392e7553c4
release: bump version to 1.1.9 for non-Ubuntu package fixes
CI/CD Pipeline / Code Format (push) Successful in 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 43s
CI/CD Pipeline / All Unit Tests (push) Successful in 1m12s
CI/CD Pipeline / Security Audit (push) Successful in 4s
CI/CD Pipeline / Enrollment Tests (push) Successful in 1m54s
CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 1m29s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 2m30s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m52s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m46s
CI/CD Pipeline / Build Debian Package (push) Successful in 2m13s
CI/CD Pipeline / Build RPM Package (push) Successful in 4m11s
2026-05-20 02:54:09 +00:00
bcc0d40413
release: bump version to 1.1.8
CI/CD Pipeline / Code Format (push) Successful in 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 43s
CI/CD Pipeline / All Unit Tests (push) Successful in 1m11s
CI/CD Pipeline / Security Audit (push) Successful in 4s
CI/CD Pipeline / Enrollment Tests (push) Successful in 1m55s
CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 1m26s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 2m35s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m50s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m56s
CI/CD Pipeline / Build Debian Package (push) Successful in 2m10s
CI/CD Pipeline / Build RPM Package (push) Successful in 4m17s
2026-05-19 00:34:21 +00:00
74288e1dfc
fix(ci): add cargo clean and artifact removal before packaging; bump to 1.1.7
...
CI/CD Pipeline / Code Format (push) Successful in 1s
CI/CD Pipeline / Clippy Lints (push) Successful in 44s
CI/CD Pipeline / All Unit Tests (push) Successful in 1m12s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Enrollment Tests (push) Successful in 1m56s
CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 1m25s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 2m29s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m50s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m55s
CI/CD Pipeline / Build Debian Package (push) Successful in 2m10s
CI/CD Pipeline / Build RPM Package (push) Successful in 4m15s
- Insert 'Clean previous build artifacts' step (cargo clean + rm old .deb)
before Build Debian package in both build-deb and build-deb-u2204 jobs.
- Bump version to 1.1.7 to ensure a clean build from scratch.
- Update debian/changelog with 1.1.7-1 entry.
2026-05-18 17:18:11 +00:00
fc0b42040e
fix(server): add explicit rustls CryptoProvider initialization for v1.1.6
...
CI/CD Pipeline / Code Format (push) Successful in 1s
CI/CD Pipeline / Clippy Lints (push) Successful in 44s
CI/CD Pipeline / All Unit Tests (push) Successful in 1m14s
CI/CD Pipeline / Security Audit (push) Successful in 4s
CI/CD Pipeline / Enrollment Tests (push) Successful in 1m52s
CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 1m23s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 2m21s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m47s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m57s
CI/CD Pipeline / Build Debian Package (push) Successful in 2m15s
CI/CD Pipeline / Build RPM Package (push) Successful in 4m19s
- Add rustls::crypto::aws_lc_rs::default_provider().install_default()
in main() before any TLS operations to prevent startup panic
- Bump version from 1.1.5 to 1.1.6
- Update debian/changelog with 1.1.6-1 entry
2026-05-18 13:43:34 +00:00
945febbe96
feat(enrollment): add route-based IP selection and fix package versioning for v1.1.5
CI/CD Pipeline / Code Format (push) Failing after 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 44s
CI/CD Pipeline / Enrollment Tests (push) Has been skipped
CI/CD Pipeline / All Unit Tests (push) Successful in 1m12s
CI/CD Pipeline / Build Debian Package (push) Has been skipped
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Has been skipped
CI/CD Pipeline / Build RPM Package (push) Has been skipped
CI/CD Pipeline / Build Alpine Package (push) Has been skipped
CI/CD Pipeline / Build Arch Package (push) Has been skipped
CI/CD Pipeline / Security Audit (push) Successful in 4s
CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 55s
2026-05-18 03:35:46 +00:00
abcc5c5e40
fix: use resolved service name for socket activation detection
CI/CD Pipeline / Code Format (push) Successful in 1s
CI/CD Pipeline / Clippy Lints (push) Successful in 1m11s
CI/CD Pipeline / Unit Tests (push) Successful in 1m29s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Build Arch Package (push) Successful in 1m57s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 1m57s
CI/CD Pipeline / Build Debian Package (push) Successful in 2m23s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m35s
CI/CD Pipeline / Build RPM Package (push) Successful in 3m54s
2026-05-07 01:42:20 +00:00
fb3ba3f2c1
chore: bump to v0.3.10 for CI trigger
CI/CD Pipeline / Code Format (push) Failing after 1s
CI/CD Pipeline / Clippy Lints (push) Successful in 37s
CI/CD Pipeline / Unit Tests (push) Successful in 49s
CI/CD Pipeline / Build Debian Package (push) Has been skipped
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Has been skipped
CI/CD Pipeline / Build RPM Package (push) Has been skipped
CI/CD Pipeline / Build Alpine Package (push) Has been skipped
CI/CD Pipeline / Build Arch Package (push) Has been skipped
