Skip to content

Commit 780106f

Browse files
authored
feat: release Codencer public self-host v0.3.0 (#3)
* Implement flagship planner loop * Implement product-facing planner MCP auth * Harden flagship planner MCP paths * Implement local production hardening through Sprint 6 Add the operator-facing codencer CLI with local home management, project registry, doctor/status/config/path commands, project-aware execution, live/readiness/report surfaces, setup helpers, acceptance reporting, proof bundles, and release snapshot packaging. Add daemon-first local execution through localexec, manifest/profile support, fake adapters, validation artifact capture, project-aware Relay/MCP routes and tools, connector project advertisements, runtime supervisor/watchdog/recovery commands, and guarded live matrix/readiness aggregation. Add safe install, uninstall, and upgrade scripts; build metadata injection; security redaction and path sanitization for Relay/MCP payloads; local/self-host/runtime/live/release docs; acceptance gates; deterministic verification targets; and partial-honest dist artifacts for v0.3.0-local-prod-rc.1. Verification: go test ./...; make build-codencer; make verify-local-execution; make verify-local-relay-mcp; make verify-runtime-recovery; make verify-live-matrix; make acceptance-local-production; make verify-release; make verify-local-prod; make release-snapshot VERSION=v0.3.0-local-prod-rc.1. * Stop tracking generated release archives Remove generated v0.3.0 local production release archives from the repository tip while keeping the release manifest and checksums. Ignore future dist archives, release work directories, and broker packaging output so generated artifacts stay out of normal source commits. * Harden Sprint 6 release candidate correctness Align default build metadata with v0.3.0-local-prod-rc.1 and make release snapshots enforce explicit target policy with required darwin/arm64, darwin/amd64, and linux/amd64 targets. Add Docker-backed Linux release builds, full bundle contents, artifact/checksum validation, generated-dist ignores, and fail-fast behavior for missing required targets unless ALLOW_PARTIAL=1 is explicitly set. Fix acceptance false-pass behavior by splitting watchdog/recovery command gates from health/safety gates and adding release_artifacts_present validation. Make install and upgrade scripts truthful about missing required binaries, including dry-run mode, with --allow-missing as an explicit partial-report path. Add MCP initialize instructions, update release/docs/acceptance guidance, and add tests for release policy, script truthfulness, acceptance gates, and MCP instructions. Verification: go test ./...; make build-codencer; make verify-local-execution; make verify-local-relay-mcp; make verify-runtime-recovery; make verify-live-matrix; make acceptance-local-production; make verify-release; make verify-local-prod; script missing-binary checks; release snapshots with and without ALLOW_PARTIAL=1. * Implement Sprint 7 activation and OAuth dev proof Add codencer activation check/package/chatgpt/codex/claude-code commands backed by internal activation business logic, package rendering, MCP initialize/tools checks, token redaction, and client-specific setup guidance. Add relay ChatGPT OAuth dev mode with authorization-server metadata, OpenID metadata, PKCE authorization code exchange, opaque in-memory access tokens, dev-noauth guardrails, setup relay flags, and the read-only codencer.get_blocker MCP alias. Update Make targets, acceptance metadata, MCP integration examples, quickstarts, and activation docs for VPS relay, local connector, ChatGPT, Codex, and Claude Code activation. Verified with go test ./..., build/relay/runtime/live/acceptance/release/local-prod targets, and activation preflight. * Implement Sprint 7.1 activation hardening Add the codencer connector facade for enrollment, status, config inspection, and run delegation over the existing connector package, while persisting codencer_home and connector_config_path through the user-level local config. Expand activation package generation with connector-enrollment.sh, real MCP initialize/tools/call curl smoke, ChatGPT setup sheet fields, and safer product-proof language. Fix Claude Code MCP command ordering, add coverage for command order and package contents, and update operator docs, acceptance gates, the MCP gateway model, and the codencer.dev site update pack. Verification run before commit: go test ./...; make build-codencer; make verify-local-execution; make verify-local-relay-mcp; make verify-runtime-recovery; make verify-live-matrix; make acceptance-local-production; make verify-release; make verify-local-prod; make activation-preflight. * Implement project-local config and machine-aware routing * Prepare open-source docs and Apache licensing * Stabilize MCP SDK smoke waits * Implement official