fix: codebase improvements from analysis #50
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Fix Go debug default from true to false for security - Align API-first FastAPI logging with code-first (structured JSON) - Update API-first version to 1.1.0 to match code-first - Add rate limiting to API-first metrics endpoint - Add structured logging to API-first middleware - Remove outdated pytest version comment - Improve VAULT_TOKEN error message in generate-certificates.sh - Run go mod tidy to fix missing go.sum entries
Node.js reference app: - Add Jest configuration with coverage thresholds - Add comprehensive health check tests with mocked dependencies - Add configuration tests - Add application entry point tests TypeScript API-first reference app: - Add Jest configuration for TypeScript with ts-jest - Add comprehensive health check tests - Add configuration and entry point tests - Add supertest and @types/supertest dependencies Documentation: - Document AppRole secret_id renewal process with commands - Add automated renewal instructions (crontab) - Add renewal timeline table Configuration: - Fix .env.example network IPs to match 4-tier architecture - Organize IPs by network segment (vault/data/app/observability)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
truetofalsefor security.env.exampleto match 4-tier architectureChanges
Test Suites (New)
Node.js (
reference-apps/nodejs/tests/):index.test.js- Application entry point testshealth.test.js- Health check endpoint tests with mocked dependenciesconfig.test.js- Configuration loading testsTypeScript API-First (
reference-apps/typescript-api-first/tests/):index.test.ts- Application entry point testshealth.test.ts- Health check endpoint testsconfig.test.ts- Configuration loading testsCode Fixes
reference-apps/golang/internal/config/config.go: DEBUG defaulttrue→falsereference-apps/fastapi-api-first/app/main.py: Aligned with code-first (structured JSON logging, version 1.1.0, rate limiting on /metrics)reference-apps/fastapi/requirements.txt: Removed outdated pytest commentscripts/generate-certificates.sh: Improved VAULT_TOKEN error messageDocumentation
docs/VAULT.md: Added AppRole secret_id renewal section with commands, crontab setup, and timeline tableConfiguration
.env.example: Fixed network IPs to match 4-tier segmentation (vault/data/app/observability networks)Test plan