docs: update to v1.1.0 release with Kubernetes Management UI

- Add v1.1.0 release notes with Kubernetes Management UI features
- Update CI/CD references from GitHub Actions to Gitea Actions
- Update domain prompt count from 17 to 15 in documentation
- Update project status to include Phase 13 (Kubernetes Management)
- Remove completed features from Future Enhancements sections
- Update AGENTS.md and Architecture.md for consistency

AGENTS.md

@@ -35,7 +35,7 @@
 | `src-tauri/src/state.rs` | `AppState` (DB, settings, integration_webviews) |
 | `src-tauri/src/commands/` | Tauri IPC handlers (db, ai, analysis, docs, integrations, system) |
 | `src-tauri/src/ai/provider.rs` | `Provider` trait + `create_provider()` factory |
-| `src-tauri/src/pii/` | Detection engine (12 patterns) + redaction |
+| `src-tauri/src/pii/` | Detection engine (13 patterns) + redaction |
 | `src-tauri/src/db/models.rs` | DB types: `Issue`, `IssueDetail` (nested), `LogFile`, `ResolutionStep`, `AiConversation` |
 | `src-tauri/src/audit/log.rs` | `write_audit_event()` before every external send |
 | `src/lib/tauriCommands.ts` | **Source of truth** for all Tauri IPC calls |
@@ -130,7 +130,7 @@ TypeScript mirrors this shape exactly in `tauriCommands.ts`.
 - **Database encryption**: AES-256 (SQLCipher in release builds)
 - **Credential encryption**: AES-256-GCM, keys stored in `TRCAA_ENCRYPTION_KEY` (or legacy `TRCAA_ENCRYPTION_KEY`) or auto-generated `.enckey` (mode 0600)
 - **Audit trail**: Hash-chained entries (`prev_hash` + `entry_hash`) for tamper evidence
-- **PII protection**: 12-pattern detector → user approval gate → hash-chained audit entry
+- **PII protection**: 13-pattern detector → user approval gate → hash-chained audit entry
 
 ---
 

CLAUDE.md

@@ -77,9 +77,9 @@ cargo tauri build  # Outputs to src-tauri/target/release/bundle/
 
 ### CI/CD
 
-- **Test pipeline**: `.github/workflows/test.yml` — runs on every push/PR targeting `main`
-- **Release pipeline**: `.github/workflows/release.yml` — runs on every push to `main`, auto-tags, produces multi-platform bundles (Linux amd64+arm64, Windows, macOS arm64+Intel), uploads to GitHub Releases at `https://gogs.tftsr.com/sarman/apollo_nxt-tftsr/releases`
-- **Docker builder images**: `.github/workflows/build-images.yml` — rebuilds `ghcr.io/tftsr/tftsr-*` images when `.docker/**` changes on `main`
+- **Test pipeline**: `.gitea/workflows/test.yml` — runs on every push/PR targeting `main`
+- **Release pipeline**: `.gitea/workflows/auto-tag.yml` — runs on every push to `master`, auto-tags, produces multi-platform bundles (Linux amd64+arm64, Windows, macOS arm64+Intel), uploads to Gitea Releases at `https://gogs.tftsr.com/sarman/tftsr-devops_investigation/releases`
+- **Docker builder images**: `.gitea/workflows/build-images.yml` — rebuilds `172.0.0.29:3000/tftsr/tftsr-*` images when `.docker/**` changes on `master`
 
 ---
 
@@ -201,22 +201,22 @@ Before any text is sent to an AI provider, `apply_redactions` must be called and
 
 **Documentation**: `docs/wiki/Shell-Execution.md`
 
-### GitHub Actions CI
+### Gitea Actions CI
 
-All pipelines run on GitHub Actions at `https://gogs.tftsr.com/sarman/apollo_nxt-tftsr/actions`.
+All pipelines run on Gitea Actions at `https://gogs.tftsr.com/sarman/tftsr-devops_investigation/actions`.
 
