- Rename clippy.toml field to single-char-binding-names-threshold
- Add placeholder certificates for pm-agent-client doc tests
- Add .cargo/audit.toml to handle upstream security advisories
- Update CI to install Node.js 18 for frontend linting
- Pin all jobs to ubuntu-22.04 runner
- Use curl -sfL with secrets.GITEATOKEN for checkout
- Switch checkout URL to https://gitea-lxc.moon-dragon.us
- Install rustup with --default-toolchain stable --profile minimal
- Add cargo bin to GITHUB_PATH instead of sourcing per-step
- Enforce clippy -D warnings
- Ignore RUSTSEC-2025-0134 in cargo audit
- Pass GITEA_TOKEN via env for release step
- Changed runs-on from 'linux' to 'ubuntu-latest' for all jobs
- Uses ubuntu-latest:docker://ubuntu:24.04 runner label
- Each job runs in a fresh Ubuntu 24.04 container
- Removed all PATH hacks, conditional sudo, and absolute paths
- Ubuntu containers run as root (no sudo needed)
- Standard commands work without PATH modifications
- Added GITHUB_REPOSITORY fallback for checkout
- act_runner host executor doesn't inherit PATH from workflow env or export
- All system commands now use absolute paths: /usr/bin/apt-get, /usr/bin/curl, etc.
- Removed all export PATH lines (were ineffective)
- Fixes 'apt-get: command not found' and 'curl: command not found' errors
- The global env: PATH variable doesn't propagate to act_runner shell scripts
- Added export PATH=... at the start of every run: block
- Fixes 'apt-get: command not found' and 'curl: command not found' errors
- Removed global PATH from env: section (was ineffective)
- Added global PATH env variable with all standard paths
- Fixes apt-get/curl 'command not found' errors in job execution context
- Fixed broken YAML where if: and run: merged on one line
- Cleaned up all per-step PATH exports (now global)
- Some jobs run as root (no sudo needed), others as echo user (sudo required)
- Added SUDO detection: SUDO=; [ 0 -ne 0 ] && SUDO=sudo
- Fixed remaining unfixed apt-get call in build-and-release job
- sudo not available in all execution contexts
- /root/.cache/act/ workspace indicates root user execution
- apt-get works directly without sudo when running as root
- rust-format job failed because curl was not available for checkout
- Added 'Install checkout dependencies' step (curl, ca-certificates) to all jobs
- Fixed duplicate steps block in rust-test job
- Merged build.yml into ci.yml - single source of truth
- Quality gates (format, clippy, test, audit, lint) run on every push/PR/tag
- Build & Release job only runs on v* tag pushes
- Build & Release depends on ALL quality gates passing
- Deleted build.yml - no more split workflow confusion
- Added rustfmt.toml, clippy.toml, eslint.config.js configs
- GITHUB_REPOSITORY may be empty in linux:host mode
- Added REPO fallback to echo/linux_patch_manager
- Added REF_NAME fallback for GITHUB_REF_NAME
- Added HTTP status code check before parsing release JSON
- Debug output for API response
- Need to verify which tokens are available in host execution
- GITHUB_TOKEN may not be injected; GITEA_TOKEN added to systemd env
- Debug output will guide checkout auth fix
- GITHUB_TOKEN may not be injected in linux:host mode
- Use GITEA_TOKEN from runner environment as fallback
- API archive download with Authorization header is proven working
- Added GITEA_TOKEN to act-runner systemd service environment
- git clone with token-in-URL doesn't work for private repos in Gitea
- Use API archive endpoint with Authorization header instead
- curl archive tarball, extract with --strip-components=1
- More reliable than git URL auth for self-hosted runners
- GITHUB_SERVER_URL may point to unreachable external domain
- Use http://192.168.2.189:3000 directly with GITHUB_TOKEN for auth
- Private repos require token-in-URL authentication
- Private repos require authentication for git clone
- Inject GITHUB_TOKEN into clone URL: http://echo:{GITHUB_TOKEN}@host/repo.git
- Kill stuck clone processes on runner before new build
- Docker-in-Docker fails with SIGKILL in LXC (exit 137 after 45s)
- Even --privileged mode doesn't fix DinD in LXC
- Native act_runner binary installed on LXC host with systemd service
- Host is Ubuntu 24.04 with Rust 1.95, Node 18, npm pre-installed
- runs-on: linux maps to linux:host label (direct host execution)
- No GitHub action dependencies (pure shell steps only)
- Change runs-on back to ubuntu-latest (maps to docker://ubuntu:24.04)
- Remove container: directive (label already specifies image)
- Remove sudo (running as root in Ubuntu container)
- Always install Rust (no caching between runs yet)
- Change runs-on from ubuntu-latest to linux (maps to linux:host)
- Remove container: directive that caused SIGKILL on sibling containers
- Run directly on LXC host which is already Ubuntu
- Add sudo for apt-get commands on host
- Check for existing cargo before installing Rust
- Replace actions/checkout with git clone using GITHUB_SERVER_URL
- Remove actions/cache (no cross-run caching for now)
- Consolidate into single job (no artifact passing needed)
- Remove actions/upload-artifact and actions/download-artifact
- Pure shell steps only - no cloning from github.com needed
