- Correct start_pty_exec_session and start_pty_attach_session invoke calls
to use pod/container keys matching Rust command parameter names; drop
unused shell arg from the invoke payload
- Fix ansi-to-react CJS/ESM interop in LogStreamPanel: unwrap .default on
CJS module so React does not receive a plain object at render time; add
optimizeDeps entry to vite.config.ts so Vite pre-bundles it in dev
- Replace Badge + getPodStatusColor with StatusBadge in PodList; remove
now-unused helper; extend getStatusVariant in Badge.tsx to handle
crashloopbackoff, OOM, backoff, terminating, and evicted states
- Fix pre-existing lint issues: remove unused listPodsCmd/listNamespacesCmd
imports from PortForwardPage, wrap loadPortForwards in useCallback, and
remove unused logLine variable from LogStreamPanel test
Namespaces had a read-only table with no actions. Adds an edit button per
row that fetches the namespace YAML via getResourceYamlCmd (cluster-scoped,
empty namespace param) and opens EditResourceModal.
Change RENOVATE_ENDPOINT from /api/v3 to /api/v1. Gitea uses v1 for all
API routes; the /api/v3 path returns 404 which Renovate surfaces as an
authentication failure.
Add `path_str()` to `KubeconfigGuard` so the path can be passed to
`SessionParams` without consuming the guard. Both `start_pty_exec_session`
and `start_pty_attach_session` now hold the guard live until
`start_exec/attach_session` returns `Ok`, then disarm it. Previously
`disarm()` was called before the session-start call, meaning a kubeconfig
temp file would leak if PTY spawn or session registration failed after the
guard was consumed.
BLOCKER fixes:
- Implement create_azuredevops_workitem instead of returning a stub error,
reusing the existing create_work_item integration helper and writing an
audit-log entry on success.
- Log kill failures in PtySession::Drop so leaked child processes surface
in tracing rather than being silently swallowed.
- Add explicit PTY cleanup on every exit path of run_session_io (process
exit, read error, write error, resize error, terminate command).
- Treat PTY resize failures as fatal: emit terminal-error to the frontend
and break the session loop instead of just warning.
WARNING fixes:
- Remove the dead extract_json_path_value helper from commands/kube.rs.
- Wrap temp kubeconfig files in commands/metrics.rs in an RAII guard
(TempKubeconfig) so they're removed on early-return / panic paths.
- Wrap temp kubeconfig files in commands/shell.rs PTY-session starters
in a disarmable RAII guard (KubeconfigGuard); if kubectl resolution
fails we no longer leak the file.
- Drop the `clear;` prefix from the kubectl-exec shell fallback so
containers without `clear`/`tput` don't print a confusing error.
SUGGESTION fixes:
- Document why node CPU/memory percentages are 0.0 in metrics::client
and link the gap to future work fetching node capacity.
- Add a module-level doc comment to AppState describing the
synchronization expectations (std vs tokio Mutex) for each public
field, and warn against holding std::sync MutexGuards across .await.
Verified: cargo fmt --check, cargo clippy -- -D warnings, and
cargo test (377 passed, 6 ignored) all pass.
