feat(#273): Add capability-based authorization for federation #303

Closed

jason.woltje wants to merge 0 commits from harbor-to-gitea-migration into main

pull from: harbor-to-gitea-migration

merge into: mosaic:main

mosaic:main

mosaic:fix/ci-glibc-image

mosaic:fix/dockerfile-npmrc

mosaic:fix/matrix-native-binary

mosaic:fix/kaniko-cache

mosaic:fix/base-image-kaniko-v2

mosaic:fix/base-image-kaniko

mosaic:feat/custom-base-image

mosaic:ci/pnpm-cache

mosaic:fix/interceptor-tests

mosaic:fix/kanban-tests

mosaic:feat/wire-chat

mosaic:feat/usage-widget

mosaic:fix/security-hardening

mosaic:fix/project-domain-v2

mosaic:feat/kanban-add-task

mosaic:fix/project-domain-attach

mosaic:fix/logs-page-clean

mosaic:fix/workspace-members

mosaic:fix/ci-lint-632

mosaic:fix/file-manager-tags

mosaic:fix/csrf-debug-log

mosaic:fix/controller-type-imports

mosaic:fix/system-admin-env

mosaic:fix/gateway-cors-trusted-origins

mosaic:feat/project-detail-page

mosaic:fix/fleet-provider-form-dto-v2

mosaic:fix/ms22-audit

mosaic:fix/orchestrator-widgets

mosaic:fix/fleet-provider-form-dto

mosaic:fix/csrf-bearer-bypass

mosaic:fix/ms22-missing-authmodule-imports

mosaic:fix/container-lifecycle-config-module

mosaic:fix/swarm-compose-ms22-vars

mosaic:chore/ms22-p1-complete

mosaic:feat/ms22-p1h-settings-ui

mosaic:feat/ms22-p1f-onboarding-ui

mosaic:feat/ms22-p1i-chat-proxy

mosaic:feat/ms22-p1k-idle-reaper

mosaic:feat/ms22-p1j-docker

mosaic:feat/ms22-p1e-onboarding-api

mosaic:feat/ms22-p1g-settings-api

mosaic:feat/ms22-p1d-container-mgr

mosaic:feat/ms22-p1c-config-api

mosaic:chore/ms22-prd-tracking

mosaic:feat/ms22-p1a-schema

mosaic:feat/ms22-p1b-crypto

mosaic:chore/ms22-p1-tasks

mosaic:docs/ms22-architecture

mosaic:feat/ms22-openclaw-docker

mosaic:feat/ms22-openclaw-gateway-module

mosaic:chore/ms21-complete

mosaic:chore/ms21-final-tasks-done

mosaic:fix/ms21-ui-001-qa

mosaic:test/ms21-ui-tests

mosaic:chore/ms21-tasks-sync

mosaic:chore/ms22-phase0-complete

mosaic:feat/ms22-ingest-clean

mosaic:feat/ms21-ui-users-members

mosaic:feat/ms22-task-agent

mosaic:chore/tasks-final

mosaic:chore/tasks-update

mosaic:feat/ms21-session-invalidation

mosaic:feat/ms21-rbac-settings

mosaic:feat/ms21-teams-page

mosaic:feat/ms21-users-page

mosaic:feat/ms19-terminal-persistence

Conversation 0 Commits - Files Changed - +31 -31

jason.woltje commented 2026-02-04 01:51:29 +00:00

Owner

Copy Link

Implements capability-based authorization for federation endpoints. Closes #273.

Implements capability-based authorization for federation endpoints. Closes #273.

jason.woltje added 2 commits 2026-02-04 01:51:30 +00:00

feat(infra): Migrate from Harbor to Gitea Packages registry ... bb144a7d1c

BREAKING CHANGE: Container registry changed from Harbor to Gitea Packages

Changes:
- Update .woodpecker.yml to push to git.mosaicstack.dev instead of reg.mosaicstack.dev
- Change secret names: harbor_username/harbor_password → gitea_username/gitea_token
- Update docker-compose.prod.yml image references
- Update all three images: api, web, postgres

Registry Migration:
- Old: reg.mosaicstack.dev (Harbor)
- New: git.mosaicstack.dev (Gitea Packages)
- Old: reg.diversecanvas.com (Harbor)
- New: git.mosaicstack.dev (Gitea Packages)

Manual Steps Required:
1. Create Gitea personal access token with 'read:package' and 'write:package' scopes
2. Add Woodpecker secrets:
   - gitea_username: Your Gitea username
   - gitea_token: Personal access token from step 1
3. Test build pipeline
4. Delete old Harbor secrets after validation

Related: ADR-001 in jarvis-brain
See: jarvis-brain/docs/migrations/harbor-to-gitea-packages.md

Merge branch 'develop' into harbor-to-gitea-migration f0be6a31e4

jason.woltje closed this pull request 2026-02-04 01:52:09 +00:00

Some checks failed

Hide all checks

ci/woodpecker/push/woodpecker Pipeline failed

Details

ci/woodpecker/manual/woodpecker Pipeline failed

Details

ci/woodpecker/pr/woodpecker Pipeline failed

Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

ai

AI/LLM integration

api

Backend/API work

api

auth

Authentication

database

database

Database/schema work

devops

Docker/deployment

docs

Documentation

frontend

graph

knowledge-module

migration

Data migration

orchestrator

Orchestrator service (apps/orchestrator/)

p0

Critical priority

p1

High priority

p2

Medium priority

p3

Low priority

performance

Performance work

phase-1

phase-2

phase-3

phase-4

phase-5

plugin

MoltBot plugin work

search

security

Security-related

setup

Initial setup

testing

Testing/QA

web

Frontend work

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

jason.woltje

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: mosaic/stack#303