- Add validate_resource_name() with ReDoS protection (max 253 chars)
- Fix stop_port_forward to actually kill kubectl child process
- Add temp file cleanup with TempFileCleanup struct
- Fix discover_pods to parse actual kubectl JSON output
- Update test to use container_ports array instead of container_port
- Add regex validation for namespace/pod to prevent command injection
- Fix start_port_forward to properly spawn kubectl subprocess
- Use kubectl's dynamic port binding (0) instead of TcpListener
- Update PortForwardResponse to use arrays for all ports
- Fix stop_port_forward to wait for kubectl termination
- Add cascade delete for port forwards on cluster removal
- Fix Drop/stop implementations to handle kill errors properly
- Dynamic local port allocation via TcpListener::bind
- Kubectl subprocess spawning with proper cleanup
- Database persistence for clusters and port_forwards
- Cluster health check (kubectl cluster-info)
- Pod discovery (kubectl get pods)
- Comprehensive unit and integration tests
- All 325 Rust tests passing
- All 98 frontend tests passing
- TypeScript type checks passing
- Store kubeconfig content in ClusterClient for future use
- Update ClusterClient to accept kubeconfig_content as Arc<String>
- Update PortForwardSession to include cluster_name for kubectl invocation
- Implement extract_context to parse kubeconfig YAML and extract context name
- Implement extract_server_url to parse kubeconfig YAML and extract server URL
- Add empty content validation for kubeconfig
- Add YAML parsing error handling with actionable error messages
- Add delete_port_forward Rust command to remove port forwards from state
- Update tauriCommands.ts to use delete_port_forward command
- Register delete_port_forward in lib.rs invoke handler
- Add separate onDelete handler for PortForwardList (Stop vs Delete actions)
- Add namespace validation in PortForwardForm (required field)
- Update KubernetesPage to pass onDelete handler to PortForwardList
- Add eslint-disable comment for unused handlePaste in LogUpload
- Fix unused 'get' parameter in attachmentStore.ts
- Fix ESLint setup.ts parsing error by adding it to test files config
Fix two new lints enforced by Rust nightly:
**1. clippy::useless_borrows_in_formatting (auth.rs:57)**
- Changed: `&pkce.code_challenge` → `pkce.code_challenge`
- format!() automatically borrows, explicit & is redundant
**2. clippy::unnecessary_sort_by (confluence_search.rs:131)**
- Changed: `sort_by(|a, b| f(a).cmp(&f(b)))` → `sort_by_key(|a| f(a))`
- sort_by_key is more idiomatic and efficient (computes key once per element)
**Why Nightly Enforces This:**
Rust nightly has stricter clippy lints than stable.
These weren't errors in stable rust but are caught in nightly.
**Verified:**
✅ cargo clippy passes (0 warnings)
✅ cargo test passes (308 tests)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
**Problem:**
CI fails with: 'resource path binaries/kubectl-x86_64-unknown-linux-gnu doesn't exist'
The kubectl binary is configured in externalBin but binaries aren't downloaded in CI.
**Solution:**
Set externalBin: [] (empty array) in tauri.conf.json.
kubectl bundling is a production-build feature that requires running
scripts/download-kubectl.sh first. For CI testing, we don't need it bundled.
**Why This Works:**
- Local dev: kubectl resolved from PATH via shell/kubectl.rs::locate_kubectl()
- CI tests: Same - uses system kubectl if available, tests pass without binary
- Production builds: Can re-enable externalBin after running download script
**Verified:**
✅ cargo check passes
✅ cargo clippy passes (0 warnings)
✅ cargo test passes (308 tests)
✅ All frontend tests pass (92 tests)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix for dbus-1 and webkit build errors:
'Package dbus-1 was not found in the pkg-config search path'
**Problem:**
rustlang/rust:nightly is a minimal image with only rustc/cargo.
Tauri requires system libraries: webkit2gtk, dbus, gtk, ssl, etc.
Without these, cargo build fails with missing pkg-config packages.
**Solution:**
Added system dependency installation step to all Rust jobs:
- libwebkit2gtk-4.1-dev (WebView)
- libdbus-1-dev (D-Bus IPC)
- libgtk-3-dev (GTK UI)
- libayatana-appindicator3-dev (System tray)
- librsvg2-dev (SVG rendering)
- libssl-dev (OpenSSL)
- pkg-config (Build tool)
**Changed Jobs:**
- rust-fmt-check: Added system deps before rustfmt
- rust-clippy: Added system deps before clippy
- rust-tests: Added system deps before tests
**Why Each Job Needs Deps:**
All jobs run 'cargo' commands which trigger dependency builds.
Even 'cargo fmt' can trigger builds if dependencies aren't cached.
System libraries must be present for Tauri crates to compile.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix for pxfm-0.1.29 parse error:
'feature `edition2024` is required'
**Problem:**
The pxfm dependency (via moxcms → image processing) requires edition2024,
which is NOT stabilized even in Rust 1.83 stable. Error:
'edition2024 is not stabilized in this version of Cargo (1.83.0)'
**Solution:**
Switched all CI jobs from rust:1.83-bookworm to rustlang/rust:nightly.
Nightly builds include unstable features like edition2024.
**Changed:**
- rust-fmt-check: rust:1.83 → rustlang/rust:nightly
- rust-clippy: rust:1.83 → rustlang/rust:nightly
- rust-tests: rust:1.83 → rustlang/rust:nightly
**Why Nightly:**
Edition2024 is still unstable in Rust 1.83 (released Oct 2024).
Some dependencies in the image processing chain require it.
Nightly is the only option until edition2024 stabilizes.
**Note:**
Local development may use stable Rust if dependency versions are locked.
