jordan/rdev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36 Commits 1 Branch 0 Tags 4.7 MiB
41aca7813c
Commit Graph

18 Commits

Author SHA1 Message Date
jordan
fb994269c9 release: v0.10.4 - Simplify Kaniko templates for anonymous zot registry 2026-01-28 18:47:39 -07:00
jordan
a14606e9c9 release: v0.10.3 - Update templates to use Kaniko for rootless builds (no privileged mode) 2026-01-28 18:44:31 -07:00
jordan
9e3c1c3806 release: v0.10.2 - Fix: Expose pipeline errors in API response (privileged mode trust issue) 2026-01-28 18:36:31 -07:00
jordan
823d45f22c release: v0.10.1 - Expose Woodpecker pipeline errors in API response 2026-01-28 16:16:52 -07:00
jordan
d040e7b97f release: v0.10.0 - Add multi-domain support with auto-generated slugs for landing page cookbook 2026-01-28 12:56:36 -07:00
jordan
89b832ce0d release: v0.9.9 - Upgrade to Woodpecker SDK v3 for API compatibility 2026-01-28 09:48:20 -07:00
jordan
f82c5f50a7 release: v0.9.8 - Fix Woodpecker: use RepoListOpts(true) to find inactive repos 2026-01-28 09:27:14 -07:00
jordan
f0f1b03ec0 release: v0.9.7 - Fix Woodpecker SDK bug: nil out targetRepo on RepoLookup error 2026-01-28 00:18:28 -07:00
jordan
b91f6d6921 release: v0.9.6 - Increase Woodpecker sync retry to 45s (15 attempts * 3s) 2026-01-27 23:34:46 -07:00
jordan
8e1d90b9f6 release: v0.9.5 - Fix Woodpecker CI: retry when forge metadata not yet synced 2026-01-27 23:32:45 -07:00
jordan
e81055d27b release: v0.9.4 - Fix project creation: empty repo seeding and Woodpecker sync retry 2026-01-27 23:30:37 -07:00
jordan
39df51defd feat: Add multi-provider code agent interface with Claude Code and OpenCode adapters 
Implements weeks 1-4 of the multi-provider architecture:

Week 1 - Foundation:
- Add domain models (AgentProvider, AgentRequest, AgentEvent, AgentResult)
- Define CodeAgent port interface with Execute, Cancel, Capabilities
- Create thread-safe provider registry with first-registered default

Week 2 - Claude Code Adapter:
- Extract kubectl exec logic into CodeAgent implementation
- Parse stream-json output format (init, message, tool_use, result)
- Support session continuation via --resume flag

Week 3 - OpenCode Adapter:
- HTTP/SSE client for opencode serve API
- Session management (create, send message, abort)
- Event streaming with documented buffer rationale

Week 4 - Quality & Polish:
- Fix race condition in OpenCode Cancel method
- Add AgentRequest.Validate() with ErrPromptRequired, ErrInvalidTimeout
- Document DefaultAvailabilityTimeout constants
- Add HTTP error context for debugging

Also includes:
- Work queue system with PostgreSQL adapter
- Credential store for infrastructure secrets
- Project templates with Woodpecker CI integration
- Comprehensive test coverage

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 09:25:51 -07:00
jordan
72d16929ca feat: Implement hexagonal architecture with services, webhooks, queue, and telemetry 
Major refactoring to hexagonal (ports & adapters) architecture:

- Add service layer (apikey_service, project_service) for business logic
- Add webhook system with dispatcher and delivery tracking
- Add command queue with priority-based processing
- Add rate limiting with sliding window algorithm
- Add audit logging for command execution
- Add OpenTelemetry integration (traces, metrics, spans)
- Add circuit breaker for fault tolerance
- Add cached repository wrapper for performance
- Add comprehensive validation package
- Add Kubernetes client integration for pod management
- Add database migrations (allowed_ips, audit_log, rate_limiting, queue, webhooks)
- Add network policy and PodDisruptionBudget for k8s
- Remove legacy executor and projects/registry packages
- Untrack secrets.yaml (now managed via envault)
- Add coverage.out to .gitignore
- Add e2e test infrastructure with docker-compose
- Add comprehensive documentation (API, architecture, operations, plans)
- Add golangci-lint config and pre-commit hook

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-25 19:57:46 -07:00
jordan
538ea57ed4 feat: Add claude-config API, security hardening, and testing infrastructure 
Claude Config API (v0.6):
- Add CRUD endpoints for commands, skills, and agents
- Commands/skills/agents stored in /workspace/.claude/ (per-project, in git)
- Credentials shared via PVC at /root/.claude/ (shared across pods)
- Use base64 encoding for file writes (prevents shell injection)
- Add content size limits (1MB max)

Security Hardening:
- Add sanitize package for command/prompt validation
- Add rate limiting middleware (token bucket algorithm)
- Add concurrent command limiting
- Add input sanitization to all command handlers
- Gitignore secrets.yaml and credentials.yaml
- Add *.example templates for secrets

Testing Infrastructure:
- Add testutil package with mocks and fixtures
- Add unit tests for auth package (63% coverage)
- Add unit tests for executor (47% coverage)
- Add handler integration tests (40% coverage)
- Add 100% coverage for sanitize, cmdlimit packages
- Add 96% coverage for ratelimit package

Infrastructure:
- Shared Claude credentials PVC (ReadWriteMany)
- Reduced workspace PVC size from 20Gi to 5Gi
- Add init container cleanup before git clone
- Document Longhorn RWX requirements

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-25 01:29:13 -07:00
jordan
fa66a69120 fix: Defer health endpoints to Run() for proper middleware ordering 
Chi requires middleware to be defined before routes. Moved
setupHealthEndpoints() from New() to Run() to allow callers to
add middleware before routes are registered.

Also:
- Updated rdev-api.yaml with DB env vars, RBAC, ServiceAccount
- Added Dockerfile.api.simple for pre-built binary deployment

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-24 23:28:54 -07:00
jordan
0960b17eb2 feat: Implement v0.2-v0.4 (workspaces, git, API) 
v0.2 - Real Workspaces:
- Project-specific claudebox StatefulSets (pantheon, aeries)
- Init containers for git clone via SSH
- Deploy key secrets template
- Project ConfigMaps for CLAUDE.md

v0.3 - Git Integration:
- Dockerfile with rdev-bot git identity
- openssh-client for SSH operations
- Image version bump to v0.3.0

v0.4 - API Server:
- Go REST API with chi router
- Endpoints: /projects, /claude, /shell, /git, /events
- SSE streaming for real-time output
- OpenAPI docs via Scalar at /docs
- Kubernetes RBAC for pod exec
- Executor and project registry packages

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-24 21:07:00 -07:00
jordan
d4eb41589f fix: Use ghcr.io and build for amd64 
- Switch from GCP Artifact Registry to GitHub Container Registry
- Build images for linux/amd64 (k3s node architecture)
- Use PVC for Claude config instead of secret (auth persists across restarts)
- Remove credential secret dependency

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-24 20:04:34 -07:00
jordan
17aeb1c25b Initial commit: rdev v0.1 base case 
- Dockerfile for claudebox with Claude Code CLI
- Kustomize manifests for k3s deployment
- Scripts for credentials, deploy, and verify
- README with quick start guide

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-24 19:24:07 -07:00