CI/CD Pipeline / Security Audit (push) Successful in 4s
2026-05-05 18:11:37 +00:00
4b32db0d26
fix: detect socket activation for service status healthy logic
CI/CD Pipeline / Code Format (push) Failing after 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 38s
CI/CD Pipeline / Unit Tests (push) Successful in 47s
CI/CD Pipeline / Build Debian Package (push) Has been skipped
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Has been skipped
CI/CD Pipeline / Build RPM Package (push) Has been skipped
CI/CD Pipeline / Build Alpine Package (push) Has been skipped
CI/CD Pipeline / Build Arch Package (push) Has been skipped
CI/CD Pipeline / Security Audit (push) Successful in 5s
2026-05-05 16:25:59 +00:00
a7b48a59cc
chore: bump version to 0.3.8 for clean CI build
CI/CD Pipeline / Code Format (push) Successful in 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 44s
CI/CD Pipeline / Unit Tests (push) Successful in 1m12s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 2m0s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m2s
CI/CD Pipeline / Build Debian Package (push) Successful in 1m52s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m12s
CI/CD Pipeline / Build RPM Package (push) Successful in 3m30s
2026-05-05 01:02:05 +00:00
87601fe510
fix: correct debian changelog format (add missing 0.3.5 header)
CI/CD Pipeline / Code Format (push) Successful in 1s
CI/CD Pipeline / Clippy Lints (push) Successful in 50s
CI/CD Pipeline / Unit Tests (push) Successful in 1m9s
CI/CD Pipeline / Security Audit (push) Successful in 4s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m9s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 2m0s
CI/CD Pipeline / Build Debian Package (push) Successful in 1m50s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m19s
CI/CD Pipeline / Build RPM Package (push) Successful in 3m37s
2026-05-05 00:56:01 +00:00
76c26aa379
chore: bump version to 0.3.7 for CI rebuild
CI/CD Pipeline / Code Format (push) Successful in 1s
CI/CD Pipeline / Clippy Lints (push) Successful in 43s
CI/CD Pipeline / Unit Tests (push) Successful in 1m13s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Failing after 2m1s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m4s
CI/CD Pipeline / Build Debian Package (push) Failing after 1m50s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m7s
CI/CD Pipeline / Build RPM Package (push) Successful in 3m24s
2026-05-05 00:23:22 +00:00
8ca616a02c
chore: update debian changelog to v0.3.6
CI/CD Pipeline / Code Format (push) Successful in 1s
CI/CD Pipeline / Clippy Lints (push) Successful in 40s
CI/CD Pipeline / Unit Tests (push) Successful in 47s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Build Debian Package (push) Failing after 1m55s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Failing after 2m5s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m3s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m12s
CI/CD Pipeline / Build RPM Package (push) Successful in 3m40s
2026-05-04 23:57:56 +00:00
6ba708abb1
fix: remove all systemd capability restrictions blocking package management
...
CI/CD Pipeline / Code Format (push) Successful in 1s
CI/CD Pipeline / Clippy Lints (push) Successful in 43s
CI/CD Pipeline / Unit Tests (push) Successful in 57s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m10s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m19s
CI/CD Pipeline / Build RPM Package (push) Successful in 3m2s
CI/CD Pipeline / Build Debian Package (push) Has started running
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Failing after 15m44s
- Remove CapabilityBoundingSet and AmbientCapabilities (apt needs full root capabilities)
- Remove ReadWritePaths (unnecessary without ProtectSystem=strict)
- Fix E2E test: properly FAIL on status=failed package operations
- Fix E2E test: require status=completed for install/update/remove lifecycle
- Update dpkg packaging service file to match configs/
- Bump version to 0.3.5
2026-05-03 04:13:50 +00:00
508037d656
chore: bump version to 0.3.4 for clean CI build
CI/CD Pipeline / Code Format (push) Successful in 3s
CI/CD Pipeline / Unit Tests (push) Has been cancelled
CI/CD Pipeline / Security Audit (push) Has been cancelled
CI/CD Pipeline / Build Debian Package (push) Has been cancelled
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Has been cancelled
CI/CD Pipeline / Build RPM Package (push) Has been cancelled
CI/CD Pipeline / Build Alpine Package (push) Has been cancelled
CI/CD Pipeline / Build Arch Package (push) Has been cancelled
CI/CD Pipeline / Clippy Lints (push) Has been cancelled
2026-05-03 03:11:41 +00:00
157376af7e
chore: bump version to 0.3.3 for dpkg and service fixes
CI/CD Pipeline / Code Format (push) Successful in 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 49s
CI/CD Pipeline / Unit Tests (push) Successful in 57s
CI/CD Pipeline / Security Audit (push) Successful in 4s
CI/CD Pipeline / Build Arch Package (push) Successful in 1m56s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 1m58s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m27s
CI/CD Pipeline / Build RPM Package (push) Successful in 4m2s
CI/CD Pipeline / Build Debian Package (push) Has been cancelled
2026-05-03 02:35:32 +00:00
9e42f32270
fix: remove sudo from apt commands and RestrictSUIDSGID from service
...
