Add QA test outputs, build scripts, and Dockerfile validation

- Created `qa-test-output-after-fix.txt` and `qa-test-output.txt` to log results of certificate page authentication tests. - Added `build.sh` for deterministic backend builds in CI, utilizing `go list` for efficiency. - Introduced `codeql_scan.sh` for CodeQL database creation and analysis for Go and JavaScript/TypeScript. - Implemented `dockerfile_check.sh` to validate Dockerfiles for base image and package manager mismatches. - Added `sourcery_precommit_wrapper.sh` to facilitate Sourcery CLI usage in pre-commit hooks.
2025-12-11 18:26:24 +00:00
parent 65d837a13f
commit 8294d6ee49
609 changed files with 111623 additions and 0 deletions
--- a/frontend/src/hooks/useSecurity.ts
+++ b/frontend/src/hooks/useSecurity.ts
@@ -0,0 +1,119 @@
+import { useMutation, useQuery, useQueryClient } from '@tanstack/react-query'
+import {
+  getSecurityStatus,
+  getSecurityConfig,
+  updateSecurityConfig,
+  generateBreakGlassToken,
+  enableCerberus,
+  disableCerberus,
+  getDecisions,
+  createDecision,
+  getRuleSets,
+  upsertRuleSet,
+  deleteRuleSet,
+  type UpsertRuleSetPayload,
+  type SecurityConfigPayload,
+  type CreateDecisionPayload,
+} from '../api/security'
+import toast from 'react-hot-toast'
+
+export function useSecurityStatus() {
+  return useQuery({ queryKey: ['securityStatus'], queryFn: getSecurityStatus })
+}
+
+export function useSecurityConfig() {
+  return useQuery({ queryKey: ['securityConfig'], queryFn: getSecurityConfig })
+}
+
+export function useUpdateSecurityConfig() {
+  const qc = useQueryClient()
+  return useMutation({
+    mutationFn: (payload: SecurityConfigPayload) => updateSecurityConfig(payload),
+    onSuccess: () => {
+      qc.invalidateQueries({ queryKey: ['securityConfig'] })
+      qc.invalidateQueries({ queryKey: ['securityStatus'] })
+      toast.success('Security configuration updated')
+    },
+    onError: (err: Error) => {
+      toast.error(`Failed to update security settings: ${err.message}`)
+    },
+  })
+}
+
+export function useGenerateBreakGlassToken() {
+  return useMutation({ mutationFn: () => generateBreakGlassToken() })
+}
+
+export function useDecisions(limit = 50) {
+  return useQuery({ queryKey: ['securityDecisions', limit], queryFn: () => getDecisions(limit) })
+}
+
+export function useCreateDecision() {
+  const qc = useQueryClient()
+  return useMutation({
+    mutationFn: (payload: CreateDecisionPayload) => createDecision(payload),
+    onSuccess: () => qc.invalidateQueries({ queryKey: ['securityDecisions'] }),
+  })
+}
+
+export function useRuleSets() {
+  return useQuery({ queryKey: ['securityRulesets'], queryFn: () => getRuleSets() })
+}
+
+export function useUpsertRuleSet() {
+  const qc = useQueryClient()
+  return useMutation({
+    mutationFn: (payload: UpsertRuleSetPayload) => upsertRuleSet(payload),
+    onSuccess: () => {
+      qc.invalidateQueries({ queryKey: ['securityRulesets'] })
+      toast.success('Rule set saved successfully')
+    },
+    onError: (err: Error) => {
+      toast.error(`Failed to save rule set: ${err.message}`)
+    },
+  })
+}
+
+export function useDeleteRuleSet() {
+  const qc = useQueryClient()
+  return useMutation({
+    mutationFn: (id: number) => deleteRuleSet(id),
+    onSuccess: () => {
+      qc.invalidateQueries({ queryKey: ['securityRulesets'] })
+      toast.success('Rule set deleted')
+    },
+    onError: (err: Error) => {
+      toast.error(`Failed to delete rule set: ${err.message}`)
+    },
+  })
+}
+
+export function useEnableCerberus() {
+  const qc = useQueryClient()
+  return useMutation({
+    mutationFn: (payload?: Record<string, unknown>) => enableCerberus(payload),
+    onSuccess: () => {
+      qc.invalidateQueries({ queryKey: ['securityConfig'] })
+      qc.invalidateQueries({ queryKey: ['securityStatus'] })
+      toast.success('Cerberus enabled')
+    },
+    onError: (err: Error) => {
+      toast.error(`Failed to enable Cerberus: ${err.message}`)
+    },
+  })
+}
+
+export function useDisableCerberus() {
+  const qc = useQueryClient()
+  return useMutation({
+    mutationFn: (payload?: Record<string, unknown>) => disableCerberus(payload),
+    onSuccess: () => {
+      qc.invalidateQueries({ queryKey: ['securityConfig'] })
+      qc.invalidateQueries({ queryKey: ['securityStatus'] })
+      toast.success('Cerberus disabled')
+    },
+    onError: (err: Error) => {
+      toast.error(`Failed to disable Cerberus: ${err.message}`)
+    },
+  })
+}