boma/tests/integration
sjat 6ac5afaf67 test(integration): add the 'be ubongo' profile (input-only default-deny)
A control-group VM that applies base with INPUT-only default-deny (forward
policy accept; admin-addr SSH allow). verify.yml is now profile-aware via an
integration_profile marker — the askari Docker/DNAT block is gated, and a ubongo
block asserts input drop + forward accept + the admin-addr rule. Enables
`make test-integration HOST=ubongo`. Mesh-hardening 2/3 (ADR-025).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-19 09:52:17 +02:00
..
certs feat(integration): askari profile, stub overlay, cert-tier files 2026-06-18 12:37:32 +02:00
overrides test(integration): add the 'be ubongo' profile (input-only default-deny) 2026-06-19 09:52:17 +02:00
profiles test(integration): add the 'be ubongo' profile (input-only default-deny) 2026-06-19 09:52:17 +02:00
verify.yml test(integration): add the 'be ubongo' profile (input-only default-deny) 2026-06-19 09:52:17 +02:00