chore: release v0.3.0 #126

Merged

jwilger merged 1 commit from release/v0.3.0 into main 2026-05-07 15:10:46 -07:00

Conversation 7 Commits 1 Files changed 3 +28 -10

jwilger commented 2026-05-06 13:59:48 -07:00

Owner

Copy link

Prepare release v0.3.0.

Release candidate images:

• git.johnwilger.com/jwilger/auto_review/ar-gateway:e06ede8c31f1f2dc0d10e6ba6c0068610b56ff86
• git.johnwilger.com/jwilger/auto_review/ar-gateway:0.3.0-rc.279

Prepare release v0.3.0. Release candidate images: - git.johnwilger.com/jwilger/auto_review/ar-gateway:e06ede8c31f1f2dc0d10e6ba6c0068610b56ff86 - git.johnwilger.com/jwilger/auto_review/ar-gateway:0.3.0-rc.279

jwilger added 1 commit 2026-05-06 13:59:48 -07:00

chore: release v0.3.0 bd09503dac

jwilger force-pushed release/v0.3.0 from bd09503dac to 634d137810 2026-05-06 15:28:33 -07:00 Compare

auto-review approved these changes 2026-05-06 15:30:52 -07:00

Dismissed

auto-review left a comment

Copy link

This pull request prepares the release of version 0.3.0 by updating the version numbers in Cargo files and adding a new section to the CHANGELOG.md. The changes appear straightforward and safe to merge.

Walkthrough

• CHANGELOG.md: Added a new section for version 0.3.0, detailing new features and other changes.
• Cargo.lock & Cargo.toml: Updated the version numbers from 0.2.0 to 0.3.0 for various packages, indicating a new release version across the workspace.

This pull request prepares the release of version 0.3.0 by updating the version numbers in Cargo files and adding a new section to the CHANGELOG.md. The changes appear straightforward and safe to merge. ## Walkthrough - **CHANGELOG.md**: Added a new section for version 0.3.0, detailing new features and other changes. - **Cargo.lock & Cargo.toml**: Updated the version numbers from 0.2.0 to 0.3.0 for various packages, indicating a new release version across the workspace.

jwilger force-pushed release/v0.3.0 from 634d137810 to bc32343a65 2026-05-06 17:43:25 -07:00 Compare

jwilger dismissed auto-review's review 2026-05-06 17:43:25 -07:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

jwilger force-pushed release/v0.3.0 from bc32343a65 to 201a5a588e 2026-05-06 21:09:23 -07:00 Compare

auto-review approved these changes 2026-05-06 21:14:37 -07:00

Dismissed

auto-review left a comment

Copy link

This release prepares version 0.3.0 with updates to the CLI and gateway components, including the addition of an embedded OCI runtime. The changes appear safe to merge, with some recommendations for additional tests and error handling improvements.

Walkthrough

Δ since 634d137:

• CHANGELOG.md: Updated for version 0.3.0 with new features and fixes.
• crates/ar-cli/src/cli.rs: Added tests for the embedded OCI rootfs bundle.
• crates/ar-gateway/src/startup.rs: Introduced new functions for OCI gateway setup and execution, with detailed error handling and environment variable management.
• docs/THREAT-MODEL.md: Updated threat model to include new OCI gateway considerations.
• flake.nix: Modified to include new packages and configurations for the embedded OCI runtime.

This release prepares version 0.3.0 with updates to the CLI and gateway components, including the addition of an embedded OCI runtime. The changes appear safe to merge, with some recommendations for additional tests and error handling improvements. ## Walkthrough ### Δ since 634d137: - **CHANGELOG.md**: Updated for version 0.3.0 with new features and fixes. - **crates/ar-cli/src/cli.rs**: Added tests for the embedded OCI rootfs bundle. - **crates/ar-gateway/src/startup.rs**: Introduced new functions for OCI gateway setup and execution, with detailed error handling and environment variable management. - **docs/THREAT-MODEL.md**: Updated threat model to include new OCI gateway considerations. - **flake.nix**: Modified to include new packages and configurations for the embedded OCI runtime.

crates/ar-gateway/src/startup.rs Outdated

Show resolved Hide resolved

auto-review commented 2026-05-06 21:14:37 -07:00

Owner

Copy link

🟡 Warning: Ensure that the error messages do not leak sensitive information, especially when dealing with paths that might contain secrets.

