certctl

gsadmin/certctl

Fork 0

mirror of https://github.com/shankar0123/certctl.git synced 2026-06-08 13:58:59 +00:00

Commit Graph

Author	SHA1	Message	Date
shankar0123	55eb7135be	fix(web,ci): close TS↔Go type drift across 5 entities (D-2 master) Closes five 2026-04-24 audit findings (all P2, all category cat-f / diff-05x06-) by reconciling the TypeScript interfaces in web/src/api/types.ts with the on-wire JSON shape Go's internal/domain/.go structs actually emit. D-1 closed the same pattern for one entity (Certificate / ManagedCertificate); D-2 covers the remaining five. Per-entity verdicts (audit's "stricter side is the contract"): Agent — TRIM 5 phantoms (last_heartbeat, capabilities, tags, created_at, updated_at). Go emits last_heartbeat_at only. Target — ADD 2 (retired_at?, retired_reason?) — I-004 fields. DiscCert — ADD pem_data? — real field, real Go emit, omitempty. Issuer — TRIM phantom status. Go has Enabled bool only. Notif — TRIM phantom subject. Go has Message string only. Certificate — verify-only; D-1 closure confirmed clean at recon. Consumer fixes (same commit as the trim): - AgentDetailPage.tsx — remove dead Capabilities + Tags sections (always rendered empty); replace agent.created_at/updated_at row with the Go-emitted registered_at; widen heartbeatStatus() to accept undefined. - AgentsPage.tsx — same heartbeatStatus widening. - IssuersPage.tsx + IssuerDetailPage.tsx — issuerStatus() now derives from `enabled` exclusively; the dead `issuer.status \|\| 'Unknown'` fallback is gone. - NotificationsPage.tsx — drop dead `\|\| n.subject` fallback. - NotificationsPage.test.tsx — drop dead `subject:` from mocks. - api/utils.ts::timeAgo widened to accept string \| undefined \| null. - api/types.test.ts — Agent (I-004) fixture trimmed of the 5 phantoms. Tests (Vitest): - 5 new describe blocks in web/src/api/types.test.ts: - Agent interface (D-2 phantom-fields trim) — 2 it blocks - Target interface (D-2 retirement fields) — 2 it blocks - DiscoveredCertificate interface (D-2 pem_data ADD) — 2 it blocks - Issuer interface (D-2 status phantom trim) — 1 it block - Notification interface (D-2 subject phantom trim) — 1 it block - Each block uses the literal-construction pattern from D-1; trimmed fields are pinned via excess-property comments that compile-fail when uncommented if a phantom is reintroduced. CI regression guardrail: - .github/workflows/ci.yml — existing D-1 step renamed to "Forbidden StatusBadge dead-key + TS phantom-field regression guard (D-1 + D-2)". Three new awk-windowed greps over Agent / Issuer / Notification interfaces in types.ts. The Agent grep includes a `grep -v 'last_heartbeat_at'` filter to avoid false positives on the legitimate Go-emitted heartbeat field. Documentation: - CHANGELOG.md — new D-2 section above B-1 under [unreleased] with full Added/Removed/Audit findings closed/Known follow-ups breakdown. - docs/architecture.md — Web Dashboard section gains a new "TS ↔ Go type contract rule (D-1 + D-2 closure)" paragraph capturing the stricter-side-wins rule and the CI guardrail it's anchored by. - coverage-gap-audit-2026-04-24-v5/unified-audit.md — Live Tracker score 20/47 → 25/47 (P2: 6/27 → 11/27). Per-finding ✅ RESOLVED Status blocks added to all 5 diff-05x06-* entries plus the verify-only Certificate entry. Closed-bundle index gets D-2 row. Verification (all gates green): - cd web && tsc --noEmit → clean - cd web && vitest run --reporter=dot → 9 files, 302 tests passing (was 294 → +8 D-2 cases) - cd web && vite build → clean - go vet ./internal/... ./cmd/... → clean (no Go touched) - golangci-lint v2.11.4 run ./... → 0 issues - D-2 Agent guardrail dry-run → empty (good) - D-2 Issuer guardrail dry-run → empty (good) - D-2 Notification guardrail dry-run → empty (good) - D-2 Target ADD-shape sanity → 2 retirement fields present - D-2 DiscCert ADD-shape sanity → pem_data present - D-1 Certificate guardrail still clean → empty (good) - OpenAPI YAML parses → 89 paths Audit findings closed: - diff-05x06-7cdf4e78ae24 (P2, Agent TS↔Go drift) - diff-05x06-2044a46f4dd0 (P2, Target TS↔DeploymentTarget Go drift) - diff-05x06-85ab6b98a2f7 (P2, DiscoveredCertificate TS↔Go drift) - diff-05x06-97fab8783a5c (P2, Issuer TS↔Go drift) - diff-05x06-caba9eb3620e (P2, Notification TS↔NotificationEvent drift) - diff-05x06-af18a8d7ef41 (P2) — verified clean since D-1; no edit Deferred follow-ups: - Issuer richer status view (enabled × test_status) — UX scope, not drift. - Real Agent metadata (capabilities, tags) — backend feature, not drift. - DiscoveredCertificate pem_data list-response perf — separate backend change.	2026-04-25 16:07:31 +00:00
