feat: add exposure map collectors#3
Open
Twix166 wants to merge 13 commits into
Open
Conversation
- Add UAT compose/deployment docs and access helper updates - Add findings remediation instruction persistence and frontend surfaces - Add monitoring alert delivery validation and dashboard contracts - Add exposure-map planning backlog/spec for the next slice
- Add exposure map tables for routes, DNS, launcher links, and findings - Add authenticated read-only exposure API endpoints - Add dashboard exposure panel and frontend contract coverage - Regenerate bootstrap schema from migrations
Add secret-safe normalizers for NPM, HCM, Heimdall, and DNS exposure data. Add deterministic exposure finding correlation and upsert helpers, expand the frontend Exposure Map panel, and cover the collector/correlation/API contracts with tests.
Add httpx and requests to the dev requirements so GitHub Actions can import FastAPI TestClient and integration test modules.
Add Bitwarden EU plus SOPS/age runbook, repo guardrails, encrypted sample bundle, validation script, and runtime env renderer for local secret materialization.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Verification
pytest→ 55 passed, 35 skippedpython -m py_compile brain/brainlib/exposure.py brain/collectors/exposure_collectors.pygit diff --checkhttps://homelabsec.home.robertbalm.com/returned 200 and contains the Exposure Map panel/API contract markers/api/auth/me,/api/exposure/summary,/api/exposure/routes,/api/exposure/dns,/api/exposure/launcher-links,/api/exposure/findingsall returned 200/api/exposure/summaryreturns 401 as expectedNotes
.envreturned 401 because the existing admin user was created earlier; authenticated API verification used a short-lived temporary session and deleted it afterward.