- Add ignore crate dependency to executor and runtime crates
- Implement gitignore-aware file copying in engine.rs and emulation.rs
- Support for .gitignore patterns, whitelist rules, and default ignore patterns
- Maintain backward compatibility with projects without .gitignore files
- Add proper error handling and debug logging for ignored files
This ensures that files marked in .gitignore are not copied to containers
or emulation workspaces, improving performance and security.
- Add comprehensive keyboard shortcut documentation organized in sections
- Implement two-column layout with color-coded sections and emoji icons
- Add scrollable help content with ↑/↓ and k/j key support
- Enhance help overlay with larger modal size and scroll support
- Include detailed explanations of all tabs, runtime modes, and features
- Update status bar with context-aware help instructions
- Add help scroll state management to app state
- Document workflow management, search functionality, and best practices
The help tab now provides a complete guide covering:
- Navigation controls and tab switching
- Workflow selection, execution, and triggering
- Runtime modes (Docker, Podman, Emulation, Secure Emulation)
- Log search and filtering capabilities
- Tab-specific functionality and tips
- Quick actions and keyboard shortcuts
Security Features:
- Implement secure emulation runtime with command sandboxing
- Add command validation, filtering, and dangerous pattern detection
- Block harmful commands like 'rm -rf /', 'sudo', 'dd', etc.
- Add resource limits (CPU, memory, execution time, process count)
- Implement filesystem isolation and access controls
- Add environment variable sanitization
- Support shell operators (&&, ||, |, ;) with proper parsing
New Runtime Mode:
- Add 'secure-emulation' runtime option to CLI
- Update UI to support new runtime mode with green security indicator
- Mark legacy 'emulation' mode as unsafe in help text
- Default to secure mode for local development safety
Documentation:
- Create comprehensive security documentation (README_SECURITY.md)
- Update main README with security mode information
- Add example workflows demonstrating safe vs dangerous commands
- Include migration guide and best practices
Testing:
- Add comprehensive test suite for sandbox functionality
- Include security demo workflows for testing
- Test dangerous command blocking and safe command execution
- Verify resource limits and timeout functionality
Code Quality:
- Fix all clippy warnings with proper struct initialization
- Add proper error handling and user-friendly security messages
- Implement comprehensive logging for security events
- Follow Rust best practices throughout
This addresses security concerns by preventing accidental harmful
commands while maintaining full compatibility with legitimate CI/CD
workflows. Users can now safely run untrusted workflows locally
without risk to their host system.
- Resolves#29: UI unresponsiveness in logs tab
- Add LogProcessor with background thread for async log processing
- Implement pre-processed log caching with ProcessedLogEntry
- Replace frame-by-frame log processing with cached results
- Add automatic log change detection for app and system logs
- Optimize rendering from O(n) to O(1) complexity
- Maintain all search, filter, and highlighting functionality
- Fix clippy warning for redundant pattern matching
Performance improvements:
- Log processing moved to separate thread with 50ms debouncing
- UI rendering no longer blocks on log filtering/formatting
- Supports thousands of logs without UI lag
- Non-blocking request/response pattern with mpsc channels
- Add custom deserializer for runs-on field to handle both string and array formats
- Update Job struct to use Vec<String> instead of String for runs-on field
- Modify executor to extract first element from runs-on array for runner selection
- Add test workflow to verify both string and array formats work correctly
- Maintain backwards compatibility with existing string-based workflows
Fixes issue where workflows with runs-on: [self-hosted, ubuntu, small] format
would fail with 'invalid type: sequence, expected a string' error.
This change aligns with GitHub Actions specification which supports:
- String format: runs-on: ubuntu-latest
- Array format: runs-on: [self-hosted, ubuntu, small]
- Copied schema files into parser crate src directory
- Updated include_str! paths to be relative to source files
- Ensures schemas are bundled with crate during publish
- Resolves packaging and verification issues during publication
Fixes the build error that was preventing crate publication.
