jarvis/dd0c
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43 Commits 1 Branch 0 Tags
bdaa732ce1360f85f38bd2028abcb4ce574953a1
Commit Graph

18 Commits

Author SHA1 Message Date
Max Mayfield
bdaa732ce1 Implement TODO stubs: webhook secret lookup, alert→incident wiring, catalog upsert/stage 
- P3: getWebhookSecret() now queries DB; ingestAlert() creates/attaches incidents, auto-resolves on resolved status
- P4: stageUpdates() writes to staged_updates table; upsertService() with ON CONFLICT; getService/updateOwner implemented
 2026-03-01 03:18:05 +00:00
Max Mayfield
2c112b2fb1 Add vitest configs for P2-P6 2026-03-01 03:16:58 +00:00
Max Mayfield
2ceeac1a11 Add P2 SaaS CI, P4 scheduled discovery, P6 agent bridge (Redis pub/sub), Caddyfile 
- P2: Gitea Actions CI for SaaS backend (separate from Go agent CI)
- P4: ScheduledDiscovery with Redis distributed lock to prevent concurrent scans
- P6: AgentBridge — Redis pub/sub for SaaS↔agent communication (approvals + step results)
- Caddyfile: self-hosted reverse proxy with auto-TLS for all 6 products
 2026-03-01 03:16:33 +00:00
Max Mayfield
bbbea3519e Add unit tests for P2 SaaS, P3 notifications, P4 search, P5 ingestion, P6 API 
- P2: nonce validation, severity levels, RLS withTenant
- P3: notification dispatcher severity gating, Slack Block Kit emoji mapping
- P4: Meilisearch fallback, service CRUD validation, staged update actions
- P5: cost ingestion validation, snooze range, optimistic locking
- P6: runbook API validation, approval decisions, execution status machine, Slack signature
 2026-03-01 03:15:31 +00:00
Max Mayfield
3326d9a714 Add .gitignore files for P2-P6 2026-03-01 03:14:37 +00:00
Max Mayfield
f2e0a32cc7 Wire auth middleware into all products, add docker-compose and init-db script 
- Auth middleware (JWT + API key + RBAC) copied into P3/P4/P5/P6
- All server entry points now register auth hooks + auth routes
- Webhook and Slack endpoints skip JWT auth (use HMAC/signature)
- docker-compose.yml: shared Postgres + Redis + Meilisearch, all 4 Node products as services
- init-db.sh: creates per-product databases and runs migrations
- P1 (Rust) and P2 (Go agent) run standalone, not in compose
 2026-03-01 03:10:35 +00:00
Max Mayfield
2bbaa1efde Add missing configs: CI workflows, tsconfigs, data layers for P4/P5/P6 2026-03-01 03:07:33 +00:00
Max Mayfield
a17527dfa4 Flesh out dd0c/portal: service CRUD, discovery API, Meilisearch search, data layer 
- Service API: list (filtered by type/owner/lifecycle/tier), detail, upsert, delete, ownership summary
- Discovery API: trigger AWS/GitHub scans, scan history, staged update review (apply/reject)
- Search: Meilisearch full-text with PG ILIKE fallback, reindex endpoint
- Data layer: withTenant() RLS wrapper, Zod config with MEILI_URL/MEILI_KEY
- Fastify server entry point
 2026-03-01 03:05:55 +00:00
Max Mayfield
23db74b306 Scaffold dd0c/portal: AWS+GitHub discovery, catalog service, ownership resolution 
- AWS scanner: ECS/Lambda/RDS discovery with partial failure handling
- GitHub scanner: CODEOWNERS parsing, commit-based heuristic ownership, rate limit resilience
- Catalog service: ownership resolution (config > codeowners > aws-tag > heuristic), staged updates for partial scans
- Ownership tests: 6 cases covering full priority chain
- PostgreSQL schema with RLS: services, staged_updates, scan_history, free tier (50 services)
- Fly.io config, Dockerfile
 2026-03-01 02:51:02 +00:00
Max Mayfield
72a0f26a7b Add BMad review epic addendums for all 6 products 
Per-product surgical additions to existing epics (not cross-cutting):
- P1 route: 8pts (key redaction, SSE billing, token math, CI runner)
- P2 drift: 12pts (mTLS revocation, state lock recovery, pgmq visibility, RLS leak, entropy scrubber)
- P3 alert: 10pts (HMAC replay, claim-check, out-of-order correlation, free tier, tenant isolation)
- P4 portal: 9pts (partial scan recovery, ownership conflicts, Meilisearch rebuild, VCR freshness, free tier)
- P5 cost: 7pts (concurrent baselines, remediation RBAC, Clock interface, property tests, Redis fallback)
- P6 run: 15pts (shell AST parsing, canary suite, intervention TTL, streaming audit, crypto signatures)

