sol/upaas
1
0
Fork 0
forked from sneak/upaas
Code Issues 2 Pull Requests Wiki Activity

fix: address review findings for observability PR

Browse Source 
1. Security: Replace insecure extractRemoteIP() in audit service with
   middleware.RealIP() which validates trusted proxies before trusting
   X-Real-IP/X-Forwarded-For headers. Export RealIP from middleware.
   Update audit tests to verify anti-spoofing behavior.

2. Audit coverage: Add audit instrumentation to all 9 handlers that
   had dead action constants: HandleEnvVarSave, HandleLabelAdd,
   HandleLabelEdit, HandleLabelDelete, HandleVolumeAdd, HandleVolumeEdit,
   HandleVolumeDelete, HandlePortAdd, HandlePortDelete.

3. README: Fix API path from /api/audit to /api/v1/audit.

4. README: Fix duplicate numbering in DI order section (items 10-11
   were listed twice, now correctly numbered 10-16).
This commit is contained in:
clawbot
2026-03-17 02:52:34 -07:00
committed by clawbot
parent 96f391282e
commit b593f544d2
7 changed files with 81 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/models/models_test.go
View File

@@ -870,6 +870,8 @@ func TestAppResourceLimits(t *testing.T) { //nolint:funlen // integration test w
assert.False(t, found.CPULimit.Valid)
assert.False(t, found.MemoryLimit.Valid)
})
}
// AuditEntry Tests.
func TestAuditEntryCreateAndFind(t *testing.T) {