🟡 **Warning:** Ensure that the error messages do not leak sensitive information, especially when dealing with paths that might contain secrets.

auto-review commented 2026-05-06 21:14:37 -07:00

Owner

Copy link

🟡 Warning: Ensure that the cleanup process for staged OCI bundles is robust and handles potential errors gracefully to avoid leaving residual files.

🟡 **Warning:** Ensure that the cleanup process for staged OCI bundles is robust and handles potential errors gracefully to avoid leaving residual files.

auto-review commented 2026-05-06 21:14:37 -07:00

Owner

Copy link

🟡 Warning: Ensure that the link_packaged_rootfs function handles symbolic links correctly and does not introduce security vulnerabilities by following unsafe paths.

🟡 **Warning:** Ensure that the `link_packaged_rootfs` function handles symbolic links correctly and does not introduce security vulnerabilities by following unsafe paths.

auto-review commented 2026-05-06 21:14:37 -07:00

Owner

Copy link

🟡 Warning: Ensure that the execute_packaged_oci_runtime_with_executor function handles all potential errors from the executor and provides meaningful error messages.

🟡 **Warning:** Ensure that the `execute_packaged_oci_runtime_with_executor` function handles all potential errors from the executor and provides meaningful error messages.

auto-review commented 2026-05-06 21:14:37 -07:00

Owner

Copy link

🟡 Warning: Ensure that the run_packaged_oci_runtime_command function handles all potential errors from the command execution and provides meaningful error messages.

🟡 **Warning:** Ensure that the `run_packaged_oci_runtime_command` function handles all potential errors from the command execution and provides meaningful error messages.

auto-review commented 2026-05-06 21:14:37 -07:00

Owner

Copy link

🟡 Warning: Ensure that the prepare_embedded_oci_gateway function handles all potential errors from environment variable retrieval and provides meaningful error messages.

🟡 **Warning:** Ensure that the `prepare_embedded_oci_gateway` function handles all potential errors from environment variable retrieval and provides meaningful error messages.

jwilger commented 2026-05-07 15:07:36 -07:00

Author

Owner

Copy link

Valid and tracked as defect/bug #147: the staged bundle can be left behind when staging fails after directory creation. Follow-up should add focused failure-path tests and preserve sanitized diagnostics.

Valid and tracked as defect/bug #147: the staged bundle can be left behind when staging fails after directory creation. Follow-up should add focused failure-path tests and preserve sanitized diagnostics.

jwilger commented 2026-05-07 15:07:36 -07:00

Author

Owner

Copy link

This path is already constrained before link_packaged_rootfs runs: packaged OCI inputs must be absolute, traversal-free /nix/store paths, and the staged rootfs symlink intentionally points at the trusted packaged rootfs. I do not see an actionable unsafe user-controlled symlink path here.

This path is already constrained before `link_packaged_rootfs` runs: packaged OCI inputs must be absolute, traversal-free `/nix/store` paths, and the staged rootfs symlink intentionally points at the trusted packaged rootfs. I do not see an actionable unsafe user-controlled symlink path here.

jwilger commented 2026-05-07 15:07:36 -07:00

Author

Owner

Copy link

Valid and tracked as defect/bug #148: execute_packaged_oci_runtime_with_executor preserves redaction but loses useful sanitized executor context, making operator diagnosis harder.

Valid and tracked as defect/bug #148: `execute_packaged_oci_runtime_with_executor` preserves redaction but loses useful sanitized executor context, making operator diagnosis harder.

jwilger commented 2026-05-07 15:07:36 -07:00

Author

Owner

Copy link

run_packaged_oci_runtime_command already handles both spawn failures and non-success exit statuses with sanitized diagnostics (ErrorKind / status) while clearing ambient env. I do not see a remaining defect in this helper itself.

