sneak/upaas
1
0
Fork 0
Code Issues 9 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity
165 Commits 24 Branches 1 Tag
43cde0eefd8ecc7fd95478971c184d2851b77df1
Commit Graph

9 Commits

Author SHA1 Message Date
user
43a0cbac70 fix: use pre-built golangci-lint binary instead of go install
All checks were successful
Check / check (pull_request) Successful in 13m22s
Details 
go install fails in alpine Docker builder because the linker (ld) is not
available. Download the official pre-built binary with SHA256 verification
instead. Supports both amd64 and arm64 architectures.

Fixes #126
 2026-02-26 02:17:54 -08:00
user
91d6da0796 fix: move inline comments above FROM lines (fixes docker build)
All checks were successful
Check / check (pull_request) Successful in 11m20s
Details 
Docker does not support inline comments on FROM lines. Move the
human-readable image tag comments to their own line above each FROM.

Fixes broken docker build on PR #126 and main.
 2026-02-26 02:06:11 -08:00
user
0ed2d02dfe fix: pin all external refs to cryptographic identity (closes #118)
All checks were successful
Check / check (pull_request) Successful in 11m41s
Details 
- Pin Docker base images to sha256 digests (golang, alpine)
- Pin go install commands to commit SHAs (not version tags)
  - golangci-lint: 5d1e709b7be35cb2025444e19de266b056b7b7ee (v2.10.1)
  - goimports: 009367f5c17a8d4c45a961a3a509277190a9a6f0 (v0.42.0)
- CI workflow was already correctly pinned to commit SHAs

All references now use cryptographic identity, eliminating RCE risk
from mutable tags.
 2026-02-21 00:50:44 -08:00
sneak
cc6dee9fd8 Install golangci-lint v2 in Docker build 2025-12-29 16:29:16 +07:00
sneak
3eb15839c8 Use Go 1.25 (latest stable release) 2025-12-29 16:23:57 +07:00
sneak
e59b3a0ee4 Update to Go 1.24 for golang.org/x/tools compatibility 2025-12-29 16:21:46 +07:00
sneak
219a561473 Use PORT instead of UPAAS_PORT for listen port 2025-12-29 16:15:05 +07:00
sneak
dce898bbdb Auto-generate and persist session secret on first startup 
- Generate random 32-byte session secret if not set via env var
- Persist to $UPAAS_DATA_DIR/session.key for container restarts
- Load existing secret from file on subsequent startups
- Change container data directory to /var/lib/upaas
 2025-12-29 16:12:30 +07:00
sneak
3f9d83c436 Initial commit with server startup infrastructure 
Core infrastructure:
- Uber fx dependency injection
- Chi router with middleware stack
- SQLite database with embedded migrations
- Embedded templates and static assets
- Structured logging with slog

Features implemented:
- Authentication (login, logout, session management, argon2id hashing)
- App management (create, edit, delete, list)
- Deployment pipeline (clone, build, deploy, health check)
- Webhook processing for Gitea
- Notifications (ntfy, Slack)
- Environment variables, labels, volumes per app
- SSH key generation for deploy keys

Server startup:
- Server.Run() starts HTTP server on configured port
- Server.Shutdown() for graceful shutdown
- SetupRoutes() wires all handlers with chi router
 2025-12-29 15:46:03 +07:00