tests pipeline run attempt

2026-02-01 21:58:00 +02:00
parent 89befce20f
commit a53edd1e48
122 changed files with 274 additions and 11 deletions
--- a/.gitea/workflows-archived/manifest-integrity.yml
+++ b/.gitea/workflows-archived/manifest-integrity.yml
@@ -0,0 +1,125 @@
+name: Manifest Integrity
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'docs/**/*.schema.json'
+      - 'docs/contracts/**'
+      - 'docs/schemas/**'
+      - 'scripts/packs/**'
+  pull_request:
+    paths:
+      - 'docs/**/*.schema.json'
+      - 'docs/contracts/**'
+      - 'docs/schemas/**'
+      - 'scripts/packs/**'
+
+jobs:
+  validate-schemas:
+    name: Validate Schema Integrity
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: npm install -g ajv-cli ajv-formats
+
+      - name: Validate JSON schemas
+        run: |
+          EXIT_CODE=0
+          for schema in docs/schemas/*.schema.json; do
+            echo "Validating $schema..."
+            if ! ajv compile -s "$schema" --spec=draft2020 2>/dev/null; then
+              echo "Error: $schema is invalid"
+              EXIT_CODE=1
+            fi
+          done
+          exit $EXIT_CODE
+
+  validate-contracts:
+    name: Validate Contract Documents
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Check contract structure
+        run: |
+          for contract in docs/contracts/*.md; do
+            echo "Checking $contract..."
+            # Verify required sections exist
+            if ! grep -q "^## " "$contract"; then
+              echo "Warning: $contract missing section headers"
+            fi
+            # Check for decision ID
+            if grep -q "Decision ID" "$contract" && ! grep -q "DECISION-\|CONTRACT-" "$contract"; then
+              echo "Warning: $contract missing decision ID format"
+            fi
+          done
+
+  validate-pack-fixtures:
+    name: Validate Pack Fixtures
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install dependencies
+        run: pip install jsonschema
+
+      - name: Run fixture validation
+        run: |
+          if [ -f .gitea/scripts/test/run-fixtures-check.sh ]; then
+            chmod +x .gitea/scripts/test/run-fixtures-check.sh
+            ./.gitea/scripts/test/run-fixtures-check.sh
+          fi
+
+  checksum-audit:
+    name: Audit SHA256SUMS Files
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Validate checksums
+        run: |
+          find . -name "SHA256SUMS" -type f | while read f; do
+            dir=$(dirname "$f")
+            echo "Validating checksums in $dir..."
+            cd "$dir"
+            # Check if all referenced files exist
+            while read hash file; do
+              if [ ! -f "$file" ]; then
+                echo "Warning: $file referenced in SHA256SUMS but not found"
+              fi
+            done < SHA256SUMS
+            cd - > /dev/null
+          done
+
+  merkle-consistency:
+    name: Verify Merkle Roots
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Check DSSE Merkle roots
+        run: |
+          find . -name "*.dsse.json" -type f | while read f; do
+            echo "Checking Merkle root in $f..."
+            # Extract and validate Merkle root if present
+            if jq -e '.payload' "$f" > /dev/null 2>&1; then
+              PAYLOAD=$(jq -r '.payload' "$f" | base64 -d 2>/dev/null || echo "")
+              if echo "$PAYLOAD" | jq -e '._stellaops.merkleRoot' > /dev/null 2>&1; then
+                MERKLE=$(echo "$PAYLOAD" | jq -r '._stellaops.merkleRoot')
+                echo "  Merkle root: $MERKLE"
+              fi
+            fi
+          done