MCP gateway MVP * Stabilize gateway workspace relay routing * Add official connector self-service flow * Add public Gateway Console foundation * Enforce Gateway Console formatting * Add Gateway Console visual evidence workflow * Fix Gateway Console mobile overflow checks * Make visual review output explicit * Harden visual review evidence text * Wire Gateway Console to live Gateway APIs * Cover all console routes in live verifier * chore(console): finalize public gateway readiness * chore: add public self-host release gate * docs: align public self-host release guidance * ci: run public self-host verification * fix: sanitize project config paths from relay output * chore: verify self-host release artifacts * fix: harden self-host gateway verification * ci: split linux public verification phases * test: clean up live console process groups * Fix Gateway Console live collection responses * docs: restore Grove compatibility guidance * Add public self-host RC verifier * Stabilize public self-host RC real executor gate * Fix self-host setup timeout contract * Fix Gateway Console executor UX * Add Gateway Console run history and results * Fix real Codex simulation acceptance gate * Harden public self-host release gate * Harden public self-host run sync scope * Add Gateway run audit pagination * Redact default local CLI output * Implement metadata-only Gateway sync publish * Expose human interrupt lifecycle metadata * Harden real executor acceptance checks * Add isolated Antigravity proof plumbing * Record hardening implementation commit * Harden real executor live proof prompts * Fail fast unsafe Antigravity proof waits * Record Antigravity hardening report hash * Harden executor simulation env parsing * Add Gateway MCP async lifecycle tools * Update hardening report for async Gateway MCP * Make Gateway Console task submits async * Update hardening report for async Console submit * Wire project run cancel through Gateway routes * Update hardening report for project cancel routing * Harden default CLI redaction checks * Update hardening report for CLI redaction gate * Record Gateway human interrupt responses * Update hardening report for interrupt responses * Add Console human interrupt response panel * Update hardening report for Console interrupt responses * Align RC verdict docs with NO-GO policy * Update hardening report for RC verdict policy * Prevent simulation artifacts from passing as real * Update hardening report for simulation artifact guard * Verify local run CLI redaction in self-host release * Update hardening reports for local run redaction gate * Assert sync publish audit records * Update hardening reports for sync audit proof * Record unsupported resume audit events * Update hardening reports for resume audit proof * Verify Gateway API redaction in public smoke * Update hardening reports for Gateway API redaction proof * Expose local run resume for resumable states * Update hardening reports for local resume proof * Route project resume through Gateway Relay and connector * Update hardening reports for project resume route * Make console manifest submissions asynchronous * Update hardening reports for async manifest path * Redact setup human output paths * Update hardening reports for CLI redaction coverage * Resume runs from human interrupt follow up * Update hardening reports for interrupt follow up * Scan deploy files for stale release labels * Update hardening reports for boundary checks * Show local submit progress in CLI output * Update hardening reports for submit progress * Cancel runs from human interrupt follow up * Update hardening reports for cancel follow up * Start follow-up tasks from human interrupts * Update hardening reports for start follow up * Verify CLI human interrupt redaction * Update hardening reports for CLI interrupt proof * Verify local run lifecycle CLI redaction * Update hardening reports for run lifecycle proof * Defer Antigravity in public self-host gate * Finalize public self-host GO report * Fix executor profile adapter routing * Add profile adapter acceptance report * Clarify profile adapter acceptance verdict * Remove local paths from acceptance report * Fix console executor metadata and operator UX * Add public self-host acceptance report * Polish gateway console brand and operator UI * Record pre-release UI polish acceptance * Clean pre-release polish report paths * Make console lists full-width and add intro preview * Update pre-release polish acceptance report * Port Codencer terminal working indicator * Update terminal indicator acceptance report * Show working indicator during submit wait * Update submit wait indicator acceptance report * Use truthful status indicator for submit wait * Update submit status indicator acceptance report * ci: add main release automation * ci: add release please version file
1 parent b17d511 commit 780106f

