privilegedescalation/headlamp-sealed-secrets-plugin
12
0
Fork 0
Code Issues 2 Pull Requests 2 Actions Packages Projects Releases 27 Wiki Activity
209 Commits 20 Branches 27 Tags
5911e9e9bf386acab179aad4006d14346fc1af84
Commit Graph

8 Commits

Author SHA1 Message Date
Countess von Containerheim 8101703c7e fix(ci): inline CI workflow, remove reusable .github dependency (PRI-1630)
Promotion Gate / promotion-gate (pull_request) Failing after 0s
Details
CI / ci (push) Successful in 53s
Details
CI / ci (pull_request) Successful in 52s
Details
2026-05-20 10:46:08 +00:00
privilegedescalation-ceo[bot] 36a5d2a72a Update CI and approval workflows for three-branch SDLC (#83) 
CI triggers on dev/uat/main. Promotion gate replaces dual-approval.

Co-authored-by: Chris Farhood <chris@farhood.org>
Co-authored-by: Paperclip <noreply@paperclip.ing>
 2026-05-11 21:40:02 +00:00
hugh-hackman[bot] 7aa92ac1fb Merge PR #6 
* ci: switch to org-level reusable workflows

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* chore: retrigger CI after reusable workflows merged

* feat: add workflow_dispatch to CI workflow

---------

Co-authored-by: hugh-hackman[bot] <hugh-hackman[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: hugh-hackman[bot] <266376744+hugh-hackman[bot]@users.noreply.github.com>
 2026-03-08 11:16:27 +00:00
DevContainer User 8390aeb5df ci: standardize CI/CD workflows and add Renovate 
- CI: single sequential job, local-ubuntu-latest runner, Node 22, workflow_call trigger, npm run commands
- Release: CI gate via reusable workflow, concurrency protection, dynamic package name, tarball validation, gh CLI
- Delete test-runner.yaml (one-time runner diagnostic)
- Add renovate.json with recommended config

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-04 00:41:37 +00:00
DevContainer User af95c3795c chore: move source to repo root and standardize config 
Phase 1 — Structural overhaul:
- Move all source from headlamp-sealed-secrets/ subdirectory to repo root
- Delete 23 AI-generated docs, 8 pre-built tarballs, release snapshots dir
- Remove all working-directory refs from CI/release workflows
- Update install-plugin.sh and typedoc.json paths

Phase 2 — Config standardization:
- Create .eslintrc.js and .prettierrc.js (standard Headlamp configs)
- Remove inline eslintConfig/prettier from package.json (drop jsx-a11y, prettier extends)
- Rewrite tsconfig.json (package name extend, add compilerOptions.types)
- Create vitest.config.mts and vitest.setup.ts (standard from polaris)
- Replace headlamp-plugin CLI scripts with direct tool invocation
- Rewrite .gitignore with standard baseline

Phase 3 — MCP & Claude settings:
- Create .mcp.json with github/kubernetes/flux/playwright servers
- Create .claude/settings.local.json
- Remove 7 specialized agents, keep 3 meta-orchestration agents

Phase 4 — Documentation:
- Rewrite CLAUDE.md (remove subdirectory refs, standard format)
- Add ArtifactHub badge, Architecture section, standardized install methods to README.md
- Create CONTRIBUTING.md and SECURITY.md
- Fix pre-existing test bugs in validators.test.ts (isValidNamespace returns boolean,
  not ValidationResult; error message string mismatches)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-03 21:31:12 +00:00
Chris Farhood fdfa7e8102 fix: use simple runner label format (not array) 2026-02-12 15:03:51 -05:00
Chris Farhood 4d99360694 fix: use array format for self-hosted runners at org level 
Changed runs-on from 'local-ubuntu-latest' to '[self-hosted, local-ubuntu-latest]'
to properly match organization-level ARC runner scale sets.

For organization-level runners, GitHub Actions requires the self-hosted
label along with the runner scale set name.
 2026-02-12 14:38:08 -05:00
Chris Farhood b8afb29ebe ci: adopt polaris-plugin workflow architecture 
Replaced monolithic publish workflow with cleaner 3-workflow pattern
from headlamp-polaris-plugin:

Changes:
- ci.yaml: Basic lint/test on push/PR (simplified)
- prepare-release.yaml: NEW - Manual workflow to bump version and tag
- release.yaml: NEW - Two-job pattern (build → update-metadata)

Key improvements:
- Uses npx @kinvolk/headlamp-plugin package (standard CLI)
- Separates version bumping from release building
- Two-job release: build artifacts, then update main with checksum
- Better validation (tarball name, contents)
- Cleaner git history (metadata updates are separate commits)
- Matches polaris-plugin proven pattern

Breaking changes:
- No longer uses publish.yml
- Release process now requires prepare-release workflow first
- Checksums updated via separate job after release completes

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
 2026-02-12 13:54:08 -05:00