fetch_ml

jfraeysd/fetch_ml

Fork 0

Commit graph

Author	SHA1	Message	Date
Jeremie Fraeys	2bd7f97ae2	test(integration,unit): update test suites for new features and APIs Integration test updates: - jupyter_experiment_test.go: update for new workspace handling - run_manifest_test.go: reproducibility manifest validation - secrets_integration_test.go: KMS and secret provider tests - storage_redis_integration_test.go: Redis-backed storage tests Unit test updates: - response_helpers_test.go: API response helper tests - config_hash_test.go: configuration hashing for reproducibility - filetype_test.go: security file type detection tests Load testing: - load_test.go: scheduler load and stress tests	2026-03-12 12:09:15 -04:00
Jeremie Fraeys	e0aae73cf4	test(phase-7-9): audit verification, fault injection, integration tests Implement V.7, V.9, and integration test requirements: Audit Verification (V.7): - TestAuditVerificationJob: Chain verification and tamper detection Fault Injection (V.9): - TestNVMLUnavailableProvenanceFail, TestManifestWritePartialFailure - TestRedisUnavailableQueueBehavior, TestAuditLogUnavailableHaltsJob - TestConfigHashFailureProvenanceClosed, TestDiskFullDuringArtifactScan Integration Tests: - TestCrossTenantIsolation: Filesystem isolation verification - TestRunManifestReproducibility: Cross-run reproducibility - TestAuditLogPHIRedaction: PHI leak prevention	2026-02-23 20:26:01 -05:00
Jeremie Fraeys	651318bc93	test(security): Integration tests for sandbox escape and secrets handling Add sandbox escape integration tests: - Container breakout attempts via privileged mode - Host path mounting restrictions - Network namespace isolation verification - Capability dropping validation - Seccomp profile enforcement Add secrets integration tests: - End-to-end credential expansion testing - PHI denylist enforcement in real configs - Environment variable reference resolution - Plaintext secret detection across config boundaries - Secret rotation workflow validation Tests run with real container runtime (Podman/Docker) when available. Provides defense-in-depth beyond unit tests. Part of: security integration testing from security plan	2026-02-23 19:44:07 -05:00

Author

SHA1

Message

Date

Jeremie Fraeys

2bd7f97ae2

test(integration,unit): update test suites for new features and APIs

Integration test updates:
- jupyter_experiment_test.go: update for new workspace handling
- run_manifest_test.go: reproducibility manifest validation
- secrets_integration_test.go: KMS and secret provider tests
- storage_redis_integration_test.go: Redis-backed storage tests

Unit test updates:
- response_helpers_test.go: API response helper tests
- config_hash_test.go: configuration hashing for reproducibility
- filetype_test.go: security file type detection tests

Load testing:
- load_test.go: scheduler load and stress tests

2026-03-12 12:09:15 -04:00

Jeremie Fraeys

e0aae73cf4

test(phase-7-9): audit verification, fault injection, integration tests

Implement V.7, V.9, and integration test requirements:

Audit Verification (V.7):
- TestAuditVerificationJob: Chain verification and tamper detection

Fault Injection (V.9):
- TestNVMLUnavailableProvenanceFail, TestManifestWritePartialFailure
- TestRedisUnavailableQueueBehavior, TestAuditLogUnavailableHaltsJob
- TestConfigHashFailureProvenanceClosed, TestDiskFullDuringArtifactScan

Integration Tests:
- TestCrossTenantIsolation: Filesystem isolation verification
- TestRunManifestReproducibility: Cross-run reproducibility
- TestAuditLogPHIRedaction: PHI leak prevention

2026-02-23 20:26:01 -05:00

Jeremie Fraeys

651318bc93

test(security): Integration tests for sandbox escape and secrets handling

Add sandbox escape integration tests:
- Container breakout attempts via privileged mode
- Host path mounting restrictions
- Network namespace isolation verification
- Capability dropping validation
- Seccomp profile enforcement

Add secrets integration tests:
- End-to-end credential expansion testing
- PHI denylist enforcement in real configs
- Environment variable reference resolution
- Plaintext secret detection across config boundaries
- Secret rotation workflow validation

Tests run with real container runtime (Podman/Docker) when available.
Provides defense-in-depth beyond unit tests.

Part of: security integration testing from security plan

2026-02-23 19:44:07 -05:00

3 commits