- Add column config to DeploymentList
- Add column config to StatefulSetList
- Add column config to DaemonSetList
- Add column config to JobList
- Add column config to CronJobList
- Add column config to ReplicaSetList
- Add column config to ReplicationControllerList
All workload lists now have user-customizable columns with settings button.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add metrics module with CPU/memory parsing
- Create get_pod_metrics and get_node_metrics commands
- Parse kubectl top pods/nodes JSON output
- Format CPU (nanocores) and memory (KB) to human-readable
- Add unit tests for parsing functions
- Register metrics commands in Tauri
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Remove unused import and variable in criticalUIFixes test
Update PodList test mocks to use new Interactive* modal components
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Create SecretDataModal component for viewing and decoding base64 secret data
- Add View Data action to SecretList that opens SecretDataModal
- Add Edit and Delete actions to PodDisruptionBudgetList
- Add Edit and Delete actions to PriorityClassList
- Add Edit and Delete actions to RuntimeClassList
- Add Edit and Delete actions to LeaseList
- Add Edit and Delete actions to MutatingWebhookList
- Add Edit and Delete actions to ValidatingWebhookList
- Update KubernetesPage to pass onRefresh to all config resource lists
- Export SecretDataModal from index.tsx
- Add comprehensive test suite for SecretDataModal (8 tests, all passing)
SecretDataModal features:
- Parses secret YAML and extracts data keys
- Decodes base64 values with native atob()
- Individual reveal/hide toggle per key
- Copy to clipboard with visual feedback
- Handles empty secrets and malformed base64
All 11 config resource types now have complete Edit/Delete functionality.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Create WorkloadLogsModal component for viewing logs from workload-managed pods
- Add Logs action to DeploymentList with WorkloadLogsModal
- Add Logs action to StatefulSetList with WorkloadLogsModal
- Add Logs action to DaemonSetList with WorkloadLogsModal
- Add Logs action to JobList with WorkloadLogsModal
- Add Logs action to CronJobList with WorkloadLogsModal
- Add Logs action to ReplicaSetList with WorkloadLogsModal
- Fully rewrite ReplicationControllerList with Scale, Logs, Edit, Delete actions
- WorkloadLogsModal uses pod name-pattern matching to find workload pods
- Support for all workload types: deployment, statefulset, daemonset, job, cronjob, replicaset, replicationcontroller
- Configurable tail lines (50, 100, 500, 1000, 5000)
- Verify WorkloadOverview dashboard already exists and functional
All workload resource types now have complete functionality matching FreeLens.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Replace LogsModal with LogStreamPanel in PodList for streaming logs
Add smart positioning to ResourceActionMenu to flip when near bottom
Fix dark mode text visibility by applying class to html element
Fix YAML editor loading race condition
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Fix LogStreamPanel event listener cleanup with synchronous unlisten
- Fix eventBus async-unsafe unsubscribe with proper error handling
- Fix KubernetesPage infinite loading by resetting state on section change
- Add ErrorBoundary component with reset capability
- Add Badge component with multiple variants
- Add ResourceDetailsDrawer for slide-out details panel
- Add useFavorites hook with localStorage persistence
- Add useKeyboardShortcuts hook for declarative shortcuts
- Add comprehensive test coverage for all new components/hooks
- Add keyboard shortcuts documentation to README
- Wrap KubernetesPage with ErrorBoundary for crash recovery
- Install react-window for virtual scrolling support
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Add PortForwardPage.tsx as standalone page for port forwarding management
with complete CRUD operations (Start, Stop, Delete). Includes real-time
status updates, auto-refresh, and integrated form for creating new forwards.
All 6 network resource list components already exist and are complete:
- ServiceList.tsx: Name, Type, Cluster IP, External IP, Ports, Age, Status
- IngressList.tsx: Name, Namespace, Load Balancers, Rules, Age
- NetworkPolicyList.tsx: Name, Namespace, Pod Selector, Age
- EndpointList.tsx: Name, Namespace, Endpoints, Age
- EndpointSliceList.tsx: Name, Namespace, Endpoints, Address Type, Age
- IngressClassList.tsx: Name, Controller, Age
Backend commands verified in kube.rs:
- start_port_forward, stop_port_forward, list_port_forwards, delete_port_forward
Navigation already integrated in KubernetesPage.tsx Network group.
Deployment/StatefulSet/DaemonSet action handlers were passing
namespace='all' to kubectl when All Namespaces was selected.
Actions now use the resource's own .namespace field for openEdit,
handleRestart, handleRollback, handleDelete, ScaleModal, and
EditResourceModal.
Adds 21 TDD tests in WorkloadListActions.test.tsx covering all
action handlers across DeploymentList, StatefulSetList, DaemonSetList,
ReplicaSetList, JobList, and CronJobList. Tests verify IPC calls
receive the item's actual namespace even when the filter prop is 'all'.
Service/Ingress/ConfigMap/Secret/HPA/PVC/ServiceAccount/Role/RoleBinding/
NetworkPolicy/ResourceQuota/LimitRange action handlers now use the resource's
own .namespace field instead of the UI filter namespace='all'. Removes the
now-unused ns local variable from CronJobList/JobList/ReplicaSetList.
