27a89ee2b7
Trigger CI with tsc fix
CI — P2 Drift (Go + Node) / agent (push) Failing after 3s
CI — P2 Drift (Go + Node) / saas (push) Successful in 29s
CI — P3 Alert / test (push) Successful in 40s
CI — P4 Portal / test (push) Successful in 32s
CI — P6 Run / saas (push) Successful in 30s
CI — P5 Cost / test (push) Successful in 46s
2026-03-01 06:56:00 +00:00
3e68e8871d
Trigger CI for P2-SaaS, P4, P5, P6
CI — P2 Drift (Go + Node) / agent (push) Failing after 1s
CI — P4 Portal / test (push) Failing after 17s
CI — P5 Cost / test (push) Failing after 15s
CI — P6 Run / saas (push) Failing after 15s
CI — P2 Drift (Go + Node) / saas (push) Successful in 43s
2026-03-01 06:52:14 +00:00
68140881e0
Trigger CI for P3-P6 Node products
CI — P3 Alert / test (push) Failing after 15s
CI — P4 Portal / test (push) Failing after 19s
CI — P5 Cost / test (push) Failing after 17s
CI — P6 Run / saas (push) Failing after 18s
2026-03-01 06:43:58 +00:00
4146f1c4d0
Fix TypeScript compilation errors across P3-P6
...
- jwt.sign: explicit SignOptions cast for expiresIn (all 4 products)
- ioredis: use named import { Redis } instead of default (P4, P6)
- P4 catalog/service: fix import paths for aws-scanner and github-scanner
- P4 discovery: pass pool to ScheduledDiscovery constructor
- P6 agent-bridge: add explicit types for Redis message callback params
- All 4 Node products now compile cleanly with tsc --noEmit
2026-03-01 06:06:31 +00:00
6cd8c49881
Implement P4 scheduled discovery: wire AWS/GitHub scanners to catalog service
...
- ScheduledDiscovery now instantiates real scanners and merges results via CatalogService
- Records scan history (start/complete/errors) in scan_history table
- Partial scan failures stage results instead of overwriting catalog
2026-03-01 04:16:01 +00:00
b10e88e14d
Implement staged update merge into services table (P4 discovery)
2026-03-01 04:13:39 +00:00
12ca955de5
Build dd0c marketing site: Astro + Tailwind, homepage + 6 product landing pages
...
- Homepage: hero with terminal mock, product grid, how-it-works, pricing (free/pro/self-hosted), CTA
- Product pages: route, drift, alert, portal, cost, run — each with features, install snippets, comparison tables
- Dark theme matching dd0c brand (indigo primary, cyan accent, dark surfaces)
- Astro static output for Cloudflare Pages deployment
- SEO: OG tags, meta descriptions, semantic HTML
2026-03-01 04:12:37 +00:00
eec1df4c69
Implement P4 AWS scanner: ECS/Lambda/RDS discovery with tag-based ownership
...
- ECS: list clusters → list services → describe → extract tags, capture task def + counts
- Lambda: paginated list functions → list tags, capture runtime/memory/timeout
- RDS: describe instances → list tags, capture engine/class/storage/multi-AZ
- Owner resolution from aws tags (owner/team/Owner/Team)
- Partial failure handling preserved (per-service try/catch)
2026-03-01 03:19:56 +00:00
5ee869b9d8
Implement auth: login/signup (scrypt), API key generation, shared migration
...
- Login: email + password lookup, scrypt verify, JWT token
- Signup: create tenant + owner user in transaction, slug generation
- API key: dd0c_ prefix, SHA-256 hash (not bcrypt — faster for API key lookups), prefix index
- Scrypt over bcrypt: zero native deps, Node.js built-in crypto
- Auth routes skip JWT middleware (login/signup are public)
- 002_auth.sql: users + api_keys tables with RLS, copied to all products
- Synced auth middleware to P3/P4/P5/P6
2026-03-01 03:19:18 +00:00
bdaa732ce1
Implement TODO stubs: webhook secret lookup, alert→incident wiring, catalog upsert/stage
...
- P3: getWebhookSecret() now queries DB; ingestAlert() creates/attaches incidents, auto-resolves on resolved status
- P4: stageUpdates() writes to staged_updates table; upsertService() with ON CONFLICT; getService/updateOwner implemented
2026-03-01 03:18:05 +00:00
2ceeac1a11
Add P2 SaaS CI, P4 scheduled discovery, P6 agent bridge (Redis pub/sub), Caddyfile
...
- P2: Gitea Actions CI for SaaS backend (separate from Go agent CI)
- P4: ScheduledDiscovery with Redis distributed lock to prevent concurrent scans
- P6: AgentBridge — Redis pub/sub for SaaS↔agent communication (approvals + step results)
- Caddyfile: self-hosted reverse proxy with auto-TLS for all 6 products
2026-03-01 03:16:33 +00:00
f2e0a32cc7
Wire auth middleware into all products, add docker-compose and init-db script
...
- Auth middleware (JWT + API key + RBAC) copied into P3/P4/P5/P6
- All server entry points now register auth hooks + auth routes
- Webhook and Slack endpoints skip JWT auth (use HMAC/signature)
- docker-compose.yml: shared Postgres + Redis + Meilisearch, all 4 Node products as services
- init-db.sh: creates per-product databases and runs migrations
- P1 (Rust) and P2 (Go agent) run standalone, not in compose
2026-03-01 03:10:35 +00:00
a17527dfa4
Flesh out dd0c/portal: service CRUD, discovery API, Meilisearch search, data layer
...
- Service API: list (filtered by type/owner/lifecycle/tier), detail, upsert, delete, ownership summary
- Discovery API: trigger AWS/GitHub scans, scan history, staged update review (apply/reject)
- Search: Meilisearch full-text with PG ILIKE fallback, reindex endpoint
- Data layer: withTenant() RLS wrapper, Zod config with MEILI_URL/MEILI_KEY
- Fastify server entry point
2026-03-01 03:05:55 +00:00
23db74b306
Scaffold dd0c/portal: AWS+GitHub discovery, catalog service, ownership resolution
...
- AWS scanner: ECS/Lambda/RDS discovery with partial failure handling
- GitHub scanner: CODEOWNERS parsing, commit-based heuristic ownership, rate limit resilience
- Catalog service: ownership resolution (config > codeowners > aws-tag > heuristic), staged updates for partial scans
- Ownership tests: 6 cases covering full priority chain
- PostgreSQL schema with RLS: services, staged_updates, scan_history, free tier (50 services)
- Fly.io config, Dockerfile
2026-03-01 02:51:02 +00:00
