feat: add README.md to each lab with startup instructions and remove obsolete version from compose files

2026-04-09 14:30:22 +02:00
parent b5ccb3c149
commit 89c8e6ae07
28 changed files with 235 additions and 145 deletions
@@ -83,7 +83,7 @@

 **Plans:** 3

- [x] [02-01-PLAN.md](.planning/phases/02-lab-01-iam-sicurezza/02-01-PLAN.md) — Create test infrastructure (Wave 0: test-01-user-creation.sh, test-02-docker-access.sh, 03-non-root-test.sh, 99-final-verification.sh, run-all-tests.sh) **COMPLETE** 2026-03-24
+- [x] [02-01-PLAN.md](.planning/phases/02-lab-01-iam-sicurezza/02-01-PLAN.md) — Create test infrastructure (Wave 0: 99-final-verification.sh, 99-final-verification.sh, 99-final-verification.sh, 99-final-verification.sh, 99-final-verification.sh) **COMPLETE** 2026-03-24
 - [x] [02-02-PLAN.md](.planning/phases/02-lab-01-iam-sicurezza/02-02-PLAN.md) — Create Diátaxis documentation (Tutorial: 3 parts, How-to Guides: 3 guides, Reference: 3 documents, Explanation: IAM parallels) **COMPLETE** 2026-03-24
 - [x] [02-03-PLAN.md](.planning/phases/02-lab-01-iam-sicurezza/02-03-PLAN.md) — Create infrastructure (Dockerfile with non-root user, docker-compose.yml with user directive, infrastructure verification) **COMPLETE** 2026-03-24

@@ -139,11 +139,11 @@ None identified.

 **2026-03-24 - Phase 2 Plan 01 Execution (Test Infrastructure):**
 - Created 5 test scripts for Lab 01 IAM & Sicurezza (565 lines total)
- test-01-user-creation.sh: Validates Linux user/group creation
- test-02-docker-access.sh: Verifies Docker socket access control
- 03-non-root-test.sh: Ensures INF-01 compliance (no root containers)
+- 99-final-verification.sh: Validates Linux user/group creation
+- 99-final-verification.sh: Verifies Docker socket access control
+- 99-final-verification.sh: Ensures INF-01 compliance (no root containers)
 - 99-final-verification.sh: Student "double check" command
- run-all-tests.sh: Test orchestration with fail-fast
+- 99-final-verification.sh: Test orchestration with fail-fast
 - All tests follow TDD RED phase methodology
 - Fixed bash arithmetic issue with set -e using helper functions
 - Fixed usermod detection for /usr/sbin path
@@ -5,11 +5,11 @@ type: execute
 wave: 0
 depends_on: []
 files_modified:
-  - labs/lab-01-iam/tests/test-01-user-creation.sh
-  - labs/lab-01-iam/tests/test-02-docker-access.sh
-  - labs/lab-01-iam/tests/03-non-root-test.sh
  - labs/lab-01-iam/tests/99-final-verification.sh
-  - labs/lab-01-iam/tests/run-all-tests.sh
+  - labs/lab-01-iam/tests/99-final-verification.sh
+  - labs/lab-01-iam/tests/99-final-verification.sh
+  - labs/lab-01-iam/tests/99-final-verification.sh
+  - labs/lab-01-iam/tests/99-final-verification.sh
 autonomous: true
 requirements: [TEST-01, TEST-05, INF-01]
 user_setup: []
@@ -20,24 +20,24 @@ must_haves:
    - "Final verification script runs all checks for student self-validation"
    - "Test harness can be executed with single command"
  artifacts:
-    - path: "labs/lab-01-iam/tests/test-01-user-creation.sh"
+    - path: "labs/lab-01-iam/tests/99-final-verification.sh"
      provides: "User and group creation validation"
      min_lines: 40
-    - path: "labs/lab-01-iam/tests/test-02-docker-access.sh"
+    - path: "labs/lab-01-iam/tests/99-final-verification.sh"
      provides: "Docker socket access control validation"
      min_lines: 30
-    - path: "labs/lab-01-iam/tests/03-non-root-test.sh"
+    - path: "labs/lab-01-iam/tests/99-final-verification.sh"
      provides: "Non-root container verification (INF-01)"
      min_lines: 35
    - path: "labs/lab-01-iam/tests/99-final-verification.sh"
      provides: "Final double-check command for students"
      min_lines: 25
-    - path: "labs/lab-01-iam/tests/run-all-tests.sh"
+    - path: "labs/lab-01-iam/tests/99-final-verification.sh"
      provides: "Test suite orchestration"
      min_lines: 15
  key_links:
-    - from: "run-all-tests.sh"
-      to: "test-01-user-creation.sh, test-02-docker-access.sh, 03-non-root-test.sh, 99-final-verification.sh"
+    - from: "99-final-verification.sh"
+      to: "99-final-verification.sh, 99-final-verification.sh, 99-final-verification.sh, 99-final-verification.sh"
      via: "Sequential execution with exit code handling"
      pattern: "bash.*tests/.*\\.sh"
 ---
@@ -105,15 +105,15 @@ echo "PASS: All containers running as non-root"
 ## Test Framework from RESEARCH.md
 - Framework: BASH (Bourne Again Shell) >= 4.0
 - No config file needed - inline test functions
- Quick run: `bash labs/lab-01-iam/tests/quick-test.sh`
- Full suite: `bash labs/lab-01-iam/tests/run-all-tests.sh`
+- Quick run: `bash labs/lab-01-iam/tests/99-final-verification.sh`
+- Full suite: `bash labs/lab-01-iam/tests/99-final-verification.sh`
 </context>

 <tasks>

 <task type="auto" tdd="true">
  <name>Task 1: Create user creation test script</name>
-  <files>labs/lab-01-iam/tests/test-01-user-creation.sh</files>
+  <files>labs/lab-01-iam/tests/99-final-verification.sh</files>
  <behavior>
    - Test 1: Non-existent user returns appropriate failure
    - Test 2: User not in docker group cannot access Docker socket
@@ -207,14 +207,14 @@ Key implementation points:
 - Return proper exit codes (0=pass, 1=fail)
  </action>
  <verify>
-    <automated>chmod +x labs/lab-01-iam/tests/test-01-user-creation.sh && bash labs/lab-01-iam/tests/test-01-user-creation.sh</automated>
+    <automated>chmod +x labs/lab-01-iam/tests/99-final-verification.sh && bash labs/lab-01-iam/tests/99-final-verification.sh</automated>
  </verify>
  <done>Script exists, is executable, and tests user/group creation behavior</done>
 </task>

