Conversation
Owner
tis24dev
commented
Jan 21, 2026
tis24dev
commented
- Add tests for orchestrator, support, and tui modules
- Enforce root check only for real root filesystem restores
- Expand storage tests and improve FilesystemDetector hooks
- Improve email and webhook notifier test coverage
- Add comprehensive tests for MAC, directory, and security logic
- Add comprehensive coverage tests for decryption workflow
- Add network safe apply with rollback and diagnostics
- Add cluster shadowing guard and NIC naming override detection
- feat: improve network staging, datastore handling, and restore workflows
- refactor: add filesystem category and smart fstab merge
- feat: enhance network apply diagnostics and error handling
- Add default wait delay to command runner
- deps(deps): bump github.com/gdamore/tcell/v2 from 2.13.6 to 2.13.7 in the security-patches group (deps(deps): bump github.com/gdamore/tcell/v2 from 2.13.6 to 2.13.7 in the security-patches group #112)
- deps(deps): bump golang.org/x/crypto from 0.46.0 to 0.47.0 (deps(deps): bump golang.org/x/crypto from 0.46.0 to 0.47.0 #113)
- Fix octal unescaping to use ParseUint instead of ParseInt
- Revert "Sync dev to main (Sync dev to main #114)"
Introduces new test files for encryption, prompts, restore workflow, selective menu, support, and abort context functionalities. Refactors orchestrator/encryption.go to allow mocking terminal checks, and support.go to allow mocking email notifier creation for improved testability. Adds a stopHook to tui.App for controlled stopping in tests.
Updated restore privilege checks to require root only when restoring to the real system root (osFS), not for virtual or test filesystems. Added isRealRestoreFS helper to distinguish filesystem types.
Added extensive test coverage for local and secondary storage, including error handling, edge cases, and permission scenarios. Refactored FilesystemDetector to support injectable test hooks for mount point and filesystem type lookups, and improved octal unescaping logic. These changes enhance testability and reliability of storage operations.
Adds extensive unit tests for email and webhook notifiers, covering error branches, authentication methods, payload formats, and edge cases. Refactors email notifier to allow overriding Postfix config path for hermetic tests and fixes logger level checks for debug output.
Added extensive unit tests to identity_test.go for MAC address handling, interface ranking, system data generation, and edge cases. Expanded directory_recreation_test.go with tests for storage/datastore config parsing, directory creation, error propagation, and ZFS detection. Added security_test.go tests for ownership/permission checks, config-driven logic, and error handling. These tests improve coverage and robustness for identity, orchestrator, and security modules.
This commit adds extensive unit tests to internal/orchestrator/decrypt_test.go, covering error handling and edge cases for decryption workflows, rclone integration, bundle extraction, manifest inspection, and user prompt logic. The tests improve code reliability by simulating various failure scenarios, file system errors, and user interactions.
Implements network configuration safe apply with a transactional rollback timer, health checks, NIC name repair, and diagnostics capture. Adds network inventory collection, network health/preflight validation, and CLI workflow for applying/restoring network config with rollback. Updates backup safety logic to support network-only rollback archives and integrates new reporting in system collector and restore guide documentation.
Introduces cluster shadowing guard to prevent direct restoration of /etc/pve paths during cluster recovery, with sanitization logic and tests. Adds detection and reporting of persistent NIC naming override rules (udev/systemd) to network_apply and TUI workflows, including user prompts and detailed logging. Enhances safe cluster apply to handle node mismatches, prompt for source node selection, and improves logging and test coverage for restore scenarios.
