sarman/tftsr-devops_investigation
1
0
Fork 0
Code Issues 1 Pull Requests Actions 34 Packages Projects 3 Releases 9 Wiki Activity
130 Commits 1 Branch 66 Tags 3.3 GiB
01474fb5f2
Commit Graph

6 Commits

Author SHA1 Message Date
Shaun Arman
01474fb5f2 feat: implement OAuth2 token exchange and AES-256-GCM encryption 
Phase 2.2: OAuth2 flow - Part 1 (Token exchange + encryption)

Implemented:
- OAuth2 authorization code exchange with PKCE
  * Real HTTP POST to token endpoint
  * Parses access_token, refresh_token, expires_in, token_type
  * Calculates expires_at timestamp

- AES-256-GCM token encryption
  * Uses TFTSR_ENCRYPTION_KEY env var (or dev default)
  * Random nonce per encryption (12 bytes)
  * Base64-encoded output with nonce prepended
  * Proper key derivation (32 bytes)

- Updated credential storage
  * store_pat() now encrypts tokens before DB storage
  * get_pat() decrypts tokens on retrieval
  * Stores both token_hash (audit) and encrypted_token (actual)

Dependencies added:
- mockito 1.7.2 (dev) - HTTP mocking for tests
- aes-gcm 0.10 - AES-256-GCM encryption
- rand 0.8 - Cryptographically secure RNG

TDD tests (20 passing with --test-threads=1):
- OAuth exchange: success, missing token, HTTP error, network error
- Encryption: roundtrip, different nonces, invalid data, wrong key
- PAT storage: store/retrieve, nonexistent service, replacement

Note: Tests require single-threaded execution due to env var
test isolation. This is acceptable for CI/CD.
 2026-04-03 14:32:17 -05:00
Shaun Arman
945ff6c6a4 fix: implement native DOCX export without pandoc dependency
Some checks failed
Test / rust-tests (push) Waiting to run
Details
Test / frontend-typecheck (push) Waiting to run
Details
Test / frontend-tests (push) Waiting to run
Details
Auto Tag / auto-tag (push) Failing after 4s
Details
Test / rust-fmt-check (push) Successful in 1m32s
Details
Test / rust-clippy (push) Has been cancelled
Details 
Replace pandoc-based DOCX export with native Rust implementation
using docx-rs crate. DOCX export now works out of the box without
requiring users to install external tools.

Changes:
- Added docx-rs dependency to Cargo.toml
- Implemented export_docx() in exporter.rs
- Removed pandoc subprocess calls from docs.rs
- Uses same markdown parsing as PDF export
- Handles titles, headings, and normal text with appropriate styling

Tested:
- Rust compilation ✓
- Rust formatting ✓
- TypeScript types ✓

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-04-03 12:53:36 -05:00
Shaun Arman
0235541c9b fix: UI visibility issues, export errors, filtering, and audit log enhancement
Some checks failed
Auto Tag / auto-tag (push) Successful in 5s
Details
Release / build-linux-arm64 (push) Failing after 2m19s
Details
Test / rust-fmt-check (push) Failing after 2m18s
Details
Release / build-macos-arm64 (push) Successful in 7m41s
Details
Test / rust-clippy (push) Successful in 12m4s
Details
Test / rust-tests (push) Successful in 12m40s
Details
Test / frontend-typecheck (push) Successful in 1m43s
Details
Test / frontend-tests (push) Successful in 1m21s
Details
Release / build-linux-amd64 (push) Successful in 20m49s
Details
Release / build-windows-amd64 (push) Successful in 13m59s
Details 
- Fix download icons (PDF/DOCX) not visible in dark theme by adding text-foreground class
- Fix "Read-only file system" error by using Downloads directory for exports with proper fallback
- Fix Search button visibility in History page by changing variant and adding icon
- Fix domain-only filtering in History page by adding missing filter.domain handling
- Enhance audit log to capture full transmitted data (provider details, messages, content previews)
- Add dirs crate dependency for cross-platform directory detection
- Add success/error feedback for document exports with file path display
- Update Security page to display pretty-printed JSON audit details