24 new TDD tests verify the correct namespace is passed to getResourceYamlCmd
and deleteResourceCmd for each of the 12 affected components.
Pod actions (logs, shell, attach, edit, delete) were receiving namespace='all'
from the UI filter prop and passing it to kubectl as -n all. Fixes by adding
namespace field to PodInfo (Rust + TypeScript) and using pod.namespace in all
action command calls in PodList.
- workloads_overview now fetches pods/deployments/statefulsets/daemonsets/jobs/
cronjobs in parallel via Promise.allSettled
- loadInitialData initializedRef guard prevents double connectClusterFromKubeconfig
- connection errors now surface as a dismissible banner instead of being swallowed
Non-adaptive text-gray-* and bg-white classes replaced with text-foreground,
text-muted-foreground, bg-card, bg-background — ensuring readable contrast
in both light and dark themes.
Each kubectl command now uses a globally unique temp kubeconfig path via
an AtomicU64 counter, preventing TempFileCleanup from deleting a file that
a concurrent call is still using.
KubernetesPage.test.tsx had two stale section heading assertions from
before the nav restructure:
- "Services & Networking" → "Network"
- "Config & Storage" → "Config" + "Storage" (now separate sections)
Also renamed the matching it() description for accuracy.
eslint.config.js: add .claude/ to ignores (session memory dir).
Adds FreeLens feature inventory (md + json) generated during
gap analysis research for this feature parity work.
- Apply cargo fmt to src-tauri/src/commands/kube.rs (CI was failing)
- Update pr-review.yml to use qwen3-coder-next model via liteLLM
- Add TICKET-kube-ui-feature-parity.md gap analysis for FreeLens parity
Co-Authored-By: TFTSR Engineering <noreply@tftsr.com>
Replace hardcoded light-mode Tailwind colors with dark: variants
across six components. Issues that broke readability:
- PiiDiffViewer / Security: toggle knob was bg-white (invisible on
bg-muted in dark mode) -> bg-background
- ImageGallery: thumbnail container, filename labels, alert banners,
and modal chrome all used hardcoded gray/white backgrounds with dark
text; added full dark: variants throughout
- ShellExecution TIER_CONFIG: tier cards used bg-green/yellow/red-50
(near-white) with dark text; added dark:bg-*-950/30 backgrounds and
light text for all three tiers
- ShellApprovalModal: tier 2 badge hardcoded bg-yellow-50/text-yellow-700;
added dark: variants
- LogUpload: PII warning alert used bg-amber-50/text-amber-800; added
dark:bg-amber-900/20 and lighter text for dark mode
Add write_secure_temp_file() helper that creates files with mode 0600
on Unix (owner read/write only) instead of the default 0644
(world-readable). All 41 temp kubeconfig write sites updated.
Kubeconfig files contain cluster credentials; world-readable temp files
would expose them to any local user on the system.
- Add detect_auth_method() to identify kubeconfig credential type
(exec plugin, bearer token, inline cert, file-path cert, basic auth)
and surface warnings when the auth requires an external binary or file
- Split test into Stage 1 (kubectl get --raw=/healthz, no auth) and
Stage 2 (kubectl cluster-info, authenticated), so connectivity and
auth failures are reported distinctly rather than collapsing both
into opaque memcache.go noise
- Output now includes auth method and per-stage result for faster
diagnosis of 'server requires credentials' vs unreachable host
Credential error persists: switch all 40 kubectl invocations from using
KUBECONFIG env var to the explicit --kubeconfig CLI flag. The flag has higher
precedence in kubectl's lookup order and is unambiguous regardless of any
inherited KUBECONFIG env var in the parent process environment.
Also adds test_kubectl_connection Tauri command (runs kubectl cluster-info
with the stored kubeconfig) and a Test button in Settings → Kubeconfig so
the exact kubectl output — context name, exit code, full stdout/stderr — is
visible without needing to inspect tracing logs. This output will reveal
whether the issue is expired certs, a missing exec-auth plugin, wrong context,
or something else entirely.
