Security Fixes
This commit is contained in:
Eric Gullickson
37
README.md
37
README.md
@@ -32,11 +32,17 @@ Load `docs/database-schema.md` for complete schema overview
|
||||
Load `docs/testing.md` for Docker-based testing workflow
|
||||
Only use docker containers for testing. Never install local tools if they do not exist already.
|
||||
|
||||
### 4. Development Environment (1 command)
|
||||
### 4. Development Environment (Docker-first)
|
||||
```bash
|
||||
make dev # Starts complete Docker environment
|
||||
# One-time setup (copies .env and builds containers)
|
||||
make setup
|
||||
|
||||
# Start/rebuild the full environment
|
||||
make dev
|
||||
```
|
||||
|
||||
Note: The frontend runs behind nginx with HTTPS in dev. You must provide local certificates in `./certs` (see SSL section below) or the frontend container will fail to start.
|
||||
|
||||
### 5. Key Principles
|
||||
- **Docker-First**: All development in containers, no local installs
|
||||
- **Feature Independence**: Each feature is completely isolated
|
||||
@@ -45,12 +51,16 @@ make dev # Starts complete Docker environment
|
||||
|
||||
### 6. Common Tasks
|
||||
```bash
|
||||
# Test specific feature
|
||||
npm test -- features/vehicles
|
||||
|
||||
# Run migrations
|
||||
# Run all migrations (inside containers)
|
||||
make migrate
|
||||
|
||||
# Run all backend tests (inside containers)
|
||||
make test
|
||||
|
||||
# Run tests for a specific feature (from backend container shell)
|
||||
make shell-backend
|
||||
npm test -- features/vehicles
|
||||
|
||||
# View logs
|
||||
make logs
|
||||
|
||||
@@ -60,10 +70,21 @@ make shell-backend
|
||||
|
||||
### 7. Feature Status
|
||||
- **vehicles**: Complete (primary entity, VIN decoding)
|
||||
- **fuel-logs**: Implemented (depends on vehicles)
|
||||
- **fuel-logs**: Implemented (depends on vehicles); tests pending
|
||||
- **maintenance**: Scaffolded (depends on vehicles)
|
||||
- **stations**: Partial (Google Maps integration)
|
||||
|
||||
## SSL for Frontend (Local Dev)
|
||||
- Place `motovaultpro.com.crt` and `motovaultpro.com.key` in `./certs`.
|
||||
- To generate self-signed dev certs:
|
||||
```bash
|
||||
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
|
||||
-keyout certs/motovaultpro.com.key \
|
||||
-out certs/motovaultpro.com.crt \
|
||||
-subj "/CN=localhost"
|
||||
```
|
||||
- Access frontend at `https://localhost:3443` (HTTP on `:3000` redirects to HTTPS).
|
||||
|
||||
## Architecture Summary
|
||||
Vehicle management platform using Modified Feature Capsule design where each feature is self-contained with API, domain logic, database layer, migrations, external integrations, tests, and documentation in a single directory. Built for AI maintainability with Docker-first development.
|
||||
|
||||
@@ -72,4 +93,4 @@ Vehicle management platform using Modified Feature Capsule design where each fea
|
||||
- **Features**: backend/src/features/[name]/README.md
|
||||
- **Database**: docs/database-schema.md
|
||||
- **Testing**: docs/testing.md
|
||||
- **Security**: docs/security.md
|
||||
- **Security**: docs/security.md
|
||||
|
||||
Reference in New Issue
Block a user