chore: release v0.4.1

Removed all Gitea-related files and references:
- Deleted .gitea/workflows directory (ai-review, ci, e2e, release)
- Removed gitea MCP server from .mcp.json
- Updated CLAUDE.md to list GitHub instead of Gitea
- Updated CHANGELOG.md to remove Gitea migration note

All CI/CD now runs exclusively through GitHub Actions.

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>

.gitea/workflows/ai-review.yaml

@@ -1,36 +0,0 @@
-name: AI Code Review
-
-on:
-  pull_request:
-    branches:
-      - main
-
-jobs:
-  ai-review:
-    name: AI Code Review
-    runs-on: ubuntu-latest
-    container:
-      image: catthehacker/ubuntu:act-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: AI Review
-        uses: Nikita-Filonov/ai-review@v0.56.0
-        with:
-          review-command: run
-        env:
-          LLM__PROVIDER: "OPENAI"
-          LLM__META__MODEL: ${{ vars.AI_REVIEW_MODEL }}
-          LLM__META__MAX_TOKENS: "15000"
-          LLM__META__TEMPERATURE: "0.3"
-          LLM__HTTP_CLIENT__API_URL: "https://api.openai.com/v1"
-          LLM__HTTP_CLIENT__API_TOKEN: ${{ secrets.OPENAI_API_KEY }}
-          VCS__PROVIDER: "GITEA"
-          VCS__PIPELINE__OWNER: ${{ github.repository_owner }}
-          VCS__PIPELINE__REPO: ${{ github.event.repository.name }}
-          VCS__PIPELINE__PULL_NUMBER: ${{ github.event.pull_request.number }}
-          VCS__HTTP_CLIENT__API_URL: ${{ github.server_url }}/api/v1
-          VCS__HTTP_CLIENT__API_TOKEN: ${{ secrets.AI_REVIEW_GITEA_TOKEN }}

.gitea/workflows/ci.yaml

@@ -1,30 +0,0 @@
-name: CI
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-    container: node:20
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Install dependencies
-        run: npm ci
-
-      - name: Build
-        run: npx @kinvolk/headlamp-plugin build
-
-      - name: Lint
-        run: npx eslint --ext .ts,.tsx src/
-
-      - name: Type-check
-        run: npx tsc --noEmit
-
-      - name: Format check
-        run: npx prettier --check src/

.gitea/workflows/e2e.yaml

@@ -1,28 +0,0 @@
-name: E2E
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-
-jobs:
-  e2e:
-    runs-on: ubuntu-latest
-    container: node:20
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Install dependencies
-        run: npm ci
-
-      - name: Install Chromium
-        run: npx playwright install --with-deps chromium
-
-      - name: Run E2E smoke tests
-        env:
-          HEADLAMP_URL: https://headlamp.animaniacs.farh.net
-          AUTHENTIK_USERNAME: ${{ secrets.AUTHENTIK_USERNAME }}
-          AUTHENTIK_PASSWORD: ${{ secrets.AUTHENTIK_PASSWORD }}
-        run: npx playwright test

