bluejay/bluejay-infra
1
0
Fork 0
Code Issues Pull Requests 14 Actions Packages Projects Releases Wiki Activity

Commit Graph

  • b842738a0e Merge pull request 'Sprint 63 Cx-10: align hardening probe paths with live routes' (#44) from codex/s63-cx10 into main main bluejay 2026-06-05 03:02:14 +00:00
  • f0cb7a5e81 fix(hardening): align probe-path annotations with live health routes codex/s63-cx10 Andrew Stoltz 2026-06-04 22:01:04 -05:00
  • ac0f665323 Merge pull request 'Draft: Sprint 62 Cx-10 broader exposure hardening' (#43) from codex/s62-cx10 into main bluejay 2026-06-05 02:51:37 +00:00
  • c4b08f41ab feat(infra): prestage broader app exposure hardening codex/s62-cx10 Andrew Stoltz 2026-06-04 15:55:07 -05:00
  • 417d3830ae test(lint): reconcile baseline infra assertions Andrew Stoltz 2026-06-04 15:40:57 -05:00
  • 34dda0c99c feat(infra): prestage broader app exposure hardening codex/s61-cx10 Andrew Stoltz 2026-06-04 15:55:07 -05:00
  • e1e0159b06 test(lint): reconcile baseline infra assertions Andrew Stoltz 2026-06-04 15:40:57 -05:00
  • 90599b0413 fix(auth): harden public infra routes codex/s60-cx3 Andrew Stoltz 2026-06-04 13:20:16 -05:00
  • cb4ea13e7a monitoring: mirror Sprint 60 probe coverage bluejay 2026-06-04 18:19:47 +00:00
  • a3cd67d6bb monitoring: mirror Sprint 60 probe coverage codex/s60-cx4 Andrew Stoltz 2026-06-04 13:15:18 -05:00
  • 81a3ddac4c fix(auth): mark OIDC healthz probes anonymous codex/s59-auth-safe-to-expose-bluejay-infra Andrew Stoltz 2026-06-04 11:03:20 -05:00
  • 300f8ad546 fix(monitoring): probe OIDC-safe health routes bluejay 2026-06-04 06:45:34 +00:00
  • fe38c2641f Merge pull request 'fix(auth): deploy distribution root anonymous image' (#38) from codex/s58-distribution-root-anon-gitops into main bluejay 2026-06-04 06:20:09 +00:00
  • 3b40dfb185 fix(auth): deploy distribution root anonymous image codex/s58-distribution-root-anon-gitops Andrew Stoltz 2026-06-04 01:19:16 -05:00
  • 103878671c Merge pull request 'fix(auth): deploy Distribution OIDC image tag' (#37) from codex/s58-oidc-proper into main bluejay 2026-06-04 06:05:15 +00:00
  • 36039c1335 fix(auth): deploy distribution oidc image tag codex/s58-oidc-proper Andrew Stoltz 2026-06-04 01:04:44 -05:00
  • 2a66109f13 Merge pull request 'feat(auth): adopt OIDC GitOps for DNS Distribution Media' (#36) from codex/s58-oidc-proper into main bluejay 2026-06-04 05:52:56 +00:00
  • 933fea89d1 feat(auth): adopt oidc apps in gitops Andrew Stoltz 2026-06-04 00:49:36 -05:00
  • 13f9bb7710 fix(distribution): revert OIDC enforcement — enabling it gated /healthz probe (service down) Andrew Stoltz 2026-06-03 23:47:29 -05:00
  • 9a58fd2af6 oidc: flip enforcement ON for knowledge + distribution (no-live-proof, fix-forward) Andrew Stoltz 2026-06-03 23:38:48 -05:00
  • 0ed9b989fa monitoring: mirror Sprint 57 coverage rules codex/s57-monitoring-coverage Andrew Stoltz 2026-06-03 22:46:33 -05:00
  • 308235e4fe feat(auth): route oidc client secrets for s57 flips codex/s57-oidc-flip Andrew Stoltz 2026-06-03 22:33:19 -05:00
  • 404d884863 Adopt live Library Retail AiStation web apps Andrew Stoltz 2026-06-03 20:24:07 -05:00
  • f4bd90f805 Merge pull request #33 from codex/s56-monitoring-coverage bluejay 2026-06-04 01:22:49 +00:00
