Skip to content

feat: add automated rollback script (resolves #61) #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
maxrantil merged 5 commits into from
Nov 4, 2025
Merged

feat: add automated rollback script (resolves #61) #67

maxrantil merged 5 commits into from
Nov 4, 2025

Conversation

@maxrantil
Copy link
Owner

@maxrantil maxrantil commented Nov 4, 2025
edited
Loading

Summary

Implements automated rollback script to restore dotfiles from backup directories created by install.sh. This addresses the critical production confidence gap identified in Issue #61.

Changes

  • rollback.sh: New automated rollback script with comprehensive features

    • Automatic detection of latest backup directory
    • Interactive confirmation prompt (can be skipped with -y)
    • Dry-run mode (--dry-run) for previewing changes
    • Symlink removal from all standard locations (including ZDOTDIR)
    • File restoration with permission preservation
    • Automatic cleanup of empty backup directories
    • Hidden file support using dotglob
    • Security hardening: Backup directory validation, input sanitization, TOCTOU mitigation

  • tests/rollback-test.sh: Comprehensive test suite

    • 11 test scenarios covering all functionality
    • 13 passing assertions
    • Tests include: backup discovery, error handling (no backup, empty backup, invalid format), non-interactive mode, symlink removal, file content preservation, permission preservation, and dry-run mode

  • README.md: Documentation updates

    • Added "Rollback" section with usage examples
    • Updated test coverage list to include rollback functionality
    • Updated last modified date

Test Results

Rollback tests: 11/11 tests passed (13 assertions)
Pre-commit hooks: All checks passed
Security validation: All HIGH severity issues addressed
Production readiness: All blockers resolved

Security & Production Readiness Validation

Comprehensive validation performed by security-validator and devops-deployment-agent:

Security Improvements Implemented:

  • ✅ Backup directory name format validation (prevents malicious directories)
  • ✅ Empty backup directory validation (prevents broken system state)
  • ✅ ZDOTDIR input validation (prevents command injection)
  • ✅ TOCTOU mitigation in symlink removal (double-check pattern)
  • ✅ Enhanced error handling with explicit failure messages

Production Readiness Assessment:

  • Overall Score: 4.2/5.0 (Ready for Production)
  • Security Rating: 3.5/5.0 (Adequate for single-user context)
  • Reliability: 4.5/5.0 - All tests pass, robust backup discovery
  • Safety: 4.0/5.0 - Confirmation prompts, dry-run mode, validation
  • Testing: 4.5/5.0 - Comprehensive automated test suite
  • Documentation: 4.0/5.0 - Clear usage examples, help text

Issues Addressed:

  • Fixed 2 production blockers (empty backup validation, shell formatting)
  • Resolved 3 HIGH severity security issues
  • Added 2 new test cases for edge case coverage

Testing Instructions

# Run rollback-specific tests
./tests/rollback-test.sh

# Test in Docker environment
./tests/docker-test.sh

# Manual testing
./install.sh           # Create installation
./rollback.sh --dry-run  # Preview rollback
./rollback.sh -y       # Perform rollback

Implementation Details

TDD Approach:

  1. ✅ RED: Created failing tests first
  2. ✅ GREEN: Implemented minimal working solution
  3. ✅ REFACTOR: Cleaned up code while maintaining tests
  4. ✅ HARDEN: Added security validations based on expert review

Key Technical Decisions:

  • Uses shopt -s dotglob nullglob to handle hidden files in backup
  • Respects ZDOTDIR configuration from .zprofile
  • Preserves file permissions using mv instead of cp
  • Removes symlinks before restoration to avoid conflicts
  • Cleans up backup directory only if empty after restoration
  • Validates backup directory format and contents before proceeding
  • Sanitizes ZDOTDIR input to prevent command injection
  • Uses double-check pattern to mitigate TOCTOU vulnerabilities

Security & Safety

  • Confirmation prompt by default prevents accidental data loss
  • Dry-run mode allows safe preview of changes
  • Error handling for missing, empty, and malformed backup directories
  • Input validation for all external data sources
  • TOCTOU race condition mitigation in symlink operations
  • No destructive operations without user consent (except with -y flag)

References

Resolves #61

@maxrantil
feat: add automated rollback script for dotfiles installation
b1b5871 
Implements rollback.sh with comprehensive test suite to restore from
backup directories created by install.sh. Addresses installation
failure recovery needs identified by devops-deployment-agent and
security-validator.

Features:
- Automatic detection of latest backup directory
- Non-interactive mode with -y flag
- Dry-run mode for previewing changes
- Symlink removal and file restoration
- Permission preservation
- Empty backup directory cleanup

Testing:
- 9 test scenarios covering all functionality
- 11 assertions passing
- Handles hidden files correctly with dotglob
- Validates error handling when no backup exists

Resolves #61
@maxrantil
docs: add rollback script documentation to README
e6d3b26
@maxrantil
docs: add session handoff for issue #61 completion
c0a334c
@maxrantil
fix: add validation and hardening to rollback script
bfb29b7 
Address security and production readiness findings:

Security improvements:
- Add backup directory name format validation (prevents malicious directories)
- Add empty backup directory validation (prevents broken system state)
- Add ZDOTDIR input validation (prevents command injection)
- Add TOCTOU mitigation in symlink removal (double-check pattern)
- Improve error handling with explicit failure messages

Testing improvements:
- Add test for empty backup directory error handling
- Add test for invalid backup directory name format
- Expand test coverage to 11 tests, 13 assertions (all passing)

Code quality:
- Apply shfmt formatting for CI/CD compliance
- Add security warnings to error output

Addresses 3 HIGH severity security issues and 2 production blockers
All tests passing: 11/11 tests, 13/13 assertions
@maxrantil maxrantil marked this pull request as ready for review November 4, 2025 19:38
@maxrantil maxrantil merged commit 3277f6c into master Nov 4, 2025
9 checks passed
@maxrantil maxrantil deleted the feat/issue-61-rollback-script branch November 4, 2025 19:48
@maxrantil maxrantil mentioned this pull request Nov 4, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add automated rollback script for dotfiles installation

2 participants

@maxrantil