- Documented certificate management security features in security.md, including backup and recovery processes.
- Implemented CertificateCleanupDialog component for confirming deletion of orphaned certificates when deleting proxy hosts.
- Enhanced ProxyHosts page to check for orphaned certificates and prompt users accordingly during deletion.
- Added tests for certificate cleanup prompts and behaviors in ProxyHosts, ensuring correct handling of unique, shared, and production certificates.
The test was failing intermittently when run with -race flag due to a race
condition between:
1. CertificateService constructor spawning a background goroutine that
immediately queries the database
2. The test's HTTP request handler also querying the database
On CI runners, the timing window is wider than on local machines, causing
frequent failures. Solution: Add a 200ms sleep to allow the background
goroutine to complete its initial sync before the test proceeds.
This is acceptable in test code as it mirrors real-world usage where the
service initializes before receiving HTTP requests.
Fixes intermittent failure:
Error: Not equal: expected: 200, actual: 500
no such table: ssl_certificates
- Remove SQLite cache=shared from certificate handler tests to prevent
database locking issues in parallel test runs
- Add JSON validation before jq parsing in integration-test.sh to
provide clear error messages when setup endpoint returns invalid response
- Remove unused fmt import from certificate_handler_coverage_test.go
- Introduced tests for the security handler, covering UpdateConfig, GetConfig, ListDecisions, CreateDecision, UpsertRuleSet, DeleteRuleSet, Enable, and Disable functionalities.
- Added tests for user handler methods including GetSetupStatus, Setup, RegenerateAPIKey, GetProfile, and UpdateProfile, ensuring robust error handling and validation.
- Implemented path traversal and injection tests in the WAF configuration to prevent security vulnerabilities.
- Updated the manager to sanitize ruleset names by stripping potentially harmful characters and patterns.