.gitea/workflows/release.yaml

@@ -1,173 +0,0 @@
-name: Release
-
-on:
-  push:
-    tags:
-      - 'v*'
-
-jobs:
-  release:
-    runs-on: ubuntu-latest
-    container: node:20
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Check if release is already finalized
-        run: |
-          VERSION=${GITHUB_REF_NAME#v}
-          TARBALL_URL="https://github.com/privilegedescalation/headlamp-polaris-plugin/releases/download/${GITHUB_REF_NAME}/headlamp-polaris-plugin-${VERSION}.tar.gz"
-          HTTP_CODE=$(curl -sL -o /tmp/release.tar.gz -w "%{http_code}" "$TARBALL_URL" 2>/dev/null)
-          if [ "$HTTP_CODE" = "200" ]; then
-            ACTUAL="sha256:$(sha256sum /tmp/release.tar.gz | awk '{print $1}')"
-            EXPECTED=$(grep 'archive-checksum' artifacthub-pkg.yml | awk '{print $2}')
-            echo "Release tarball checksum: $ACTUAL"
-            echo "Metadata checksum:        $EXPECTED"
-            if [ "$ACTUAL" = "$EXPECTED" ]; then
-              echo "SKIP_BUILD=true" >> $GITHUB_ENV
-              echo "Checksums match - release is finalized, nothing to do"
-            fi
-          else
-            echo "No existing release (HTTP $HTTP_CODE) - will build"
-          fi
-          rm -f /tmp/release.tar.gz
-
-      - name: Install dependencies
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          npm ci
-
-      - name: Build plugin
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          npx @kinvolk/headlamp-plugin build
-
-      - name: Package tarball
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          npx @kinvolk/headlamp-plugin package
-
-      - name: Compute tarball checksum
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          TARBALL=$(ls *.tar.gz)
-          CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}')
-          echo "TARBALL=$TARBALL" >> $GITHUB_ENV
-          echo "CHECKSUM=$CHECKSUM" >> $GITHUB_ENV
-          echo "Tarball: $TARBALL"
-          echo "Checksum: sha256:$CHECKSUM"
-
-      - name: Install Docker CLI
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          apt-get update && apt-get install -y docker.io
-
-      - name: Build and push Docker image
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          docker build -t git.farh.net/${{ github.repository }}:${{ github.ref_name }} -t git.farh.net/${{ github.repository }}:latest .
-          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin
-          docker push git.farh.net/${{ github.repository }}:${{ github.ref_name }}
-          docker push git.farh.net/${{ github.repository }}:latest
-
-      - name: Create Gitea release
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          API_URL="${GITHUB_SERVER_URL}/api/v1/repos/${GITHUB_REPOSITORY}"
-          # Create release (or get existing)
-          RELEASE=$(curl -s -X POST \
-            -H "Authorization: token ${{ github.token }}" \
-            -H "Content-Type: application/json" \
-            "${API_URL}/releases" \
-            -d "{\"tag_name\":\"${GITHUB_REF_NAME}\",\"name\":\"${GITHUB_REF_NAME}\"}")
-          RELEASE_ID=$(echo "$RELEASE" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))")
-          if [ "$RELEASE_ID" = "undefined" ]; then
-            RELEASE=$(curl -sf \
-              -H "Authorization: token ${{ github.token }}" \
-              "${API_URL}/releases/tags/${GITHUB_REF_NAME}")
-            RELEASE_ID=$(echo "$RELEASE" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))")
-          fi
-          echo "Gitea Release ID: $RELEASE_ID"
-          # Delete existing assets
-          ASSETS=$(curl -sf \
-            -H "Authorization: token ${{ github.token }}" \
-            "${API_URL}/releases/${RELEASE_ID}/assets")
-          echo "$ASSETS" | node -e "
-            process.stdin.resume();let d='';
-            process.stdin.on('data',c=>d+=c);
-            process.stdin.on('end',()=>{