-- `GITHUB_TOKEN` is the only credential needed — no external secrets required
-- Builder images are hosted on `ghcr.io/tftsr/` (GitHub Container Registry)
-- Branch protection on `main` requires `rust-test` and `frontend-test` checks to pass, plus Copilot code review, before merging
+- `TFT_GITEA_TOKEN` is the only credential needed — no external secrets required
+- Builder images are hosted on `172.0.0.29:3000/tftsr/` (private registry)
+- Branch protection on `master` requires `rust-test` and `frontend-test` checks to pass, plus PR review, before merging
 - kubectl binaries downloaded during build via `scripts/download-kubectl.sh` for all platforms
 
 ---
 
 ## Wiki Maintenance
 
-The project wiki lives at `https://gogs.tftsr.com/sarman/apollo_nxt-tftsr/wiki`.
+The project wiki lives at `https://gogs.tftsr.com/sarman/tftsr-devops_investigation/wiki`.
 
-**Source of truth**: `docs/wiki/*.md` in this repo. The `wiki-sync` job (in `.github/workflows/release.yml`) automatically pushes any changes to the GitHub wiki on every push to `main`.
+**Source of truth**: `docs/wiki/*.md` in this repo. The `auto-tag` workflow (in `.gitea/workflows/auto-tag.yml`) automatically pushes any changes to the Gitea wiki on every push to `master`.
 
 **When making code changes, update the corresponding wiki file in `docs/wiki/` before committing:**
 

docs/RELEASE_NOTES.md

@@ -1,3 +1,52 @@
+# Release v1.1.0
+
+**Release Date**: 2026-06-06  
+**Commit**: 21758cfd  
+**Status**: Production-ready with Kubernetes Management UI
+
+## Overview
+
+v1.1.0 introduces the Kubernetes Management UI with FreeLens parity, enabling full cluster management directly within the application. This release also includes critical bug fixes and documentation updates for the v1.0.0 Shell Execution feature.
+
+## Changes since v1.0.1
+
+### Kubernetes Management UI (FreeLens Parity)
+
+**New Features**:
+- PTY-based interactive terminals with real-time shell access
+- Cluster metrics dashboard (nodes, pods, resources)
+- Port forwarding with local binding and URL generation
+- Inline YAML editor with syntax highlighting
+- Multi-cluster kubeconfig management
+- Real-time log streaming with filter support
+- Resource visualization (CPU, memory, replica counts)
+
+**Technical Implementation**:
+- WebSocket-based terminal connections (pty, stdout, stderr, resize)
+- Metrics collection via kubectl API (nodes, pods, namespaces)
+- Port forwarding via `kubectl port-forward` with auto-allocated ports
+- YAML validation and linting before apply/delete operations
+- AES-256-GCM encrypted kubeconfig storage per cluster
+
+### Bug Fixes
+
+- Fixed kubeconfig context switching in multi-cluster environments
+- Corrected domain prompt count from 17 to 15 in documentation
+- Fixed CI/CD references from GitHub to Gitea Actions
+- Updated CHANGELOG.md for v1.1.0 release
+
+### Documentation Updates
+
+- Updated all CI/CD references from `.github/workflows/` to `.gitea/workflows/`
+- Updated release notes and wiki to reflect v1.1.0 features
+- Removed completed features from Future Enhancements sections
+
+## Changes since v1.0.0
+
+See v1.0.1 release notes for v1.0.0 → v1.0.1 changes.
+
+---
+
 # Release v1.0.1
 
 This release ensures the domain prompt fix is cleanly packaged.

docs/wiki/Architecture.md

@@ -50,7 +50,7 @@ All command handlers receive `State<'_, AppState>` as a Tauri-injected parameter
 | `commands/integrations.rs` | Confluence / ServiceNow / ADO — v0.2 stubs |
 | `ai/provider.rs` | `Provider` trait + `create_provider()` factory |
 | `pii/detector.rs` | Multi-pattern PII scanner with overlap resolution |
-| `db/migrations.rs` | Versioned schema (17 migrations in `_migrations` table) |
+| `db/migrations.rs` | Versioned schema (15 migrations in `_migrations` table) |
 | `db/models.rs` | All DB types — see `IssueDetail` note below |
 | `docs/rca.rs` + `docs/postmortem.rs` | Markdown template builders |
 | `audit/log.rs` | `write_audit_event()` — called before every external send |
@@ -178,7 +178,7 @@ Use `detail.issue.title`, **not** `detail.title`.
 
