Harden UpdateCenter public route methods #46

bluejay · 2026-06-18T15:38:25Z

bluejay commented

2026-06-18 15:38:25 +00:00

P0 UpdateCenter public exposure hardening.

Make update.flowercore.io / updates.flowercore.io public IngressRoute GET/HEAD only.
Remove public update hosts from the read-write Rego allowlist.
Add C# manifest lint coverage so POST/OPTIONS cannot return to the public UpdateCenter route.
Update fc-updater verification docs away from public API schema access.

Proof:

dotnet.exe test tests/bluejay-infra-lint/BluejayInfraLint.Tests.csproj (102 passed).
Updater public-host tests in FlowerCore.Updater main already cover /login, /api/auth/login, /agent/install, and admin shell leakage.
Fresh live probe on 2026-06-18: /login returned 404 for GET, HEAD, POST, and OPTIONS.

P0 UpdateCenter public exposure hardening. - Make update.flowercore.io / updates.flowercore.io public IngressRoute GET/HEAD only. - Remove public update hosts from the read-write Rego allowlist. - Add C# manifest lint coverage so POST/OPTIONS cannot return to the public UpdateCenter route. - Update fc-updater verification docs away from public API schema access. Proof: - dotnet.exe test tests/bluejay-infra-lint/BluejayInfraLint.Tests.csproj (102 passed). - Updater public-host tests in FlowerCore.Updater main already cover /login, /api/auth/login, /agent/install, and admin shell leakage. - Fresh live probe on 2026-06-18: /login returned 404 for GET, HEAD, POST, and OPTIONS.

bluejay added 1 commit 2026-06-18 15:38:25 +00:00

harden updatecenter public route methods 14195e5da7

bluejay merged commit e4e03643a4 into main

2026-06-18 15:38:59 +00:00

bluejay referenced this issue from a commit

2026-06-18 15:39:00 +00:00

Merge PR #46: Harden UpdateCenter public route methods

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: bluejay/bluejay-infra#46