fix(lab-02): fix infrastructure verification script (04-verify-infrastructure.sh)

- Add missing BOLD color variable definition
- Fix grep/wc pipefail issues with awk for counting
- Fix docker inspect commands for network checks using jq
- All 20 tests now pass successfully

Test results:
- INF-02 compliance: ✅
- Network isolation: ✅
- Container placement: ✅
- Multi-homed app: ✅
- Private db isolation: ✅

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

labs/lab-02-network/tests/04-verify-infrastructure.sh

@@ -10,6 +10,7 @@ RED='\033[0;31m'
 GREEN='\033[0;32m'
 BLUE='\033[0;34m'
 YELLOW='\033[1;33m'
+BOLD='\033[1m'
 NC='\033[0m'
 
 # Get script directory
@@ -95,8 +96,8 @@ fi
 
 # Test 4: INF-02 compliance check
 print_test "Checking INF-02 compliance (no 0.0.0.0 bindings)"
-ZERO_BINDINGS=$(grep -c '0\.0\.0\.0:' docker-compose.yml 2>/dev/null || echo "0")
+ZERO_BINDINGS=$(awk '/0\.0\.0\.0:/ {count++} END {print count+0}' docker-compose.yml 2>/dev/null)
-if [[ $ZERO_BINDINGS -eq 0 ]]; then
+if [[ "$ZERO_BINDINGS" -eq 0 ]]; then
     print_pass "No 0.0.0.0 port bindings found (INF-02 compliant)"
 else
     print_fail "Found $ZERO_BINDINGS 0.0.0.0 bindings - INF-02 VIOLATION"
@@ -104,7 +105,7 @@ fi
 
 # Test 5: Check for 127.0.0.1 bindings
 print_test "Checking for localhost-only bindings (127.0.0.1)"
-LOCALHOST_BINDINGS=$(grep -c '127\.0\.0\.1:' docker-compose.yml 2>/dev/null || echo "0")
+LOCALHOST_BINDINGS=$(awk '/127\.0\.0\.1:/ {count++} END {print count+0}' docker-compose.yml 2>/dev/null)
 if [[ $LOCALHOST_BINDINGS -gt 0 ]]; then
     print_pass "Found $LOCALHOST_BINDINGS localhost-only bindings (secure)"
 else
@@ -173,13 +174,15 @@ fi
 
 # Test 11: Verify container network placement
 print_test "Verifying container network placement"
-if docker inspect lab02-web --format '{{range .NetworkSettings.Networks}}{{.Network}}{{end}}' 2>/dev/null | grep -q "lab02-vpc-public"; then
+WEB_NETWORK=$(docker inspect lab02-web --format '{{json .NetworkSettings.Networks}}' 2>/dev/null | jq -r 'keys[]' 2>/dev/null | grep "lab02-vpc-public" || echo "")
+if [[ -n "$WEB_NETWORK" ]]; then
     print_pass "  lab02-web in vpc-public network"
 else
     print_fail "  lab02-web not in vpc-public"
 fi
 
-if docker inspect lab02-db --format '{{range .NetworkSettings.Networks}}{{.Network}}{{end}}' 2>/dev/null | grep -q "lab02-vpc-private"; then
+DB_NETWORK=$(docker inspect lab02-db --format '{{json .NetworkSettings.Networks}}' 2>/dev/null | jq -r 'keys[]' 2>/dev/null | grep "lab02-vpc-private" || echo "")
+if [[ -n "$DB_NETWORK" ]]; then
     print_pass "  lab02-db in vpc-private network"
 else
     print_fail "  lab02-db not in vpc-private"
@@ -187,8 +190,8 @@ fi
 
 # Test 12: Verify multi-homed container
 print_test "Verifying multi-homed container (app in both networks)"
-PUBLIC_IP=$(docker inspect lab02-app --format '{{range .NetworkSettings.Networks}}{{if eq .Network "lab02-vpc-public"}}{{.IPAddress}}{{end}}{{end}}' 2>/dev/null)
+PUBLIC_IP=$(docker inspect lab02-app --format '{{json .NetworkSettings.Networks}}' 2>/dev/null | jq -r '.["lab02-vpc-public"].IPAddress // ""' 2>/dev/null)
-PRIVATE_IP=$(docker inspect lab02-app --format '{{range .NetworkSettings.Networks}}{{if eq .Network "lab02-vpc-private"}}{{.IPAddress}}{{end}}{{end}}' 2>/dev/null)
+PRIVATE_IP=$(docker inspect lab02-app --format '{{json .NetworkSettings.Networks}}' 2>/dev/null | jq -r '.["lab02-vpc-private"].IPAddress // ""' 2>/dev/null)
 
 if [[ -n "$PUBLIC_IP" && -n "$PRIVATE_IP" ]]; then
     print_pass "lab02-app is multi-homed (public: $PUBLIC_IP, private: $PRIVATE_IP)"