 <task type="auto" tdd="true">
  <name>Task 2: Create Docker access control test script</name>
-  <files>labs/lab-01-iam/tests/test-02-docker-access.sh</files>
+  <files>labs/lab-01-iam/tests/99-final-verification.sh</files>
  <behavior>
    - Test 1: User in docker group can execute docker ps
    - Test 2: User in docker group can run basic containers
@@ -321,14 +321,14 @@ Key implementation points:
 - Test mechanism for adding users to docker group
  </action>
  <verify>
-    <automated>chmod +x labs/lab-01-iam/tests/test-02-docker-access.sh && bash labs/lab-01-iam/tests/test-02-docker-access.sh</automated>
+    <automated>chmod +x labs/lab-01-iam/tests/99-final-verification.sh && bash labs/lab-01-iam/tests/99-final-verification.sh</automated>
  </verify>
  <done>Script validates Docker socket access control mechanisms</done>
 </task>

 <task type="auto" tdd="true">
  <name>Task 3: Create non-root container verification script (INF-01)</name>
-  <files>labs/lab-01-iam/tests/03-non-root-test.sh</files>
+  <files>labs/lab-01-iam/tests/99-final-verification.sh</files>
  <behavior>
    - Test 1: Container configured with USER directive runs as non-root
    - Test 2: docker exec whoami returns non-root user
@@ -501,7 +501,7 @@ Key implementation points:
 - Check all services in docker-compose.yml for compliance
  </action>
  <verify>
-    <automated>chmod +x labs/lab-01-iam/tests/03-non-root-test.sh && bash labs/lab-01-iam/tests/03-non-root-test.sh</automated>
+    <automated>chmod +x labs/lab-01-iam/tests/99-final-verification.sh && bash labs/lab-01-iam/tests/99-final-verification.sh</automated>
  </verify>
  <done>Script verifies INF-01: no container runs as root</done>
 </task>
@@ -687,7 +687,7 @@ Key implementation points:

 <task type="auto" tdd="true">
  <name>Task 5: Create test orchestration script</name>
-  <files>labs/lab-01-iam/tests/run-all-tests.sh</files>
+  <files>labs/lab-01-iam/tests/99-final-verification.sh</files>
  <behavior>
    - Test 1: Script executes all test files in sequence
    - Test 2: Script stops on first failure (fail-fast)
@@ -701,7 +701,7 @@ Create test orchestration script:
 #!/bin/bash
 # Test Suite Runner: Lab 01 - IAM & Sicurezza
 # Runs all tests in sequence and provides summary
-# Usage: bash labs/lab-01-iam/tests/run-all-tests.sh
+# Usage: bash labs/lab-01-iam/tests/99-final-verification.sh

 set -euo pipefail

@@ -722,9 +722,9 @@ echo ""

 # Array of test files in order
 declare -a tests=(
-    "$TEST_DIR/test-01-user-creation.sh"
-    "$TEST_DIR/test-02-docker-access.sh"
-    "$TEST_DIR/03-non-root-test.sh"
+    "$TEST_DIR/99-final-verification.sh"
+    "$TEST_DIR/99-final-verification.sh"
+    "$TEST_DIR/99-final-verification.sh"
 )

 total_tests=${#tests[@]}
@@ -780,7 +780,7 @@ Key implementation points:
 - Can be run from any directory (uses absolute paths)
  </action>
  <verify>
-    <automated>chmod +x labs/lab-01-iam/tests/run-all-tests.sh && bash labs/lab-01-iam/tests/run-all-tests.sh</automated>
+    <automated>chmod +x labs/lab-01-iam/tests/99-final-verification.sh && bash labs/lab-01-iam/tests/99-final-verification.sh</automated>
  </verify>
  <done>Orchestration script runs all tests and provides summary</done>
 </task>
@@ -20,11 +20,11 @@ Plan 02-01 established the test infrastructure foundation for Lab 01 (IAM & Sicu

 | File | Lines | Purpose |
 |------|-------|---------|
-| `labs/lab-01-iam/tests/test-01-user-creation.sh` | 92 | Validate Linux user/group creation and Docker group membership |
-| `labs/lab-01-iam/tests/test-02-docker-access.sh` | 92 | Verify Docker socket permissions and access control mechanisms |
-| `labs/lab-01-iam/tests/03-non-root-test.sh` | 157 | Ensure INF-01 compliance: no containers run as root |
+| `labs/lab-01-iam/tests/99-final-verification.sh` | 92 | Validate Linux user/group creation and Docker group membership |
+| `labs/lab-01-iam/tests/99-final-verification.sh` | 92 | Verify Docker socket permissions and access control mechanisms |
+| `labs/lab-01-iam/tests/99-final-verification.sh` | 157 | Ensure INF-01 compliance: no containers run as root |
 | `labs/lab-01-iam/tests/99-final-verification.sh` | 151 | Student "double check" command for end-to-end validation |
-| `labs/lab-01-iam/tests/run-all-tests.sh` | 73 | Test suite orchestration with fail-fast behavior |
+| `labs/lab-01-iam/tests/99-final-verification.sh` | 73 | Test suite orchestration with fail-fast behavior |

 **Total:** 565 lines of bash test code

@@ -60,8 +60,8 @@ Plan 02-01 established the test infrastructure foundation for Lab 01 (IAM & Sicu
 ## Requirements Covered

 - **TEST-01:** Test scripts validate user creation and Docker access
- **TEST-05:** Test harness can be executed with single command (`run-all-tests.sh`)
- **INF-01:** Non-root container verification (`03-non-root-test.sh`)
+- **TEST-05:** Test harness can be executed with single command (`99-final-verification.sh`)
+- **INF-01:** Non-root container verification (`99-final-verification.sh`)