shankar0123	93e1dc598c	fix: resolve frontend-to-backend mapping gaps across API types, config fields, and issuer IDs Full audit of all ~100 backend API endpoints against frontend client functions and TypeScript interfaces. Fixes field name mismatches, missing client functions, phantom interface fields, type coercion for Go bool/int config fields, and issuer type ID alignment with backend domain constants. Backend: - issuer.go/target.go: GUI-created entities default enabled=true (Go bool zero value was overriding DB DEFAULT) Frontend types (types.ts): - Certificate: fingerprint→fingerprint_sha256, phantom fields made optional - CertificateVersion: fingerprint→fingerprint_sha256, chain_pem→pem_chain, removed phantom version/cert_pem fields - Job: error_message→last_error (matches Go json tag) Frontend client (client.ts): - Added getNotification(id) and getAuditEvent(id) for existing backend routes Frontend pages: - CertificateDetailPage: derives serial/fingerprint/issuedAt from latest CertificateVersion instead of empty Certificate fields - JobsPage/JobDetailPage: error_message→last_error - TargetsPage: reload_cmd→reload_command, validate_cmd→validate_command, added missing config fields per backend structs (validate_command for NGINX/Apache, hostname/winrm_timeout for IIS, private_key/passphrase/ cert_mode/key_mode for SSH, winrm_https/winrm_insecure for WinCertStore, create_keystore for JavaKeystore, mode for Dovecot), type coercion via buildConfigPayload() with BOOL_FIELDS/INT_FIELDS sets, IIS WinRM nesting - TargetDetailPage: added passphrase to sensitiveKeys redaction - issuerTypes.ts: type IDs aligned to backend constants (acme→ACME, local→GenericCA, stepca→StepCA, openssl→OpenSSL), backward compat aliases preserved, step-ca config fields updated to match backend struct Utilities (utils.ts): - formatDate/formatDateTime accept string\|undefined\|null Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-05 21:09:48 -04:00
shankar0123	9e6756d02f	Implement M5: hardening, input validation, and Vite+React+TS dashboard Backend hardening: - Fix 6 nginx.go non-constant format string build errors - Add validation.go with hostname, PEM, and enum validators - Apply input validation to all POST/PUT handlers (certificates, agents, CSR, policies, teams, owners, targets, issuers) - Fix unchecked JSON decode in TriggerDeployment handler Frontend (Vite + React + TypeScript): - Migrate from single-file SPA to proper build pipeline - 7 pages: Dashboard, Certificates (list+detail), Agents, Jobs, Notifications, Policies, Audit Trail - TanStack Query for server state with auto-refetch intervals - Certificate detail with version history and renewal trigger - Job cancellation, status/type filtering, expiry countdowns - Reusable components: DataTable, StatusBadge, ErrorState, PageHeader - Dark theme with Tailwind CSS, sidebar nav via React Router Server integration: - Go server serves web/dist/ (Vite output) with SPA fallback - Falls back to web/index.html for legacy mode - .gitignore updated for web/node_modules/ and web/dist/ Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-15 01:19:19 -04:00

Author

SHA1

Message

Date

shankar0123

55eb7135be

fix(web,ci): close TS↔Go type drift across 5 entities (D-2 master)

Closes five 2026-04-24 audit findings (all P2, all category cat-f /
diff-05x06-*) by reconciling the TypeScript interfaces in
web/src/api/types.ts with the on-wire JSON shape Go's
internal/domain/*.go structs actually emit. D-1 closed the same pattern
for one entity (Certificate / ManagedCertificate); D-2 covers the
remaining five.

