tftsr-devops_investigation

sarman/tftsr-devops_investigation

Fork 0

RSS Feed

v0.3.12 74f56b6a17

Compare
TFTSR v0.3.12

All checks were successful

Auto Tag / autotag (push) Successful in 6s

Details

Auto Tag / wiki-sync (push) Successful in 8s

Details

Test / rust-fmt-check (push) Successful in 1m21s

Details

Auto Tag / changelog (push) Successful in 1m18s

Details

Test / frontend-typecheck (push) Successful in 1m29s

Details

Test / frontend-tests (push) Successful in 1m32s

Details

Test / rust-clippy (push) Successful in 3m42s

Details

Auto Tag / build-macos-arm64 (push) Successful in 4m36s

Details

Test / rust-tests (push) Successful in 5m55s

Details

Auto Tag / build-linux-amd64 (push) Successful in 9m20s

Details

Auto Tag / build-windows-amd64 (push) Successful in 11m14s

Details

Auto Tag / build-linux-arm64 (push) Successful in 11m22s

Details

sarman released this 2026-06-05 15:30:37 +00:00 | 300 commits to beta since this release
[0.3.12] — 2026-06-05

Bug Fixes
- ci: Fix YAML syntax error in test.yml
- Address valid PR review findings
- Add missing @testing-library/dom dependency and fix clippy warning
Documentation
- Add ADRs for shell safety, MCP transport, kubectl bundling
- Update wiki with shell execution, Ollama function calling, and CI/CD changes
- Add v1.0.7 and v1.0.8 release notes
Features
- Add three-tier shell execution with kubectl support
- Add shell execution database migrations (migrations #24-28)
- Add Ollama function calling and tool calling auto-detection
- Add shell execution and kubeconfig management UI
- Add kubectl binary bundling for cross-platform support
[0.3.11] — 2026-06-01

Bug Fixes
- mcp: Treat missing resources/list as non-fatal for servers that don't implement it
Documentation
- wiki: Update MCP-Servers.md with env var support, PATH requirement, and new schema column
[0.3.10] — 2026-06-01

Bug Fixes
- mcp: Add env encryption to store layer
- mcp: Parse and merge env vars in discovery layer
- mcp: Add environment variable and HTTP header support for MCP servers
- mcp: Improve UX clarity for encrypted env vars during edit
- mcp: Change plaintext env input to type=text
- mcp: Add validation to block dangerous environment variables
- mcp: Fix test_allows_safe_env_vars test failure
[0.3.9] — 2026-06-01

Bug Fixes
- security: Expand Password PII patterns; add regression tests
[0.3.8] — 2026-06-01

Bug Fixes
- security: Block PII in chat attachments and typed messages
- security: Address PR review — move attachment handling to backend, auto-redact PII
- security: Backend-only PII redaction; fix fmt CI failure
- security: Frontend attachment scan notice, bubble redaction update, fmt fix
- security: Full-content PII scan, clippy, IPC null fix, scan size cap
- Audit PII redaction metadata, safe bubble update, update ticket
[0.3.7] — 2026-05-31

Bug Fixes
- Address PR review findings — compress errors, size guard, modal error display
Features
- Attachment DB storage and cross-incident recall
[0.3.6] — 2026-05-31

Bug Fixes
- ci: Push detached HEAD to master using HEAD:master refspec
- ci: Consolidate all auto-tag changelog fixes
[0.3.5] — 2026-05-31

Bug Fixes
- ci: Changelog job creates release to avoid race with build jobs
- ci: Verify tag exists locally before running git-cliff
[0.3.4] — 2026-05-31

Bug Fixes
- ci: Pass release_tag as job output; fix equal-version case; drop git-describe [skip ci]
- ai,search: Load history across all conversations; deep search related tables
- ci: Reduce AI review hallucinations in pr-review workflow
- agentic: Inline format arg in writeln! to satisfy clippy::uninlined_format_args
- ci: Rewrite pr-review to send full file contents instead of diffs
- ci: Fix secret scrubbing regex that was deleting legitimate code lines
- ci: Add post-generation evidence verification to pr-review
- ci: Add codebase index to prompt; verify findings against full repo
- ci: Fix backtick command substitution crash in pr-review prompt
- ci: Remove concurrency group that silently dropped pr-review runs
- ci: Replace heredoc with printf to fix YAML block scalar breakage
- ci: Fix grep invalid range and printf invalid option in pr-review
- ci: Remove remaining printf -- calls in Analyze with LLM step
- ci: Use printf '%s' form to avoid format strings starting with hyphen
- ci: Write curl body to file to avoid ARG_MAX limit
- ci: Install python3 in pr-review container (ubuntu:22.04 omits it)
- sudo: Enforce username scope and singleton row in sudo_config
Documentation
- analysis: Document zip-slip safety guarantee in extract_docx_text
Features
- upload: Add safe file extension validation and binary text extraction
[0.3.3] — 2026-05-23

