bitforge/orchard
3
0
Fork 0
Code Projects Wiki Activity
110 Commits 19 Branches 0 Tags
58bdb208a92c075ad046987fc38fd35c970120c3
Commit Graph

110 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mondo Diaz
58bdb208a9 Remove exists rule from frontend_tests for consistent behavior 2026-01-14 18:15:25 +00:00
Mondo Diaz
0c4c263059 Enhance test jobs with caching, coverage, and parallel execution 
CI improvements:
- Add needs: [] to run tests parallel with build (faster pipeline)
- Add pip/npm caching (faster subsequent runs)
- Add 15m timeout to prevent hung jobs
- Add pytest coverage with cobertura report for GitLab
- Add pytest JUnit report for test tab in MR
- Add vitest coverage with cobertura report for GitLab
- Add coverage regex for badge display

Frontend:
- Add @vitest/coverage-v8 dependency
- Configure vitest coverage reporter (text, cobertura, html)
 2026-01-14 18:15:25 +00:00
Mondo Diaz
5087aefdf8 Use deps.global.bsf.tools registry for frontend_tests image 2026-01-14 18:15:25 +00:00
Mondo Diaz
3b54c74912 Fix frontend_tests to use correct container registry 2026-01-14 18:15:25 +00:00
Mondo Diaz
157cb4910f Refactor CI pipeline with templates and add frontend tests 
- Add frontend_tests job (npm run test with Vitest)
- Add verification checks to deploy_stage (health, API, frontend)
- Extract shared YAML anchors: deploy_template, helm_setup, verify_deployment
- Reduce code duplication across deploy jobs
 2026-01-14 18:15:25 +00:00
Mondo Diaz
1a7fb3e5ba Fix security scan issues and harden docker-compose 
Hadolint fixes:
- Use printf instead of echo for escape sequences
- Add hadolint ignore for apt pin version (DL3008)

KICS fixes (docker-compose):
- Add security_opt: no-new-privileges to all services
- Add mem_limit and cpus to prevent resource exhaustion
- Add healthcheck to orchard-server in docker-compose.yml

Gitleaks:
- Add .gitleaksignore for false positive (s3_key attribute name)
- Remove allow_failure from secrets job (now blocking)

Also:
- Remove || echo fallback from python_tests (tests should fail pipeline)
 2026-01-14 18:15:25 +00:00
Mondo Diaz
35d29bba75 Add comprehensive deployment verification 
- Health endpoint polling with retry loop
- API check (GET /api/v1/projects returns 200)
- Frontend check (HTML is served)
- Clear output with section headers
 2026-01-14 18:15:25 +00:00
Mondo Diaz
6cd937881f Add deployment verification with health check polling 
- Add --wait --timeout 5m to helm upgrade
- Add kubectl rollout status check
- Poll health endpoint for up to 5 minutes (for cert provisioning)
 2026-01-14 18:15:25 +00:00
Mondo Diaz
04d3801994 Add PROSPER-NOTES.md to gitignore 2026-01-14 18:15:25 +00:00
Mondo Diaz
b08af27086 Add build_image dependency to deploy jobs 2026-01-14 18:15:25 +00:00
Mondo Diaz
03d1e9b843 Fix image tag format to match Prosper output (git.linux-amd64-SHA) 2026-01-14 18:15:25 +00:00
Mondo Diaz
d8b68da004 Clean up CI pipeline and remove unused values files 
- Use branch name (CI_COMMIT_REF_SLUG) instead of commit SHA for feature IDs
- Remove commented-out code and unused deploy template
- Fix deploy_stage to use kubectl config use-context
- Remove values-production.yaml and values-external.yaml
 2026-01-14 18:15:25 +00:00
Mondo Diaz
09b51f5223 Add kubectl context to cleanup_feature job 2026-01-14 18:15:25 +00:00
Mondo Diaz
1bc9b947bc Fix helm path by returning to project root before deploy 2026-01-14 18:15:25 +00:00
Mondo Diaz
f0cc2c0fbe Use kubectl config use-context for agent authentication 2026-01-14 18:15:25 +00:00
Mondo Diaz
d4ed0aa2e7 Test: hardcode agent path to rule out variable interpolation 2026-01-14 18:15:25 +00:00
Mondo Diaz
74595c68cf Add GitLab Agent configs with CI/CD access for deployments 2026-01-14 18:15:25 +00:00
Mondo Diaz
0327027306 Fix GitLab Agent paths to use full project:agent format 2026-01-14 18:15:25 +00:00
Armando Diaz
deda6e33a0 update jobs to use correct image and agents. 2026-01-14 18:15:25 +00:00
Mondo Diaz
96477db51f Add feature branch deployment pipeline 
- Add deploy_feature job for ephemeral dev environments
- Use unique identifier (feat-{short_sha}) for K8s resource isolation
- Dynamic hostnames for ingress (orchard-{sha}.common.global.bsf.tools)
- Add cleanup_feature job with on_stop for automatic cleanup on merge
- Add values-dev.yaml with lighter resources for ephemeral deployments
- Refactor deploy_stage to use dynamic image tag from CI
 2026-01-14 18:15:25 +00:00
Dane Moss
d8352fde7c comment out rule block for now 2026-01-14 18:15:25 +00:00
Dane Moss
397fa785e1 try another rule 2026-01-14 18:15:25 +00:00
Dane Moss
ce3863212d update job name 2026-01-14 18:15:25 +00:00
Dane Moss
fe68b3e257 Update .gitlab-ci.yml file 2026-01-14 18:15:25 +00:00
Dane Moss
2ebea2f7e3 Update 2 files 
- /helm/orchard/values-stage.yaml
- /.gitlab-ci.yml
 2026-01-14 18:15:25 +00:00
Mondo Diaz
7cfad28f67 Merge branch 'agent-config' into 'main' 
Agent config

