expnt · Yohe-Am · Jan 30, 2026 · Jan 14, 2026 · Jan 15, 2026 · Jan 15, 2026
diff --git a/.env.example b/.env.example
@@ -0,0 +1,6 @@
+HERALD_SWIFTTEST_OS_AUTH=$TF_VAR_OS_PASSWORD
+HERALD_SWIFTTEST_OS_PASSWORD=$TF_VAR_OS_PASSWORD
+HERALD_SWIFTTEST_OS_PROJECT_NAME=$TF_VAR_OS_PROJECT_NAME
+HERALD_SWIFTTEST_OS_USERNAME=$TF_VAR_OS_USERNAME
+HEARLD_SWIFTTEST_AUTH_URL=https://api.pub1.infomaniak.cloud/identity/v3
+HEARLD_SWIFTTEST_OS_REGION_NAME=dc3-a
diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml
@@ -0,0 +1,58 @@
+name: build image
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "src/**"
+      - "tools/**"
+      - ".github/workflows/build-image.yml"
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+    paths:
+      - "src/**"
+      - "tools/**"
+      - ".github/workflows/build-image.yml"
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Prepare .dockerignore
+        run: cp tools/Containerfile.containerignore .dockerignore
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./tools/Containerfile
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
@@ -0,0 +1,123 @@
+name: checks
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
+  cancel-in-progress: true
+
+env:
+  DOCKER_CMD: docker
+  UV_CACHE_DIR: /tmp/.uv-cache
+
+jobs:
+  checks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - uses: DeterminateSystems/nix-installer-action@v16
+
+      - uses: DeterminateSystems/flakehub-cache-action@v3
+
+      - name: pre-commit hooks
+        run: nix develop --command prek run --all-files
+
+      - name: deno cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/deno
+          key: ${{ runner.os }}-deno-${{ hashFiles('deno.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-deno-
+
+      - name: uv cache
+        uses: actions/cache@v5
+        with:
+          path: /tmp/.uv-cache
+          key: uv-${{ runner.os }}-${{ hashFiles('s3-tests/requirements.txt') }}
+          restore-keys: |
+            uv-${{ runner.os }}-${{ hashFiles('s3-tests/requirements.txt') }}
+            uv-${{ runner.os }}
+
+      - name: start container
+        run: nix develop --command deno run --allow-all x/compose-up.ts s3 swift db
+
+      - name: wait for services
+        run: |
+          echo "Waiting for MinIO..."
+          for i in {1..30}; do
+            if curl -sf http://localhost:9000/minio/health/live; then
+              echo "MinIO is ready"
+              break
+            fi
+            sleep 2
+          done || (echo "MinIO failed to start" && exit 1)
+
+          echo "Waiting for SAIO..."
+          for i in {1..60}; do
+            if curl -sf http://localhost:8080/healthcheck; then
+              echo "SAIO is ready"
+              exit 0
+            fi
+            sleep 2
+          done
+          echo "SAIO failed to start"
+          exit 1
+
+      - name: integration tests
+        run: nix develop --command deno task test
+
+      - name: benchmarks
+        run: nix develop --command deno bench --allow-all benchmarks/
+
+      - name: s3-tests
+        if: false
+        run: |
+          set +e
+
+          run_minio() {
+            echo "=== Running s3-tests (MinIO) ==="
+            nix develop --command deno run --allow-all x/s3-tests.ts --backend minio --no-abort
+            echo "--- s3-tests/s3-tests.log (MinIO) ---"
+            cat s3-tests/s3-tests.log || true
+            echo "--- s3-tests/herald-proxy.log (MinIO) ---"
+            cat s3-tests/herald-proxy.log || true
+          }
+
+          run_swift() {
+            echo "=== Running s3-tests (Swift) ==="
+            nix develop --command deno run --allow-all x/s3-tests.ts --backend swift --no-abort
+            echo "--- s3-tests/s3-tests-swift.log (Swift) ---"
+            cat s3-tests/s3-tests-swift.log || true
+            echo "--- s3-tests/herald-proxy-swift.log (Swift) ---"
+            cat s3-tests/herald-proxy-swift.log || true
+          }
+
+          run_minio &
+          pid_minio=$!
+
+          run_swift &
+          pid_swift=$!
+
+          wait $pid_minio
+          status_minio=$?
+
+          wait $pid_swift
+          status_swift=$?
+
+          # Fail the step if either failed
+          if [ $status_minio -ne 0 ] || [ $status_swift -ne 0 ]; then
+            # exit 1
+          fi
+
+      - name: prune uv cache
+        run: nix develop --command uv cache prune --ci
diff --git a/.github/workflows/release-request.yml b/.github/workflows/release-request.yml