azcomputerguru/guru-connect
1
0
Fork 0
Code Issues 18 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
97 Commits 2 Branches 2 Tags
f8bd4d1dab3c7d41ceaace9e5a67e7e092fa7d82
Commit Graph

6 Commits

Author SHA1 Message Date
Mike Swanson
5727ccf39e fix: drop broken jsign --info verify step in release
All checks were successful
Build and Test / Build Agent (Windows) (push) Successful in 5m9s
Details
Build and Test / Build Server (Linux) (push) Successful in 9m23s
Details
Build and Test / Security Audit (push) Successful in 4m19s
Details
Build and Test / Build Summary (push) Successful in 15s
Details 
jsign 7.1 signs guruconnect.exe successfully via Azure Trusted Signing, but the separate
verify step called `jsign --info` (not a real jsign subcommand) and wrongly failed the job.
jsign's non-zero exit under `set -euo pipefail` already gates signing fail-closed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 11:27:08 -07:00
Mike Swanson
e7f38ce2a0 fix: use jsign 7.1 for Azure Trusted Signing
All checks were successful
Build and Test / Build Agent (Windows) (push) Successful in 5m4s
Details
Build and Test / Build Server (Linux) (push) Successful in 8m38s
Details
Build and Test / Security Audit (push) Successful in 4m14s
Details
Build and Test / Build Summary (push) Successful in 18s
Details 
jsign 6.0 lacks the TRUSTEDSIGNING keystore type (only AZUREKEYVAULT); Azure Trusted
Signing support requires jsign >= 7.0. 7.1 matches /usr/share/jsign on the build host.
Fixes the release sign-and-publish step.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 11:05:34 -07:00
Mike Swanson
4ddced1b9b ci: fix native Windows agent build, audit, lockfile; drop redundant test.yml
All checks were successful
Build and Test / Build Agent (Windows) (push) Successful in 4m51s
Details
Build and Test / Build Server (Linux) (push) Successful in 9m1s
Details
Build and Test / Security Audit (push) Successful in 4m18s
Details
Build and Test / Build Summary (push) Successful in 9s
Details 
- Windows agent jobs (build-and-test + release): set PROTOC env + add protoc to PATH
  (prost-build needs it; the runner did not inherit the machine env), and fix the artifact
  path to the workspace-root target/ (Cargo workspace, not agent/target/).
- Commit root Cargo.lock (was missing) -> fixes `cargo audit` (Couldn't load Cargo.lock) and
  makes builds reproducible.
- Security audit is now a single workspace-root `cargo audit`, informational (warn-only) like
  clippy; re-tighten in the GC re-spec.
- Remove test.yml: redundant with build-and-test and broken (`no library targets` — server is
  a binary crate).

Native MSVC agent build verified on the Pluto runner (4m20s, clean compile).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 10:22:13 -07:00
Mike Swanson
8a47332b39 ci: build Windows agent natively on Pluto runner (drop mingw cross-compile)
Some checks failed
Build and Test / Build Agent (Windows) (push) Failing after 7m29s
Details
Build and Test / Build Server (Linux) (push) Successful in 10m2s
Details
Build and Test / Security Audit (push) Failing after 4m39s
Details
Build and Test / Build Summary (push) Has been skipped
Details
Run Tests / Test Server (push) Has started running
Details
Run Tests / Test Agent (push) Has been cancelled
Details
Run Tests / Code Coverage (push) Has been cancelled
Details
Run Tests / Lint and Format Check (push) Has been cancelled
Details 
The build-agent job (build-and-test.yml) and a new build-agent-windows job (release.yml)
now run on the windows-msvc Gitea Actions runner on Pluto, building native
x86_64-pc-windows-msvc with crt-static. release.yml hands the unsigned guruconnect.exe to
the Linux job, which signs it with Azure Trusted Signing (jsign). Removes the fragile
mingw/GNU cross-compile. Reviewed by Code Review Agent (approve-with-nits).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 09:32:12 -07:00
Mike Swanson
f2e0456f8d ci: gate release workflow to manual dispatch
Some checks failed
Build and Test / Build Server (Linux) (push) Failing after 6m22s
Details
Build and Test / Build Agent (Windows) (push) Failing after 6m29s
Details
Build and Test / Security Audit (push) Has started running
Details
Build and Test / Build Summary (push) Has been cancelled
Details
Run Tests / Test Server (push) Has been cancelled
Details
Run Tests / Test Agent (push) Has been cancelled
Details
Run Tests / Code Coverage (push) Has been cancelled
Details
Run Tests / Lint and Format Check (push) Has been cancelled
Details 
Release builds (auto-versioning + Azure Trusted Signing + Gitea release) no longer
run on every push to main; trigger deliberately via workflow_dispatch. build-and-test.yml
remains the automatic PR/push CI gate.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 07:27:17 -07:00
Mike Swanson
60519be28a feat: operational tooling — signing, versioning, changelog, roadmap (SPEC-001) 
Establish GuruConnect's release engineering and project tracking (SPEC-001):
- docs/ scaffold: FEATURE_ROADMAP, ARCHITECTURE_DECISIONS (ADR-001 standalone+contract,
  ADR-002 Gitea Actions + Azure Trusted Signing), docs/specs/SPEC-001, CHANGELOG.
- .gitea/workflows/release.yml: conventional-commit auto-versioning, git-cliff changelog,
  Windows agent build, Azure Trusted Signing via jsign (reusing the shared ACG cert profile),
  Gitea release via REST API. build-and-test.yml is the PR/push gate; deploy.yml de-duplicated.
- server: GET /api/changelog/:component/:version (latest + by-version), path-traversal hardened.
- cliff.toml; server/.env.example documents CHANGELOG_DIR.

Reviewed (Code Review Agent): axum route-conflict blocker fixed; CHANGELOG ordering, toolchain
target, breaking-change parsing, empty-changelog fallback addressed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 07:19:29 -07:00