Jarvis
586129faf4
fix(federation): add restart policies + M2-04 OID assertion criterion
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
Address review feedback on PR #490 :
- Add `restart: unless-stopped` to postgres-federated, valkey-federated,
step-ca services so they auto-recover after host reboot / docker restart.
- Update FED-M2-04 acceptance: must wire federation.tpl template into
mosaic-fed provisioner config AND include unit/integration test asserting
issued certs contain BOTH custom OIDs (grantId + subjectUserId). Carry-
forward guard from M2-02 review against silent OID stripping.
2026-04-21 21:09:32 -05:00
Jarvis
92c6431ccf
feat(federation): add Step-CA sidecar to federated compose stack [FED-M2-02]
...
Adds a profile-gated `step-ca` service to `docker-compose.federated.yml`
so the federated tier has its own internal CA. No gateway code consumes
the CA yet — that lands in M2-04 (ca.service.ts).
- docker-compose.federated.yml: new `step-ca` service using image
`smallstep/step-ca:0.27.4` (pinned stable; `latest` forbidden by
Mosaic image policy), named volume `step_ca_data`, port 9000,
`[federated]` profile gate, healthcheck with 30s start_period
- infra/step-ca/init.sh: idempotent first-boot init; runs `step ca init`
with JWK provisioner `mosaic-fed` if /home/step/config/ca.json absent;
otherwise starts CA directly
- infra/step-ca/dev-password.example: sample dev password (real file
is gitignored)
- infra/step-ca/templates/federation.tpl: X.509 template skeleton for
custom OID SAN extensions (grantId 1.3.6.1.4.1.99999.1,
subjectUserId 1.3.6.1.4.1.99999.2); TODO comment links M2-04 as the
landing point
- .gitignore: ignores infra/step-ca/dev-password (real password)
Refs #461
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-21 21:06:24 -05:00
9f1a08185e
docs(federation): S21 tracking — DEPLOY-01/02 done, IMG-FIX in flight, M2-01 in remediation ( #487 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-22 02:02:36 +00:00
d2e408656b
fix(docker): pnpm deploy for self-contained gateway runtime image ( #488 )
ci/woodpecker/push/publish Pipeline failed
ci/woodpecker/push/ci Pipeline failed
2026-04-22 02:02:29 +00:00
54c278b871
feat(db): federation schema — grants/peers/audit_log [FED-M2-01] ( #486 )
ci/woodpecker/push/publish Pipeline failed
ci/woodpecker/push/ci Pipeline failed
2026-04-22 02:02:21 +00:00
4dbd429203
feat(deploy): portainer stack template for federation test instances [DEPLOY-02] ( #485 )
ci/woodpecker/push/publish Pipeline was successful
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-22 01:34:44 +00:00
b985d7bfe2
docs(federation): M2 mission planning — TASKS decomposition + manifest update ( #483 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline failed
2026-04-22 01:24:00 +00:00
45e8f02c91
feat(mosaic-portainer): PORTAINER_INSECURE flag for self-signed TLS ( #484 )
ci/woodpecker/push/publish Pipeline failed
ci/woodpecker/push/ci Pipeline failed
2026-04-22 01:21:54 +00:00
54c422ab06
Merge pull request 'docs(federation): close FED-M1 milestone' ( #481 ) from feat/federation-m1-close into main
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
ci/woodpecker/tag/publish Pipeline was successful
2026-04-20 02:20:43 +00:00
Jarvis
b9fb8aab57
docs(federation): close FED-M1 milestone
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
- TASKS.md: mark FED-M1-12 done with PR/issue/tag references
- MISSION-MANIFEST.md: phase=M1 complete, progress 1/7, M1 row done with PR range #470-#481, session log appended
- scratchpad: Session 19 entry covering M1-09 → M1-12 with PR ledger and M1 retrospective learnings
Refs #460
2026-04-19 21:12:52 -05:00
78841f228a
docs(federation): operator setup + migration guides (FED-M1-11) ( #480 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-20 02:07:15 +00:00
dc4afee848
fix(storage): redact credentials in driver errors + advisory lock (FED-M1-10) ( #479 )
ci/woodpecker/push/ci Pipeline failed
ci/woodpecker/push/publish Pipeline failed
2026-04-20 02:02:57 +00:00
1e2b8ac8de
test(federation): standalone regression canary — no breakage from M1 (FED-M1-09) ( #478 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-20 01:46:35 +00:00
15d849c166
test(storage): integration test for migrate-tier (FED-M1-08) + camelCase column fix ( #477 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline failed
2026-04-20 01:40:02 +00:00
78251d4af8
test(federation): integration tests for federated tier gateway boot (FED-M1-07) ( #476 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-20 01:13:10 +00:00
1a4b1ebbf1
feat(gateway,storage): mosaic gateway doctor with tier health JSON (FED-M1-06) ( #475 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-20 01:00:39 +00:00
ccad30dd27
feat(storage): mosaic storage migrate-tier with dry-run + idempotency (FED-M1-05) ( #474 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-20 00:35:08 +00:00
4c2b177eab
feat(gateway): tier-detector with fail-fast PG/Valkey/pgvector probes (FED-M1-04) ( #473 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-20 00:07:07 +00:00
58169f9979
feat(storage): pgvector adapter support gated on tier=federated (FED-M1-03) ( #472 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-19 23:42:18 +00:00
51402bdb6d
feat(infra): docker-compose.federated.yml overlay (FED-M1-02) ( #471 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-19 23:21:31 +00:00
9c89c32684
feat(config): add federated tier + rename team→standalone (FED-M1-01) ( #470 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline failed
2026-04-19 23:11:11 +00:00
8aabb8c5b2
docs(mission): author MVP rollup manifest, archive install-ux-v2 ( #469 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-19 22:51:11 +00:00
66512550df
docs(federation): PRD, milestones, mission manifest, and M1 task breakdown ( #468 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-19 22:27:09 +00:00
46dd799548
docs(federation): PRD, milestones, mission manifest, and M1 task breakdown ( #467 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-19 22:09:20 +00:00
5f03c05523
chore(release): @mosaicstack/mosaic 0.0.30 ( #459 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-04-12 02:18:17 +00:00
c3f810bbd1
fix(mosaic): seed TOOLS.md from defaults on install ( #458 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-04-12 02:02:21 +00:00
b2cbf898d7
docs(scratchpad): finalize yolo runtime hotfix evidence ( #456 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
Follow-up to mosaicstack/stack#455 .