489 files changed

Lines changed: 74124 additions & 2195 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.env.example

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,10 @@
55
ALL_ADAPTERS_SIMULATION_MODE=1
66

77
# --- Tactical Agents (Real Mode) ---
8-
# Path to the Codex agent binary (requires npm install -g @lookman/codex-agent)
9-
CODEX_BINARY=codex-agent
8+
# Path to the Codex CLI. Codencer invokes `codex exec` by default.
9+
CODEX_BINARY=codex
10+
# Set CODEX_ADAPTER_MODE=legacy-agent only for the older codex-agent wrapper.
11+
# CODEX_ADAPTER_MODE=legacy-agent
1012
# Set to 1 to stub only the Codex agent
1113
CODEX_SIMULATION_MODE=0
1214

.github/workflows/public-testability-macos.yml

Lines changed: 20 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,14 @@ on:
77
permissions:
88
contents: read
99

10+
concurrency:
11+
group: public-testability-${{ github.workflow }}-${{ github.ref }}
12+
cancel-in-progress: true
13+
1014
jobs:
1115
verify-macos:
1216
runs-on: macos-latest
17+
timeout-minutes: 45
1318

1419
steps:
1520
- name: Check out repository
@@ -20,6 +25,13 @@ jobs:
2025
with:
2126
go-version-file: go.mod
2227

28+
- name: Set up Node
29+
uses: actions/setup-node@v4
30+
with:
31+
node-version: 22
32+
cache: npm
33+
cache-dependency-path: web/gateway-console/package-lock.json
34+
2335
- name: Cache Go build and module directories
2436
uses: actions/cache@v4
2537
with:
@@ -31,15 +43,16 @@ jobs:
3143
${{ runner.os }}-go-
3244
3345
- name: Install macOS verification prerequisites
46+
run: brew install jq
47+
48+
- name: Install Gateway Console browser
49+
working-directory: web/gateway-console
3450
run: |
35-
brew update
36-
brew install jq docker docker-compose
37-
mkdir -p ~/.docker/cli-plugins
38-
ln -sf "$(brew --prefix docker-compose)/bin/docker-compose" ~/.docker/cli-plugins/docker-compose
39-
docker compose version
51+
npm ci
52+
npx playwright install chromium
4053
41-
- name: Build supported beta-track binaries
54+
- name: Build supported public binaries
4255
run: make build-supported
4356

4457
- name: Run supported public verification
45-
run: make verify-beta
58+
run: make verify-public-selfhost-release TARGETS=host REQUIRE_TARGETS=host

.github/workflows/public-testability-windows.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,14 @@ on:
77
permissions:
88
contents: read
99

10+
concurrency:
11+
group: public-testability-${{ github.workflow }}-${{ github.ref }}
12+
cancel-in-progress: true
13+
1014
jobs:
1115
verify-windows-broker:
1216
runs-on: windows-latest
17+
timeout-minutes: 20
1318

1419
steps:
1520
- name: Check out repository

.github/workflows/public-testability.yml

Lines changed: 50 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,14 @@ on:
77
permissions:
88
contents: read
99

10+
concurrency:
11+
group: public-testability-${{ github.workflow }}-${{ github.ref }}
12+
cancel-in-progress: true
13+
1014
jobs:
1115
verify:
1216
runs-on: ubuntu-latest
17+
timeout-minutes: 90
1318

1419
steps:
1520
- name: Check out repository
@@ -20,13 +25,55 @@ jobs:
2025
with:
2126
go-version-file: go.mod
2227

28+
- name: Set up Node
29+
uses: actions/setup-node@v4
30+
with:
31+
node-version: 22
32+
cache: npm
33+
cache-dependency-path: web/gateway-console/package-lock.json
34+
2335
- name: Install CGO build prerequisites
2436
run: |
2537
sudo apt-get update
2638
sudo apt-get install -y --no-install-recommends build-essential
2739
28-
- name: Build supported beta-track binaries
40+
- name: Install Gateway Console browser
41+
working-directory: web/gateway-console
42+
run: |
43+
npm ci
44+
npx playwright install --with-deps chromium
45+
46+
- name: Build supported public binaries
2947
run: make build-supported
3048