 ## Deviations from Plan

@@ -71,14 +71,14 @@ Plan 02-01 established the test infrastructure foundation for Lab 01 (IAM & Sicu
 - **Found during:** Task 1
 - **Issue:** `((pass_count++))` returns 0 when counter is 0, causing `set -e` to exit the script
 - **Fix:** Created helper functions `inc_pass()` and `inc_fail()` with `|| true` to handle the return value
- **Files modified:** `test-01-user-creation.sh`, `test-02-docker-access.sh`, `03-non-root-test.sh`, `run-all-tests.sh`
+- **Files modified:** `99-final-verification.sh`, `99-final-verification.sh`, `99-final-verification.sh`, `99-final-verification.sh`
 - **Commit:** a5969ba

 **2. [Rule 1 - Bug] Usermod detection in non-standard PATH**
 - **Found during:** Task 2
 - **Issue:** `command -v usermod` fails when `/usr/sbin` is not in PATH
 - **Fix:** Added check `[ -x /usr/sbin/usermod ]` as fallback
- **Files modified:** `test-02-docker-access.sh`
+- **Files modified:** `99-final-verification.sh`
 - **Commit:** 2926a53

 ### Architectural Changes
@@ -96,9 +96,9 @@ Failed: 0/3
 ```

 Individual test results:
- **test-01-user-creation.sh:** 3 passed, 0 failed (2 SKIP due to missing sudo)
- **test-02-docker-access.sh:** 4 passed, 0 failed
- **03-non-root-test.sh:** 4 passed, 0 failed (4 SKIP - infrastructure not created)
+- **99-final-verification.sh:** 3 passed, 0 failed (2 SKIP due to missing sudo)
+- **99-final-verification.sh:** 4 passed, 0 failed
+- **99-final-verification.sh:** 4 passed, 0 failed (4 SKIP - infrastructure not created)

 ## Commits

@@ -450,7 +450,7 @@ if [ $fail_count -eq 0 ]; then
    echo -e "${GREEN}GREEN phase complete - infrastructure satisfies tests${NC}"
    echo ""
    echo "Next: Run full test suite"
-    echo "  bash labs/lab-01-iam/tests/run-all-tests.sh"
+    echo "  bash labs/lab-01-iam/tests/99-final-verification.sh"
    echo -e "${BLUE}========================================${NC}"
    exit 0
 else
@@ -65,7 +65,7 @@ labs/lab-01-iam/
 ├── tests/
 │   ├── 01-user-creation-test.sh
 │   ├── 02-docker-access-test.sh
-│   └── 03-non-root-test.sh
+│   └── 99-final-verification.sh
 └── docker-compose.yml
 ```

@@ -305,14 +305,14 @@ echo "All tests passed!" || echo "Some tests failed"
 |----------|-------|
 | Framework | BASH (Bourne Again Shell) >= 4.0 |
 | Config file | None — inline test functions |
-| Quick run command | `bash labs/lab-01-iam/tests/quick-test.sh` |
-| Full suite command | `bash labs/lab-01-iam/tests/run-all-tests.sh` |
+| Quick run command | `bash labs/lab-01-iam/tests/99-final-verification.sh` |
+| Full suite command | `bash labs/lab-01-iam/tests/99-final-verification.sh` |

 ### Phase Requirements → Test Map

 | Req ID | Behavior | Test Type | Automated Command | File Exists? |
 |--------|----------|-----------|-------------------|-------------|
-| LAB-01 | Studente può configurare utenti Linux, gruppi e permessi per accesso Docker socket | integration | `bash tests/test-01-user-creation.sh` | ❌ Wave 0 |
+| LAB-01 | Studente può configurare utenti Linux, gruppi e permessi per accesso Docker socket | integration | `bash tests/99-final-verification.sh` | ❌ Wave 0 |
 | DOCT-01 | Lab include Tutorial (guida passo-passo) | manual | Verify file exists: `tutorial/01-create-users.md` | ❌ Wave 0 |
 | DOCT-02 | Lab include How-to Guides | manual | Verify files exist: `how-to-guides/*.md` | ❌ Wave 0 |
 | DOCT-03 | Lab include Reference | manual | Verify file exists: `reference/docker-socket-permissions.md` | ❌ Wave 0 |
@@ -320,14 +320,14 @@ echo "All tests passed!" || echo "Some tests failed"
 | DOCT-05 | Tutorial segue principio "little often" | manual | Review tutorial for incremental steps | ❌ Wave 0 |
 | TEST-01 | Script di test bash pre-implementazione (TDI) | unit | `bash tests/02-docker-access-test.sh` | ❌ Wave 0 |
 | TEST-05 | Comando di verifica finale ("double check") | integration | `bash tests/99-final-verification.sh` | ❌ Wave 0 |
-| INF-01 | Nessun container gira come utente root | unit | `bash tests/03-non-root-test.sh` | ❌ Wave 0 |
+| INF-01 | Nessun container gira come utente root | unit | `bash tests/99-final-verification.sh` | ❌ Wave 0 |
 | PARA-01 | Componente Docker mappato a servizio cloud (IAM Users) | manual | Verify Explanation document includes mapping table | ❌ Wave 0 |
 | PARA-03 | Differenze tra locale e cloud documentate | manual | Verify Explanation includes differences section | ❌ Wave 0 |
 | PARA-04 | Comandi Docker equivalenti a comandi cloud mostrati | manual | Verify Reference includes command comparison | ❌ Wave 0 |

 ### Sampling Rate
- **Per task commit:** `bash labs/lab-01-iam/tests/quick-test.sh` (runs in < 30 seconds)
- **Per wave merge:** `bash labs/lab-01-iam/tests/run-all-tests.sh` (full validation)
+- **Per task commit:** `bash labs/lab-01-iam/tests/99-final-verification.sh` (runs in < 30 seconds)
+- **Per wave merge:** `bash labs/lab-01-iam/tests/99-final-verification.sh` (full validation)
 - **Phase gate:** Full suite green + manual verification of all 4 Diátaxis documents + INF-01 verified

 ### Wave 0 Gaps
@@ -20,7 +20,7 @@ created: 2026-03-24
 | **Framework** | Bash script testing + Docker inspection |
 | **Config file** | none — Wave 0 installs |
 | **Quick run command** | `labs/lab-01-iam/tests/test-01-setup.sh` |
-| **Full suite command** | `labs/lab-01-iam/tests/run-all-tests.sh` |
+| **Full suite command** | `labs/lab-01-iam/tests/99-final-verification.sh` |
 | **Estimated runtime** | ~15 seconds |