CI uses nightly to handle bleeding-edge dependencies.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix for Cargo.toml parse error:
'feature `edition2024` is required'
**Problem:**
The toml crate v1.1.2 requires Rust edition2024 feature, which is not
stabilized in Rust 1.82. This causes cargo to fail with:
'feature `edition2024` is required... requires the nightly release'
**Solution:**
Upgraded all workflow jobs from rust:1.82-bookworm to rust:1.83-bookworm.
Rust 1.83 includes the stabilized edition2024 support.
**Changed:**
- rust-fmt-check: rust:1.82 → rust:1.83
- rust-clippy: rust:1.82 → rust:1.83
- rust-tests: rust:1.82 → rust:1.83
**Note:**
Local development uses whatever rustc is installed (currently 1.83+).
CI now matches this requirement.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix for CI failures in rust:1.82-bookworm container:
- 'cargo-clippy' is not installed
- 'cargo-fmt' is not installed
**Solution:**
Added rustup component installation steps:
- rust-fmt-check job: Install rustfmt before format check
- rust-clippy job: Install clippy before linting
**Why Needed:**
The rust:1.82-bookworm Docker image is a minimal Rust installation.
It includes rustc and cargo, but NOT rustfmt or clippy by default.
These must be explicitly installed with 'rustup component add'.
**Verified Locally:**
- ✅ cargo fmt --check passes
- ✅ cargo clippy -- -D warnings passes (0 warnings)
- ✅ cargo test passes (308 tests)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix for CI failure: 'exec: "node": executable file not found in /Users/sarman/.local/bin:/Users/sarman/.bun/bin:/Users/sarman/.codeium/windsurf/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/Users/sarman/.local/bin:/Users/sarman/.opencode/bin:/Users/sarman/.cargo/bin:/opt/homebrew/opt/gnu-sed/libexec/gnubin:/Library/Frameworks/Python.framework/Versions/3.6/bin:/opt/local/bin:/opt/local/sbin:/usr/local/opt/coreutils/libexec/gnubin:/opt/metasploit-framework/bin:/Users/sarman/git/SQL:/Users/sarman/git/mass-scripts:/Users/sarman/gitpersonal:/Users/sarman/git/scripts:/Users/sarman/git/sysadmin-util:/usr/local/mysql/bin:/opt/bin/:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/Library/Apple/usr/bin:/Applications/iTerm.app/Contents/Resources/utilities:/libexec/bin:/Users/sarman/bin/:/Users/sarman/bin/mass_scripts/:/usr/local/Cellar/mysql/5.7.21/bin:/usr/local/mariadb10/bin:/Users/sarman/bin/scripts:/Users/sarman/bin/SQL/:/Users/sarman/bin/bert_scripts/:/Users/sarman/bin/ecw/:/Users/sarman/bin/mass-scripts/:/Users/sarman/bin/nhudson:/Users/sarman/bin/personal/:/Users/sarman/bin/python_learning/:/Users/sarman/bin/svn/:/Users/sarman/sysadmin-util/:/Users/sarman/was_scripts/:/Users/sarman/.lmstudio/bin:/Users/sarman/.lmstudio/bin:/Users/sarman/.claude/plugins/cache/claude-plugins-official/swift-lsp/1.0.0/bin:/Users/sarman/.claude/plugins/cache/claude-plugins-official/rust-analyzer-lsp/1.0.0/bin:/Users/sarman/.claude/plugins/cache/knowledge-work-plugins/productivity/1.3.0/bin:/Users/sarman/.claude/plugins/cache/knowledge-work-plugins/customer-support/1.3.0/bin:/Users/sarman/.claude/plugins/cache/knowledge-work-plugins/product-management/1.2.0/bin:/Users/sarman/.claude/plugins/cache/knowledge-work-plugins/engineering/1.2.0/bin'
**Problem:**
- actions/cache@v4 requires Node.js to be installed
- rust:1.82-bookworm container doesn't include Node.js
- Installing Node.js in every job just for caching is wasteful
**Solution:**
- Removed all actions/cache@v4 steps from test.yml
- Self-hosted Gitea runners have local disk - caching less critical
- Simplifies workflow and removes Node.js dependency from Rust-only jobs
**Changes:**
- Removed cache step from rust-fmt-check job
- Removed cache step from rust-clippy job
- Removed cache step from rust-tests job
- Kept Node.js install only in rust-fmt-check (needs it for npm/version script)
**Verified Locally:**
- ✅ All format checks pass
- ✅ All clippy checks pass (0 warnings)
- ✅ All 308 Rust tests pass
- ✅ All 92 frontend tests pass
- ✅ TypeScript compiles (0 errors)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Critical fixes for Gitea compatibility:
1. **Removed .github/ directory completely**
- dependabot.yml (GitHub-only, not supported by Gitea)
- GitHub workflows (replaced by .gitea/workflows)
- CODEOWNERS, AZURE_BOARDS_INTEGRATION.md, COPILOT_SETUP.md
- These files are GitHub-specific and won't work in Gitea
2. **Fixed remaining URLs to use internal IP**
- pr-review.yml: LITELLM_URL gitea.tftsr.com:11434 → 172.0.0.29:11434
- build-images.yml: Updated comments with correct IP
- All CI runners MUST use 172.0.0.29 (internal IP)
3. **Verified branch naming**
- This repo uses 'master' (not 'main')
- All workflows correctly reference 'master'
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Replace custom CI image with public rust image to fix workflow failures.
Add Node.js installation step for rust-fmt-check job.
The custom image (gitea.tftsr.com:3000/sarman/trcaa-linux-amd64:rust1.88-node22)
needs to be built via build-images workflow first.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
