jfraeysd/fetch_ml
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
fetch_ml/tests/unit
History
Jeremie Fraeys a8180f1f26
feat(security): HIPAA compliance mode and PHI denylist validation 
Add compliance_mode field to Config with strict HIPAA validation:
- Requires SnapshotStore.Secure=true in HIPAA mode
- Requires NetworkMode="none" for tenant isolation
- Requires non-empty SeccompProfile
- Requires NoNewPrivileges=true
- Enforces credentials via environment variables only (no inline YAML)

Add PHI denylist validation for AllowedSecrets:
- Blocks secrets matching patterns: patient, ssn, mrn, medical_record,
  diagnosis, dob, birth, mrn_number, patient_id, patient_name
- Prevents accidental PHI exfiltration via secret channels

Add comprehensive test coverage in hipaa_validation_test.go:
- Network mode enforcement tests
- NoNewPrivileges requirement tests
- Seccomp profile validation tests
- Inline credential rejection tests
- PHI denylist validation tests

Closes: compliance_mode, PHI denylist items from security plan
2026-02-23 19:43:19 -05:00
..
api test: Update duplicate detection tests 2026-02-23 14:14:21 -05:00
auth test(auth): skip keychain tests when dbus unavailable 2026-02-21 21:20:03 -05:00
config fix: resolve TODOs and standardize tests 2026-02-19 15:34:59 -05:00
container refactor(worker): update worker tests and native bridge 2026-02-23 18:04:22 -05:00
deployments chore(build): update build system, scripts, and additional tests 2026-02-12 12:05:55 -05:00
envpool test: expand unit/integration/e2e coverage for new worker/api behavior 2026-01-05 12:31:36 -05:00
errors Fix multi-user authentication and clean up debug code 2025-12-06 12:35:32 -05:00
experiment test: expand unit/integration/e2e coverage for new worker/api behavior 2026-01-05 12:31:36 -05:00
gpu feat: GPU detection transparency and artifact scanner improvements 2026-02-23 12:29:34 -05:00
jupyter cleanup: Remove obsolete ws_jupyter_errorcode_test.go 2026-02-17 13:45:01 -05:00
logging Fix multi-user authentication and clean up debug code 2025-12-06 12:35:32 -05:00
manifest chore(build): update build system, scripts, and additional tests 2026-02-12 12:05:55 -05:00
metrics test: expand unit/integration/e2e coverage for new worker/api behavior 2026-01-05 12:31:36 -05:00
middleware test: Reorganize and add unit tests 2026-02-18 21:28:13 -05:00
network Fix multi-user authentication and clean up debug code 2025-12-06 12:35:32 -05:00
privacy test: Reorganize and add unit tests 2026-02-18 21:28:13 -05:00
queue fix: resolve TODOs and standardize tests 2026-02-19 15:34:59 -05:00
resources test: expand unit/integration/e2e coverage for new worker/api behavior 2026-01-05 12:31:36 -05:00
security feat(security): HIPAA compliance mode and PHI denylist validation 2026-02-23 19:43:19 -05:00
storage test: expand unit/integration/e2e coverage for new worker/api behavior 2026-01-05 12:31:36 -05:00
telemetry test: implement comprehensive test suite with multiple test types 2025-12-04 16:55:13 -05:00
worker refactor(worker): update worker tests and native bridge 2026-02-23 18:04:22 -05:00
simple_test.go test: expand unit/integration/e2e coverage for new worker/api behavior 2026-01-05 12:31:36 -05:00
worker_trust_test.go test: expand unit/integration/e2e coverage for new worker/api behavior 2026-01-05 12:31:36 -05:00