 ---
@@ -38,10 +38,10 @@ created: 2026-03-24

 | Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status |
 |---------|------|------|-------------|-----------|-------------------|-------------|--------|
-| 02-01-01 | 01 | 1 | TEST-01 | script | `labs/lab-01-iam/tests/test-01-user.sh` | ✅ W0 | ⬜ pending |
-| 02-01-02 | 01 | 1 | LAB-01 | script | `labs/lab-01-iam/tests/test-01-user.sh` | ✅ W0 | ⬜ pending |
-| 02-02-01 | 02 | 1 | TEST-01 | script | `labs/lab-01-iam/tests/test-02-permission.sh` | ✅ W0 | ⬜ pending |
-| 02-02-02 | 02 | 1 | LAB-01 | script | `labs/lab-01-iam/tests/test-02-permission.sh` | ✅ W0 | ⬜ pending |
+| 02-01-01 | 01 | 1 | TEST-01 | script | `labs/lab-01-iam/tests/99-final-verification.sh` | ✅ W0 | ⬜ pending |
+| 02-01-02 | 01 | 1 | LAB-01 | script | `labs/lab-01-iam/tests/99-final-verification.sh` | ✅ W0 | ⬜ pending |
+| 02-02-01 | 02 | 1 | TEST-01 | script | `labs/lab-01-iam/tests/99-final-verification.sh` | ✅ W0 | ⬜ pending |
+| 02-02-02 | 02 | 1 | LAB-01 | script | `labs/lab-01-iam/tests/99-final-verification.sh` | ✅ W0 | ⬜ pending |
 | 02-03-01 | 03 | 1 | INF-01 | docker | `docker inspect --format='{{.Config.User}}' lab01-nginx 2>/dev/null || echo "not built"` | ✅ W0 | ⬜ pending |
 | 02-03-02 | 03 | 2 | DOCT-01 | file | `test -f labs/lab-01-iam/tutorial.md` | — | ⬜ pending |
 | 02-03-03 | 03 | 2 | DOCT-02 | file | `test -f how-to-guides/docker-user-setup.md` | — | ⬜ pending |
@@ -57,8 +57,8 @@ created: 2026-03-24

 ## Wave 0 Requirements

- [ ] `labs/lab-01-iam/tests/test-01-user.sh` — Verifies user creation fails without docker group
- [ ] `labs/lab-01-iam/tests/test-02-permission.sh` — Verifies docker socket access requires group membership
+- [ ] `labs/lab-01-iam/tests/99-final-verification.sh` — Verifies user creation fails without docker group
+- [ ] `labs/lab-01-iam/tests/99-final-verification.sh` — Verifies docker socket access requires group membership
 - [ ] `labs/lab-01-iam/tests/double-check.sh` — Final validation script for student self-check
 - [ ] Docker group exists on test system
 - [ ] Test can distinguish between permission denied and other errors
@@ -18,10 +18,10 @@ score: 23/23 must-haves verified

 | #   | Truth   | Status     | Evidence       |
 | --- | ------- | ---------- | -------------- |
-| 1   | Test scripts exist and can validate user creation and Docker access | VERIFIED | 6 test scripts exist, test-01-user-creation.sh (92 lines), test-02-docker-access.sh (92 lines) |
-| 2   | Test scripts verify non-root container execution (INF-01) | VERIFIED | 03-non-root-test.sh (157 lines) verifies INF-01 with whoami, inspect, docker top checks |
+| 1   | Test scripts exist and can validate user creation and Docker access | VERIFIED | 6 test scripts exist, 99-final-verification.sh (92 lines), 99-final-verification.sh (92 lines) |
+| 2   | Test scripts verify non-root container execution (INF-01) | VERIFIED | 99-final-verification.sh (157 lines) verifies INF-01 with whoami, inspect, docker top checks |
 | 3   | Final verification script runs all checks for student self-validation | VERIFIED | 99-final-verification.sh (151 lines) provides comprehensive double-check command |
-| 4   | Test harness can be executed with single command | VERIFIED | run-all-tests.sh (73 lines) orchestrates all tests with fail-fast behavior |
+| 4   | Test harness can be executed with single command | VERIFIED | 99-final-verification.sh (73 lines) orchestrates all tests with fail-fast behavior |
 | 5   | Student can follow step-by-step tutorial to create Linux users with Docker permissions | VERIFIED | 3 tutorial files: 01-create-linux-users.md (162 lines), 02-docker-group-permissions.md (180 lines), 03-verify-iam-setup.md (232 lines) |
 | 6   | Tutorial follows 'little often' principle with small incremental steps | VERIFIED | Each tutorial has step-by-step format with verification after each step (e.g., "Passo 1", "Passo 2", expected output) |
 | 7   | How-to guides exist for common procedures independent of tutorial flow | VERIFIED | 3 how-to guides: add-user-to-docker-group.md (50 lines), verify-non-root-container.md (55 lines), reset-docker-permissions.md (110 lines) |
@@ -29,7 +29,7 @@ score: 23/23 must-haves verified
 | 9   | Explanation document draws clear parallels between Docker permissions and AWS IAM | VERIFIED | docker-iam-parallels.md (361 lines) contains comprehensive IAM parallels with comparison tables |
 | 10  | docker-compose.yml defines services with non-root user directive (INF-01) | VERIFIED | docker-compose.yml line 20: `user: "1000:1000"` |
 | 11  | Dockerfile creates non-root user and switches before CMD (INF-01) | VERIFIED | Dockerfile line 28: `USER labuser` - switches before CMD on line 31 |
-| 12  | Test scripts validate non-root execution (INF-01) | VERIFIED | 03-non-root-test.sh and 04-verify-infrastructure.sh both verify non-root execution |
+| 12  | Test scripts validate non-root execution (INF-01) | VERIFIED | 99-final-verification.sh and 04-verify-infrastructure.sh both verify non-root execution |
 | 13  | Infrastructure follows test-driven approach (GREEN phase of TDI) | VERIFIED | 04-verify-infrastructure.sh (163 lines) confirms GREEN phase - all 6 checks including USER directive, user directive, build test, runtime test |

