d14b8a2e76
CRITICAL Security Fixes: - Add command injection protection with whitelist validation - Implement robust SSL/TLS certificate handling and validation - Add backup verification with SHA256 checksums and content validation - Implement atomic backup operations with proper cleanup - Create comprehensive security documentation Security Improvements: - Enhanced backup_command.rb with command sanitization and whitelisting - Added SSL certificate expiration checks and key matching validation - Implemented atomic file operations to prevent backup corruption - Added backup metadata storage for integrity tracking - Created SECURITY.md with Docker socket security guidance Testing Updates: - Added comprehensive security tests for command injection prevention - Updated SSL tests with proper certificate validation - Enhanced PostgreSQL alias method test coverage (100% coverage achieved) - Maintained 94.94% overall line coverage Documentation Updates: - Updated README.md with security warnings and test coverage information - Updated TODO.md marking all critical security items as completed - Enhanced TESTING.md and CLAUDE.md with current coverage metrics - Added comprehensive SECURITY.md with deployment best practices 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2.4 KiB
2.4 KiB
Testing Guide
This document describes how to run tests for the Baktainer project.
Quick Start
# Run all tests
bundle exec rspec
# Run only unit tests
bundle exec rspec spec/unit/
# Run only integration tests
bundle exec rspec spec/integration/
# Run with coverage
COVERAGE=true bundle exec rspec
CI Testing
For continuous integration, use the provided CI test script:
./bin/ci-test
This script:
- Runs all tests (unit and integration)
- Generates JUnit XML output for CI reporting
- Creates test results in
tmp/rspec_results.xml
Test Structure
- Unit Tests (
spec/unit/): Test individual classes and methods in isolation with mocked dependencies - Integration Tests (
spec/integration/): Test complete workflows using mocked Docker API calls - Fixtures (
spec/fixtures/): Test data and factory definitions
Key Features
- No Docker Required: All tests use mocked Docker API calls
- Fast Execution: Tests complete in ~2 seconds
- Comprehensive Coverage: 66 examples testing all major functionality
- High Test Coverage: 94.94% line coverage (150/158 lines), 71.11% branch coverage
- CI Ready: Automatic test running in GitHub Actions
GitHub Actions
The CI pipeline automatically:
- Runs all tests on every push and pull request
- Prevents Docker image builds if tests fail
- Uploads test results as artifacts
- Uses Ruby 3.3 with proper gem caching
Local Development
Install dependencies:
bundle install
Run tests with coverage:
COVERAGE=true bundle exec rspec
open coverage/index.html # View coverage report
Test Coverage Details
Current test coverage metrics:
- Line Coverage: 94.94% (150 out of 158 relevant lines)
- Branch Coverage: 71.11% (32 out of 45 branches)
Coverage breakdown by file:
lib/baktainer.rb: 94.23% line coveragelib/baktainer/container.rb: 92.96% line coveragelib/baktainer/postgres.rb: 100% line coveragelib/baktainer/mysql.rb: 100% line coveragelib/baktainer/mariadb.rb: 100% line coveragelib/baktainer/sqlite.rb: 100% line coveragelib/baktainer/backup_command.rb: 100% line coveragelib/baktainer/logger.rb: 100% line coverage
Test Dependencies
- RSpec 3.12+ for testing framework
- FactoryBot for test data generation
- WebMock for HTTP request mocking
- SimpleCov for coverage reporting
- RSpec JUnit Formatter for CI reporting