Conversation
Owner
tis24dev
commented
Feb 24, 2026
tis24dev
commented
- Bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 (Bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 #160)
- Remove ENABLE_GO_BACKUP flag and legacy wrappers
- Make mount guard functions mockable, add tests
- Inject Geteuid for PBS API to enable tests
- Make firewall restore testable; add tests
- Inject access-control helpers and add tests
- Make sys/class/net path configurable
- Add hooks for PBS staged apply and tests
- Prefill TUI install wizard from template
- Docs: installer prompts for existing config
- Add optional post-install audit (dry-run)
- Enhance post-install audit logging and UI
Bumps [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) from 1.1.0 to 1.1.1. - [Commits](FiloSottile/edwards25519@v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: filippo.io/edwards25519 dependency-version: 1.1.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Remove legacy Go-pipeline compatibility and related dead code. Deleted the prefilter-manual command and removed references to ENABLE_GO_BACKUP from configs and docs. Dropped Config.EnableGoBackup and its tests, cleaned up proxsave logging that referenced the flag. Consolidated bundle creation by removing the package-level createBundle wrapper and updating callers to use Orchestrator.createBundle; removed several legacy/compat helper functions in identity and orchestrator and adjusted unit tests to call the new helpers (encodeProtectedServerIDWithMACs, collectMACCandidates, etc.). Miscellaneous test cleanup: removed obsolete fake FS/test helpers no longer needed. These changes simplify code paths and eliminate obsolete compatibility layers.
Extract direct OS/syscall/fstab calls in mount guard into package-level function variables (e.g. mountGuardGeteuid, mountGuardReadFile, mountGuardMkdirAll, mountGuardSysMount, mountGuardSysUnmount, mountGuardFstabMountpointsSet, mountGuardIsPathOnRootFilesystem, mountGuardParsePBSDatastoreCfg) and update usages to call those variables. This makes the mount-guard logic easily mockable for unit tests. Add extensive tests in internal/orchestrator/mount_guard_more_test.go covering guardDirForTarget, isMounted (mountinfo/proc mounts fallback and error combinations), guardMountPoint behaviors (mkdir, bind, remount, unmount, context handling), and many flows for maybeApplyPBSDatastoreMountGuards including parsing, fstab fallback, mount attempts and timeout handling. Also adjust an existing test case in pbs_mount_guard_test.go to include a /run/media root scenario and remove a redundant check in pbsMountGuardRootForDatastorePath. These changes improve test coverage and reliability without changing runtime behavior.
Introduce a pbsAPIApplyGeteuid variable (defaulting to os.Geteuid) and use it for the root-privilege check in ensurePBSServicesForAPI to allow overriding in tests. Add a comprehensive test suite (internal/orchestrator/pbs_api_apply_test.go) that exercises PBS API apply functions, error paths, and service checks using fake filesystem and command runner mocks.
Introduce function-level variables to allow dependency injection for firewall restore (hostname, geteuid, mount checks, real FS check, rollback arm/disarm, apply from stage, restart service). Replace direct calls (os.Geteuid, os.Hostname, isMounted, isRealRestoreFS, time.Now) with the injectable variants (firewallApplyGeteuid, firewallHostname, firewallIsMounted, firewallIsRealRestoreFS, firewallArmRollback, firewallDisarmRollback, firewallApplyFromStage, firewallRestartService, nowRestore) to improve testability. Also add extensive unit tests in internal/orchestrator/restore_firewall_additional_test.go that exercise many branches of the firewall apply/rollback flow (arm/disarm behavior, marker handling, command fallbacks, symlink/file operations, prompts and error conditions). These changes enable robust testing of firewall restore logic without changing runtime behavior.
Introduce package-level function variables (wrappers for os.Geteuid, isMounted, isRealRestoreFS, arm/disarm/apply functions) and use nowRestore() for time-based logic so the access-control apply/rollback flow can be mocked in tests. Adjusted cluster-backup check in maybeApplyPVEAccessControlFromClusterBackupWithUI and replaced direct calls with the injectable variants. Added comprehensive unit tests (restore_access_control_ui_additional_test.go) to exercise rollback arming/disarming, script generation, mounting/root checks, user prompts, timeout/commit branches and error conditions.
Introduce sysClassNetPath variable and use it in collectCurrentNetworkInventory instead of a hard-coded "/sys/class/net" path, allowing tests to override the sysfs location. Also add a comprehensive test file (internal/orchestrator/nic_mapping_additional_test.go) covering archive reading, inventory loading, udev/permanent MAC parsing, NIC mapping computation, planning and applying NIC name repairs, and many edge/error cases using fake FS and command runners.
Introduce hookable function variables in pbs_staged_apply.go (for euid, isRealRestoreFS and all PBS API/apply functions) and switch maybeApplyPBSConfigsFromStage to use them so the staged-apply logic can be tested without touching the real system/API. Add two comprehensive test files (pbs_staged_apply_additional_test.go and pbs_staged_apply_maybeapply_test.go) that exercise parsing/validation, file-based fallbacks, datastore deferral logic, atomic write error handling, job/tape config application, permission checks, and various edge cases. These changes enable robust unit testing of PBS staged config application while keeping runtime behavior unchanged.
