Skip to content

fix(ci): enable ICMP tests on Linux and fix gotestfmt on macOS/Windows#1602

Closed
mannie-exe wants to merge 2 commits intocloudflare:masterfrom
inherent-design:fix/ci-workflow
Closed

fix(ci): enable ICMP tests on Linux and fix gotestfmt on macOS/Windows#1602
mannie-exe wants to merge 2 commits intocloudflare:masterfrom
inherent-design:fix/ci-workflow

Conversation

@mannie-exe
Copy link

@mannie-exe mannie-exe commented Feb 23, 2026

Hey! I didn't see any issues for the CI/CD failures, so I'm not really sure if this is needed work, but I did get them working on my fork and wanted to share in case it's needed.

  1. Linux: ICMP tests failure in GitHub Actions (🐛 The user running cloudflared process has a GID (group ID) that is not within ping_group_range #1334)

ICMP tests fail because ping_group_range on GitHub Actions runners defaults to "1 0" (unprivileged ICMP disabled). Add sysctl step to allow unprivileged ICMP sockets.

  1. macOS: gotestfmt panic (Panic with "build-output" action GoTestTools/gotestfmt#64)

go test -json emits linker warnings (LC_DYSYMTAB) as "Action":"build-output" JSON lines. gotestfmt v2.5.0 predates this action type (Go 1.21+) and panics in parseLine. Filter build-output lines before piping to gotestfmt.

  1. Windows: /tmp/gotest.log path not found

GO_TEST_LOG_OUTPUT pointed to /tmp/gotest.log which does not resolve through the MSYS2-to-native-Go boundary. Use relative path instead.

@mannie-exe mannie-exe marked this pull request as ready for review February 23, 2026 01:31
@mannie-exe mannie-exe changed the title Fix CI: enable ICMP tests on Linux and fix gotestfmt on macOS/Windows fix(ci): enable ICMP tests on Linux and fix gotestfmt on macOS/Windows Feb 23, 2026
@mannie-exe mannie-exe force-pushed the fix/ci-workflow branch 2 times, most recently from ad4d7fa to fae2785 Compare February 28, 2026 17:13
@mannie-exe
Copy link
Author

mannie-exe commented Feb 28, 2026

Hey there sorry I had no time to follow-up on this, I wanted to check-in and ask if these changes were needed and if I should make any changes:

649705d#diff-a54ff182c7e8acf56acfd6e4b9c3ff41e2c41a31c9b211b2deb9df75d9a478f9R203

I can close this otherwise

@mannie-exe
ci: fix ICMP tests and gotestfmt cross-platform
1415c1b
@mannie-exe
ci: add fork CI/CD workflows and security config
8850297 
- Add upstream sync workflow (weekly Monday 6am UTC, ff-only + rebase)
- Add Docker publish workflow (tag v*-h2c* → ghcr.io, Trivy scan)
- Add CodeQL analysis workflow for Go
- Add Dependabot config for Go modules and GitHub Actions
- Update check.yaml: Go 1.24 via go-version-file, actions to v6
- Remove semgrep.yml (requires Cloudflare private server)
@jcsf
Copy link
Contributor

jcsf commented Mar 3, 2026

Hi,
We don't allow external changes in the github workflows, for security reasons. We will be fixing it ourselves, when we have the time. Thank you for your contribution.

@jcsf jcsf closed this Mar 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mannie-exe @jcsf