Mike/ShieldAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FRE-4807: Remediate security review Medium findings

Browse Source 
- Add SHA256 verification for k6 binary download (supply chain integrity)
- Remove literal 'test-token' fallback for API_TOKEN in CI workflow;
  add validation step that fails if LOAD_TEST_API_TOKEN secret is missing
- Replace 'test-token' fallback with empty string + warning in run-all.sh
- Replace 'test-token' fallback with empty string in all 4 service scripts
This commit is contained in:
Michael Freno
2026-05-13 13:39:57 -04:00
parent 6c4d0b91ca
commit 81173d7ab5
6 changed files with 22 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/load-test/services/darkwatch.js
View File

@@ -32,7 +32,7 @@ export const options = {
};
const BASE_URL = getBaseUrl();
const AUTH_TOKEN = __ENV.API_TOKEN || 'test-token';
const AUTH_TOKEN = __ENV.API_TOKEN || '';
const headers = {
'Content-Type': 'application/json',