`run_packaged_oci_runtime_command` already handles both spawn failures and non-success exit statuses with sanitized diagnostics (`ErrorKind` / status) while clearing ambient env. I do not see a remaining defect in this helper itself.

jwilger commented 2026-05-07 15:07:42 -07:00

Author

Owner

Copy link

Valid and tracked as defect/bug #149: prepare_embedded_oci_gateway collapses env retrieval errors such as non-Unicode values into missing/omitted values. Follow-up should report sanitized env-var-name diagnostics.

Valid and tracked as defect/bug #149: `prepare_embedded_oci_gateway` collapses env retrieval errors such as non-Unicode values into missing/omitted values. Follow-up should report sanitized env-var-name diagnostics.

jwilger marked this conversation as resolved

jwilger force-pushed release/v0.3.0 from 201a5a588e to 6a3819d9bd 2026-05-07 06:38:23 -07:00 Compare

jwilger dismissed auto-review's review 2026-05-07 06:38:23 -07:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

auto-review approved these changes 2026-05-07 06:41:04 -07:00

Dismissed

auto-review left a comment

Copy link

This PR prepares for the release of version 0.3.0 by updating the changelog and modifying the command path for the auto-review binary in the Docker image configuration. The changes appear safe to merge, but ensure the path updates align with deployment expectations.

Walkthrough

Δ since 201a5a5:

• CHANGELOG.md:

  • Added an entry for running the Docker image through the unified auto-review binary.

• crates/ar-cli/src/cli.rs:

  • Updated the command path for the auto-review binary in the test assertions.

• flake.nix:

  • Changed the command path for the auto-review binary in the Docker image configuration.
  • Added a new command to verify the Docker image's configuration and contents, ensuring it uses the unified CLI and contains necessary binaries.

This PR prepares for the release of version 0.3.0 by updating the changelog and modifying the command path for the auto-review binary in the Docker image configuration. The changes appear safe to merge, but ensure the path updates align with deployment expectations. ## Walkthrough ### Δ since 201a5a5: - **CHANGELOG.md**: - Added an entry for running the Docker image through the unified auto-review binary. - **crates/ar-cli/src/cli.rs**: - Updated the command path for the auto-review binary in the test assertions. - **flake.nix**: - Changed the command path for the auto-review binary in the Docker image configuration. - Added a new command to verify the Docker image's configuration and contents, ensuring it uses the unified CLI and contains necessary binaries.

jwilger force-pushed release/v0.3.0 from 6a3819d9bd to ede4f2d03c 2026-05-07 10:01:03 -07:00 Compare

jwilger dismissed auto-review's review 2026-05-07 10:01:03 -07:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

auto-review approved these changes 2026-05-07 10:03:48 -07:00

Dismissed

auto-review left a comment

Copy link

This PR prepares for the release of version 0.3.0, introducing runtime isolation reporting and enhancing the status summary with isolation details. The changes appear safe to merge, with comprehensive tests added for the new functionality.

Walkthrough

Δ since 6a3819d:

• CHANGELOG.md: Updated to include a new feature for reporting runtime isolation posture.
• ar-cli: Added RuntimeIsolationSummary to the status summary, with methods to determine isolation type.
• ar-gateway: Introduced RuntimeIsolationPostureInfo to encapsulate isolation details and updated startup logic to classify and log runtime isolation posture.
• THREAT-MODEL.md: Updated to reflect changes in runtime isolation reporting and its implications for security.

This PR prepares for the release of version 0.3.0, introducing runtime isolation reporting and enhancing the status summary with isolation details. The changes appear safe to merge, with comprehensive tests added for the new functionality. ## Walkthrough ### Δ since 6a3819d: - **CHANGELOG.md**: Updated to include a new feature for reporting runtime isolation posture. - **ar-cli**: Added `RuntimeIsolationSummary` to the status summary, with methods to determine isolation type. - **ar-gateway**: Introduced `RuntimeIsolationPostureInfo` to encapsulate isolation details and updated startup logic to classify and log runtime isolation posture. - **THREAT-MODEL.md**: Updated to reflect changes in runtime isolation reporting and its implications for security.

jwilger force-pushed release/v0.3.0 from ede4f2d03c to 3421ef44ff 2026-05-07 11:54:09 -07:00 Compare

jwilger dismissed auto-review's review 2026-05-07 11:54:09 -07:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

auto-review approved these changes 2026-05-07 11:56:50 -07:00

Dismissed

auto-review left a comment

Copy link

This release preparation for v0.3.0 includes documentation updates and clarifications on deployment strategies, particularly around the single-binary rollout and systemd deployment. The changes appear safe to merge, with no code-level issues identified.

