akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
Files
4e9d6825a6c81ee4cccdd6b1dca53aeeba1ea26f
Charon/docs/reports/qa_report_capi_fix.md
GitHub Actions 8294d6ee49 Add QA test outputs, build scripts, and Dockerfile validation 
- Created `qa-test-output-after-fix.txt` and `qa-test-output.txt` to log results of certificate page authentication tests.
- Added `build.sh` for deterministic backend builds in CI, utilizing `go list` for efficiency.
- Introduced `codeql_scan.sh` for CodeQL database creation and analysis for Go and JavaScript/TypeScript.
- Implemented `dockerfile_check.sh` to validate Dockerfiles for base image and package manager mismatches.
- Added `sourcery_precommit_wrapper.sh` to facilitate Sourcery CLI usage in pre-commit hooks.
2025-12-11 18:26:24 +00:00

1.5 KiB
Raw Blame History

QA Audit Report: CrowdSec Console Enrollment CAPI Fix

Date: December 11, 2025 Auditor: GitHub Copilot

Summary

A QA audit was performed on the changes to ensure CAPI registration before CrowdSec console enrollment. The changes involved adding a check for online_api_credentials.yaml and running cscli capi register if it's missing.

Scope

  • backend/internal/crowdsec/console_enroll.go
  • backend/internal/crowdsec/console_enroll_test.go

Verification Steps

1. Code Review

  • File: backend/internal/crowdsec/console_enroll.go
    • Verified ensureCAPIRegistered method checks for online_api_credentials.yaml.
    • Verified ensureCAPIRegistered runs cscli capi register with correct arguments if file is missing.
    • Verified Enroll calls ensureCAPIRegistered before enrollment.
  • File: backend/internal/crowdsec/console_enroll_test.go
    • Verified stubEnvExecutor updated to handle multiple calls and return different responses.
    • Verified TestConsoleEnrollSuccess asserts capi register is called.
    • Verified TestConsoleEnrollIdempotentWhenAlreadyEnrolled asserts correct behavior.
    • Verified TestConsoleEnrollFailureRedactsSecret asserts correct behavior with mocked responses.

2. Automated Checks

  • Tests: Ran go test ./internal/crowdsec/... -v.
    • Result: Passed.

Conclusion

The changes have been verified and all tests pass. The implementation correctly ensures CAPI is registered before attempting console enrollment, addressing the reported issue.

Reference in New Issue View Git Blame Copy Permalink