diff --git a/.github/workflows/registry_validation.yml b/.github/workflows/registry_validation.yml index 1d9e4d0..1e6d889 100644 --- a/.github/workflows/registry_validation.yml +++ b/.github/workflows/registry_validation.yml @@ -3,11 +3,11 @@ name: Cloudflare Registry Validation on: push: paths: - - 'cloudflare/**' + - '**/*' - '.github/workflows/registry_validation.yml' pull_request: paths: - - 'cloudflare/**' + - '**/*' - '.github/workflows/registry_validation.yml' schedule: # Daily validation to catch drift @@ -36,22 +36,18 @@ jobs: - name: Run Tool Name Parity Check run: | - cd cloudflare python3 ci_check_tool_names.py - name: Run Entrypoint Sanity Check run: | - cd cloudflare python3 ci_check_entrypoints.py - name: Generate Fresh Registry run: | - cd cloudflare python3 generate_capability_registry_v2.py - name: Validate Registry Format run: | - cd cloudflare python3 -c " import json with open('capability_registry_v2.json', 'r') as f: @@ -66,7 +62,6 @@ jobs: - name: Check for Registry Changes id: registry_changes run: | - cd cloudflare # Check if registry changed during validation if git diff --name-only capability_registry_v2.json; then echo "changes_detected=true" >> $GITHUB_OUTPUT @@ -80,5 +75,5 @@ jobs: uses: actions/upload-artifact@v4 with: name: capability-registry - path: cloudflare/capability_registry_v2.json - retention-days: 30 \ No newline at end of file + path: capability_registry_v2.json + retention-days: 30 diff --git a/ASSURANCE.md b/ASSURANCE.md index ae2b415..c46a8c5 100644 --- a/ASSURANCE.md +++ b/ASSURANCE.md @@ -21,7 +21,7 @@ These are the *operator-safe, auditor-grade* checks expected to pass on every sw ### 1) WAF Intel regression + CLI sanity -From `cloudflare/`: +From `vm-cloudflare/`: ```bash # Install dev deps (once) @@ -44,7 +44,7 @@ Acceptance: ### 2) Terraform hardening correctness (empty-list safety + plan gates) -From `cloudflare/terraform/`: +From `vm-cloudflare/terraform/`: ```bash terraform fmt -recursive