sjat/boma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
boma/tests
History
sjat 6ac5afaf67 test(integration): add the 'be ubongo' profile (input-only default-deny) 
A control-group VM that applies base with INPUT-only default-deny (forward
policy accept; admin-addr SSH allow). verify.yml is now profile-aware via an
integration_profile marker — the askari Docker/DNAT block is gated, and a ubongo
block asserts input drop + forward accept + the admin-addr rule. Enables
`make test-integration HOST=ubongo`. Mesh-hardening 2/3 (ADR-025).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-19 09:52:17 +02:00
..
integration test(integration): add the 'be ubongo' profile (input-only default-deny) 2026-06-19 09:52:17 +02:00
tags.yml feat(base): add the 'mesh' concern tag (NetBird agent, ADR-016) 2026-06-17 16:01:33 +02:00
test_capacity_scan.py Complete capacity-scan.py: usage stub, subprocess glue, main() 2026-06-01 10:30:45 +02:00
test_check_tags.py fix(tags): recognize name: role key; only check roles: in plays 2026-06-06 15:20:09 +02:00
test_firewall_rules.py feat(firewall): public zone + askari's public services in the catalog 2026-06-17 20:46:03 +02:00
test_friction_scan.py docs(kaizen): bind-mount gotcha + consume 7 signals into the ledger (2026-06-17) 2026-06-17 17:50:17 +02:00
test_integration_vm.py feat(integration-vm): cert-tier + profile + transient inventory rendering 2026-06-18 12:17:37 +02:00
test_public_dns.py fix(public_dns): drop null-MX (Gandi rejects '0 .'); remove MX instead 2026-06-14 10:53:54 +02:00
test_repo_scan.py feat(scan): repo-scan rename-incomplete check (kaizen) 2026-06-17 17:49:41 +02:00
test_tf_to_inventory.py test(tf): lock the offsite_hosts inventory handoff 2026-06-14 12:06:26 +02:00