fix: Redundant test workflow

[phuongfi91]

PR Type

Enhancement, Bug fix

---

Description

• Consolidate redundant test workflow into publish workflow

• Improve container-structure-test installation with cleaner architecture detection

• Remove duplicate test.yaml workflow file

• Fix platform flag compatibility issue with updated download URL

---

Diagram Walkthrough

flowchart LR
  A["test.yaml<br/>Redundant workflow"] -->|Removed| B["Consolidated into<br/>publish.yaml"]
  C["Old installation<br/>logic"] -->|Improved| D["Cleaner arch detection<br/>and download"]
  D -->|Uses| E["storage.googleapis.com<br/>URL"]

Loading

File Walkthrough

	Relevant files
Enhancement	publish.yaml Improve container-structure-test installation logic            .github/workflows/publish.yaml Refactored container-structure-test installation to use cleaner architecture detection logic Changed from pattern matching to exact platform comparison for linux/arm64 and linux/amd64 Updated download URL from GitHub releases to storage.googleapis.com for better compatibility Improved variable usage with ${ARCH} substitution for cleaner code +8/-5
Bug fix	test.yaml Remove redundant test workflow file                                            .github/workflows/test.yaml Removed entire redundant test workflow file Functionality consolidated into publish.yaml workflow Eliminates duplicate test execution and maintenance overhead +0/-40

---

[gemini-code-assist]

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Unverified binary download Description: Downloading and executing a binary over HTTPS without checksum or signature verification allows a supply-chain attack if the remote artifact is tampered with or the connection is compromised; verify the downloaded container-structure-test with a published checksum or signature before chmod/mv. publish.yaml [79-81] Referred Code curl -LO "https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-${ARCH}" chmod +x "container-structure-test-linux-${ARCH}" sudo mv "container-structure-test-linux-${ARCH}" /usr/local/bin/container-structure-test
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Audit logging: The workflow changes add installation and test steps without any explicit audit-oriented logging of critical actions or outcomes, which may be acceptable for CI but cannot be verified from this diff. Referred Code - name: Install container-structure-test run: | if [ "${{ matrix.platform }}" == "linux/arm64" ]; then ARCH="arm64" else ARCH="amd64" fi curl -LO "https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-${ARCH}" chmod +x "container-structure-test-linux-${ARCH}" sudo mv "container-structure-test-linux-${ARCH}" /usr/local/bin/container-structure-test - name: Run tests run: | ./test.sh ${{ matrix.platform }} Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Shell errors: The install script uses curl, chmod, and mv without explicit error checks or retries, which may cause silent failure in CI unless the shell is set to fail on error elsewhere. Referred Code - name: Install container-structure-test run: | if [ "${{ matrix.platform }}" == "linux/arm64" ]; then ARCH="arm64" else ARCH="amd64" fi curl -LO "https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-${ARCH}" chmod +x "container-structure-test-linux-${ARCH}" sudo mv "container-structure-test-linux-${ARCH}" /usr/local/bin/container-structure-test Learn more about managing compliance generic rules or creating your own custom rules
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Chain commands to ensure fast failure Chain the curl, chmod, and mv commands using && to ensure the script exits immediately upon failure, and add the -f flag to curl for better error handling. .github/workflows/publish.yaml [79-81] -curl -LO "https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-${ARCH}" -chmod +x "container-structure-test-linux-${ARCH}" +curl -fLO "https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-${ARCH}" && \ +chmod +x "container-structure-test-linux-${ARCH}" && \ sudo mv "container-structure-test-linux-${ARCH}" /usr/local/bin/container-structure-test Apply / Chat Suggestion importance[1-10]: 8 __ Why: This suggestion correctly identifies a regression in error handling and proposes chaining commands with && to ensure the script fails immediately on error, which is a critical improvement for CI reliability.	Medium
General	Improve platform check for future scalability Refactor the platform check to use an if/elif/else structure, explicitly checking for each supported architecture and failing on unsupported ones to improve robustness. .github/workflows/publish.yaml [74-78] if [ "${{ matrix.platform }}" == "linux/arm64" ]; then ARCH="arm64" +elif [ "${{ matrix.platform }}" == "linux/amd64" ]; then + ARCH="amd64" else - ARCH="amd64" + echo "Unsupported platform: ${{ matrix.platform }}" + exit 1 fi Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies that the current if/else is not robust for future platform additions and proposes a safer if/elif/else structure to prevent silent failures.	Low
Update

[Copilot]

Pull request overview

This PR removes the redundant test.yaml workflow file and consolidates the container-structure-test installation logic within the existing publish.yaml workflow. The changes improve code maintainability by eliminating duplicate testing infrastructure while preserving the same testing functionality.

Key Changes:

• Removed the standalone test.yaml workflow that was redundant with testing in publish.yaml
• Refactored the container-structure-test installation script in publish.yaml to use cleaner, multi-line formatting with intermediate variables
• Changed from wildcard pattern matching (*"arm64"*) to exact string comparison (linux/arm64) for platform detection

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
.github/workflows/test.yaml	Deleted redundant test workflow that duplicated functionality already present in publish.yaml
.github/workflows/publish.yaml	Refactored container-structure-test installation to use cleaner script formatting with explicit platform matching

---

After thorough review of the changes, I found no issues to report. The changes represent a straightforward consolidation that:

• Eliminates duplicate workflow code
• Improves script readability with better formatting
• Uses more precise platform matching logic
• Maintains the same functional behavior

The refactored installation script is cleaner and easier to maintain while preserving all the original functionality.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.