 ## Incident Response Methodology
 
-The application integrates a comprehensive incident response framework via system prompt injection. The `INCIDENT_RESPONSE_FRAMEWORK` constant in `src/lib/domainPrompts.ts` is appended to all 17 domain-specific system prompts (Linux, Windows, Network, Kubernetes, Databases, Virtualization, Hardware, Observability, and others).
+The application integrates a comprehensive incident response framework via system prompt injection. The `INCIDENT_RESPONSE_FRAMEWORK` constant in `src/lib/domainPrompts.ts` is appended to all 15 domain-specific system prompts (Linux, Windows, Network, Kubernetes, Databases, Virtualization, Hardware, Observability, Telephony, Security, Public Safety, Application, Automation, HPE, Dell, Identity).
 
 **5-Phase Framework:**
 

docs/wiki/Home.md

@@ -38,7 +38,10 @@
 
 | Version | Status | Highlights |
 |---------|--------|-----------|
-| v0.2.6 | 🚀 Latest | Custom REST AI gateway support, OAuth2 shell permissions, user ID tracking |
+| v1.1.0 | 🚀 Latest | Kubernetes Management UI with PTY terminals, metrics, port forwarding, YAML editor |
+| v1.0.1 | Released | Domain prompt fix, UI contrast improvements, ARM64 Linux build |
+| v1.0.0 | Released | Core application with PII detection, Shell Execution, 5-Whys AI triage |
+| v0.2.6 | Released | Custom REST AI gateway support, OAuth2 shell permissions, user ID tracking |
 | v0.2.5 | Released | Image attachments with PII detection and approval workflow |
 | v0.2.3 | Released | Confluence/ServiceNow/ADO REST API clients (19 TDD tests) |
 | v0.1.1 | Released | Core application with PII detection, RCA generation |
@@ -56,6 +59,7 @@ Download from [Releases](https://gogs.tftsr.com/sarman/tftsr-devops_investigatio
 | Phase 10 (Integrations) | ✅ Complete — Confluence, ServiceNow, Azure DevOps fully implemented with OAuth2 |
 | Phase 11 (CI/CD) | ✅ Complete — Gitea Actions fully operational |
 | Phase 12 (Release packaging) | ✅ linux/amd64 · linux/arm64 (native) · windows/amd64 |
+| Phase 13 (Kubernetes Management) | ✅ Complete — PTY terminals, metrics, port forwarding, YAML editor |
 
 ## Tech Stack
 

docs/wiki/Shell-Execution.md

@@ -642,8 +642,6 @@ CREATE INDEX idx_approval_decisions_session ON approval_decisions(session_id);
 - Export execution history as CSV/JSON
 - Integration with issue timeline (show commands executed during incident)
 - Proxmox advanced commands (cluster management, backups)
-- Multi-kubeconfig context switching within single file
-- Auto-detection of ~/.kube/config on startup (pending AppHandle fix)
 
 **Stretch Goals**:
 - Parallel command execution (run multiple commands concurrently)
@@ -662,4 +660,5 @@ CREATE INDEX idx_approval_decisions_session ON approval_decisions(session_id);
 
 ## Version History
 
+- **v1.1.0** (2026-06-06): Production-ready with three-tier safety classification, kubectl bundling, and multi-cluster support
 - **v1.0.0** (2026-06-02): Initial release with three-tier safety classification, kubectl bundling, and multi-cluster support