Walkthrough

Δ since ede4f2d:

• Documentation Updates:
  • Clarifications were added to testing discipline and skills documents regarding deterministic tests for documentation wording.
  • The changelog now includes a note about documenting the single-binary rollout.
  • Quickstart and systemd deployment documentation have been updated to clarify the use of bare mode and its implications.
  • The operations and release announcement documents now provide more context on deployment strategies and the single operator CLI.
  • The threat model has been updated to include considerations for binary release assets and provenance.

This release preparation for v0.3.0 includes documentation updates and clarifications on deployment strategies, particularly around the single-binary rollout and systemd deployment. The changes appear safe to merge, with no code-level issues identified. ## Walkthrough ### Δ since ede4f2d: - **Documentation Updates**: - Clarifications were added to testing discipline and skills documents regarding deterministic tests for documentation wording. - The changelog now includes a note about documenting the single-binary rollout. - Quickstart and systemd deployment documentation have been updated to clarify the use of `bare` mode and its implications. - The operations and release announcement documents now provide more context on deployment strategies and the single operator CLI. - The threat model has been updated to include considerations for binary release assets and provenance.

jwilger force-pushed release/v0.3.0 from 3421ef44ff to 1c2a8fc30c 2026-05-07 13:26:48 -07:00 Compare

jwilger dismissed auto-review's review 2026-05-07 13:26:48 -07:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

auto-review approved these changes 2026-05-07 13:29:24 -07:00

Dismissed

auto-review left a comment

Copy link

This PR prepares the release of version 0.3.0, adding a NixOS deployment module and updating documentation. The changes appear safe to merge, but ensure thorough testing of the new deployment module.

Walkthrough

Δ since 3421ef4:

• CHANGELOG.md:

  • Added a note about the new NixOS deployment module.

• QUICKSTART.md:

  • Expanded documentation to include instructions for deploying using Nix/NixOS.

• flake.nix:

  • Introduced a new NixOS module for deploying the application, with options for enabling the CLI and gateway service.

This PR prepares the release of version 0.3.0, adding a NixOS deployment module and updating documentation. The changes appear safe to merge, but ensure thorough testing of the new deployment module. ## Walkthrough ### Δ since 3421ef4: - **CHANGELOG.md**: - Added a note about the new NixOS deployment module. - **QUICKSTART.md**: - Expanded documentation to include instructions for deploying using Nix/NixOS. - **flake.nix**: - Introduced a new NixOS module for deploying the application, with options for enabling the CLI and gateway service.

jwilger force-pushed release/v0.3.0 from 1c2a8fc30c to e06ede8c31 2026-05-07 14:45:23 -07:00 Compare

jwilger dismissed auto-review's review 2026-05-07 14:45:23 -07:00

Reason:

New commits pushed, approval review dismissed automatically according to repository settings

auto-review approved these changes 2026-05-07 14:48:13 -07:00

auto-review left a comment

Copy link

This PR prepares for the release of version 0.3.0 by updating workflows, documentation, and tests to support the publication of Linux binary artifacts. The changes appear well-structured and focus on enhancing the release process, but attention should be given to the secure handling of credentials and the thoroughness of new tests.

Walkthrough

Δ since 1c2a8fc:

• Workflows: Updated to include steps for building and verifying Linux binary release artifacts, ensuring secure handling of signing keys.
• Documentation: Updated to reflect changes in the release process, including threat model adjustments.
• Tests: Added comprehensive tests to validate the release process, including artifact verification and signing key management.

