This commit is contained in:
Mondo Diaz
45
CHANGELOG.md
45
CHANGELOG.md
@@ -7,6 +7,36 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
|
||||
## [Unreleased]
|
||||
### Added
|
||||
- Added comprehensive upload/download tests for size boundaries (1B to 1GB) (#38)
|
||||
- Added concurrent upload/download tests (2, 5, 10 parallel operations) (#38)
|
||||
- Added data integrity tests (binary, text, unicode, compressed content) (#38)
|
||||
- Added chunk boundary tests for edge cases (#38)
|
||||
- Added `@pytest.mark.large` and `@pytest.mark.concurrent` test markers (#38)
|
||||
- Added `generate_content()` and `generate_content_with_hash()` test helpers (#38)
|
||||
- Added `sized_content` fixture for generating test content of specific sizes (#38)
|
||||
- Added upload API tests: upload without tag, artifact creation verification, S3 object creation (#38)
|
||||
- Added download API tests: tag: prefix resolution, 404 for nonexistent project/package/artifact (#38)
|
||||
- Added download header tests: Content-Type, Content-Length, Content-Disposition, ETag, X-Checksum-SHA256 (#38)
|
||||
- Added error handling tests: timeout behavior, checksum validation, resource cleanup, graceful error responses (#38)
|
||||
- Added version API tests: version creation, auto-detection, listing, download by version prefix (#38)
|
||||
- Added integrity verification tests: round-trip hash verification, client-side verification workflow, size variants (1KB-10MB) (#40)
|
||||
- Added consistency check endpoint tests with response format validation (#40)
|
||||
- Added corruption detection tests: bit flip, truncation, appended content, size mismatch, missing S3 objects (#40)
|
||||
- Added Digest header tests (RFC 3230) and verification mode tests (#40)
|
||||
- Added integrity verification documentation (`docs/integrity-verification.md`) (#40)
|
||||
- Added conditional request support for downloads (If-None-Match, If-Modified-Since) returning 304 Not Modified (#42)
|
||||
- Added caching headers to downloads: Cache-Control (immutable), Last-Modified (#42)
|
||||
- Added 416 Range Not Satisfiable response for invalid range requests (#42)
|
||||
- Added download completion logging with bytes transferred and throughput (#42)
|
||||
- Added client disconnect handling during streaming downloads (#42)
|
||||
- Added streaming download tests: range requests, conditional requests, caching headers, download resume (#42)
|
||||
- Added upload duration and throughput metrics (`duration_ms`, `throughput_mbps`) to upload response (#43)
|
||||
- Added upload progress logging for large files (hash computation and multipart upload phases) (#43)
|
||||
- Added client disconnect handling during uploads with proper cleanup (#43)
|
||||
- Added upload progress tracking endpoint `GET /upload/{upload_id}/progress` for resumable uploads (#43)
|
||||
- Added large file upload tests (10MB, 100MB, 1GB) with multipart upload verification (#43)
|
||||
- Added upload cancellation and timeout handling tests (#43)
|
||||
- Added comprehensive API documentation for upload endpoints with curl, Python, and JavaScript examples (#43)
|
||||
- Added `package_versions` table for immutable version tracking separate from mutable tags (#56)
|
||||
- Versions are set at upload time via explicit `version` parameter or auto-detected from filename/metadata
|
||||
- Version detection priority: explicit parameter > package metadata > filename pattern
|
||||
@@ -31,6 +61,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
- Added internal proxy configuration for npm, pip, helm, and apt (#51)
|
||||
|
||||
### Changed
|
||||
- CI integration tests now run full pytest suite (~350 tests) against deployed environment instead of 3 smoke tests
|
||||
- CI production deployment uses lightweight smoke tests only (no test data creation in prod)
|
||||
- CI pipeline improvements: shared pip cache, `interruptible` flag on test jobs, retry on integration tests
|
||||
- Simplified deploy verification to health check only (full checks done by integration tests)
|
||||
- Extracted environment URLs to global variables for maintainability
|
||||
- Made `cleanup_feature` job standalone (no longer inherits deploy template dependencies)
|
||||
- Renamed `integration_test_prod` to `smoke_test_prod` for clarity
|
||||
- Updated download ref resolution to check versions before tags (version → tag → artifact ID) (#56)
|
||||
- Deploy jobs now require all security scans to pass before deployment (added test_image, app_deps_scan, cve_scan, cve_sbom_analysis, app_sbom_analysis to dependencies) (#63)
|
||||
- Increased deploy job timeout from 5m to 10m (#63)
|
||||
@@ -44,6 +81,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
- Improved pod naming: Orchard pods now named `orchard-{env}-server-*` for clarity (#51)
|
||||
|
||||
### Fixed
|
||||
- Fixed CI integration test rate limiting: added configurable `ORCHARD_LOGIN_RATE_LIMIT` env var, relaxed to 1000/minute for dev/stage
|
||||
- Fixed duplicate `TestSecurityEdgeCases` class definition in test_auth_api.py
|
||||
- Fixed integration tests auth: session-scoped client, configurable credentials via env vars, fail-fast on auth errors
|
||||
- Fixed 413 Request Entity Too Large errors on uploads by adding `proxy-body-size: "0"` nginx annotation to Orchard ingress
|
||||
- Fixed CI tests that require direct S3 access: added `@pytest.mark.requires_direct_s3` marker and excluded from CI
|
||||
- Fixed ref_count triggers not being created: added auto-migration for tags ref_count trigger functions
|
||||
- Fixed Content-Disposition header encoding for non-ASCII filenames using RFC 5987 (#38)
|
||||
- Fixed deploy jobs running even when tests or security scans fail (changed rules from `when: always` to `when: on_success`) (#63)
|
||||
- Fixed python_tests job not using internal PyPI proxy (#63)
|
||||
- Fixed `cleanup_feature` job failing when branch is deleted (`GIT_STRATEGY: none`) (#51)
|
||||
@@ -53,6 +97,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
- Fixed deploy jobs running when secrets scan fails (added `secrets` to deploy dependencies)
|
||||
- Fixed dev environment memory requests to equal limits per cluster Kyverno policy
|
||||
- Fixed init containers missing resource limits (Kyverno policy compliance)
|
||||
- Fixed Python SyntaxWarning for invalid escape sequence in database migration regex pattern
|
||||
|
||||
### Removed
|
||||
- Removed unused `store_streaming()` method from storage.py (#51)
|
||||
|
||||
Reference in New Issue
Block a user