Pass baseTemplate into the TUI install flow and prefill form fields when editing an existing env template. Add installWizardPrefill and deriveInstallWizardPrefill to parse env templates (parseEnvTemplate, readTemplateString, readTemplateBool) and set initial values for secondary/cloud/firewall/notifications/encryption. Set dropdown defaults via boolToOptionIndex, trim input values, and tighten rclone validation to reject empty backup/log entries. Preserve existing TELEGRAM and EMAIL delivery preferences when applying install data to an existing template. Misc: adjust some field labels, add bufio import, and update the cmd/proxsave call to forward baseTemplate.
Clarify installer behavior when a configuration file already exists and refine wizard prompts. Adds TUI options (Overwrite / Edit existing / Keep & exit), documents CLI mode overwrite prompt (choosing No keeps the file and skips the wizard), and notes that cron schedule selection (HH:MM) is TUI-only. Also clarifies cloud storage/rclone guidance and adjusts wizard step numbering in CLI_REFERENCE.md and INSTALL.md.
Introduce an optional post-install audit that runs a proxsave --dry-run to detect unused BACKUP_* collectors and offer to disable them. Changes: - CLI: runPostInstallAuditCLI prompts the user, runs the dry-run, parses actionable "set KEY=false" hints, and can update the config (atomic tmp file, keys sorted). - TUI: integrate RunPostInstallAuditWizard into the install TUI flow and provide an interactive review UI to disable selected suggestions. - Core: add internal/tui/wizard/post_install_audit_core.go to run the dry-run and extract/normalize actionable warning lines; implement suggestion collection and filtering only for allowed BACKUP_* keys that are currently enabled. - TUI wizard: add internal/tui/wizard/post_install_audit_tui.go implementing the interactive review, applyAuditDisables, and atomic write helper. - Tests: add unit tests for parsing/collection logic in post_install_audit_core_test.go. - Docs: update CLI_REFERENCE.md and INSTALL.md to document the optional post-install dry-run audit. The audit is non-blocking on failures (warnings/errors are logged but do not fail installation) and keeps changes explicit by requiring user confirmation before modifying backup.env.
Improve the post-install audit flow and session logging across CLI and TUI. - cmd/proxsave/install.go: Add bootstrap logging for audit steps and failures, switch CLI prompt from a single "disable all" to per-key prompts, include suggested/disabled keys in messages and in the final config update output, and add warnings on read/write failures. - cmd/proxsave/install_tui.go: Log detailed audit result summary via bootstrap (skipped, failures, suggestions, applied disables). - internal/tui/wizard/post_install_audit_tui.go: Introduce PostInstallAuditResult (Ran, Suggestions, AppliedKeys, CollectErr) and return it from RunPostInstallAuditWizard; collect suggestions asynchronously with synchronization and propagate collection errors to the UI. - docs/CLI_REFERENCE.md & docs/INSTALL.md: Document TUI vs CLI audit behavior and add note about install session logs under /tmp/proxsave/install-*.log. These changes provide better observability of the post-install audit, make the CLI interaction less all-or-nothing by allowing per-key selection, and surface suggestions and applied disables in installer logs.
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.OpenSSF Scorecard
Scanned Files
|
There was a problem hiding this comment.
Pull request overview
This PR syncs development changes to main, including a dependency update, removal of the deprecated ENABLE_GO_BACKUP flag, extensive testing infrastructure improvements, and a new post-install audit feature that helps users identify and disable unused backup components.
Changes:
- Bumps filippo.io/edwards25519 from 1.1.0 to 1.1.1
- Removes ENABLE_GO_BACKUP flag and legacy wrappers
- Adds comprehensive test coverage with dependency injection patterns for mount guards, firewall restore, access control, PBS staged apply, and NIC mapping
- Introduces post-install audit wizard that runs dry-run and suggests disabling unused BACKUP_* collectors
- Enhances install wizard to prefill from existing config and improves rclone validation
- Updates documentation to reflect new installer features
Reviewed changes
Copilot reviewed 36 out of 37 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| go.mod, go.sum | Dependency bump: edwards25519 1.1.0→1.1.1 |
| internal/config/config.go | Removed ENABLE_GO_BACKUP field and parsing logic |
| internal/config/templates/backup.env | Removed ENABLE_GO_BACKUP from template |
| internal/tui/wizard/post_install_audit*.go | New post-install audit feature with TUI/core logic |
| internal/tui/wizard/install.go | Added prefill from existing config, improved rclone validation |
| internal/orchestrator/restore_firewall.go | Injected dependencies for testing |
| internal/orchestrator/restore_access_control_ui.go | Injected dependencies for testing |
| internal/orchestrator/pbs_staged_apply.go | Added hookable functions for testing |
| internal/orchestrator/pbs_api_apply.go | Injected Geteuid for testing |
| internal/orchestrator/mount_guard.go | Made functions mockable, fixed /run/media/root handling |
| internal/orchestrator/nic_mapping.go | Made sysClassNetPath configurable |
| internal/orchestrator/orchestrator.go | Removed legacy createBundle wrapper |
| internal/orchestrator/decrypt_workflow_ui.go | Updated to use Orchestrator method directly |
| internal/identity/identity.go | Removed unused internal exports |
| cmd/proxsave/main.go, install*.go | Added post-install audit to both TUI and CLI installers |
| docs/*.md | Updated documentation for new installer features |
| cmd/prefilter-manual/main.go | Deleted unused tool |
| internal/orchestrator/*_test.go | Extensive new test coverage (5000+ lines) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Codecov Report❌ Patch coverage is 📢 Thoughts on this report? Let us know! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.