- Add staged network file installation with automatic rollback on preflight validation failures in network_apply.go - Implement node hostname mismatch detection when applying VM/CT configs in SAFE cluster restore mode (RESTORE_GUIDE) - Add deferred datastore definition handling to prevent broken entries on unmounted disk locations (RESTORE_GUIDE) - Implement NIC repair staged install workflow and persistent naming rule detection (network_apply.go and docs) - Enhance directory_recreation.go with ZFS mount detection and datastore permission validation logic - Add automatic /etc/resolv.conf repair documentation and failing PBS job config removal on live restores (RESTORE_GUIDE) - Introduce promptYesNo CLI utility function for interactive confirmation prompts (prompts_cli.go) - Add file deduplication optimization pass and additional test coverage in optimizations.go - Expand restore workflow state management with additional safety checks and node handling (restore.go) - Add staged installation documentation covering /tmp/proxsave/restore-stage-* workflow and rollback timer mechanics
- Add filesystem category (ID: "filesystem", path: "./etc/fstab") to restore workflow covering mount points and configurations - Integrate filesystem category into storage, base, and full restore modes in GetStorageModeCategories and GetBaseModeCategories - Implement skipFn parameter in extractArchiveNative and extractPlainArchive to skip /etc/fstab during initial extraction - Add Smart Merge workflow for /etc/fstab via SmartMergeFstab function with user prompts on live restores to root (/) - Intercept filesystem category during normal extraction pipeline in RunRestoreWorkflow to prevent blind overwrite - Update extractArchiveNative to accept optional skipFn callback that filters entries before extraction with SKIPPED logging - Add safeFstabMerge flag in runFullRestore when destRoot == "/" to defer /etc/fstab processing until after extraction - Extend extractSelectiveArchive signature to pass skipFn parameter through the extraction chain - Update TestGetStorageModeCategories and TestGetBaseModeCategories assertions to verify filesystem inclusion (+1 count) - Refactor indentation in maybeInstallNetworkConfigFromStage and maybeApplyNetworkConfigCLI call chains for readability
• Increase network rollback timer from 90s to 180s (defaultNetworkRollbackTimeout constant) • Add NetworkApplyNotCommittedError type to report rollback path and restored IP on timeout • Refactor network validator order: prioritize ifup -n -a over ifquery --check -a for preflight validation • Introduce runNetworkIfqueryDiagnostic function for non-blocking diagnostic checks of network state • Capture baseline health report before apply with writeNetworkHealthReportFileNamed helper • Generate network plan report and capture pre/post-apply ifquery diagnostics automatically • Execute rollback immediately on timer expiration and capture after-rollback snapshots and ifquery output • Enhance error messages with validation command names (preflight.CommandLine()) and rollback paths - Add runCommandWithTimeoutCountdown function with visual progress feedback during service stop operations • Update restore summary to report "warnings" when network apply incomplete, with restored IP information
Introduces a default 3-second wait delay for commands executed via osCommandRunner. Handles exec.ErrWaitDelay by returning output without error, improving robustness of command execution.
… the security-patches group (#112) deps(deps): bump github.com/gdamore/tcell/v2 Bumps the security-patches group with 1 update: [github.com/gdamore/tcell/v2](https://github.com/gdamore/tcell). Updates `github.com/gdamore/tcell/v2` from 2.13.6 to 2.13.7 - [Release notes](https://github.com/gdamore/tcell/releases) - [Changelog](https://github.com/gdamore/tcell/blob/main/CHANGESv3.md) - [Commits](gdamore/tcell@v2.13.6...v2.13.7) --- updated-dependencies: - dependency-name: github.com/gdamore/tcell/v2 dependency-version: 2.13.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: security-patches ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.46.0 to 0.47.0. - [Commits](golang/crypto@v0.46.0...v0.47.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.47.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Replaces strconv.ParseInt with strconv.ParseUint in unescapeOctal to correctly handle unsigned octal values. This prevents potential issues when parsing octal escape sequences as bytes.
This reverts commit c1092cd.
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.OpenSSF Scorecard
Scanned Files
|
This reverts commit ef2221b.
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ef2221b6c5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
237
to
240
| subdirs := []string{".chunks", ".lock"} | ||
| for _, subdir := range subdirs { | ||
| path := filepath.Join(basePath, subdir) | ||
| if _, err := os.Stat(path); err != nil { | ||
| if os.IsNotExist(err) { | ||
| changed = true | ||
| dirsToFix = append(dirsToFix, path) | ||
| } | ||
| } | ||
| if err := os.MkdirAll(path, 0750); err != nil { | ||
| if err := os.MkdirAll(path, 0700); err != nil { |
There was a problem hiding this comment.
When restoring PBS datastores, createPBSDatastoreStructure now builds .lock via os.MkdirAll, which creates a directory at <datastore>/.lock. PBS expects .lock to be a file; if a directory exists there, PBS fails to open the lock and the datastore remains unavailable (e.g., “Is a directory” errors) whenever the restore recreates a missing datastore path.
Useful? React with 👍 / 👎.
Comment on lines
282
to
285
| // For now, we'll just log that this should be done | ||
| logger.Debug("Note: Set ownership manually if needed: chown -R backup:backup %s", path) | ||
|
|
||
| return nil |
There was a problem hiding this comment.
setDatastoreOwnership is now a no-op that only logs, while the datastore directories are created with mode 0700. On PBS systems where the backup user exists, this leaves recreated datastores owned by root with no access for the backup service, so proxmox-backup cannot use the datastore after restore until a manual chown is performed.
Useful? React with 👍 / 👎.
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.