---
phase: 06-lab-05-database-rds
plan: 01
type: execute
wave: 0
depends_on: [02-lab-01-iam-sicurezza, 03-lab-02-network-vpc, 04-lab-03-compute-ec2, 05-lab-04-storage-s3]
files_modified:
  - labs/lab-05-database/tests/01-database-creation-test.sh
  - labs/lab-05-database/tests/02-private-network-test.sh
  - labs/lab-05-database/tests/03-persistence-test.sh
  - labs/lab-05-database/tests/04-security-test.sh
  - labs/lab-05-database/tests/99-final-verification.sh
  - labs/lab-05-database/tests/run-all-tests.sh
  - labs/lab-05-database/tests/quick-test.sh
autonomous: true
requirements: [LAB-05, TEST-01, TEST-05, INF-01, INF-02, INF-03, INF-04]
user_setup: []

must_haves:
  truths:
    - "Test scripts validate PostgreSQL deployment in private network"
    - "Tests verify database is NOT accessible from host (INF-02)"
    - "Tests verify data persistence (INF-04)"
    - "Tests verify resource limits (INF-03)"
    - "Tests verify non-root execution (INF-01)"
  artifacts:
    - path: "labs/lab-05-database/tests/01-database-creation-test.sh"
      provides: "Database creation validation"
      min_lines: 80
    - path: "labs/lab-05-database/tests/02-private-network-test.sh"
      provides: "Private network isolation testing"
      min_lines: 100
    - path: "labs/lab-05-database/tests/03-persistence-test.sh"
      provides: "Data persistence verification (INF-04)"
      min_lines: 80
    - path: "labs/lab-05-database/tests/04-security-test.sh"
      provides: "Security compliance testing (INF-01, INF-02, INF-03)"
      min_lines: 100
    - path: "labs/lab-05-database/tests/99-final-verification.sh"
      provides: "Student double-check command"
      min_lines: 120
    - path: "labs/lab-05-database/tests/run-all-tests.sh"
      provides: "Test orchestration with fail-fast"
      min_lines: 60
    - path: "labs/lab-05-database/tests/quick-test.sh"
      provides: "Quick validation for development"
      min_lines: 40
key_links:
  - from: "tests/02-private-network-test.sh"
    to: "Lab 02 private networks"
    via: "VPC private network concepts"
    pattern: "private.*network"
  - from: "tests/03-persistence-test.sh"
    to: "Lab 04 named volumes"
    via: "Volume persistence patterns"
    pattern: "volume.*persistence"
---

<objective>
Create comprehensive test infrastructure for Lab 05 (Database & RDS) following TDD RED phase methodology. Tests validate PostgreSQL deployment in private network, data persistence, resource limits, and full security compliance (INF-01, INF-02, INF-03, INF-04).

Purpose: Establish verification foundation before implementing database infrastructure. Tests fail initially (RED phase) and pass after implementation (GREEN phase in Plan 06-03).

Output: 7 bash test scripts covering database creation, private network isolation, persistence, security compliance, and final verification for students.
</objective>

<execution_context>
@/home/luca/.claude/get-shit-done/workflows/execute-plan.md
@/home/luca/.claude/get-shit-done/templates/summary.md
</execution_context>

<context>
@.planning/REQUIREMENTS.md
@.planning/phases/02-lab-01-iam-sicurezza/02-01-SUMMARY.md
@.planning/phases/03-lab-02-network-vpc/03-01-SUMMARY.md

# Integration with Previous Labs

Lab 05 integrates concepts from all previous labs:
- **Lab 01:** Non-root containers (INF-01)
- **Lab 02:** Private networks (INF-02)
- **Lab 03:** Resource limits (INF-03)
- **Lab 04:** Named volumes (INF-04)

# Test Requirements

1. **Database Creation (01-database-creation-test.sh)**
   - Verify PostgreSQL container starts
   - Verify database initialization
   - Verify connection parameters

2. **Private Network Isolation (02-private-network-test.sh)**
   - Verify database is in private network
   - Verify database NOT accessible from host
   - Verify only containers in same network can connect

3. **Data Persistence (03-persistence-test.sh)**
   - Verify data survives container restart
   - Verify data survives container removal
   - Verify volume is correctly mounted

4. **Security Compliance (04-security-test.sh)**
   - INF-01: Container runs as non-root
   - INF-02: No ports exposed on host
   - INF-03: Resource limits configured
   - INF-04: Named volume for data

5. **Final Verification (99-final-verification.sh)**
   - End-to-end student validation
   - All INF requirements verified
   - Database functionality tested

# Tone Guidelines
- Direct, simple language (Italian)
- No emojis
- Technically accurate
- Step-by-step with verification at each step