  • 67d67ab73d fix(monitoring): repoint pirelay scrape to signalcontrol codex/s56-monitoring-coverage Andrew Stoltz 2026-06-03 20:20:36 -05:00
  • f7d41cdc60 revert: drop fc-library manifest — Library.Web already deployed live (41h) Andrew Stoltz 2026-06-03 19:30:23 -05:00
  • 2c0afc28e4 deploy(fc-library): add Library.Web internal-host deployment Andrew Stoltz 2026-06-03 19:28:22 -05:00
  • ba5f5dd0fb deploy(knowledge): roll audit backfill fix Robot 2026-06-03 18:24:22 -05:00
  • dc699da7b3 fix(knowledge): persist federation database on PVC Robot 2026-06-03 18:17:31 -05:00
  • 1e8bf54c6e deploy: roll Chat and Knowledge OIDC images Robot 2026-06-03 18:11:56 -05:00
  • e2e93d482c Deploy TtsReader schema repair image codex/s54-cx14-ttsreader-pr29-live Andrew Stoltz 2026-06-02 22:00:15 -05:00
  • 4319cc2b51 Merge PR #32: divoom pi deploy artifact manifests bluejay 2026-06-03 02:47:36 +00:00
  • 2bf339ce51 Deploy TtsReader PR29 live proof image Andrew Stoltz 2026-06-02 21:47:04 -05:00
  • 5bdedfc5ae divoom: add pi deploy artifact manifests Andrew Stoltz 2026-06-02 21:45:27 -05:00
  • 2c8968f5d0 Wire SignalControl platform observability codex/s50-cx12-signalcontrol-platform Andrew Stoltz 2026-06-02 02:38:54 -05:00
  • 0307ae16ae monitoring(probe): signage/mysql/php blackbox probe / -> /healthz (K8s-target mirror) Andrew Stoltz 2026-06-02 01:09:57 -05:00
  • 62f6d8e7d5 Add SignalControl platform telemetry manifests codex/s49-cx11-signalcontrol-platform Andrew Stoltz 2026-06-01 22:29:18 -05:00
  • 6c18f69cf2 mail: remove cert-manager Certificate (manage mail-tls via step-ca JWK + noc1 renew timer) Andrew Stoltz 2026-06-01 15:55:38 -05:00
  • 47e2256556 Deploy TtsReader correction bridge images Andrew Stoltz 2026-05-31 12:27:59 -05:00
  • 9d77f8ba0e fc-updater: disable loki audit sink Andrew Stoltz 2026-05-31 11:34:12 -05:00
  • 2f4be19c85 fc-updater: bump signing diagnostics image Andrew Stoltz 2026-05-31 00:32:48 -05:00
  • 2a62c40990 fc-updater: bump image to MSI installer surface Andrew Stoltz 2026-05-30 23:31:48 -05:00
  • 7be98e5efc Bump UpdateCenter image to hosted-service fix Andrew Stoltz 2026-05-30 20:22:13 -05:00
  • a65b356c9d deploy(fc-updater): roll UC to v202605301823-a6c3354 (Phase 3 SQLite fixes) Andrew Stoltz 2026-05-30 18:27:45 -05:00
  • 08c17ef1b4 fc-updater: bump to v202605301703-296f350-fix2 (BackgroundServiceExceptionBehavior=Ignore so a hosted-service SQLite query crash can't stop the host) Andrew Stoltz 2026-05-30 17:04:54 -05:00
  • 06f2f002b7 fc-updater: bump image to v202605301657-296f350-fix1 (Shared.Settings SQLite poll fix) Andrew Stoltz 2026-05-30 16:59:37 -05:00
  • 7ac4a8b4b7 fc-updater: bump image to v202605301642-296f350-rework (ADR-179 rework live) Andrew Stoltz 2026-05-30 16:47:28 -05:00
  • 90f2a86819 ops: trim load for degraded 2-node cluster (agent2 PSU dead) Andrew Stoltz 2026-05-28 13:47:13 -05:00
  • cbdefb2b23 Revert "ci1: expose WinRM/RDP/SSH ports on masquerade interface for Phase 2 bootstrap" Andrew Stoltz 2026-05-26 11:35:10 -05:00
  • 1c36fe3a0a ci1: expose WinRM/RDP/SSH ports on masquerade interface for Phase 2 bootstrap Andrew Stoltz 2026-05-26 11:24:34 -05:00
  • 2b420ce8a4 runners: fleet-wide right-size CPU requests from 500m to 100m Andrew Stoltz 2026-05-26 10:09:24 -05:00