This PR prepares for the release of version 0.3.0 by updating workflows, documentation, and tests to support the publication of Linux binary artifacts. The changes appear well-structured and focus on enhancing the release process, but attention should be given to the secure handling of credentials and the thoroughness of new tests. ## Walkthrough ### Δ since 1c2a8fc: - **Workflows**: Updated to include steps for building and verifying Linux binary release artifacts, ensuring secure handling of signing keys. - **Documentation**: Updated to reflect changes in the release process, including threat model adjustments. - **Tests**: Added comprehensive tests to validate the release process, including artifact verification and signing key management.

.forgejo/workflows/release-publish.yml

Show resolved Hide resolved

auto-review commented 2026-05-07 14:48:13 -07:00

Owner

Copy link

🟡 Warning: Lines 60–104: Ensure that the environment variables RELEASE_SIGNING_KEY, RELEASE_BOT_EMAIL, and RELEASE_AARCH64_NIX_BUILDER are securely managed and documented, as they are critical for the release process.

🟡 **Warning:** **Lines 60–104:** Ensure that the environment variables `RELEASE_SIGNING_KEY`, `RELEASE_BOT_EMAIL`, and `RELEASE_AARCH64_NIX_BUILDER` are securely managed and documented, as they are critical for the release process.

jwilger commented 2026-05-07 15:07:43 -07:00

Author

Owner

Copy link

Already covered: docs/OPERATIONS.md documents RELEASE_SIGNING_KEY, RELEASE_BOT_EMAIL, and RELEASE_AARCH64_NIX_BUILDER, including the dedicated release bot, signing-key handling, and aarch64 builder requirement. The threat model also covers the release signing key and remote-builder trust boundary.

Already covered: `docs/OPERATIONS.md` documents `RELEASE_SIGNING_KEY`, `RELEASE_BOT_EMAIL`, and `RELEASE_AARCH64_NIX_BUILDER`, including the dedicated release bot, signing-key handling, and aarch64 builder requirement. The threat model also covers the release signing key and remote-builder trust boundary.

jwilger marked this conversation as resolved

docs/THREAT-MODEL.md

Show resolved Hide resolved

auto-review commented 2026-05-07 14:48:13 -07:00

Owner

Copy link

🟡 Warning: Lines 8–9: Ensure that the threat model accurately reflects the new release process, including the handling of binary artifacts and the use of the release signing key for signing SHA256SUMS.

🟡 **Warning:** **Lines 8–9:** Ensure that the threat model accurately reflects the new release process, including the handling of binary artifacts and the use of the release signing key for signing SHA256SUMS.

jwilger commented 2026-05-07 15:07:43 -07:00

Author

Owner

Copy link

Valid and tracked as defect/bug #150: the detailed release threats are present, but the top-level threat model scope still describes only the self-hosted review bot. Follow-up should include release preparation/publishing automation and binary artifact integrity in scope.

Valid and tracked as defect/bug #150: the detailed release threats are present, but the top-level threat model scope still describes only the self-hosted review bot. Follow-up should include release preparation/publishing automation and binary artifact integrity in scope.

jwilger marked this conversation as resolved

jwilger referenced this pull request 2026-05-07 15:06:54 -07:00

Harden staged OCI bundle cleanup on staging failures #147

jwilger referenced this pull request 2026-05-07 15:06:54 -07:00

Preserve sanitized OCI runtime failure details #148

jwilger referenced this pull request 2026-05-07 15:06:54 -07:00

Distinguish OCI launcher env retrieval failures from missing env vars #149

jwilger referenced this pull request 2026-05-07 15:06:54 -07:00

Update threat model scope to include release automation #150

jwilger merged commit 6cda42b033 into main 2026-05-07 15:10:46 -07:00

jwilger deleted branch release/v0.3.0 2026-05-07 15:10:46 -07:00

jwilger referenced this pull request from a commit 2026-05-07 15:10:46 -07:00

chore: release v0.3.0 (#126)

Sign in to join this conversation.

Reviewers

No reviewers

auto-review

Labels

Clear labels   

bug

  

discussion

  

enhancement

  

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No labels

bug

discussion

enhancement

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

2 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

Slipstream/auto_review!126

No description provided.