sjat 1042f161b6 test(integration): askari_inputonly — INPUT-only default-deny reboot gate ... Adds the ADR-025 integration-test profile that proves the askari mesh-hardening REDESIGN (INPUT-only default-deny, forward ACCEPT for Docker) is reboot-safe on a throwaway KVM VM before the live cut-over. Profile applies base (firewall + sshd) and offsite (docker_host + reverse_proxy). Post-reboot verify checks: input policy drop, forward policy accept, admin-addr break-glass SSH (192.168.150.1), Docker up, and a published port answered from the controller. GREEN on 2026-06-19. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>		2026-06-19 19:14:55 +02:00
..
integration	test(integration): askari_inputonly — INPUT-only default-deny reboot gate	2026-06-19 19:14:55 +02:00
tags.yml	feat(base): add the 'mesh' concern tag (NetBird agent, ADR-016)	2026-06-17 16:01:33 +02:00
test_capacity_scan.py	Complete capacity-scan.py: usage stub, subprocess glue, main()	2026-06-01 10:30:45 +02:00
test_check_tags.py	fix(tags): recognize name: role key; only check roles: in plays	2026-06-06 15:20:09 +02:00
test_firewall_rules.py	feat(firewall): public zone + askari's public services in the catalog	2026-06-17 20:46:03 +02:00
test_friction_scan.py	docs(kaizen): bind-mount gotcha + consume 7 signals into the ledger (2026-06-17)	2026-06-17 17:50:17 +02:00
test_integration_vm.py	feat(integration-vm): cert-tier + profile + transient inventory rendering	2026-06-18 12:17:37 +02:00
test_public_dns.py	fix(public_dns): drop null-MX (Gandi rejects '0 .'); remove MX instead	2026-06-14 10:53:54 +02:00
test_repo_scan.py	feat(scan): repo-scan rename-incomplete check (kaizen)	2026-06-17 17:49:41 +02:00
test_tf_to_inventory.py	test(tf): lock the offsite_hosts inventory handoff	2026-06-14 12:06:26 +02:00