* add draft OpenSSF Scorecard workflow
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* client_auth: wire up leaf verifier Caddyfile
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* review feedback + tests
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* chore: upgrade .golangci.yml and workflow to v2
run `golangci-lint fmt`
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* run `golangci-lint run --fix`
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* more lint fixes
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* bring back comments to .golangci.yml
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* appease the linter some more
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* oops
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* use embedded structs
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* use embedded structs where they were used before
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* disable rule `-QF1006`
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* missed a spot
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* log: default logger should respect `{in,ex}clude`
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* add tests
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* admin: Make sure that any admin routers are provisioned when local/remote admin servers are replaced at runtime.
* admin: check for provisioning errors during admin server replacements
* caddytls: Prefer managed wildcard certs over individual subdomain certs
* Repurpose force_automate as no_wildcard
* Fix a couple bugs
* Restore force_automate and use automate loader as wildcard override
