sarman/tftsr-devops_investigation
1
1
Fork 0
Code Issues 4 Pull Requests Actions 34 Packages Projects 3 Releases 6 Wiki Activity
524 Commits 4 Branches 33 Tags 3.5 GiB
4c41bdfddf
Commit Graph

5 Commits

Author SHA1 Message Date
Shaun Arman
093495a653 feat: full copy from apollo_nxt-trcaa with complete sanitization
Some checks failed
Test / rust-fmt-check (pull_request) Failing after 0s
Details
Test / rust-clippy (pull_request) Failing after 1s
Details
Test / rust-tests (pull_request) Failing after 0s
Details
Test / frontend-typecheck (pull_request) Failing after 16s
Details
Test / frontend-tests (pull_request) Failing after 18s
Details
PR Review Automation / review (pull_request) Failing after 4m13s
Details 
Complete backport of all features from apollo_nxt-trcaa repository:
- Three-tier shell execution safety system (Tier 1: auto, Tier 2: approve, Tier 3: deny)
- Ollama function calling with tool use support
- AI provider tool calling auto-detection
- kubectl binary bundling and management
- kubeconfig upload and context management
- Shell approval modal with real-time UI
- MCP protocol HTTP transport with custom headers
- Enhanced security audit logging
- Comprehensive test coverage (275+ tests)
- Updated CI/CD workflows for Gitea Actions
- Complete documentation (ADRs, wiki, release notes)

Sanitization applied to all files:
- Removed all MSI, Motorola, VNXT, Vesta references
- Replaced internal infrastructure references with TFTSR equivalents
- Updated all URLs and API endpoints
- Sanitized commit history references in documentation

Technical changes:
- New modules: shell/classifier, shell/executor, shell/kubectl, shell/kubeconfig
- Enhanced AI providers: ollama.rs, openai.rs with function calling
- New Tauri commands: shell execution, kubeconfig management, tool calling detection
- Database migrations: shell_execution_audit table
- Frontend: ShellApprovalModal, ShellExecution, KubeconfigManager pages
- CI/CD: kubectl bundling, multi-platform builds, Gitea Actions integration

Version: 1.0.8

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-06-05 14:12:43 -05:00
Shaun Arman
19cc78a05f feat: add image attachment support with PII detection
Some checks failed
Test / frontend-tests (pull_request) Successful in 1m4s
Details
Test / frontend-typecheck (pull_request) Failing after 1m6s
Details
Test / rust-fmt-check (pull_request) Successful in 2m42s
Details
Test / rust-clippy (pull_request) Successful in 19m1s
Details
Test / rust-tests (pull_request) Failing after 20m7s
Details 
- Add image_attachments table to database schema (migration 013)
- Implement image upload, list, delete, and clipboard paste commands
- Add image file PII detection with user approval workflow
- Register image attachment commands in Tauri IPC
- Update TypeScript types and frontend components
- Add unit tests for image attachment functionality
- Update README and wiki documentation
 2026-04-08 20:03:34 -05:00
Shaun Arman
281e676ad1 fix(security): harden secret handling and audit integrity 
Remove high-risk defaults and tighten data handling across auth, storage, IPC, provider calls, and capabilities so sensitive data is better protected by default. Also update README/wiki security guidance and add targeted tests for the new hardening behaviors.

Made-with: Cursor
 2026-04-04 23:37:05 -05:00
Shaun Arman
1d40dfb15b fix: use Wiki secret for authenticated wiki sync (v0.2.8)
Some checks failed
Release / build-macos-arm64 (push) Has been cancelled
Details
Release / build-windows-amd64 (push) Has been cancelled
Details
Release / build-linux-arm64 (push) Has been cancelled
Details
Release / build-linux-amd64 (push) Has been cancelled
Details 
- Updated wiki-sync job to use secrets.Wiki for authentication
- Simplified clone/push logic with token-based auth
- Wiki push will now succeed with proper credentials
- Bumped version to 0.2.8

The workflow now uses the 'Wiki' secret created in Gitea Actions
to authenticate wiki repository pushes. This fixes the authentication
issue that was preventing automatic wiki synchronization.
 2026-04-03 16:47:32 -05:00
Shaun Arman
8839075805 feat: initial implementation of TFTSR IT Triage & RCA application 
Implements Phases 1-8 of the TFTSR implementation plan.

Rust backend (Tauri 2.x, src-tauri/):
- Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama
- PII detection engine: 11 regex patterns with overlap resolution
- SQLCipher AES-256 encrypted database with 10 versioned migrations
- 28 Tauri IPC commands for triage, analysis, document, and system ops
- Ollama: hardware probe, model recommendations, pull/delete with events
- RCA and blameless post-mortem Markdown document generators
- PDF export via printpdf
- Audit log: SHA-256 hash of every external data send
- Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2)

Frontend (React 18 + TypeScript + Vite, src/):
- 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings
- 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives
- 3 Zustand stores: session, settings (persisted), history
- Type-safe tauriCommands.ts matching Rust backend types exactly
- 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs)

DevOps:
- .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push
- .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload

Verified:
- cargo check: zero errors
- tsc --noEmit: zero errors
- vitest run: 13/13 unit tests passing

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
 2026-03-14 22:36:25 -05:00