Per-entity verdicts (audit's "stricter side is the contract"):

  Agent       — TRIM 5 phantoms (last_heartbeat, capabilities, tags,
                created_at, updated_at). Go emits last_heartbeat_at only.
  Target      — ADD 2 (retired_at?, retired_reason?) — I-004 fields.
  DiscCert    — ADD pem_data? — real field, real Go emit, omitempty.
  Issuer      — TRIM phantom status. Go has Enabled bool only.
  Notif       — TRIM phantom subject. Go has Message string only.
  Certificate — verify-only; D-1 closure confirmed clean at recon.

Consumer fixes (same commit as the trim):
- AgentDetailPage.tsx — remove dead Capabilities + Tags sections (always
  rendered empty); replace agent.created_at/updated_at row with the
  Go-emitted registered_at; widen heartbeatStatus() to accept undefined.
- AgentsPage.tsx — same heartbeatStatus widening.
- IssuersPage.tsx + IssuerDetailPage.tsx — issuerStatus() now derives
  from `enabled` exclusively; the dead `issuer.status || 'Unknown'`
  fallback is gone.
- NotificationsPage.tsx — drop dead `|| n.subject` fallback.
- NotificationsPage.test.tsx — drop dead `subject:` from mocks.
- api/utils.ts::timeAgo widened to accept string | undefined | null.
- api/types.test.ts — Agent (I-004) fixture trimmed of the 5 phantoms.

Tests (Vitest):
- 5 new describe blocks in web/src/api/types.test.ts:
  - Agent interface (D-2 phantom-fields trim) — 2 it blocks
  - Target interface (D-2 retirement fields) — 2 it blocks
  - DiscoveredCertificate interface (D-2 pem_data ADD) — 2 it blocks
  - Issuer interface (D-2 status phantom trim) — 1 it block
  - Notification interface (D-2 subject phantom trim) — 1 it block
- Each block uses the literal-construction pattern from D-1; trimmed
  fields are pinned via excess-property comments that compile-fail when
  uncommented if a phantom is reintroduced.

CI regression guardrail:
- .github/workflows/ci.yml — existing D-1 step renamed to "Forbidden
  StatusBadge dead-key + TS phantom-field regression guard (D-1 + D-2)".
  Three new awk-windowed greps over Agent / Issuer / Notification
  interfaces in types.ts. The Agent grep includes a `grep -v
  'last_heartbeat_at'` filter to avoid false positives on the
  legitimate Go-emitted heartbeat field.

Documentation:
- CHANGELOG.md — new D-2 section above B-1 under [unreleased] with full
  Added/Removed/Audit findings closed/Known follow-ups breakdown.
- docs/architecture.md — Web Dashboard section gains a new "TS ↔ Go
  type contract rule (D-1 + D-2 closure)" paragraph capturing the
  stricter-side-wins rule and the CI guardrail it's anchored by.
- coverage-gap-audit-2026-04-24-v5/unified-audit.md — Live Tracker score
  20/47 → 25/47 (P2: 6/27 → 11/27). Per-finding ✅ RESOLVED Status
  blocks added to all 5 diff-05x06-* entries plus the verify-only
  Certificate entry. Closed-bundle index gets D-2 row.

Verification (all gates green):
- cd web && tsc --noEmit                 → clean
- cd web && vitest run --reporter=dot    → 9 files, 302 tests passing
                                            (was 294 → +8 D-2 cases)
- cd web && vite build                   → clean
- go vet ./internal/... ./cmd/...        → clean (no Go touched)
- golangci-lint v2.11.4 run ./...        → 0 issues
- D-2 Agent guardrail dry-run            → empty (good)
- D-2 Issuer guardrail dry-run           → empty (good)
- D-2 Notification guardrail dry-run     → empty (good)
- D-2 Target ADD-shape sanity            → 2 retirement fields present
- D-2 DiscCert ADD-shape sanity          → pem_data present
- D-1 Certificate guardrail still clean  → empty (good)
- OpenAPI YAML parses                    → 89 paths