Bug Fixes
- Resolve all clippy lints (uninlined format args, range::contains, push_str single chars)
- Inline format args for Rust 1.88 clippy compatibility
- Retain GPU-VRAM-eligible models in recommender even when RAM is low
- Use alpine/git with explicit checkout for tag-based release builds
- Set CI=true for cargo tauri build — Woodpecker sets CI=woodpecker which Tauri CLI rejects
- Arm64 cross-compilation — add multiarch pkg-config sysroot setup
- Remove arm64 from release pipeline — webkit2gtk multiarch conflict on x86_64 host
- Write artifacts to workspace (shared between steps), not /artifacts/
- Upload step needs gogs_default network to reach Gogs API (host firewall blocks default bridge)
- Use bundled-sqlcipher-vendored-openssl for portable Windows cross-compilation
- Add make to windows build step (required by vendored OpenSSL)
- Replace empty icon placeholder files with real app icons
- Suppress MinGW auto-export to resolve Windows DLL ordinal overflow
- Use when: platform: for arm64 step routing (Woodpecker 0.15.4 compat)
- Remove unused tauri-plugin-cli causing startup crash
- Use $GITHUB_REF_NAME env var instead of ${{ github.ref_name }} expression
- Remove unused tauri-plugin-updater + SQLCipher 16KB page size
- Prevent WebKit/GTK system theme from overriding input text colors on Linux
- Set SQLCipher cipher_page_size BEFORE first database access
- Button text visibility, toggle contrast, create_issue IPC, ad-hoc codesign
- Dropdown text invisible on macOS + correct codesign order for DMG
- Add explicit text-foreground to SelectTrigger, SelectValue, and SelectItem
- Ollama detection, install guide UI, and AI Providers auto-fill
- Provider test FK error, model pull white screen, RECOMMENDED badge
- Provider routing uses provider_type, Active badge, fmt
- Navigate to /logs after issue creation, fix dashboard category display
- Dashboard shows — while loading, exposes errors, adds refresh button
- ListIssuesCmd was sending {query} but Rust expects {filter} — caused dashboard to always show 0 open issues
- Arm64 linux cross-compilation — add multiarch and pkg-config env vars
- Close from chat works before issue loads; save user reason as resolution step; dynamic version
- DomainPrompts closing brace too early; arm64 use native platform image
- UI contrast issues and ARM64 build failure
- Remove Woodpecker CI and fix Gitea Actions ARM64 build
- UI visibility issues, export errors, filtering, and audit log enhancement
- ARM64 build native compilation instead of cross-compilation
- Improve release artifact upload error handling
- Install jq in Linux/Windows build containers
- Improve download button visibility and add DOCX export
- Implement native DOCX export without pandoc dependency
- Improve Cancel button contrast in AI disclaimer modal
- Add user_id support and OAuth shell permission (v0.2.6)
- Use Wiki secret for authenticated wiki sync (v0.2.8)
- Persist integration settings and implement persistent browser windows
- ARM64 build uses native target instead of cross-compile
- Resolve clippy uninlined_format_args in integrations and related modules
- Resolve clippy format-args failures and OpenSSL vendoring issue
- Resolve macOS bundle path after app rename
- ci: Make release artifacts reliable across platforms
- ci: Harden release asset uploads for reruns
- ci: Trigger release workflow from auto-tag pushes
- ci: Guarantee release jobs run after auto-tag
- ci: Use stable auto-tag job outputs for release fanout
- ci: Run post-tag release builds without job-output gating
- ci: Repair auto-tag workflow yaml so jobs trigger
- ci: Force explicit linux arm64 target for release artifacts
- ci: Run linux arm release natively and enforce arm artifacts
- ci: Unblock release jobs and namespace linux artifacts by arch
- security: Harden secret handling and audit integrity
- pii: Remove lookahead from hostname regex, fix fmt in analysis test
- security: Enforce PII redaction before AI log transmission
- ci: Unblock release jobs and namespace linux artifacts by arch
- ci: Fix arm64 cross-compile, drop cargo install tauri-cli, move wiki-sync
- ci: Rebuild apt sources with per-arch entries before arm64 cross-compile install
- ci: Add workflow_dispatch and concurrency guard to auto-tag
- ci: Replace heredoc with printf in arm64 install step