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-04-11 17:14:00 +00:00
b2cec8c6ba
fix(mosaic): stop yolo runtime from leaking runtime name as first user message ( #455 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
Fixes mosaicstack/stack#454
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-04-11 16:57:43 +00:00
81c1775a03
chore(release): @mosaicstack/mosaic 0.0.29 ( #453 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
ci/woodpecker/tag/publish Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-04-08 00:42:54 +00:00
f64ec12f39
fix(installer): preserve credentials dir and seed STANDARDS.md ( #452 )
...
ci/woodpecker/push/publish Pipeline failed
ci/woodpecker/push/ci Pipeline failed
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-04-08 00:40:49 +00:00
026382325c
feat(framework): superpowers enforcement, typecheck hook, file-ownership rules ( #451 )
...
ci/woodpecker/manual/ci Pipeline was successful
ci/woodpecker/manual/publish Pipeline was successful
Co-authored-by: Jason Woltje <jason@diversecanvas.com >
Co-committed-by: Jason Woltje <jason@diversecanvas.com >
2026-04-07 00:44:22 +00:00
1bfd8570d6
chore(release): @mosaicstack/mosaic 0.0.28 ( #450 )
2026-04-06 00:46:31 +00:00
312acd8bad
chore: sweep mosaicstack/mosaic-stack → mosaicstack/stack + add short install URL ( #448 )
2026-04-06 00:39:56 +00:00
d08b969918
fix(mosaic): mask password input in TUI login prompt ( #449 )
2026-04-06 00:33:54 +00:00
051de0d8a9
docs: update README for mosaicstack/stack repo rename ( #447 )
2026-04-06 00:22:20 +00:00
bd76df1a50
feat(mosaic): drill-down main menu + provider-first flow + quick start ( #446 )
2026-04-06 00:15:23 +00:00
62b2ce2da1
docs: orchestrator close-out IUV-M02 ( #445 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-05 23:50:55 +00:00
172bacb30f
feat(mosaic): IUV-M02 — CORS/FQDN UX polish + skill installer rework ( #444 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline failed
2026-04-05 23:44:07 +00:00
43667d7349
docs: orchestrator close-out IUV-M01 — mark tasks done, append session 2 ( #443 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-05 22:40:08 +00:00
783884376c
docs: mark IUV-M01 complete — mosaic-v0.0.26 released ( #436 ) ( #442 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline failed
2026-04-05 22:31:37 +00:00
c08aa6fa46
fix: add vitest.config.ts to eslint allowDefaultProject ( #440 build fix) ( #441 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
ci/woodpecker/tag/publish Pipeline was successful
2026-04-05 22:01:57 +00:00
0ae932ab34
fix: bootstrap hotfix — DTO erasure, wizard failure, port prefill, Pi SDK copy (mosaic-v0.0.26) ( #440 )
ci/woodpecker/push/publish Pipeline failed
ci/woodpecker/push/ci Pipeline was successful
2026-04-05 21:43:30 +00:00
a8cd52e88c
docs: scaffold install-ux-v2 mission ( #439 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-05 21:27:19 +00:00
a4c94d9a90
chore(release): @mosaicstack/mosaic 0.0.25 ( #435 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
ci/woodpecker/tag/publish Pipeline was successful
2026-04-05 20:53:19 +00:00
cee838d22e
docs: close out install-ux-hardening mission ( #434 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-05 19:19:54 +00:00
732f8a49cf
feat: unified first-run flow — merge wizard + gateway install (IUH-M03) ( #433 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline failed
2026-04-05 19:13:02 +00:00
be917e2496
docs: mark IUH-M02 complete, start IUH-M03 ( #432 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-05 18:02:21 +00:00
cd8b1f666d
feat: wizard remediation — password mask, hooks preview, headless (IUH-M02) ( #431 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-05 17:47:53 +00:00
8fa5995bde
docs: scaffold install-ux-hardening mission + archive cli-unification ( #430 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-05 17:15:39 +00:00
25cada7735
feat: mosaic uninstall (IUH-M01) ( #429 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/publish Pipeline was successful
2026-04-05 17:06:21 +00:00
