baktainer

james/baktainer

Fork 0

Commit graph

Author	SHA1	Message	Date
James Paterni	d14b8a2e76	Implement comprehensive security fixes and enhancements Some checks are pending Test and Build Docker Image / test (push) Waiting to run Details Test and Build Docker Image / build (push) Blocked by required conditions Details CRITICAL Security Fixes: - Add command injection protection with whitelist validation - Implement robust SSL/TLS certificate handling and validation - Add backup verification with SHA256 checksums and content validation - Implement atomic backup operations with proper cleanup - Create comprehensive security documentation Security Improvements: - Enhanced backup_command.rb with command sanitization and whitelisting - Added SSL certificate expiration checks and key matching validation - Implemented atomic file operations to prevent backup corruption - Added backup metadata storage for integrity tracking - Created SECURITY.md with Docker socket security guidance Testing Updates: - Added comprehensive security tests for command injection prevention - Updated SSL tests with proper certificate validation - Enhanced PostgreSQL alias method test coverage (100% coverage achieved) - Maintained 94.94% overall line coverage Documentation Updates: - Updated README.md with security warnings and test coverage information - Updated TODO.md marking all critical security items as completed - Enhanced TESTING.md and CLAUDE.md with current coverage metrics - Added comprehensive SECURITY.md with deployment best practices 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-07-14 10:19:18 -04:00
James Paterni	8db5004eea	Add comprehensive RSpec testing infrastructure and enhance CI/CD pipeline Some checks are pending Test and Build Docker Image / test (push) Waiting to run Details Test and Build Docker Image / build (push) Blocked by required conditions Details - Implement complete test suite with 63 examples (49 unit + 14 integration tests) - Add RSpec, FactoryBot, WebMock, and SimpleCov testing dependencies - Create mocked integration tests eliminating need for real Docker containers - Fix SQLite method signature to accept login/password parameters - Enhance container discovery to handle nil labels gracefully - Add test coverage reporting and JUnit XML output for CI - Update GitHub Actions workflow to run tests before Docker builds - Add Ruby 3.3 setup with gem caching for faster CI execution - Create CI test script and comprehensive testing documentation - Ensure Docker builds only proceed when all tests pass 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-07-13 23:12:59 -04:00

Author

SHA1

Message

Date

James Paterni

d14b8a2e76

Implement comprehensive security fixes and enhancements

Test and Build Docker Image / test (push) Waiting to run

Details

Test and Build Docker Image / build (push) Blocked by required conditions

Details

CRITICAL Security Fixes:
- Add command injection protection with whitelist validation
- Implement robust SSL/TLS certificate handling and validation
- Add backup verification with SHA256 checksums and content validation
- Implement atomic backup operations with proper cleanup
- Create comprehensive security documentation

Security Improvements:
- Enhanced backup_command.rb with command sanitization and whitelisting
- Added SSL certificate expiration checks and key matching validation
- Implemented atomic file operations to prevent backup corruption
- Added backup metadata storage for integrity tracking
- Created SECURITY.md with Docker socket security guidance

Testing Updates:
- Added comprehensive security tests for command injection prevention
- Updated SSL tests with proper certificate validation
- Enhanced PostgreSQL alias method test coverage (100% coverage achieved)
- Maintained 94.94% overall line coverage

Documentation Updates:
- Updated README.md with security warnings and test coverage information
- Updated TODO.md marking all critical security items as completed
- Enhanced TESTING.md and CLAUDE.md with current coverage metrics
- Added comprehensive SECURITY.md with deployment best practices

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-07-14 10:19:18 -04:00

James Paterni

8db5004eea

Add comprehensive RSpec testing infrastructure and enhance CI/CD pipeline

Test and Build Docker Image / test (push) Waiting to run

Details

Test and Build Docker Image / build (push) Blocked by required conditions

Details

- Implement complete test suite with 63 examples (49 unit + 14 integration tests)
- Add RSpec, FactoryBot, WebMock, and SimpleCov testing dependencies
- Create mocked integration tests eliminating need for real Docker containers
- Fix SQLite method signature to accept login/password parameters
- Enhance container discovery to handle nil labels gracefully
- Add test coverage reporting and JUnit XML output for CI
- Update GitHub Actions workflow to run tests before Docker builds
- Add Ruby 3.3 setup with gem caching for faster CI execution
- Create CI test script and comprehensive testing documentation
- Ensure Docker builds only proceed when all tests pass

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-07-13 23:12:59 -04:00

2 commits