- ci: Switch build-linux-arm64 to Ubuntu 22.04 with ports mirror
- ci: Remove GITHUB_PATH append that was breaking arm64 install step
- ci: Use POSIX dot instead of source in arm64 build step
- ci: Add make to arm64 host tools for OpenSSL vendored build
- ci: Set APPIMAGE_EXTRACT_AND_RUN=1 for arm64 AppImage bundling
- ci: Restrict arm64 bundles to deb,rpm — skip AppImage
- security: Add path canonicalization and actionable permission error in install_ollama_from_bundle
- ci: Skip Ollama download on macOS build — runner has no access to GitHub binary assets
- ci: Remove all Ollama bundle download steps — use UI download button instead
- ci: Remove explicit docker.sock mount — act_runner mounts it automatically
- db,auth: Auto-generate encryption keys for release builds
- lint: Use inline format args in auth.rs
- lint: Resolve all clippy warnings for CI compliance
- fmt: Apply rustfmt formatting to webview_fetch.rs
- types: Replace normalizeApiFormat() calls with direct value
- Fix encryption test race condition with parallel tests
- OpenWebUI provider connection and missing command registrations
- Force single test thread for Rust tests to eliminate race conditions
- Add @types/testing-library__react for TypeScript compilation
- Use 'provider' argument name to match Rust command signature
- Lint fixes and formatting cleanup
- Add missing ai_providers migration (014)
- Rename GITEA_TOKEN to TF_TOKEN to comply with naming restrictions
- Remove actions/checkout to avoid Node.js dependency
- Use ubuntu container with git installed
- Use actions/checkout with token auth and self-hosted runner
- Use IP addresses for internal services
- Simplified workflow syntax
- Add debugging output for Ollamaresponse
- Correct Ollama URL, API endpoint, and JSON construction in pr-review workflow
- Add diagnostics to identify empty Ollama response root cause
- Use bash shell and remove bash-only substring expansion in pr-review
- Restore migration 014, bump version to 0.2.50, harden pr-review workflow
- Harden pr-review workflow and sync versions to 0.2.50
- Configure container DNS to resolve ollama-ui.tftsr.com
- Harden pr-review workflow — URLs, DNS, correctness and reliability
- Resolve AI review false positives and address high/medium issues
- Replace github.server_url with hardcoded gogs.tftsr.com for container access
- Revert to two-dot diff — three-dot requires merge base unavailable in shallow clone
- Harden pr-review workflow — secret redaction, log safety, auth header
- ci: Address AI review — rustup idempotency and cargo --locked
- ci: Replace docker:24-cli with alpine + docker-cli in build-images
- docker: Add ca-certificates to arm64 base image step 1
- ci: Resolve test.yml failures — Cargo.lock, updated test assertions
- ci: Address second AI review — || true, ca-certs, cache@v4, key suffixes
- ci: Add APPIMAGE_EXTRACT_AND_RUN to build-linux-amd64
- ci: Correct git-cliff archive path in tar extraction
- ci: Use Gitea file API to push CHANGELOG.md — eliminates non-fast-forward rejection
- ci: Harden CHANGELOG.md API push step per review
- Add missing ai_providers columns and fix linux-amd64 build
- Address AI review findings
- Address critical AI review issues
- Add fuse dependency for AppImage support
- Remove AppImage bundling to fix linux-amd64 build
- Remove AppImage from upload artifact patterns
- Add Windows nsis target and update CHANGELOG to v0.2.61
- Add --locked to cargo commands and improve version update script
- Remove invalid --locked flag from cargo commands and fix format string
- integrations: Security and correctness improvements
- Correct WIQL syntax and escape_wiql implementation
- Harden timeline event input validation and atomic writes
- ci: Switch PR review from Ollama to liteLLM (qwen2.5-72b)
- test: Await async data in auditLog test to prevent race condition
- auto-tag: Use correct tag range for release notes
- auto-tag: Use tea CLI instead of hardcoded tokens
- ci: Use qwen3-coder-next model for PR review
- mcp: Add timeouts, delete audit log, OAuth state nonce; improve PR review prompt
- ci: Replace tea with curl, honour Cargo.toml version [skip ci]
- ci: Replace tea CLI with curl in changelog steps; read Cargo.toml for version
- Bump tauri.conf.json version to 0.3.0
Documentation
- Update PLAN.md with accurate implementation status
- Add CLAUDE.md with development guidance