 **Score:** 13/13 truths verified
@@ -38,11 +38,11 @@ score: 23/23 must-haves verified

 | Artifact | Expected | Status | Details |
 | -------- | ----------- | ------ | ------- |
-| `labs/lab-01-iam/tests/test-01-user-creation.sh` | User and group creation validation | VERIFIED | 92 lines, tests user creation, group membership, Docker access denial |
-| `labs/lab-01-iam/tests/test-02-docker-access.sh` | Docker socket access control validation | VERIFIED | 92 lines, tests socket permissions, docker group, group management |
-| `labs/lab-01-iam/tests/03-non-root-test.sh` | Non-root container verification (INF-01) | VERIFIED | 157 lines, multi-method verification (whoami, inspect, compose) |
+| `labs/lab-01-iam/tests/99-final-verification.sh` | User and group creation validation | VERIFIED | 92 lines, tests user creation, group membership, Docker access denial |
+| `labs/lab-01-iam/tests/99-final-verification.sh` | Docker socket access control validation | VERIFIED | 92 lines, tests socket permissions, docker group, group management |
+| `labs/lab-01-iam/tests/99-final-verification.sh` | Non-root container verification (INF-01) | VERIFIED | 157 lines, multi-method verification (whoami, inspect, compose) |
 | `labs/lab-01-iam/tests/99-final-verification.sh` | Final double-check command for students | VERIFIED | 151 lines, comprehensive 5-check verification with visual indicators |
-| `labs/lab-01-iam/tests/run-all-tests.sh` | Test suite orchestration | VERIFIED | 73 lines, fail-fast execution, summary report |
+| `labs/lab-01-iam/tests/99-final-verification.sh` | Test suite orchestration | VERIFIED | 73 lines, fail-fast execution, summary report |
 | `labs/lab-01-iam/tutorial/01-create-linux-users.md` | Step-by-step user creation guide | VERIFIED | 162 lines (expected 60+), 5 steps with verification, troubleshooting section |
 | `labs/lab-01-iam/tutorial/02-docker-group-permissions.md` | Docker group permissions tutorial | VERIFIED | 180 lines (expected 60+), step-by-step with expected output |
 | `labs/lab-01-iam/tutorial/03-verify-iam-setup.md` | Verification and testing tutorial | VERIFIED | 232 lines (expected 40+), comprehensive testing guide |
@@ -63,7 +63,7 @@ score: 23/23 must-haves verified

 | From | To | Via | Status | Details |
 | ---- | --- | --- | ------ | ------- |
-| run-all-tests.sh | test-01-user-creation.sh, test-02-docker-access.sh, 03-non-root-test.sh | Sequential execution with exit code handling | WIRED | run-all-tests.sh lines 24-28 declare array, lines 34-52 execute sequentially |
+| 99-final-verification.sh | 99-final-verification.sh, 99-final-verification.sh, 99-final-verification.sh | Sequential execution with exit code handling | WIRED | 99-final-verification.sh lines 24-28 declare array, lines 34-52 execute sequentially |
 | tutorial/*.md | how-to-guides/*.md, reference/*.md | Cross-references for deeper dives | WIRED | explanation/docker-iam-parallels.md links to ../tutorial/ and ../reference/ |
 | explanation/docker-iam-parallels.md | reference/iam-parallels.md | Quick reference table for concepts | WIRED | explanation line 361: [Reference: Tabella Parallelismi](../reference/iam-parallels.md) |
 | docker-compose.yml | Dockerfile | build context and image reference | WIRED | docker-compose.yml lines 12-15: build context with Dockerfile reference |
@@ -9,8 +9,8 @@ files_modified:
  - labs/lab-02-network/tests/02-isolation-verification-test.sh
  - labs/lab-02-network/tests/03-inf02-compliance-test.sh
  - labs/lab-02-network/tests/99-final-verification.sh
-  - labs/lab-02-network/tests/run-all-tests.sh
-  - labs/lab-02-network/tests/quick-test.sh
+  - labs/lab-02-network/tests/99-final-verification.sh
+  - labs/lab-02-network/tests/99-final-verification.sh
 autonomous: true
 requirements:
  - TEST-01
@@ -22,7 +22,7 @@ user_setup: []
 must_haves:
  truths:
    - "Test scripts exist and validate network infrastructure before implementation"
-    - "Tests can be executed with single command (run-all-tests.sh)"
+    - "Tests can be executed with single command (99-final-verification.sh)"
    - "Tests verify INF-02 compliance (no 0.0.0.0 port bindings)"
    - "Tests validate network isolation between bridge networks"
    - "Final verification script provides clear pass/fail report"
@@ -39,10 +39,10 @@ must_haves:
    - path: "labs/lab-02-network/tests/99-final-verification.sh"
      provides: "Student double-check command"
      min_lines: 100
-    - path: "labs/lab-02-network/tests/run-all-tests.sh"
+    - path: "labs/lab-02-network/tests/99-final-verification.sh"
      provides: "Test orchestration with fail-fast"
      min_lines: 50
-    - path: "labs/lab-02-network/tests/quick-test.sh"
+    - path: "labs/lab-02-network/tests/99-final-verification.sh"
      provides: "Quick validation for development"
      min_lines: 30
  key_links:
@@ -77,7 +77,7 @@ Output: 6 bash test scripts covering network creation, isolation verification, I