Audit findings closed:
- diff-05x06-7cdf4e78ae24 (P2, Agent TS↔Go drift)
- diff-05x06-2044a46f4dd0 (P2, Target TS↔DeploymentTarget Go drift)
- diff-05x06-85ab6b98a2f7 (P2, DiscoveredCertificate TS↔Go drift)
- diff-05x06-97fab8783a5c (P2, Issuer TS↔Go drift)
- diff-05x06-caba9eb3620e (P2, Notification TS↔NotificationEvent drift)
- diff-05x06-af18a8d7ef41 (P2) — verified clean since D-1; no edit

Deferred follow-ups:
- Issuer richer status view (enabled × test_status) — UX scope, not drift.
- Real Agent metadata (capabilities, tags) — backend feature, not drift.
- DiscoveredCertificate pem_data list-response perf — separate backend change.

2026-04-25 16:07:31 +00:00

shankar0123

93e1dc598c

fix: resolve frontend-to-backend mapping gaps across API types, config fields, and issuer IDs

Full audit of all ~100 backend API endpoints against frontend client functions
and TypeScript interfaces. Fixes field name mismatches, missing client functions,
phantom interface fields, type coercion for Go bool/int config fields, and
issuer type ID alignment with backend domain constants.

Backend:
- issuer.go/target.go: GUI-created entities default enabled=true (Go bool
  zero value was overriding DB DEFAULT)

Frontend types (types.ts):
- Certificate: fingerprint→fingerprint_sha256, phantom fields made optional
- CertificateVersion: fingerprint→fingerprint_sha256, chain_pem→pem_chain,
  removed phantom version/cert_pem fields
- Job: error_message→last_error (matches Go json tag)

Frontend client (client.ts):
- Added getNotification(id) and getAuditEvent(id) for existing backend routes

Frontend pages:
- CertificateDetailPage: derives serial/fingerprint/issuedAt from latest
  CertificateVersion instead of empty Certificate fields
- JobsPage/JobDetailPage: error_message→last_error
- TargetsPage: reload_cmd→reload_command, validate_cmd→validate_command,
  added missing config fields per backend structs (validate_command for
  NGINX/Apache, hostname/winrm_timeout for IIS, private_key/passphrase/
  cert_mode/key_mode for SSH, winrm_https/winrm_insecure for WinCertStore,
  create_keystore for JavaKeystore, mode for Dovecot), type coercion via
  buildConfigPayload() with BOOL_FIELDS/INT_FIELDS sets, IIS WinRM nesting
- TargetDetailPage: added passphrase to sensitiveKeys redaction
- issuerTypes.ts: type IDs aligned to backend constants (acme→ACME,
  local→GenericCA, stepca→StepCA, openssl→OpenSSL), backward compat aliases
  preserved, step-ca config fields updated to match backend struct

Utilities (utils.ts):
- formatDate/formatDateTime accept string|undefined|null

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-05 21:09:48 -04:00

shankar0123

9e6756d02f

Implement M5: hardening, input validation, and Vite+React+TS dashboard

Backend hardening:
- Fix 6 nginx.go non-constant format string build errors
- Add validation.go with hostname, PEM, and enum validators
- Apply input validation to all POST/PUT handlers (certificates,
  agents, CSR, policies, teams, owners, targets, issuers)
- Fix unchecked JSON decode in TriggerDeployment handler

Frontend (Vite + React + TypeScript):
- Migrate from single-file SPA to proper build pipeline
- 7 pages: Dashboard, Certificates (list+detail), Agents, Jobs,
  Notifications, Policies, Audit Trail
- TanStack Query for server state with auto-refetch intervals
- Certificate detail with version history and renewal trigger
- Job cancellation, status/type filtering, expiry countdowns
- Reusable components: DataTable, StatusBadge, ErrorState, PageHeader
- Dark theme with Tailwind CSS, sidebar nav via React Router

Server integration:
- Go server serves web/dist/ (Vite output) with SPA fallback
- Falls back to web/index.html for legacy mode
- .gitignore updated for web/node_modules/ and web/dist/

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-15 01:19:19 -04:00

3 Commits