651318bc93
Add sandbox escape integration tests: - Container breakout attempts via privileged mode - Host path mounting restrictions - Network namespace isolation verification - Capability dropping validation - Seccomp profile enforcement Add secrets integration tests: - End-to-end credential expansion testing - PHI denylist enforcement in real configs - Environment variable reference resolution - Plaintext secret detection across config boundaries - Secret rotation workflow validation Tests run with real container runtime (Podman/Docker) when available. Provides defense-in-depth beyond unit tests. Part of: security integration testing from security plan |
||
|---|---|---|
| .. | ||
| sandbox_escape_test.go | ||
| secrets_integration_test.go | ||