-              JSON.parse(d).forEach(a=>console.log(a.id));
-            })" | while read -r ASSET_ID; do
-            curl -sf -X DELETE \
-              -H "Authorization: token ${{ github.token }}" \
-              "${API_URL}/releases/${RELEASE_ID}/assets/${ASSET_ID}"
-          done
-          # Upload tarball
-          curl -sf -X POST \
-            -H "Authorization: token ${{ github.token }}" \
-            -F "attachment=@${TARBALL}" \
-            "${API_URL}/releases/${RELEASE_ID}/assets?name=${TARBALL}"
-          echo "Gitea release updated"
-
-      - name: Create GitHub release
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          # GitHub API to create/update release
-          GITHUB_API="https://api.github.com/repos/privilegedescalation/headlamp-polaris-plugin"
-          # Check if release exists
-          RELEASE_DATA=$(curl -sf \
-            -H "Authorization: token ${{ secrets.GH_TOKEN }}" \
-            "${GITHUB_API}/releases/tags/${GITHUB_REF_NAME}" || echo "{}")
-          RELEASE_ID=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id||''))")
-
-          if [ -z "$RELEASE_ID" ]; then
-            # Create new release
-            RELEASE_DATA=$(curl -sf -X POST \
-              -H "Authorization: token ${{ secrets.GH_TOKEN }}" \
-              -H "Content-Type: application/json" \
-              "${GITHUB_API}/releases" \
-              -d "{\"tag_name\":\"${GITHUB_REF_NAME}\",\"name\":\"${GITHUB_REF_NAME}\",\"draft\":false,\"prerelease\":false}")
-            RELEASE_ID=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))")
-          fi
-
-          echo "GitHub Release ID: $RELEASE_ID"
-          # Upload tarball to GitHub
-          UPLOAD_URL=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>{const r=JSON.parse(d);console.log(r.upload_url||'https://uploads.github.com/repos/privilegedescalation/headlamp-polaris-plugin/releases/${RELEASE_ID}/assets')})" | sed 's/{.*}//')
-          curl -sf -X POST \
-            -H "Authorization: token ${{ secrets.GH_TOKEN }}" \
-            -H "Content-Type: application/gzip" \
-            --data-binary "@${TARBALL}" \
-            "${UPLOAD_URL}?name=${TARBALL}"
-          echo "GitHub release updated"
-
-      - name: Update metadata and align tag
-        run: |
-          [ "$SKIP_BUILD" = "true" ] && exit 0
-          VERSION=${GITHUB_REF_NAME#v}
-          git config user.name "gitea-actions[bot]"
-          git config user.email "gitea-actions[bot]@git.farh.net"
-          # Determine which Gitea branch to update based on version suffix
-          if [[ "$VERSION" == *"-dev."* ]]; then
-            GITEA_BRANCH="dev"
-          else
-            GITEA_BRANCH="main"
-          fi
-          git fetch origin ${GITEA_BRANCH}
-          git checkout origin/${GITEA_BRANCH} -B temp-update
-          sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml
-          sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"https://github.com/privilegedescalation/headlamp-polaris-plugin/releases/download/${GITHUB_REF_NAME}/headlamp-polaris-plugin-${VERSION}.tar.gz\"|" artifacthub-pkg.yml
-          sed -i "s|^version:.*|version: ${VERSION}|" artifacthub-pkg.yml
-          git add artifacthub-pkg.yml
-          git diff --cached --quiet || {
-            git commit -m "ci: update artifact hub metadata for ${GITHUB_REF_NAME}"
-            git push origin temp-update:${GITEA_BRANCH}
-          }
-          # Force-move tag to the commit with correct checksum.
-          # This triggers a new CI run, but the guard step will detect
-          # that the release checksum already matches and skip the build.
-          git tag -f ${GITHUB_REF_NAME}
-          git push -f origin ${GITHUB_REF_NAME}
-          echo "Tag ${GITHUB_REF_NAME} aligned with updated metadata"
-          echo "Note: GitHub sync handled by Gitea mirror configuration"

