pic/tests/e2e at c521fab1cba5bdae9a0265f8e708616dba891386 - pic

roof/pic

Files

T

roof c521fab1cb fix: merge CoreDNS ACL per-service and add reload plugin; add peer/cell e2e tests

- _build_acl_block: put all blocked IPs for a service in ONE acl block instead
  of one block per peer — the first block's allow-all was silently granting
  access to every peer after the first blocked one (first-match semantics)
- generate_corefile: add 'reload' plugin so SIGUSR1 triggers Corefile reload
  in newer CoreDNS builds (without it the signal was a no-op)
- tests/test_firewall_manager.py: new tests for single merged ACL block and
  the reload directive
- tests/e2e/api/test_peer_access_update.py: e2e tests for service_access,
  internet_access, and peer_access updates persisting live to iptables/CoreDNS
- tests/e2e/api/test_cell_to_cell.py: e2e tests for cell-to-cell connection
  management, permissions API, and cross-cell service access restrictions

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-02 04:57:37 -04:00

api

fix: merge CoreDNS ACL per-service and add reload plugin; add peer/cell e2e tests

2026-05-02 04:57:37 -04:00

helpers

fix: e2e/integration test infrastructure and Makefile test targets

2026-04-26 08:27:27 -04:00

test: add E2E coverage for peer dashboard/services, DNS records, and WG domain access

2026-04-26 17:41:21 -04:00

fix: full security audit remediation — P0/P1/P2/P3 fixes + 1020 passing tests

2026-04-27 11:30:21 -04:00

.env.example