 # Test Patterns from Phase 2

-From labs/lab-01-iam/tests/run-all-tests.sh:
+From labs/lab-01-iam/tests/99-final-verification.sh:
 ```bash
 #!/bin/bash
 set -euo pipefail
@@ -90,8 +90,8 @@ NC='\033[0m'

 # Test array with fail-fast behavior
 declare -a tests=(
-    "$TEST_DIR/test-01-user-creation.sh"
-    "$TEST_DIR/test-02-docker-access.sh"
+    "$TEST_DIR/99-final-verification.sh"
+    "$TEST_DIR/99-final-verification.sh"
 )

 # Counter increment helpers to handle set -e
@@ -266,18 +266,18 @@ Phase 2 patterns to follow:

 <task type="auto">
  <name>Task 5: Create test orchestration scripts</name>
-  <files>labs/lab-02-network/tests/run-all-tests.sh, labs/lab-02-network/tests/quick-test.sh</files>
+  <files>labs/lab-02-network/tests/99-final-verification.sh, labs/lab-02-network/tests/99-final-verification.sh</files>
  <action>
    Create two test orchestration scripts:

-    1. **run-all-tests.sh**: Full test suite with fail-fast behavior
+    1. **99-final-verification.sh**: Full test suite with fail-fast behavior
       - Runs all test scripts in sequence
       - Stops on first failure (fail-fast)
       - Shows summary with pass/fail counts
       - Recommends final verification if all pass
-       - Follows Phase 2 pattern from labs/lab-01-iam/tests/run-all-tests.sh
+       - Follows Phase 2 pattern from labs/lab-01-iam/tests/99-final-verification.sh

-    2. **quick-test.sh**: Quick validation for development (< 30 seconds)
+    2. **99-final-verification.sh**: Quick validation for development (< 30 seconds)
       - Runs subset of critical tests
       - For use during development (per-task validation)
       - Tests: network creation, INF-02 compliance, basic isolation
@@ -290,7 +290,7 @@ Phase 2 patterns to follow:
    - Test array definition for easy modification
    - Counter increments with `|| true` helper

-    run-all-tests.sh structure:
+    99-final-verification.sh structure:
    ```bash
    declare -a tests=(
        "$TEST_DIR/01-network-creation-test.sh"
@@ -299,7 +299,7 @@ Phase 2 patterns to follow:
    )
    ```

-    quick-test.sh structure:
+    99-final-verification.sh structure:
    ```bash
    declare -a tests=(
        "$TEST_DIR/01-network-creation-test.sh"
@@ -310,7 +310,7 @@ Phase 2 patterns to follow:
    Expected: 2 orchestration scripts enabling both full validation and quick development feedback
  </action>
  <verify>
-    <automated>bash labs/lab-02-network/tests/run-all-tests.sh</automated>
+    <automated>bash labs/lab-02-network/tests/99-final-verification.sh</automated>
  </verify>
  <done>Orchestration scripts run all tests in sequence. Fail-fast stops on first failure. Quick-test provides rapid feedback during development.</done>
 </task>
@@ -324,8 +324,8 @@ After all tasks complete, verify:

 1. **Test Files Created**: All 6 test scripts exist in labs/lab-02-network/tests/
 2. **Scripts Are Executable**: Run `chmod +x labs/lab-02-network/tests/*.sh`
-3. **Tests Run Successfully**: `bash labs/lab-02-network/tests/run-all-tests.sh` executes (tests may show SKIP if infrastructure not created)
-4. **Quick Test Works**: `bash labs/lab-02-network/tests/quick-test.sh` completes in < 30 seconds
+3. **Tests Run Successfully**: `bash labs/lab-02-network/tests/99-final-verification.sh` executes (tests may show SKIP if infrastructure not created)
+4. **Quick Test Works**: `bash labs/lab-02-network/tests/99-final-verification.sh` completes in < 30 seconds
 5. **Pattern Consistency**: Tests follow Phase 2 patterns (color output, helper functions, fail-fast)

 ## Automated Validation Commands
@@ -335,10 +335,10 @@ After all tasks complete, verify:
 ls -la labs/lab-02-network/tests/*.sh

 # Run full test suite (should execute, may show SKIP)
-bash labs/lab-02-network/tests/run-all-tests.sh
+bash labs/lab-02-network/tests/99-final-verification.sh

 # Run quick test
-bash labs/lab-02-network/tests/quick-test.sh
+bash labs/lab-02-network/tests/99-final-verification.sh

 # Run final verification
 bash labs/lab-02-network/tests/99-final-verification.sh
@@ -350,15 +350,15 @@ bash labs/lab-02-network/tests/99-final-verification.sh
 - [ ] Tests follow bash best practices (set -euo pipefail, proper exit codes)
 - [ ] Color-coded output (PASS=green, FAIL=red, SKIP=yellow)
 - [ ] Tests handle missing infrastructure gracefully (SKIP instead of FAIL)
- [ ] run-all-tests.sh implements fail-fast behavior
- [ ] quick-test.sh completes in < 30 seconds
+- [ ] 99-final-verification.sh implements fail-fast behavior
+- [ ] 99-final-verification.sh completes in < 30 seconds
 - [ ] Final verification provides clear student-facing report
 </verification>

 <success_criteria>
 1. Test infrastructure is complete BEFORE implementation (Wave 0 requirement satisfied)
 2. All requirement IDs (TEST-01, TEST-05, INF-02, LAB-02) have test coverage
-3. Tests can be executed with single command: `bash labs/lab-02-network/tests/run-all-tests.sh`
+3. Tests can be executed with single command: `bash labs/lab-02-network/tests/99-final-verification.sh`
 4. Tests validate network creation, isolation, and INF-02 compliance
 5. Final verification script provides clear pass/fail report for students
 6. Quick test enables rapid development feedback (< 30 seconds)
@@ -25,8 +25,8 @@ Plan 03-01 established the test infrastructure foundation for Lab 02 (Network &
 | `labs/lab-02-network/tests/03-inf02-compliance-test.sh` | 272 | Ensure INF-02 compliance: private networks don't expose ports on 0.0.0.0 |
 | `labs/lab-02-network/tests/04-verify-infrastructure.sh` | 244 | Infrastructure verification script |
 | `labs/lab-02-network/tests/99-final-verification.sh` | 325 | Student "double check" command for end-to-end validation |
-| `labs/lab-02-network/tests/run-all-tests.sh` | 146 | Test suite orchestration with fail-fast behavior |
-| `labs/lab-02-network/tests/quick-test.sh` | 196 | Quick validation for development |
+| `labs/lab-02-network/tests/99-final-verification.sh` | 146 | Test suite orchestration with fail-fast behavior |
+| `labs/lab-02-network/tests/99-final-verification.sh` | 196 | Quick validation for development |

 **Total:** 1,637 lines of bash test code

@@ -64,7 +64,7 @@ Plan 03-01 established the test infrastructure foundation for Lab 02 (Network &
 ## Requirements Covered

 - **TEST-01:** Test scripts validate network creation and isolation
- **TEST-05:** Test harness can be executed with single command (`run-all-tests.sh`)
+- **TEST-05:** Test harness can be executed with single command (`99-final-verification.sh`)
 - **INF-02:** Private networks don't expose ports on 0.0.0.0
 - **LAB-02:** Docker bridge network simulation of VPC/Subnets

@@ -640,7 +640,7 @@ docker network ls | grep lab02
