untitled-web-project/provision-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Internal FastAPI provisioning service
3 commits 1 branch 0 tags 38 KiB
  • Python 98.9%
  • Dockerfile 1.1%
Find a file
Exact
jcrm a3b260a857 fix: address security review findings in provisioning service 
- helm: use --values tmpfile instead of --set to prevent arg injection
  and keep secrets out of /proc/<pid>/cmdline
- helm: validate site_id and domain against strict regexes before any
  subprocess call
- opensrs: XML-escape all interpolated keys and values to prevent
  XML injection / credential exfiltration
- opensrs: validate domain against RFC-1123 hostname regex
- routers: add X-Internal-Token shared-secret middleware to all routes;
  derive domain from stored status on delete rather than trusting caller
- domains: wrap params in Pydantic model with EmailStr + domain validator
- grafana: validate site_id before building dashboard UID
2026-06-02 18:08:54 -04:00
models feat: initial FastAPI provisioning service scaffold 2026-06-02 18:02:03 -04:00
routers fix: address security review findings in provisioning service 2026-06-02 18:08:54 -04:00
services fix: address security review findings in provisioning service 2026-06-02 18:08:54 -04:00
tests feat: initial FastAPI provisioning service scaffold 2026-06-02 18:02:03 -04:00
auth.py fix: address security review findings in provisioning service 2026-06-02 18:08:54 -04:00
config.py fix: address security review findings in provisioning service 2026-06-02 18:08:54 -04:00
Dockerfile feat: initial FastAPI provisioning service scaffold 2026-06-02 18:02:03 -04:00
main.py feat: initial FastAPI provisioning service scaffold 2026-06-02 18:02:03 -04:00
pyproject.toml fix: address security review findings in provisioning service 2026-06-02 18:08:54 -04:00
README.md Initial commit 2026-06-02 21:39:45 +00:00

README.md

provision-api

Internal FastAPI provisioning service