CI/CD Pipeline / Code Format (push) Successful in 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 1m17s
CI/CD Pipeline / Unit Tests (push) Successful in 56s
CI/CD Pipeline / Security Audit (push) Successful in 15s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 1m57s
CI/CD Pipeline / Build Arch Package (push) Successful in 1m53s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m17s
CI/CD Pipeline / Build RPM Package (push) Successful in 3m36s
CI/CD Pipeline / Build Debian Package (push) Successful in 2m11s
- Remove sudo from apt command execution (service runs as root)
- Remove RestrictSUIDSGID from systemd service (blocks setuid for apt/dpkg)
- Remove NoNewPrivileges from systemd service (blocks sudo PERM_SUDOERS)
- Bump version to 0.3.2
2026-05-03 02:24:52 +00:00
2b35a143da
fix: implement actual system reboot via shutdown/systemctl commands
...
CI/CD Pipeline / Code Format (push) Successful in 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 40s
CI/CD Pipeline / Unit Tests (push) Successful in 1m27s
CI/CD Pipeline / Security Audit (push) Successful in 4s
CI/CD Pipeline / Build Arch Package (push) Successful in 1m56s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 2m32s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m25s
CI/CD Pipeline / Build RPM Package (push) Successful in 3m44s
CI/CD Pipeline / Build Debian Package (push) Successful in 3m0s
- Fix reboot_system() to use shutdown -r +N for delayed reboots
- Fix patches handler to call reboot_system() instead of just logging
- Add CAP_SYS_BOOT capability to systemd service for LXC reboot support
- Remove unused warn import from packages/mod.rs
- Bump version to 0.3.1
2026-05-03 01:37:22 +00:00
6f75ec4865
chore: bump version to 0.3.0 for beta release
CI/CD Pipeline / Code Format (push) Successful in 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 1m9s
CI/CD Pipeline / Unit Tests (push) Failing after 17s
CI/CD Pipeline / Build Debian Package (push) Has been skipped
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Has been skipped
CI/CD Pipeline / Build RPM Package (push) Has been skipped
CI/CD Pipeline / Build Alpine Package (push) Has been skipped
CI/CD Pipeline / Build Arch Package (push) Has been skipped
CI/CD Pipeline / Security Audit (push) Failing after 9s
2026-05-03 00:55:27 +00:00
65cfb40abb
v1.0.0 Release - All Phases Complete
...
CI/CD Pipeline / Code Format (push) Has been cancelled
CI/CD Pipeline / Clippy Lints (push) Has been cancelled
CI/CD Pipeline / Unit Tests (push) Has been cancelled
CI/CD Pipeline / Security Audit (push) Has been cancelled
CI/CD Pipeline / Build Release (x86_64-unknown-linux-gnu) (push) Has been cancelled
CI/CD Pipeline / Build Ubuntu Package (push) Has been cancelled
Phase 2: Core API Development
- 15 REST API endpoints (packages, patches, system, jobs, websocket)
- mTLS authentication layer (src/auth/mtls.rs)
- IP whitelist enforcement (src/auth/whitelist.rs)
- Job manager with async operation support
- WebSocket streaming for job status
Phase 3: Security Hardening
- Security testing: 16/16 tests passing
- Fuzz testing: 21 tests, all findings resolved
- Threat model validation (STRIDE matrix)
- TLS binding fix (critical vulnerability resolved)
- Security documentation complete
Phase 4: Production Readiness
- Performance benchmarking (all targets met)
- Package creation (.deb/.rpm structures)
- Documentation (README, API docs, deployment guide)
- Security hardening (6 vulnerabilities fixed)
Deliverables:
- API_DOCUMENTATION.md (889 lines)
- DEPLOYMENT_GUIDE.md (733 lines)
- SECURITY.md (346 lines)
- README.md (525 lines)
- debian/ package structure
- linux-patch-api.spec (RPM)
- install.sh installer script
- benches/api_benchmarks.rs
- Multiple security/performance reports
Security Status: 0 vulnerabilities remaining
Test Coverage: 31 unit tests, 21 integration tests
Build Status: Release optimized
2026-04-10 01:41:19 +00:00