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!26
 2026-01-13 15:09:02 -06:00
Mondo Diaz
37666e41a7 Agent config 2026-01-13 15:09:02 -06:00
Dane Moss
0cc4f25362 Merge branch 'update_changelog' into 'main' 
add changelog entry

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!25
 2026-01-12 10:11:50 -07:00
Dane Moss
5c9da9003b add changelog entry 2026-01-12 10:11:50 -07:00
Dane Moss
90bb2a3a39 Merge branch 'feature/auth-system' into 'main' 
Implement authentication system with access control UI

Closes #50 and #18

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!24
 2026-01-12 09:52:35 -07:00
Mondo Diaz
617bcbe89c Implement authentication system with access control UI 2026-01-12 09:52:35 -07:00
Mondo Diaz
1cbd335443 Merge branch 'feature/drag-drop-upload' into 'main' 
Add drag-and-drop upload component with chunked uploads and offline support

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!23
 2026-01-08 11:59:33 -06:00
Mondo Diaz
10d3694794 Add drag-and-drop upload component with chunked uploads and offline support 2026-01-08 11:59:32 -06:00
Mondo Diaz
bccbc71c13 Merge branch 'feature/download-verification' into 'main' 
Add download verification with SHA256 checksum support (#26, #27, #28, #29)

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!22
 2026-01-07 13:36:46 -06:00
Mondo Diaz
35fda65d38 Add download verification with SHA256 checksum support (#26, #27, #28, #29) 2026-01-07 13:36:46 -06:00
Mondo Diaz
08dce6cbb8 Merge branch 'feature/audit-history-api' into 'main' 
Metadata database tracks all uploads with project, package, tag, and timestamp queryable via API

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!21
 2026-01-07 12:31:46 -06:00
Mondo Diaz
2f1891cf01 Metadata database tracks all uploads with project, package, tag, and timestamp queryable via API 2026-01-07 12:31:44 -06:00
Mondo Diaz
81458b3bcb Merge branch 'feature/ref-count-management' into 'main' 
Add ref_count management for deletions with atomic operations and error handling

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!20
 2026-01-06 13:44:23 -06:00
Mondo Diaz
7e68baed08 Add ref_count management for deletions with atomic operations and error handling 2026-01-06 13:44:23 -06:00
Mondo Diaz
66622caf5d Add AGENTS.md to gitignore for OpenCode compatibility 2026-01-05 09:24:33 -06:00
Mondo Diaz
96d79e4127 Merge branch 'fix/helm-minio-ingress-rename' into 'main' 
Fix Helm chart: rename minio.ingress to minioIngress to avoid subchart conflict

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!19
 2025-12-16 12:51:42 -06:00
Mondo Diaz
accba9e404 Fix Helm chart: rename minio.ingress to minioIngress to avoid subchart conflict 2025-12-16 12:51:41 -06:00
Dane Moss
64e420fb58 Merge branch 'cut_new_release' into 'main' 
release new image with presigned URL support for direct s3 downloads as default download mode

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!18
 2025-12-15 15:30:38 -07:00
dane.moss
994f166de8 release new image with presigned URL support for direct s3 downloads as default download mode 2025-12-15 15:17:53 -07:00
Mondo Diaz
8999552949 Merge branch 'feature/presigned-url-downloads' into 'main' 
Add presigned URL support for direct S3 downloads (#48)

Closes #48

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!17
 2025-12-15 16:06:51 -06:00
Mondo Diaz
2df97ae94a Add presigned URL support for direct S3 downloads (#48) 2025-12-15 16:06:51 -06:00
Mondo Diaz
caa0c5af0c Merge branch 'feature/store-sha256-checksums' into 'main' 
Store SHA256 checksums with artifacts and add multiple hash support

Closes #25

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!16
 2025-12-15 14:47:31 -06:00
Mondo Diaz
3fd2747ae4 Store SHA256 checksums with artifacts and add multiple hash support 2025-12-15 14:47:30 -06:00
Mondo Diaz
96367da448 Merge branch 'feature/integrity-verification-design' into 'main' 
Add integrity verification workflow design document

Closes #24

See merge request esv/bsf/bsf-integration/orchard/orchard-mvp!15
 2025-12-15 14:00:32 -06:00
Mondo Diaz
2686fdcb89 Add integrity verification workflow design document 2025-12-15 14:00:32 -06:00