  • 5cbc1a06b1 runners: scale DM/AiStation.Linux/WorldBuilder down to 1 replica until cluster relieved Andrew Stoltz 2026-05-26 10:03:30 -05:00
  • 9e7ee39b3a runners: drop CPU request 500m→100m on DM/AiStation.Linux/WorldBuilder Andrew Stoltz 2026-05-26 10:00:23 -05:00
  • ae030a5f33 runners: add github-runner Deployments for DeviceManagement + AiStation.Linux + WorldBuilder runners/add-dm-ailinux-worldbuilder-2026-05-26 Andrew Stoltz 2026-05-26 09:55:31 -05:00
  • bc8c35896f tests: add bluejay-ws runner-exclusion lint + fix 3 stale runner-fleet assertions (#30) bluejay 2026-05-26 03:42:01 +00:00
  • ec78175526 tests: add bluejay-ws runner-exclusion lint + fix 3 stale runner-fleet assertions runners/bluejay-ws-exclusion-lint-2026-05-26 Andrew Stoltz 2026-05-25 22:41:00 -05:00
  • 2cc91b6df0 runners: bump tts-reader memory limit 4Gi -> 8Gi Andrew Stoltz 2026-05-25 22:31:48 -05:00
  • 0d2090fe81 runners: add github-runner-updater Deployment (#29) bluejay 2026-05-26 03:24:13 +00:00
  • 59543016c0 runners: add github-runner-updater Deployment runners/add-updater-deployment-2026-05-26 Andrew Stoltz 2026-05-25 22:22:41 -05:00
  • bc3548e715 runners: add github-runner-pimanager Deployment runners/add-pimanager-deployment-2026-05-25 Andrew Stoltz 2026-05-25 20:33:44 -05:00
  • 74333cc26b selenium: right-size hub + chrome + edge memory limits (#28) bluejay 2026-05-26 01:12:15 +00:00
  • 7310fb88c2 selenium: right-size hub + chrome + edge memory limits ops/selenium-right-size-memory-2026-05-25 Andrew Stoltz 2026-05-25 20:11:41 -05:00
  • 148bc87b9a runners: bake step-ca root CA into image (v20260525-stepca) (#27) bluejay 2026-05-26 01:04:14 +00:00
  • 2a1e842100 runners: bake step-ca root CA into image (v20260525-stepca) ops/runners-bake-step-ca-root-2026-05-25 Andrew Stoltz 2026-05-25 19:55:38 -05:00
  • bc28430d24 selenium: allow github-runner namespace ingress on 4444 (#26) bluejay 2026-05-26 00:44:23 +00:00
  • cc92272217 selenium: allow github-runner namespace ingress on 4444 ops/selenium-allow-github-runner-2026-05-25 Andrew Stoltz 2026-05-25 19:43:12 -05:00
  • d6f4468a9c selenium: migrate hub + 3 nodes into ArgoCD-managed manifests (#25) bluejay 2026-05-26 00:09:35 +00:00
  • 2f796a2ebd selenium: migrate hub + 3 nodes + service + ingressroute into ArgoCD Andrew Stoltz 2026-05-25 19:08:55 -05:00
  • 1f1f6823db runners: right-size replica counts per 14d CI activity (#24) bluejay 2026-05-26 00:01:47 +00:00
  • b92f74b63a runners: right-size replica counts per 14d CI activity data Andrew Stoltz 2026-05-25 18:55:47 -05:00
  • cb7f7dbc4d authentik: generous startup/liveness probes for first-boot migration authentik/initial-deploy Andrew Stoltz 2026-05-25 16:03:03 -05:00
  • 03126d5584 authentik: add fsGroup:1000 to server + worker so non-root uid can write /media Andrew Stoltz 2026-05-25 15:58:35 -05:00
  • 495e884c41 authentik: initial deployment at id.iamworkin.lan Andrew Stoltz 2026-05-25 15:50:10 -05:00
  • eaba7cd171 fc-desktop: add phase 1 capacity guards sprint44/cx-9-fc-desktop-cpu-phase-1 Andrew Stoltz 2026-05-20 15:49:20 -05:00
  • 65aa1e6104 fix(monitoring): point probe-printweb at /health (Q-MR-90) Andrew Stoltz 2026-05-20 14:52:02 -05:00
  • 7f2a3b76b4 feat(github-runner): bake Ruby 3.3 into Linux self-hosted runner image (Q-MR-81) sprint42/cx-4-linux-runner-ruby-bake Andrew Stoltz 2026-05-20 11:44:52 -05:00
