gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-11 14:18:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: synchronize project documentation with codebase

Browse Source 
Implements 3 deferred security tickets (TICKET-003, TICKET-007, TICKET-010)
and performs comprehensive documentation audit to eliminate drift between
code and docs.

Code changes:
- TICKET-003: Repository integration tests with testcontainers-go (50+ subtests)
- TICKET-007: CertificateService decomposition into RevocationSvc + CAOperationsSvc
- TICKET-010: Request body size limits via http.MaxBytesReader middleware
- Fix missing slog import in certificate.go after service decomposition

Documentation updates:
- README: Fix endpoint count (97→93), expand env var reference (15→39 vars)
- CLAUDE.md: Fix OpenAPI operation count (85→93), update file locations
- architecture.md: Add body size limits section, middleware chain ordering
- CONTRIBUTING.md: New contributor guide with architecture conventions,
  test patterns, middleware ordering, CI thresholds
- SECURITY_REMEDIATION.md: Removed from repo (moved to cowork, gitignored)
- Test files: Add doc comments to all new test files

Documentation that should exist but doesn't yet:
- Architecture diagrams (C4 model or similar)
- Threat model document
- Testing philosophy guide
- Disaster recovery runbook
- Upgrade guide (migration between versions)
- API versioning strategy document

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
shankar0123
2026-03-27 22:28:54 -04:00
parent 305c7dc851
commit de9264baf7
19 changed files with 2857 additions and 470 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/api/middleware/bodylimit.go
+38
View File
@@ -0,0 +1,38 @@
package middleware
import (
"net/http"
)
// BodyLimitConfig holds configuration for the body size limit middleware.
type BodyLimitConfig struct {
MaxBytes int64 // Maximum request body size in bytes; 0 = use default (1MB)
}
// DefaultMaxBodySize is the default maximum request body size (1MB).
const DefaultMaxBodySize int64 = 1 * 1024 * 1024
// NewBodyLimit creates a middleware that limits request body size.
// If the body exceeds the configured limit, the server returns 413 Request Entity Too Large.
// This prevents clients from sending excessively large payloads that could cause
// memory exhaustion or denial of service (CWE-400).
func NewBodyLimit(cfg BodyLimitConfig) func(http.Handler) http.Handler {
maxBytes := cfg.MaxBytes
if maxBytes <= 0 {
maxBytes = DefaultMaxBodySize
}
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Skip body limit for requests without bodies
if r.Body == nil || r.ContentLength == 0 {
next.ServeHTTP(w, r)
return
}
// Wrap the body with MaxBytesReader
r.Body = http.MaxBytesReader(w, r.Body, maxBytes)
next.ServeHTTP(w, r)
})
}
}