diff --git a/.github/workflows/github-release.yml b/.github/workflows/github-release.yml index 48ca325..c83f4cc 100644 --- a/.github/workflows/github-release.yml +++ b/.github/workflows/github-release.yml @@ -10,7 +10,7 @@ permissions: actions: write jobs: release: - if: github.event.pull_request.merged == true + if: github.event.pull_request.merged == true && !contains(github.event.pull_request.title, '[skip-release]') runs-on: ubuntu-24.04 steps: - name: Checkout diff --git a/.github/workflows/lint-test.yml b/.github/workflows/lint-test.yml index 969abda..5573f90 100644 --- a/.github/workflows/lint-test.yml +++ b/.github/workflows/lint-test.yml @@ -39,22 +39,26 @@ jobs: exit 1 fi - - name: Install dependencies - run: go get . - - - name: vendor - run: go mod vendor - - name: unit test run: go test -v -race ./... - - name: integration test +jobs: + integration-test: + needs: [run] + permissions: + contents: read + runs-on: ubuntu-24.04 + strategy: + matrix: + traefik: [v2.11, v3.0, v3.1, v3.2, v3.3] + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + + - name: run run: go run test.go working-directory: ./ci - - - name: get stats - run: | - curl -s -H "X-Forwarded-For: 127.0.0.1" http://localhost/captcha-protect/stats | sort -n + env: + TRAEFIK_TAG: ${{ matrix.traefik }} - name: cleanup if: ${{ always() }} diff --git a/README.md b/README.md index 7ad4ae6..13d77fa 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ [![lint-test](https://github.com/libops/captcha-protect/actions/workflows/lint-test.yml/badge.svg)](https://github.com/libops/captcha-protect/actions/workflows/lint-test.yml) [![Go Report Card](https://goreportcard.com/badge/github.com/libops/captcha-protect)](https://goreportcard.com/report/github.com/libops/captcha-protect) -Traefik middleware to challenge individual IPs in a subnet when traffic spikes are detected from that subnet, using a captcha of your choice for the challenge (turnstile, recaptcha, or hcaptcha). +Traefik middleware to challenge individual IPs in a subnet when traffic spikes are detected from that subnet, using a captcha of your choice for the challenge (turnstile, recaptcha, or hcaptcha). **Requires traefik `v2.11.0` or above** You may have seen CAPTCHAs added to individual forms on the web to prevent bots from spamming submissions. This plugin extends that concept to your entire site (or specific routes on your site), effectively placing your entire site behind a CAPTCHA. However, the CAPTCHA is only triggered when a spike in traffic is detected from the same IP subnet. Once the CAPTCHA is successfully completed, that IP is no longer challenged, allowing uninterrupted browsing. diff --git a/ci/test.go b/ci/test.go index 93ee79e..b555c39 100755 --- a/ci/test.go +++ b/ci/test.go @@ -205,6 +205,11 @@ func runCommand(name string, args ...string) { cmd.Stderr = os.Stderr cmd.Env = append(cmd.Env, fmt.Sprintf("RATE_LIMIT=%d", rateLimit)) cmd.Env = append(cmd.Env, fmt.Sprintf("PATH=%s", os.Getenv("PATH"))) + + tt := os.Getenv("TRAEFIK_TAG") + if tt != "" { + cmd.Env = append(cmd.Env, fmt.Sprintf("TRAEFIK_TAG=%s", tt)) + } if err := cmd.Run(); err != nil { log.Fatalf("Command failed: %v", err) }