31-
- name: Run supported public verification
32-
run: ./scripts/verify_beta.sh
49+
- name: Run full Go test suite
50+
timeout-minutes: 15
51+
run: go test ./...
52+
53+
- name: Create public self-host release snapshot
54+
timeout-minutes: 10
55+
run: make release-snapshot VERSION=v0.3.0-selfhost-verify TARGETS=host REQUIRE_TARGETS=host
56+
57+
- name: Verify release artifact self-host proof
58+
timeout-minutes: 20
59+
run: make verify-release-artifact-selfhost VERSION=v0.3.0-selfhost-artifact-verify TARGETS=host REQUIRE_TARGETS=host
60+
61+
- name: Verify public self-host config and client artifacts
62+
timeout-minutes: 10
63+
run: ./scripts/verify_public_selfhost_release.sh
64+
65+
- name: Verify Gateway MCP and routing
66+
timeout-minutes: 15
67+
run: make verify-gateway
68+
69+
- name: Verify Gateway Console
70+
timeout-minutes: 25
71+
run: make verify-gateway-console
72+
73+
- name: Verify Gateway Console live path
74+
timeout-minutes: 20
75+
run: make verify-gateway-console-live
76+
77+
- name: Verify public release boundary
78+
timeout-minutes: 10
79+
run: make verify-public-release
Lines changed: 209 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,209 @@
1+
name: Release Please
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
8+
permissions:
9+
contents: write
10+
pull-requests: write
11+
issues: write
12+
actions: read
13+
14+
jobs:
15+
release-please:
16+
runs-on: ubuntu-latest
17+
timeout-minutes: 15
18+
outputs:
19+
release_created: ${{ steps.release.outputs.release_created }}
20+
tag_name: ${{ steps.release.outputs.tag_name }}
21+
version: ${{ steps.release.outputs.version }}
22+
sha: ${{ steps.release.outputs.sha }}
23+
upload_url: ${{ steps.release.outputs.upload_url }}
24+
25+
steps:
26+
- name: Run Release Please
27+
id: release
28+
uses: googleapis/release-please-action@v4
29+
with:
30+
token: ${{ secrets.RELEASE_PLEASE_TOKEN || github.token }}
31+
config-file: release-please-config.json
32+
manifest-file: .release-please-manifest.json
33+
34+
build-linux-amd64:
35+
needs: release-please
36+
if: ${{ needs.release-please.outputs.release_created == 'true' }}
37+
runs-on: ubuntu-latest
38+
timeout-minutes: 45
39+
env:
40+
TAG_NAME: ${{ needs.release-please.outputs.tag_name }}
41+
RELEASE_SHA: ${{ needs.release-please.outputs.sha }}
42+
43+
steps:
44+
- name: Check out release SHA
45+
uses: actions/checkout@v4
46+
with:
47+
ref: ${{ env.RELEASE_SHA }}
48+
49+
- name: Set up Go
50+
uses: actions/setup-go@v5
51+
with:
52+
go-version-file: go.mod
53+
54+
- name: Install Linux build prerequisites
55+
run: |
56+
sudo apt-get update
57+
sudo apt-get install -y --no-install-recommends build-essential
58+
59+
- name: Build linux/amd64 release snapshot
60+
run: make release-snapshot VERSION="${TAG_NAME}" TARGETS=linux/amd64 REQUIRE_TARGETS=linux/amd64
61+
62+
- name: Verify linux/amd64 self-host artifact
63+
run: make verify-release-artifact-selfhost VERSION="${TAG_NAME}" TARGETS=linux/amd64 REQUIRE_TARGETS=linux/amd64
64+
65+
- name: Upload linux/amd64 artifact
66+
uses: actions/upload-artifact@v4
67+
with:
68+
name: codencer-linux-amd64
69+
path: dist/codencer_${{ env.TAG_NAME }}_linux_amd64.tar.gz
70+
if-no-files-found: error
71+
72+
build-macos-host:
73+
needs: release-please
74+
if: ${{ needs.release-please.outputs.release_created == 'true' }}
75+
runs-on: macos-latest
76+
timeout-minutes: 45
77+
env:
78+
TAG_NAME: ${{ needs.release-please.outputs.tag_name }}
79+
RELEASE_SHA: ${{ needs.release-please.outputs.sha }}
80+
81+
steps:
82+
- name: Check out release SHA
83+
uses: actions/checkout@v4
84+
with:
85+
ref: ${{ env.RELEASE_SHA }}
86+
87+
- name: Set up Go
88+
uses: actions/setup-go@v5
89+
with:
90+
go-version-file: go.mod
91+
92+
- name: Build macOS host release snapshot
93+
run: make release-snapshot VERSION="${TAG_NAME}" TARGETS=host REQUIRE_TARGETS=host
94+
95+
- name: Verify macOS host self-host artifact
96+
run: make verify-release-artifact-selfhost VERSION="${TAG_NAME}" TARGETS=host REQUIRE_TARGETS=host