.github/workflows/ci.yaml

@@ -8,7 +8,7 @@ on:
 
 jobs:
   lint-and-test:
-    runs-on: ubuntu-latest
+    runs-on: local-ubuntu-latest
     timeout-minutes: 10
 
     steps:

.github/workflows/release.yaml

@@ -1,129 +1,111 @@
 name: Release
 
 on:
-  push:
-    tags:
-      - 'v*'
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Version to release (without v prefix, e.g., 0.4.0)'
+        required: true
+        type: string
 
 jobs:
   release:
-    runs-on: ubuntu-latest
+    runs-on: local-ubuntu-latest
     permissions:
       contents: write
-      packages: write
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          token: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Check if release is already finalized
+      - name: Validate version format
         run: |
-          VERSION=${GITHUB_REF_NAME#v}
-          TARBALL_URL="https://github.com/${{ github.repository }}/releases/download/${GITHUB_REF_NAME}/polaris-${VERSION}.tar.gz"
-          HTTP_CODE=$(curl -sL -o /tmp/release.tar.gz -w "%{http_code}" "$TARBALL_URL" 2>/dev/null)
-          if [ "$HTTP_CODE" = "200" ]; then
-            ACTUAL="sha256:$(sha256sum /tmp/release.tar.gz | awk '{print $1}')"
-            EXPECTED=$(grep 'archive-checksum' artifacthub-pkg.yml | awk '{print $2}')
-            echo "Release tarball checksum: $ACTUAL"
-            echo "Metadata checksum:        $EXPECTED"
-            if [ "$ACTUAL" = "$EXPECTED" ]; then
-              echo "SKIP_BUILD=true" >> $GITHUB_ENV
-              echo "Checksums match - release is finalized, nothing to do"
-            fi
-          else
-            echo "No existing release (HTTP $HTTP_CODE) - will build"
-          fi
-          rm -f /tmp/release.tar.gz
-
-      - name: Setup Node.js
-        if: env.SKIP_BUILD != 'true'
-        uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-
-      - name: Install dependencies
-        if: env.SKIP_BUILD != 'true'
-        run: npm ci
-
-      - name: Build plugin
-        if: env.SKIP_BUILD != 'true'
-        run: npx @kinvolk/headlamp-plugin build
-
-      - name: Package tarball
-        if: env.SKIP_BUILD != 'true'
-        run: npx @kinvolk/headlamp-plugin package
-
-      - name: Validate tarball name matches package.json
-        if: env.SKIP_BUILD != 'true'
-        run: |
-          PACKAGE_NAME=$(jq -r '.name' package.json)
-          VERSION=${GITHUB_REF_NAME#v}
-          EXPECTED_TARBALL="${PACKAGE_NAME}-${VERSION}.tar.gz"
-          ACTUAL_TARBALL=$(ls *.tar.gz)
-
-          if [ "$EXPECTED_TARBALL" != "$ACTUAL_TARBALL" ]; then
-            echo "::error::Tarball name mismatch!"
-            echo "Expected: $EXPECTED_TARBALL"
-            echo "Actual:   $ACTUAL_TARBALL"
-            echo "Update workflow to use correct tarball name pattern"
+          if ! echo "${{ inputs.version }}" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+$'; then
+            echo "::error::Version must be in format X.Y.Z (e.g., 0.4.0)"
             exit 1
           fi
-          echo "✓ Tarball name validation passed: $ACTUAL_TARBALL"
 
-      - name: Compute tarball checksum
-        if: env.SKIP_BUILD != 'true'
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Configure git
         run: |
-          TARBALL=$(ls *.tar.gz)
-          CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}')
-          echo "TARBALL=$TARBALL" >> $GITHUB_ENV
-          echo "CHECKSUM=$CHECKSUM" >> $GITHUB_ENV
-          echo "Tarball: $TARBALL"
-          echo "Checksum: sha256:$CHECKSUM"
-
-      - name: Create draft release and upload tarball
-        if: env.SKIP_BUILD != 'true'
-        uses: softprops/action-gh-release@v2
-        with:
-          files: ${{ env.TARBALL }}
-          fail_on_unmatched_files: true
-          draft: true
-          prerelease: false
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Publish release
-        if: env.SKIP_BUILD != 'true'
-        uses: softprops/action-gh-release@v2
-        with:
-          draft: false
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Update metadata and align tag
-        if: env.SKIP_BUILD != 'true'
-        run: |
-          VERSION=${GITHUB_REF_NAME#v}
           git config user.name "github-actions[bot]"
           git config user.email "github-actions[bot]@users.noreply.github.com"
 
