roof/pic - pic - Gitea: Git with a cup of tea

roof/pic

Fork 0

Commit Graph

Author	SHA1	Message	Date
roof	87c321c1c9	feat: Phase 3 — ServiceComposer deps + store install via per-service compose Unit Tests / test (push) Successful in 11m21s Details ServiceStoreManager.install() now delegates container lifecycle to ServiceComposer (per-service docker-compose.yml) instead of appending to a shared compose override. This eliminates IP pool allocation, compose override rendering, and the single-stack docker exec approach. Changes: - service_composer.py: add _resolve_requires(), _resolve_dependents(), reapply_active_services() — dependency graph and startup reapply - service_store_manager.py: rewrite install() and remove() to use ServiceComposer; add _fetch_template(); delete _allocate_service_ip(), _render_compose_override(), _write_compose_override(); remove() now guards against removing services that others depend on - managers.py: pass service_composer= to ServiceStoreManager - Tests: 13 new composer dep tests; TestInstall/TestRemove rewritten for the new composer-driven path; test_optional_services_feature.py updated Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-29 09:33:02 -04:00
roof	c40919d374	feat: Phase 0 — manifest_validator, compose YAML safety check, cap_add allowlist, backend denylist, provision hook enforcement, size cap Introduces api/manifest_validator.py as a single security chokepoint imported by both ServiceComposer and ServiceStoreManager: - validate_manifest(): rejects kind=builtin, reserved container names, reserved subdomains, backend denylist (localhost, cell-api, etc.), cap_add outside allowlist / in denylist, shell-string provision hooks, and env values with shell-special characters - validate_rendered_compose(): walks the rendered YAML and rejects privileged:true, host network/pid/ipc/userns, absolute bind mounts, denied capabilities, devices key, apparmor/seccomp unconfined, and string-form command/entrypoint (shell-injection vector) - validate_provision_hook(): requires argv list form, lowercase binary, rejects NUL bytes ServiceStoreManager changes: - _validate_manifest() delegates to validate_manifest() after existing checks - _fetch_manifest() and fetch_index() now stream with a 256 KB size cap (prevents memory exhaustion from a malicious or compromised index) - Digest-pin warning for images missing @sha256 (hard error for unknown registries, warning for git.pic.ngo/roof/* and TRUSTED_IMAGES_NO_DIGEST) ServiceComposer changes: - write_compose() calls validate_rendered_compose() before any disk write so no partial file is left if validation fails - render_template() substitutes ${PIC_DATA_DIR} with the resolved data_dir path 102 new tests in tests/test_manifest_validator.py covering all five P0 security issues. Existing test mocks updated to use streaming response pattern (stream=True + raw.read) and valid compose YAML templates. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-29 07:23:08 -04:00
roof	0a21f22076	Phase 4: service store — manifest validation, install/remove, Store UI - ServiceStoreManager: manifest allowlist (git.pic.ngo/roof/*), volume denylist, ACCEPT-only iptables rules, ${SERVICE_IP}-only dest_ip - IP allocator: pool 172.20.0.20-254, skips CONTAINER_OFFSETS VIPs - Compose overlay: docker-compose.services.yml auto-included via DCF - Flask blueprint at /api/store: list, install, remove, refresh - Store.jsx: full install/remove UI with spinners and toast notifications - 95 new unit tests for ServiceStoreManager (all passing) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-09 10:19:39 -04:00

Author

SHA1

Message

Date

roof

87c321c1c9

feat: Phase 3 — ServiceComposer deps + store install via per-service compose

Unit Tests / test (push) Successful in 11m21s

Details

ServiceStoreManager.install() now delegates container lifecycle to
ServiceComposer (per-service docker-compose.yml) instead of appending to a
shared compose override. This eliminates IP pool allocation, compose override
rendering, and the single-stack docker exec approach.

Changes:
- service_composer.py: add _resolve_requires(), _resolve_dependents(),
  reapply_active_services() — dependency graph and startup reapply
- service_store_manager.py: rewrite install() and remove() to use
  ServiceComposer; add _fetch_template(); delete _allocate_service_ip(),
  _render_compose_override(), _write_compose_override(); remove() now guards
  against removing services that others depend on
- managers.py: pass service_composer= to ServiceStoreManager
- Tests: 13 new composer dep tests; TestInstall/TestRemove rewritten for
  the new composer-driven path; test_optional_services_feature.py updated

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-29 09:33:02 -04:00

roof

c40919d374

feat: Phase 0 — manifest_validator, compose YAML safety check, cap_add allowlist, backend denylist, provision hook enforcement, size cap

Introduces api/manifest_validator.py as a single security chokepoint
imported by both ServiceComposer and ServiceStoreManager:

- validate_manifest(): rejects kind=builtin, reserved container names,
  reserved subdomains, backend denylist (localhost, cell-api, etc.),
  cap_add outside allowlist / in denylist, shell-string provision hooks,
  and env values with shell-special characters
- validate_rendered_compose(): walks the rendered YAML and rejects
  privileged:true, host network/pid/ipc/userns, absolute bind mounts,
  denied capabilities, devices key, apparmor/seccomp unconfined, and
  string-form command/entrypoint (shell-injection vector)
- validate_provision_hook(): requires argv list form, lowercase binary,
  rejects NUL bytes

ServiceStoreManager changes:
- _validate_manifest() delegates to validate_manifest() after existing checks
- _fetch_manifest() and fetch_index() now stream with a 256 KB size cap
  (prevents memory exhaustion from a malicious or compromised index)
- Digest-pin warning for images missing @sha256 (hard error for unknown
  registries, warning for git.pic.ngo/roof/* and TRUSTED_IMAGES_NO_DIGEST)

ServiceComposer changes:
- write_compose() calls validate_rendered_compose() before any disk write
  so no partial file is left if validation fails
- render_template() substitutes ${PIC_DATA_DIR} with the resolved data_dir path

102 new tests in tests/test_manifest_validator.py covering all five P0
security issues.  Existing test mocks updated to use streaming response
pattern (stream=True + raw.read) and valid compose YAML templates.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-29 07:23:08 -04:00

roof

0a21f22076

Phase 4: service store — manifest validation, install/remove, Store UI

- ServiceStoreManager: manifest allowlist (git.pic.ngo/roof/*), volume
  denylist, ACCEPT-only iptables rules, ${SERVICE_IP}-only dest_ip
- IP allocator: pool 172.20.0.20-254, skips CONTAINER_OFFSETS VIPs
- Compose overlay: docker-compose.services.yml auto-included via DCF
- Flask blueprint at /api/store: list, install, remove, refresh
- Store.jsx: full install/remove UI with spinners and toast notifications
- 95 new unit tests for ServiceStoreManager (all passing)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-09 10:19:39 -04:00

3 Commits