gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-12 18:48:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update all documentation to reflect M1–M9 completion

Browse Source 
Align docs with actual codebase state post-M8 (agent-side keygen) and
M9 (test hardening). Key changes:

- README: V1 roadmap reflects all milestones complete, correct coverage
  thresholds (30%/50%), lists only remaining v1.0.0 tag items
- architecture.md: ACME marked as fully implemented, security diagram
  corrected to ECDSA P-256, testing strategy rewritten with accurate
  counts (205 tests), target connector docs expanded with KeyPEM
- connectors.md: DeploymentRequest struct updated with KeyPEM field,
  NGINX/F5/IIS sections expanded with config examples and flow details
- demo-advanced.md: keygen mode notes updated for agent-side default,
  DeploymentRequest explanation corrected
- CLAUDE.md: M9 deferred items clarified, connector test path fixed

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
shankar0123
2026-03-15 14:35:59 -04:00
parent 14dc75a12e
commit d539361d4c
5 changed files with 73 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CLAUDE.md
+4 -7
View File
@@ -130,13 +130,10 @@ The principle: **every backend feature ships with its corresponding GUI surface.
- ✅ Empty list responses (verify 200 with total=0)
- ✅ Trigger renewal on nonexistent certificate
- ✅ Expired certificate lifecycle (create expired cert, verify retrieval, test renewal trigger)
- Deployment job with unreachable target
**Scheduler tests:**
- Renewal checker creates jobs for expiring certs only
- Job processor respects max_attempts and backoff
- Health checker marks stale agents offline
- Notification processor sends pending, skips already-sent
**Deferred to future milestone (not blocking v1.0):**
- Deployment job with unreachable target (requires mock target infrastructure)
- Scheduler loop unit tests: renewal checker, job processor, health checker, notification processor (time-dependent, tested manually during development)
**CI coverage enforcement:**
- ✅ Coverage threshold check in CI (fail if service layer <30%, handler layer <50%)
@@ -151,7 +148,7 @@ The principle: **every backend feature ships with its corresponding GUI surface.
- `internal/integration/negative_test.go` — 12 negative-path subtests + expired cert lifecycle test
**Files modified:**
- `.github/workflows/ci.yml` — Added coverage threshold check step, added `./internal/connector/...` to test path
- `.github/workflows/ci.yml` — Added coverage threshold check step, added `./internal/connector/issuer/local/...` to test path
**Deliverables**: All 7 handler files tested, negative-path integration suite, CI coverage gates.