  • 6e581d2879 docs(fc-build-windows): capture runner operator gate sprint42/cx-5-fc-build-windows-runner Andrew Stoltz 2026-05-20 11:27:21 -05:00
  • ea73f00461 fix(fc-devicemgmt): remove self-referential Application resource (Q-MR-79) bluejay 2026-05-20 16:20:01 +00:00
  • 25ace30a03 fix(fc-devicemgmt): remove self-referential Application resource (Q-MR-79) sprint42/cx-2-fc-devicemgmt-self-ref-cleanup Andrew Stoltz 2026-05-20 11:18:25 -05:00
  • 46bbd00d09 Add step-ca agent issuer manifest sprint41/cx-2-step-ca-agent-provisioner Andrew Stoltz 2026-05-19 17:52:58 -05:00
  • 0a20f05525 monitoring: tag pirelay planned outage sprint41/cx-5-pirelay-scrape-investigation Andrew Stoltz 2026-05-19 17:40:34 -05:00
  • 41185f0642 Codify fc-desktop resource quota sprint40/cx-7-fc-desktop-prewarm-rq-codify Andrew Stoltz 2026-05-19 15:21:08 -05:00
  • 40b5027ee3 Mirror printer state alert routing sprint40/cx-5-alert-classification-offline-vs-depleted Andrew Stoltz 2026-05-19 15:17:01 -05:00
  • 55729a24f9 monitoring: alert on remotedesktop longhorn pvc growth sprint39/cx-12-longhorn-pvc-growth-alarm Andrew Stoltz 2026-05-19 12:34:28 -05:00
  • 30e16bfcfb feat: add qt sdk remotedesktop warm pool sprint39/cx-8-qt-sdk-image Andrew Stoltz 2026-05-19 12:30:32 -05:00
  • 6382582090 fc-desktop: add remotedesktop warm pool intent sprint39/cx-3-claim-init-hooks-xfce Andrew Stoltz 2026-05-19 12:27:47 -05:00
  • 2896b60d3c Tighten RemoteDesktop network policies sprint39/cx-5-netpol-isolation Andrew Stoltz 2026-05-19 12:04:12 -05:00
  • ca574c2280 brochure: delete apps/brochure/ — full prune per operator decision 2026-05-19 Andrew Stoltz 2026-05-19 10:42:30 -05:00
  • 09387f90e1 brochure: ARCHIVED 2026-05-19 — was a misinterpretation, do not re-enable Andrew Stoltz 2026-05-19 10:34:28 -05:00
  • e641ceab48 monitoring(irc-notify): criticals also batch hourly — fix per-fire spam Andrew Stoltz 2026-05-19 10:22:25 -05:00
  • c263426ea5 fc-devicemgmt: operator image fix + Web scaled to 0 Andrew Stoltz 2026-05-19 10:11:09 -05:00
  • bacac067cf monitoring(irc-notify): hourly digest batching for thermal printer Andrew Stoltz 2026-05-19 09:55:57 -05:00
  • 914fed08d8 fix(brochure): scale brochure-web to 0 — wrong codebase shipped (Intranet.Web binary in fc-brochure-web image, CrashLoopBackOff 296 restarts on /data read-only). Re-enable after Sprint 34 Cx-3 rebuild per docs/ai-agents/codex-prompts/2026-05-18-fc-brochure-web-rebuild-pack.md bluejay 2026-05-19 14:45:01 +00:00
  • 9a4a8264d9 github-runner: add DM and WorldBuilder runners sprint37/cx-2-linux-runner-expansion Andrew Stoltz 2026-05-18 17:44:29 -05:00
  • 200aeab032 ttsreader: deploy study mode repair image Andrew Stoltz 2026-05-18 16:33:08 -05:00
  • 8182616d4c ttsreader: point render piper to edge1 demo endpoint Andrew Stoltz 2026-05-18 16:06:37 -05:00
  • f0862ac03c ttsreader: deploy sprint36 demo audio image Andrew Stoltz 2026-05-18 16:04:59 -05:00
  • 46c392605e monitoring: mirror PuppetServiceFailed alert from Notes (Sprint 33 Cx-7 Phase B) Andrew Stoltz 2026-05-18 11:11:07 -05:00
  • 89b147bbdd docs(openvox): document quadlet durability smoke (#12) bluejay 2026-05-18 04:53:02 +00:00
  • d7238a5e3b feat(brochure): add public brochure GitOps app (#13) bluejay 2026-05-18 04:52:37 +00:00