Total: 61 story points across 30 new stories
 2026-03-01 02:27:55 +00:00
Max Mayfield
d038cd9c5c Implement BMad Must-Have Before Launch fixes for all 6 products 
P1: API key redaction, SSE billing leak, token math edge cases, CI runner config
P2: mTLS revocation lockout, terraform state lock recovery, RLS pool leak, entropy scrubber, pgmq visibility
P3: HMAC replay prevention, cross-tenant negative tests, correlation window edge cases, SQS claim-check, free tier
P4: Discovery partial failure recovery, ownership conflict integration test, VCR freshness CI, Meilisearch rebuild, Cmd+K latency
P5: Concurrent baseline conflicts, remediation RBAC, Clock interface for governance, 10K property-based runs, Redis panic fallback
P6: Cryptographic agent update signatures, streaming audit logs with WAL, shell AST parsing (mvdan/sh), intervention deadlock TTL, canary suite CI gate
 2026-03-01 02:14:04 +00:00
Max Mayfield
9cc5aeaa03 BMad code reviews for P4 (portal) and P5 (cost) — manual 
P4: Discovery reliability flagged as existential risk, VCR cassette staleness,
    ownership conflict race condition, Step Functions→cron gap
P5: Concurrent baseline update risk, remediation RBAC gap, pricing staleness,
    property-based tests need 10K runs, Clock interface needed for governance
 2026-03-01 02:06:06 +00:00
Max Mayfield
b7cce013ed Phase 3: BDD acceptance specs for P4 (portal) — partial 
P4: 1,177 lines (subagent still running, may have more output pending)
All 6 products now have acceptance specs committed.
 2026-03-01 02:01:04 +00:00
Max Mayfield
c3bafa238a Add dual-mode deployment addendums for all 6 products 
P1 route: 16 pts (template, full docker-compose + install script)
P2 drift: 17 pts (pgmq, local CA for mTLS)
P3 alert: 19 pts (Lambda→Fastify, DynamoDB→PG JSONB)
P4 portal: 18 pts (Step Functions→cron, Aurora→PG+pgvector)
P5 cost: 19 pts (EventBridge→agent/polling, DynamoDB→PG JSONB)
P6 run: 15 pts (easiest — already PG-native, no AWS deps in core)

Total self-hosted effort: ~104 story points across all 6 products
 2026-03-01 02:00:00 +00:00
Max Mayfield
03bfe931fc Implement review remediation + PLG analytics SDK 
- All 6 test architectures patched with Section 11 addendums
- P5 (cost) fully rewritten from 232 to ~600 lines
- PLG brainstorm + party mode advisory board results
- Analytics SDK v2 (PostHog Cloud, Zod strict, Lambda-safe)
- Analytics tests v2 (safeParse, no , no timestamp, no PII)
- Addresses all Gemini review findings across P1-P6
 2026-03-01 01:42:49 +00:00
Max Mayfield
2fe0ed856e Add Gemini TDD reviews for all 6 products 
P1, P2, P3, P4, P6 reviewed by Gemini subagents.
P5 reviewed manually (Gemini credential errors).
All reviews flag coverage gaps, anti-patterns, and Transparent Factory tenet gaps.
 2026-03-01 00:29:24 +00:00
Max Mayfield
1101fef096 Update test architectures for P3, P4, P5 2026-02-28 23:33:07 +00:00
Max Mayfield
5ee95d8b13 dd0c: full product research pipeline - 6 products, 8 phases each 
Products: route, drift, alert, portal, cost, run
Phases: brainstorm, design-thinking, innovation-strategy, party-mode,
        product-brief, architecture, epics (incl. Epic 10 TF compliance),
        test-architecture (TDD strategy)

Brand strategy and market research included.
 2026-02-28 17:35:02 +00:00