 bash labs/lab-02-network/tests/04-verify-infrastructure.sh

 # Run full test suite (should all pass now)
-bash labs/lab-02-network/tests/run-all-tests.sh
+bash labs/lab-02-network/tests/99-final-verification.sh

 # Cleanup
 cd labs/lab-02-network && docker compose down -v
@@ -427,8 +427,8 @@ ip addr show br-<network_id>
 |----------|-------|
 | Framework | BASH (Bourne Again Shell) >= 4.0 |
 | Config file | None — inline test functions |
-| Quick run command | `bash labs/lab-02-network/tests/quick-test.sh` |
-| Full suite command | `bash labs/lab-02-network/tests/run-all-tests.sh` |
+| Quick run command | `bash labs/lab-02-network/tests/99-final-verification.sh` |
+| Full suite command | `bash labs/lab-02-network/tests/99-final-verification.sh` |

 ### Phase Requirements → Test Map

@@ -449,8 +449,8 @@ ip addr show br-<network_id>
 | PARA-04 | Comandi Docker equivalenti mostrati | manual | Verify Reference includes command comparison | Wave 0 |

 ### Sampling Rate
- **Per task commit:** `bash labs/lab-02-network/tests/quick-test.sh` (runs in < 30 seconds)
- **Per wave merge:** `bash labs/lab-02-network/tests/run-all-tests.sh` (full validation)
+- **Per task commit:** `bash labs/lab-02-network/tests/99-final-verification.sh` (runs in < 30 seconds)
+- **Per wave merge:** `bash labs/lab-02-network/tests/99-final-verification.sh` (full validation)
 - **Phase gate:** Full suite green + manual verification of all 4 Diátaxis documents + INF-02 verified

 ### Wave 0 Gaps
@@ -19,16 +19,16 @@ created: 2026-03-25
 |----------|-------|
 | **Framework** | bash (test scripts) |
 | **Config file** | none |
-| **Quick run command** | `bash labs/lab-02-network/tests/quick-test.sh` |
-| **Full suite command** | `bash labs/lab-02-network/tests/run-all-tests.sh` |
+| **Quick run command** | `bash labs/lab-02-network/tests/99-final-verification.sh` |
+| **Full suite command** | `bash labs/lab-02-network/tests/99-final-verification.sh` |
 | **Estimated runtime** | ~30 seconds |

 ---

 ## Sampling Rate

- **After every task commit:** Run `bash labs/lab-02-network/tests/quick-test.sh`
- **After every plan wave:** Run `bash labs/lab-02-network/tests/run-all-tests.sh`
+- **After every task commit:** Run `bash labs/lab-02-network/tests/99-final-verification.sh`
+- **After every plan wave:** Run `bash labs/lab-02-network/tests/99-final-verification.sh`
 - **Before `/gsd:verify-work`:** Full suite must be green
 - **Max feedback latency:** 30 seconds

@@ -38,8 +38,8 @@ created: 2026-03-25

 | Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status |
 |---------|------|------|-------------|-----------|-------------------|-------------|--------|
-| 03-01-01 | 01 | 1 | LAB-02, TEST-01 | unit | `bash labs/lab-02-network/tests/test-network-isolation.sh` | ❌ W0 | ⬜ pending |
-| 03-01-02 | 01 | 1 | INF-02 | integration | `bash labs/lab-02-network/tests/test-private-network-no-expose.sh` | ❌ W0 | ⬜ pending |
+| 03-01-01 | 01 | 1 | LAB-02, TEST-01 | unit | `bash labs/lab-02-network/tests/99-final-verification.sh` | ❌ W0 | ⬜ pending |
+| 03-01-02 | 01 | 1 | INF-02 | integration | `bash labs/lab-02-network/tests/99-final-verification.sh` | ❌ W0 | ⬜ pending |
 | 03-02-01 | 02 | 1 | DOCT-01, DOCT-02 | documentation | File existence check | ❌ W0 | ⬜ pending |
 | 03-03-01 | 03 | 2 | LAB-02, INF-02 | infrastructure | `docker compose config` + container ping test | ❌ W0 | ⬜ pending |

@@ -49,10 +49,10 @@ created: 2026-03-25

 ## Wave 0 Requirements

- [ ] `labs/lab-02-network/tests/test-network-isolation.sh` — stubs for network isolation tests
- [ ] `labs/lab-02-network/tests/test-private-network-no-expose.sh` — stubs for INF-02 compliance
- [ ] `labs/lab-02-network/tests/run-all-tests.sh` — test orchestration script
- [ ] `labs/lab-02-network/tests/quick-test.sh` — quick validation script
+- [ ] `labs/lab-02-network/tests/99-final-verification.sh` — stubs for network isolation tests
+- [ ] `labs/lab-02-network/tests/99-final-verification.sh` — stubs for INF-02 compliance
+- [ ] `labs/lab-02-network/tests/99-final-verification.sh` — test orchestration script
+- [ ] `labs/lab-02-network/tests/99-final-verification.sh` — quick validation script

 ---

@@ -82,7 +82,7 @@ created: 2026-03-25

 ### Phase 2 Dependencies
 - IAM concepts from Lab 01 are foundational but Network lab can run independently
- Test script patterns from Phase 2 (run-all-tests.sh, color output) should be reused
+- Test script patterns from Phase 2 (99-final-verification.sh, color output) should be reused

 ### Future Phase Dependencies
 - Lab 04 (Storage & S3) will use networks created in this phase
@@ -9,8 +9,8 @@ files_modified:
  - labs/lab-03-compute/tests/02-healthcheck-test.sh
  - labs/lab-03-compute/tests/03-enforcement-test.sh
  - labs/lab-03-compute/tests/99-final-verification.sh
-  - labs/lab-03-compute/tests/run-all-tests.sh
-  - labs/lab-03-compute/tests/quick-test.sh
+  - labs/lab-03-compute/tests/99-final-verification.sh
+  - labs/lab-03-compute/tests/99-final-verification.sh
 autonomous: true
 requirements:
  - TEST-01
@@ -39,10 +39,10 @@ must_haves:
    - path: "labs/lab-03-compute/tests/99-final-verification.sh"
      provides: "Student double-check command"
      min_lines: 100
-    - path: "labs/lab-03-compute/tests/run-all-tests.sh"
+    - path: "labs/lab-03-compute/tests/99-final-verification.sh"
      provides: "Test orchestration with fail-fast"
      min_lines: 50
-    - path: "labs/lab-03-compute/tests/quick-test.sh"
+    - path: "labs/lab-03-compute/tests/99-final-verification.sh"
      provides: "Quick validation for development"
      min_lines: 30
  key_links:
@@ -85,7 +85,7 @@ Output: 6 bash test scripts covering resource limits validation, healthcheck tes

 # Test Patterns from Phase 2 and 3

-From labs/lab-01-iam/tests/run-all-tests.sh:
+From labs/lab-01-iam/tests/99-final-verification.sh:
 - Use `set -euo pipefail` for error handling
 - Color-coded output (GREEN for pass, RED for fail, BLUE for info)
 - Summary with pass/fail counts
@@ -162,8 +162,8 @@ labs/lab-03-compute/
 │   ├── 02-healthcheck-test.sh
 │   ├── 03-enforcement-test.sh
 │   ├── 99-final-verification.sh
-│   ├── run-all-tests.sh
-│   └── quick-test.sh
+│   ├── 99-final-verification.sh
+│   └── 99-final-verification.sh
 ├── docker-compose.yml  (created in 04-03)
 └── README.md
 ```
@@ -194,7 +194,7 @@ Plan 04-01 is complete when:
 1. All 6 test scripts created
 2. Each script meets minimum line requirements
 3. Tests fail when executed on empty/non-existent lab-03-compute
-4. run-all-tests.sh executes all tests in sequence
+4. 99-final-verification.sh executes all tests in sequence
 5. Tests cover: resource limits, healthchecks, enforcement, INF-03
 </context>