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-04-03 08:37:47 -05:00
Shaun Arman
4c4ca40146 fix: UI contrast issues and ARM64 build failure 
**UI Fixes (TDD approach - tests first, then implementation):**
- Resolution steps: improved text contrast (text-foreground vs muted)
- DocEditor preview: added text-foreground class for readability
- History page: fixed domain display (category field) with better contrast
- Audit Log: added expandable rows with View/Hide buttons to show transmitted data
- Dashboard & buttons: already had proper contrast with outline variant
- Export document: fixed missing title/content parameters in command signature

**Tests Added (13 new tests, all passing):**
- tests/unit/resolution.test.tsx - resolution steps contrast
- tests/unit/docEditor.test.tsx - preview mode and export buttons
- tests/unit/exportDocument.test.ts - export parameters validation
- tests/unit/history.test.tsx - domain display and filtering
- tests/unit/dashboard.test.tsx - refresh button visibility
- tests/unit/auditLog.test.tsx - data visibility and expandable rows
- tests/unit/setup.ts - added @testing-library/jest-dom matchers

**CI Fix:**
- Removed platform label from ARM64 build step (native agent, old Docker)

**Test Results:**
- Frontend: 38/38 passing 
- Backend: 64/64 passing 
- TypeScript: no errors 

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-04-03 08:05:58 -05:00
Shaun Arman
80f2072af5 docs: update README and wiki for Gitea Actions migration
Some checks failed
Test / frontend-typecheck (push) Waiting to run
Details
Test / frontend-tests (push) Waiting to run
Details
Test / rust-clippy (push) Successful in 7m28s
Details
Test / rust-fmt-check (push) Failing after 11m39s
Details
Test / rust-tests (push) Has been cancelled
Details 
Replace all Gogs/Woodpecker references with Gitea/Gitea Actions:

README.md:
- CI badge → Gitea Actions workflow badge
- CI/CD section: Woodpecker → Gitea Actions (amd64 + arm64 runners)
- Project structure: .woodpecker/ → .gitea/workflows/
- Releases: arm64 now native (not QEMU)
- Phase 11/12 status updated

docs/wiki/Home.md:
- CI badge, tech stack, phase status updated

docs/wiki/Troubleshooting.md:
- Remove Woodpecker-specific items (JWT webhooks, orphan containers,
  plugin-git switch failure, Gogs token quirks)
- Add Gitea Actions troubleshooting: container network, apt-get update,
  job skip on tags, RELEASE_TOKEN, act_runner CONFIG_FILE requirement

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
 2026-03-29 17:46:34 -05:00
Shaun Arman
8839075805 feat: initial implementation of TFTSR IT Triage & RCA application 
Implements Phases 1-8 of the TFTSR implementation plan.

Rust backend (Tauri 2.x, src-tauri/):
- Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama
- PII detection engine: 11 regex patterns with overlap resolution
- SQLCipher AES-256 encrypted database with 10 versioned migrations
- 28 Tauri IPC commands for triage, analysis, document, and system ops
- Ollama: hardware probe, model recommendations, pull/delete with events
- RCA and blameless post-mortem Markdown document generators
- PDF export via printpdf
- Audit log: SHA-256 hash of every external data send
- Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2)

Frontend (React 18 + TypeScript + Vite, src/):
- 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings
- 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives
- 3 Zustand stores: session, settings (persisted), history
- Type-safe tauriCommands.ts matching Rust backend types exactly
- 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs)

DevOps:
- .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push
- .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload

Verified:
- cargo check: zero errors
- tsc --noEmit: zero errors
- vitest run: 13/13 unit tests passing

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
 2026-03-14 22:36:25 -05:00