vaultsovereign/vm-cloudflare
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

docs: align vm-cloudflare paths
Some checks are pending
Cloudflare Registry Validation / validate-registry (push) Waiting to run
Details

Browse Source
This commit is contained in:
Vault Sovereign
2025-12-27 02:07:40 +00:00
parent f0b8d962de
commit bee801694a
2 changed files with 6 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.github/workflows/registry_validation.yml vendored
View File

@@ -3,11 +3,11 @@ name: Cloudflare Registry Validation
on: on:
push: push:
paths: paths:
- 'cloudflare/**' - '**/*'
- '.github/workflows/registry_validation.yml' - '.github/workflows/registry_validation.yml'
pull_request: pull_request:
paths: paths:
- 'cloudflare/**' - '**/*'
- '.github/workflows/registry_validation.yml' - '.github/workflows/registry_validation.yml'
schedule: schedule:
# Daily validation to catch drift # Daily validation to catch drift
@@ -36,22 +36,18 @@ jobs:
- name: Run Tool Name Parity Check - name: Run Tool Name Parity Check
run: | run: |
cd cloudflare
python3 ci_check_tool_names.py python3 ci_check_tool_names.py
- name: Run Entrypoint Sanity Check - name: Run Entrypoint Sanity Check
run: | run: |
cd cloudflare
python3 ci_check_entrypoints.py python3 ci_check_entrypoints.py
- name: Generate Fresh Registry - name: Generate Fresh Registry
run: | run: |
cd cloudflare
python3 generate_capability_registry_v2.py python3 generate_capability_registry_v2.py
- name: Validate Registry Format - name: Validate Registry Format
run: | run: |
cd cloudflare
python3 -c " python3 -c "
import json import json
with open('capability_registry_v2.json', 'r') as f: with open('capability_registry_v2.json', 'r') as f:
@@ -66,7 +62,6 @@ jobs:
- name: Check for Registry Changes - name: Check for Registry Changes
id: registry_changes id: registry_changes
run: | run: |
cd cloudflare
# Check if registry changed during validation # Check if registry changed during validation
if git diff --name-only capability_registry_v2.json; then if git diff --name-only capability_registry_v2.json; then
echo "changes_detected=true" >> $GITHUB_OUTPUT echo "changes_detected=true" >> $GITHUB_OUTPUT
@@ -80,5 +75,5 @@ jobs:
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
with: with:
name: capability-registry name: capability-registry
path: cloudflare/capability_registry_v2.json path: capability_registry_v2.json
retention-days: 30 retention-days: 30

4
ASSURANCE.md
View File

@@ -21,7 +21,7 @@ These are the *operator-safe, auditor-grade* checks expected to pass on every sw
### 1) WAF Intel regression + CLI sanity ### 1) WAF Intel regression + CLI sanity
From `cloudflare/`: From `vm-cloudflare/`:
```bash ```bash
# Install dev deps (once) # Install dev deps (once)
@@ -44,7 +44,7 @@ Acceptance:
### 2) Terraform hardening correctness (empty-list safety + plan gates) ### 2) Terraform hardening correctness (empty-list safety + plan gates)
From `cloudflare/terraform/`: From `vm-cloudflare/terraform/`:
```bash ```bash
terraform fmt -recursive terraform fmt -recursive