- Add wiki source files and CI auto-sync pipeline
- Update PLAN.md - Phase 11 complete, redact token references
- Update README and wiki for v0.1.0-alpha release
- Remove broken arm64 CI step, document Woodpecker 0.15.4 limitation
- Update README and wiki for Gitea Actions migration
- Update README, wiki, and UI version to v0.1.1
- Add LiteLLM + AWS Bedrock integration guide
- Add Custom REST provider documentation
- Update wiki for v0.2.6 - integrations and Custom REST provider
- Update CI pipeline wiki and add ticket summary for arm64 fix
- architecture: Add C4 diagrams, ADRs, and architecture overview
- Add AGENTS.md and SECURITY_AUDIT.md
- docker: Expand rebuild trigger comments to include OpenSSL and Tauri CLI
- Update wiki for timeline events and incident response methodology
- Clarify changelog exclusion criteria
- Add v0.2.66 changelog entry
- Update CHANGELOG.md for v0.2.68
- Update CHANGELOG.md for v0.2.69-v0.2.71
- Update CHANGELOG.md for v0.2.71
Features
- Initial implementation of TFTSR IT Triage & RCA application
- Add Windows amd64 cross-compile to release pipeline; add arm64 QEMU agent
- Add native linux/arm64 release build step
- Add macOS arm64 act_runner and release build job
- Auto-increment patch tag on every merge to master
- Inline file/screenshot attachment in triage chat
- Close issues, restore history, auto-save resolution steps
- Expand domains to 13 — add Telephony, Security/Vault, Public Safety, Application, Automation/CI-CD
- Add HPE, Dell, Identity domains + expand k8s/security/observability/VESTA NXT
- Add AI disclaimer modal before creating new issues
- Add database schema for integration credentials and config
- Implement OAuth2 token exchange and AES-256-GCM encryption
- Add OAuth2 Tauri commands for integration authentication
- Implement OAuth2 callback server with automatic token exchange
- Add OAuth2 frontend UI and complete integration flow
- Implement Confluence, ServiceNow, and Azure DevOps REST API clients
- Add Custom REST provider support
- Add automatic wiki sync to CI workflow (v0.2.7)
- Add temperature and max_tokens support for Custom REST providers (v0.2.9)
- Add multi-mode authentication for integrations (v0.2.10)
- Complete webview cookie extraction implementation
- Add custom_rest provider mode and rebrand application name
- rebrand: Rename binary to trcaa and auto-generate DB key
- ui: Fix model dropdown, auth prefill, PII persistence, theme toggle, and Ollama bundle
- ci: Add persistent pre-baked Docker builder images
- ai: Add tool-calling and integration search as AI data source
- Add image attachment support with PII detection
- Support GenAI datastore file uploads and fix paste image upload
- Add automated PR review workflow with Ollama AI
- ci: Add automated changelog generation via git-cliff
- Implement dynamic versioning from Git tags
- integrations: Implement query expansion for semantic search
- Add timeline_events table, model, and CRUD commands
- Populate RCA and postmortem docs with real timeline data
- Wire incident response methodology into AI and record triage events
- ai: Add devops-incident-responder agent with domain auto-detection
- mcp: Add MCP Server Support with TDD implementation
Performance
- ci: Use pre-baked images and add cargo/npm caching
Refactoring
- ci: Remove standalone release workflow
- ollama: Remove download/install buttons — show plain install instructions only
- Remove custom linuxdeploy install per CI CI uses tauri-downloaded version
- Revert to original Dockerfile without manual linuxdeploy installation
Security
- Rotate exposed token, redact from PLAN.md, add secret patterns to .gitignore
- Fix query expansion issues from PR review
- Address all issues from automated PR review
Update
- Node_modules from npm install
Downloads
- Source Code (ZIP)
- Source Code (TAR.GZ)

6 Releases 33 Tags

[0.3.12] — 2026-06-05

Bug Fixes

Documentation

Features

[0.3.11] — 2026-06-01

Bug Fixes

Documentation

[0.3.10] — 2026-06-01

Bug Fixes

[0.3.9] — 2026-06-01

Bug Fixes

[0.3.8] — 2026-06-01

Bug Fixes

[0.3.7] — 2026-05-31

Bug Fixes

Features

[0.3.6] — 2026-05-31

Bug Fixes

[0.3.5] — 2026-05-31

Bug Fixes

[0.3.4] — 2026-05-31

Bug Fixes

Documentation

Features

[0.3.3] — 2026-05-23

Bug Fixes

Documentation

Features

Performance

Refactoring

Security

Update