97+
98+
- name: Upload macOS host artifact
99+
uses: actions/upload-artifact@v4
100+
with:
101+
name: codencer-macos-host
102+
path: dist/codencer_${{ env.TAG_NAME }}_darwin_*.tar.gz
103+
if-no-files-found: error
104+
105+
publish-assets:
106+
needs:
107+
- release-please
108+
- build-linux-amd64
109+
- build-macos-host
110+
if: ${{ needs.release-please.outputs.release_created == 'true' }}
111+
runs-on: ubuntu-latest
112+
timeout-minutes: 20
113+
env:
114+
TAG_NAME: ${{ needs.release-please.outputs.tag_name }}
115+
RELEASE_SHA: ${{ needs.release-please.outputs.sha }}
116+
GH_TOKEN: ${{ github.token }}
117+
118+
steps:
119+
- name: Download release artifacts
120+
uses: actions/download-artifact@v4
121+
with:
122+
pattern: codencer-*
123+
path: release-assets
124+
merge-multiple: true
125+
126+
- name: Generate checksums and manifest
127+
run: |
128+
python3 <<'PY'
129+
import hashlib
130+
import json
131+
import os
132+
import re
133+
from datetime import datetime, timezone
134+
from pathlib import Path
135+
136+
root = Path("release-assets")
137+
tag = os.environ["TAG_NAME"]
138+
release_sha = os.environ["RELEASE_SHA"]
139+
archives = sorted(root.glob("codencer_*.tar.gz"))
140+
linux_name = f"codencer_{tag}_linux_amd64.tar.gz"
141+
linux = [path for path in archives if path.name == linux_name]
142+
darwin = [path for path in archives if re.fullmatch(rf"codencer_{re.escape(tag)}_darwin_[A-Za-z0-9]+\.tar\.gz", path.name)]
143+
144+
if len(linux) != 1:
145+
raise SystemExit(f"expected exactly one linux/amd64 archive named {linux_name}, got {len(linux)}")
146+
if len(darwin) != 1:
147+
raise SystemExit(f"expected exactly one darwin host archive for {tag}, got {len(darwin)}")
148+
149+
assets = []
150+
checksum_lines = []
151+
for path in linux + darwin:
152+
match = re.fullmatch(rf"codencer_{re.escape(tag)}_(linux|darwin)_([A-Za-z0-9]+)\.tar\.gz", path.name)
153+
if not match:
154+
raise SystemExit(f"unexpected archive name: {path.name}")
155+
data = path.read_bytes()
156+
digest = hashlib.sha256(data).hexdigest()
157+
os_name, arch = match.groups()
158+
runner = "ubuntu-latest" if os_name == "linux" else "macos-latest"
159+
checksum_lines.append(f"{digest} {path.name}")
160+
assets.append({
161+
"filename": path.name,
162+
"sha256": digest,
163+
"os": os_name,
164+
"arch": arch,
165+
"runner": runner,
166+
})
167+
168+
(root / "checksums.txt").write_text("\n".join(checksum_lines) + "\n")
169+
manifest = {
170+
"version": tag,
171+
"tag_name": tag,
172+
"release_sha": release_sha,
173+
"built_at": datetime.now(timezone.utc).isoformat().replace("+00:00", "Z"),
174+
"assets": assets,
175+
"note": "Artifacts were built by GitHub Actions from the Release Please release workflow.",
176+
}
177+
(root / "manifest.json").write_text(json.dumps(manifest, indent=2) + "\n")
178+
PY
179+
180+
- name: Fail if release assets already exist
181+
run: |
182+
existing="$(gh release view "$TAG_NAME" --json assets -q '.assets[].name')"
183+
for file in release-assets/*; do
184+
name="$(basename "$file")"
185+
if printf '%s\n' "$existing" | grep -Fxq "$name"; then
186+
echo "Release asset already exists and will not be overwritten: $name" >&2
187+
exit 1
188+
fi
189+
done
190+
191+
- name: Upload release assets
192+
run: gh release upload "$TAG_NAME" release-assets/*
193+
194+
- name: Append release asset note
195+
run: |
196+
gh release view "$TAG_NAME" --json body -q '.body' > release-body.md
197+
cat >> release-body.md <<'EOF'
198+
199+
## Codencer self-host release assets
200+
201+
- Public self-host release.
202+
- Codex real executor proof: passed.
203+
- Claude Code real executor proof: passed.
204+
- Antigravity: optional/deferred, not release-proven.
205+
- Cloud/official connector: out of scope for this public self-host release.
206+
- Checksums are attached in `checksums.txt`.
207+
- Machine-readable artifact metadata is attached in `manifest.json`.
208+
EOF
209+
gh release edit "$TAG_NAME" --notes-file release-body.md

0 commit comments

Comments
 (0)