-          # Update metadata
-          git fetch origin main
-          git checkout origin/main -B temp-update
-          sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml
-          sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"https://github.com/${{ github.repository }}/releases/download/${GITHUB_REF_NAME}/polaris-${VERSION}.tar.gz\"|" artifacthub-pkg.yml
+      - name: Update package.json version
+        run: |
+          jq --arg version "${{ inputs.version }}" '.version = $version' package.json > package.json.tmp
+          mv package.json.tmp package.json
+
+      - name: Update artifacthub-pkg.yml version
+        run: |
+          VERSION="${{ inputs.version }}"
+          RELEASE_URL="https://github.com/${{ github.repository }}/releases/download/v${VERSION}/polaris-${VERSION}.tar.gz"
+
           sed -i "s|^version:.*|version: ${VERSION}|" artifacthub-pkg.yml
-          git add artifacthub-pkg.yml
+          sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"${RELEASE_URL}\"|" artifacthub-pkg.yml
 
-          if ! git diff --cached --quiet; then
-            git commit -m "ci: update artifact hub metadata for ${GITHUB_REF_NAME}"
-            git push origin temp-update:main
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build plugin
+        run: npx @kinvolk/headlamp-plugin build
+
+      - name: Package plugin
+        run: npx @kinvolk/headlamp-plugin package
+
+      - name: Validate tarball name
+        run: |
+          EXPECTED="polaris-${{ inputs.version }}.tar.gz"
+          ACTUAL=$(ls *.tar.gz)
+          if [ "$EXPECTED" != "$ACTUAL" ]; then
+            echo "::error::Tarball name mismatch! Expected: $EXPECTED, Got: $ACTUAL"
+            exit 1
           fi
+          echo "✓ Tarball name validated: $ACTUAL"
 
-          # Force-move tag to the commit with correct checksum.
-          # This triggers a new CI run, but the guard step will detect
-          # that the release checksum already matches and skip the build.
-          git tag -f ${GITHUB_REF_NAME}
-          git push -f origin ${GITHUB_REF_NAME}
-          echo "Tag ${GITHUB_REF_NAME} aligned with updated metadata"
+      - name: Compute checksum
+        id: compute_checksum
+        run: |
+          TARBALL="polaris-${{ inputs.version }}.tar.gz"
+          CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}')
+          echo "checksum=${CHECKSUM}" >> $GITHUB_OUTPUT
+          echo "Checksum: sha256:${CHECKSUM}"
+
+      - name: Update checksum in metadata
+        run: |
+          CHECKSUM="${{ steps.compute_checksum.outputs.checksum }}"
+          sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml
+
+      - name: Commit version bump and metadata
+        run: |
+          git add package.json artifacthub-pkg.yml
+          git commit -m "chore: release v${{ inputs.version }}"
+          git push origin main
+
+      - name: Create and push tag
+        run: |
+          git tag "v${{ inputs.version }}"
+          git push origin "v${{ inputs.version }}"
+
+      - name: Create GitHub Release
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: "v${{ inputs.version }}"
+          files: polaris-${{ inputs.version }}.tar.gz
+          fail_on_unmatched_files: true
+          draft: false
+          prerelease: false
+          generate_release_notes: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Summary
+        run: |
+          echo "✓ Version bumped to ${{ inputs.version }}"
+          echo "✓ Metadata updated with checksum sha256:${{ steps.compute_checksum.outputs.checksum }}"
+          echo "✓ Tag v${{ inputs.version }} created"
+          echo "✓ GitHub release published with tarball"

CHANGELOG.md

@@ -31,7 +31,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - App bar badge, settings buttons, and UI elements now use theme-aware CSS variables
 