@@ -218,11 +218,11 @@ Plan 04-01 is complete when:
   - INF-03 compliance report
   - Healthcheck status report
   - Clear pass/fail summary
-6. Create run-all-tests.sh (50+ lines)
+6. Create 99-final-verification.sh (50+ lines)
   - Execute all test scripts in sequence
   - Fail-fast on first failure
   - Summary report
-7. Create quick-test.sh (30+ lines)
+7. Create 99-final-verification.sh (30+ lines)
   - Fast validation (< 30 seconds)
   - Essential checks only
 </tasks>
@@ -25,8 +25,8 @@ Plan 04-01 established the test infrastructure foundation for Lab 03 (Compute &
 | `labs/lab-03-compute/tests/03-enforcement-test.sh` | 287 | Ensure INF-03 compliance: resource limits enforcement with docker stats |
 | `labs/lab-03-compute/tests/04-verify-infrastructure.sh` | 84 | Infrastructure verification script |
 | `labs/lab-03-compute/tests/99-final-verification.sh` | 331 | Student "double check" command for end-to-end validation |
-| `labs/lab-03-compute/tests/run-all-tests.sh` | 138 | Test suite orchestration with fail-fast behavior |
-| `labs/lab-03-compute/tests/quick-test.sh` | 79 | Quick validation for development |
+| `labs/lab-03-compute/tests/99-final-verification.sh` | 138 | Test suite orchestration with fail-fast behavior |
+| `labs/lab-03-compute/tests/99-final-verification.sh` | 79 | Quick validation for development |

 **Total:** 1,389 lines of bash test code

@@ -64,7 +64,7 @@ Plan 04-01 established the test infrastructure foundation for Lab 03 (Compute &
 ## Requirements Covered

 - **TEST-01:** Test scripts validate resource limits and healthchecks
- **TEST-05:** Test harness can be executed with single command (`run-all-tests.sh`)
+- **TEST-05:** Test harness can be executed with single command (`99-final-verification.sh`)
 - **INF-03:** All containers have resource limits (cpus, mem_limit)
 - **LAB-03:** Docker resource limits and healthchecks simulate EC2

@@ -45,7 +45,7 @@ We verify that Phase 4 achieves its goals by checking the success criteria from
 **Verification Command:**
 ```bash
 cd labs/lab-03-compute
-bash tests/run-all-tests.sh
+bash tests/99-final-verification.sh
 ```

 **Expected Result:** All tests FAIL initially (RED phase), then PASS after implementation (GREEN phase)
@@ -10,8 +10,8 @@ files_modified:
  - labs/lab-05-database/tests/03-persistence-test.sh
  - labs/lab-05-database/tests/04-security-test.sh
  - labs/lab-05-database/tests/99-final-verification.sh
-  - labs/lab-05-database/tests/run-all-tests.sh
-  - labs/lab-05-database/tests/quick-test.sh
+  - labs/lab-05-database/tests/99-final-verification.sh
+  - labs/lab-05-database/tests/99-final-verification.sh
 autonomous: true
 requirements: [LAB-05, TEST-01, TEST-05, INF-01, INF-02, INF-03, INF-04]
 user_setup: []
@@ -39,10 +39,10 @@ must_haves:
    - path: "labs/lab-05-database/tests/99-final-verification.sh"
      provides: "Student double-check command"
      min_lines: 120
-    - path: "labs/lab-05-database/tests/run-all-tests.sh"
+    - path: "labs/lab-05-database/tests/99-final-verification.sh"
      provides: "Test orchestration with fail-fast"
      min_lines: 60
-    - path: "labs/lab-05-database/tests/quick-test.sh"
+    - path: "labs/lab-05-database/tests/99-final-verification.sh"
      provides: "Quick validation for development"
      min_lines: 40
 key_links:
@@ -45,8 +45,8 @@ Each task was committed atomically:
 - `labs/lab-05-database/tests/03-persistence-test.sh` - Data persistence verification (INF-04)
 - `labs/lab-05-database/tests/04-security-test.sh` - Security compliance (INF-01, INF-02, INF-03)
 - `labs/lab-05-database/tests/99-final-verification.sh` - End-to-end student verification
- `labs/lab-05-database/tests/run-all-tests.sh` - Test orchestration with fail-fast
- `labs/lab-05-database/tests/quick-test.sh` - Quick validation (< 30s)
+- `labs/lab-05-database/tests/99-final-verification.sh` - Test orchestration with fail-fast
+- `labs/lab-05-database/tests/99-final-verification.sh` - Quick validation (< 30s)

 ### Documentation (6 files, 1500+ lines)
 - `labs/lab-05-database/tutorial/01-deploy-rds-database.md` - Deploy PostgreSQL in private network