jfraeysd/fetch_ml
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
454 commits 1 branch 0 tags 38 MiB
Commit graph

3 commits

Author SHA1 Message Date
Jeremie Fraeys
c18a8619fe
feat(api): add structured error package and refactor handlers 
New error handling:
- Add internal/api/errors/errors.go with structured API error types
- Standardize error codes across all API endpoints
- Add user-facing error messages vs internal error details separation

Handler improvements:
- jupyter/handlers.go: better workspace lifecycle and error handling
- plugins/handlers.go: plugin management with validation
- groups/handlers.go: group CRUD with capability metadata
- jobs/handlers.go: job submission and monitoring improvements
- datasets/handlers.go: dataset upload/download with progress
- validate/handlers.go: manifest validation with detailed errors
- audit/handlers.go: audit log querying with filters

Server configuration:
- server_config.go: refined config loading with validation
- server_gen.go: improved code generation for OpenAPI specs
 2026-03-12 12:04:46 -04:00
Jeremie Fraeys
1c7205c0a0
feat(audit): add HTTP audit middleware and tamper-evident logging 
Comprehensive audit system for security and compliance:

- middleware/audit.go: HTTP request/response auditing middleware
  * Captures request details, user identity, response status
  * Chains audit events with cryptographic hashes for tamper detection
  * Configurable filtering for sensitive data redaction

- audit/chain.go: Blockchain-style audit log chaining
  * Each entry includes hash of previous entry
  * Tamper detection through hash verification
  * Supports incremental verification without full scan

- checkpoint.go: Periodic integrity checkpoints
  * Creates signed checkpoints for fast verification
  * Configurable checkpoint intervals
  * Recovery from last known good checkpoint

- rotation.go: Automatic log rotation and archival
  * Size-based and time-based rotation policies
  * Compressed archival with integrity seals
  * Retention policy enforcement

- sealed.go: Cryptographic sealing of audit logs
  * Digital signatures for log integrity
  * HSM support preparation
  * Exportable sealed bundles for external auditors

- verifier.go: Log verification and forensic analysis
  * Complete chain verification from genesis to latest
  * Detects gaps, tampering, unauthorized modifications
  * Forensic export for incident response
 2026-03-08 13:03:02 -04:00
Jeremie Fraeys
7cd86fb88a
feat: add new API handlers, build scripts, and ADRs
Some checks failed
Build Pipeline / Sign HIPAA Config (push) Has been skipped
Details
Build Pipeline / Generate SLSA Provenance (push) Has been skipped
Details
Checkout test / test (push) Successful in 6s
Details
CI Pipeline / Test (ubuntu-latest on self-hosted) (push) Failing after 1s
Details
CI Pipeline / Dev Compose Smoke Test (push) Has been skipped
Details
CI Pipeline / Security Scan (push) Has been skipped
Details
CI Pipeline / Test Scripts (push) Has been skipped
Details
CI Pipeline / Test Native Libraries (push) Has been skipped
Details
CI Pipeline / Native Library Build Matrix (push) Has been skipped
Details
Contract Tests / Spec Drift Detection (push) Failing after 11s
Details
Contract Tests / API Contract Tests (push) Has been skipped
Details
Deploy API Docs / Build API Documentation (push) Failing after 5s
Details
Deploy API Docs / Deploy to GitHub Pages (push) Has been skipped
Details
Documentation / build-and-publish (push) Failing after 40s
Details
Test Matrix / test-native-vs-pure (cgo) (push) Failing after 14s
Details
Test Matrix / test-native-vs-pure (native) (push) Failing after 35s
Details
Test Matrix / test-native-vs-pure (pure) (push) Failing after 18s
Details
CI Pipeline / Trigger Build Workflow (push) Failing after 1s
Details
Build CLI with Embedded SQLite / build (arm64, aarch64-linux) (push) Has been cancelled
Details
Build CLI with Embedded SQLite / build (x86_64, x86_64-linux) (push) Has been cancelled
Details
Build CLI with Embedded SQLite / build-macos (arm64) (push) Has been cancelled
Details
Build CLI with Embedded SQLite / build-macos (x86_64) (push) Has been cancelled
Details
Security Scan / Security Analysis (push) Has been cancelled
Details
Security Scan / Native Library Security (push) Has been cancelled
Details
Verification & Maintenance / V.1 - Schema Drift Detection (push) Has been cancelled
Details
Verification & Maintenance / V.4 - Custom Go Vet Analyzers (push) Has been cancelled
Details
Verification & Maintenance / V.7 - Audit Chain Integrity (push) Has been cancelled
Details
Verification & Maintenance / V.6 - Extended Security Scanning (push) Has been cancelled
Details
Verification & Maintenance / V.10 - OpenSSF Scorecard (push) Has been cancelled
Details
Verification & Maintenance / Verification Summary (push) Has been cancelled
Details 
- Introduce audit, plugin, and scheduler API handlers
- Add spec_embed.go for OpenAPI spec embedding
- Create modular build scripts (cli, go, native, cross-platform)
- Add deployment cleanup and health-check utilities
- New ADRs: hot reload, audit store, SSE updates, RBAC, caching, offline mode, KMS regions, tenant offboarding
- Add KMS configuration schema and worker variants
- Include KMS benchmark tests
 2026-03-04 13:24:27 -05:00