 ### Infrastructure
-- Migrated from Gitea to GitHub Actions exclusively
 - Added CI workflow for lint, type-check, build, and test
 - Enhanced E2E testing documentation with comprehensive guides
 - Added documentation-engineer subagent

artifacthub-pkg.yml

@@ -1,4 +1,4 @@
-version: 0.3.11
+version: 0.4.1
 name: headlamp-polaris-plugin
 displayName: Polaris
 createdAt: "2026-02-05T19:00:00Z"
@@ -28,7 +28,7 @@ maintainers:
   - name: privilegedescalation
     email: "chris@farhood.org"
 annotations:
-  headlamp/plugin/archive-url: "https://github.com/privilegedescalation/headlamp-polaris-plugin/releases/download/v0.3.11/polaris-0.3.11.tar.gz"
+  headlamp/plugin/archive-url: "https://github.com/privilegedescalation/headlamp-polaris-plugin/releases/download/v0.4.1/polaris-0.4.1.tar.gz"
   headlamp/plugin/version-compat: ">=0.26"
-  headlamp/plugin/archive-checksum: sha256:7df8d2066276eec0bdaad98d8a5bd7350861acc216963f7421c5ae476cd725b4
+  headlamp/plugin/archive-checksum: sha256:74e8fb50847312728f914f8d7dba9a2be5ab977ca3ccc3909b3d6143d9bc6eee
   headlamp/plugin/distro-compat: in-cluster

claude.md

@@ -104,6 +104,7 @@ Additional considerations:
 ## MCP Servers
 
 The project has MCP server integrations configured in `.mcp.json`:
-- **Gitea** (git.farh.net): Source control via `gitea-mcp-server`
+- **GitHub**: Source control via `github-mcp-server`
 - **Kubernetes** (local): Cluster access via `kubernetes-mcp-server`
 - **Flux** (local): Flux Operator access via `flux-operator-mcp`
+- **Playwright**: Browser automation via `@playwright/mcp`

package.json

@@ -1,6 +1,6 @@
 {
   "name": "polaris",
-  "version": "0.3.11",
+  "version": "0.4.1",
   "description": "Headlamp plugin for Fairwinds Polaris audit results",
   "repository": {
     "type": "git",

src/api/PolarisDataContext.tsx

@@ -35,8 +35,20 @@ const PolarisDataContext = React.createContext<PolarisDataContextValue | null>(n
  * ```
  */
 export function PolarisDataProvider(props: { children: React.ReactNode }) {
-  const interval = getRefreshInterval();
-  const state = usePolarisData(interval);
+  // Re-read interval on every render to pick up changes from settings
+  const [refreshInterval, setRefreshInterval] = React.useState(getRefreshInterval());
+
+  // Poll for interval changes (localStorage changes from settings)
+  React.useEffect(() => {
+    const intervalId = window.setInterval(() => {
+      const newInterval = getRefreshInterval();
+      setRefreshInterval(prev => (prev !== newInterval ? newInterval : prev));
+    }, 1000); // Check every second
+
+    return () => window.clearInterval(intervalId);
+  }, []);
+
+  const state = usePolarisData(refreshInterval);
 
   // Rename triggerRefresh to refresh for consistency
   const value = React.useMemo(

src/api/polaris.ts

@@ -373,7 +373,9 @@ export function usePolarisData(refreshIntervalSeconds: number): PolarisDataState
           result = await response.json();
         } else {
           // Kubernetes proxy for relative URLs
-          result = await ApiProxy.request(apiPath);
+          result = await ApiProxy.request(apiPath, {
+            method: 'GET',
+          });
         }
 
         if (!cancelled) {

src/components/PolarisSettings.tsx

@@ -58,7 +58,9 @@ export default function PolarisSettings(props: PluginSettingsProps) {
         }
         result = await response.json();
       } else {
-        result = await ApiProxy.request(apiPath);
+        result = await ApiProxy.request(apiPath, {
+          method: 'GET',
+        });
       }
 
       setTestResult({