- Updated include_str! paths from ../../../ to ../../../../
- This resolves packaging issues during cargo publish
- Fixes schema loading for parser crate publication
- Move test workflows to tests/workflows/
- Move GitLab CI fixtures to tests/fixtures/gitlab-ci/
- Move test scripts to tests/scripts/
- Move Podman testing docs to tests/
- Update paths in test scripts and documentation
- Delete MANUAL_TEST_CHECKLIST.md as requested
- Update tests/README.md to reflect new organization
- Add comprehensive documentation for new --exit-code and --no-exit-code flags
- Include CI/CD integration examples showing script usage
- Document exit code behavior (0=success, 1=validation failure, 2=usage error)
- Update validation examples to show both success and failure cases
- Add GitLab CI validation examples
- Update feature list to highlight CI/CD integration capabilities
- Add --exit-code flag (default: true) to set exit code 1 on validation failure
- Add --no-exit-code flag to disable exit code setting for script flexibility
- Modify validation functions to return boolean failure status
- Track validation failures across multiple files in directory validation
- Ensure proper exit codes for both GitHub workflows and GitLab CI pipelines
- Maintains backwards compatibility while enabling CI/CD integration
Closes #[issue-number] if applicable
- Add support for job-level if conditions with basic expression evaluation
- Support both string and array formats for job needs field (needs: job vs needs: [job])
- Add missing job fields: if_condition, outputs, permissions to Job struct
- Implement job condition evaluation in executor with pattern matching for:
- Simple boolean conditions (true/false)
- GitHub event conditions (github.event.pull_request.draft == false)
- Job output conditions (needs.jobname.outputs.outputname == 'value')
- Jobs with false conditions are now properly skipped with appropriate logging
- Fixes parsing issues with workflows that use changes jobs and conditional execution
Resolves compatibility with workflows like iceoryx2 that use path filtering patterns.
- Add documentation for --preserve-containers-on-failure flag
- Include usage examples for both CLI and TUI modes
- Explain when and how containers are preserved for debugging
- Add example of the helpful debugging message users will see
- Update CLI examples section to showcase the new feature
- Add CLI flag to preserve Docker containers when tasks fail
- Create ExecutionConfig structure to pass configuration through system
- Modify DockerRuntime to conditionally skip container cleanup on failure
- Add support for both CLI run and TUI modes
- Log helpful debugging messages with container ID and inspection commands
- Preserve containers only when exit_code != 0 and flag is enabled
- Untrack preserved containers from automatic cleanup system
Fixes issue where failed containers were always deleted, preventing users
from inspecting the actual state when debugging workflow failures.
Replace remaining io::Error::new(io::ErrorKind::Other, msg) with
io::Error::other(msg) in workflow validation error handling.
Also apply cargo fmt to fix formatting.
- Replace io::Error::new(io::ErrorKind::Other, e) with io::Error::other(e) in workflow handler
- Add explicit lifetime annotations to UI component render methods to fix mismatched-lifetime-syntaxes warnings
- These changes ensure CI passes with -D warnings flag
All changes are backwards compatible and maintain existing functionality.
Replace io::Error::new(io::ErrorKind::Other, e) with the newer
io::Error::other(e) method as recommended by clippy.
This fixes CI failures when running with -D warnings that treat
clippy::io_other_error as an error.
GitHub Actions requires step IDs to be unique within each job scope, but wrkflw
was not validating this constraint. This caused workflows with duplicate step
IDs to pass validation with exit code 0, while GitHub would reject them with
"The identifier 'X' may not be used more than once within the same scope".
- Add HashSet tracking of step IDs in validate_steps()
- Check for duplicate IDs and report validation errors
- Use GitHub's exact error message format for consistency
- Step IDs can still be duplicated across different jobs (which is valid)
Fixes validation gap that allowed invalid workflows to pass undetected.
