Claude
e9c144a511
chore: gardener housekeeping 2026-04-16
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/push/nomad-validate Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/pr/nomad-validate Pipeline was successful
ci/woodpecker/pr/secret-scan Pipeline failed
2026-04-16 08:38:31 +00:00
Claude
c236350e00
chore: gardener housekeeping 2026-04-16
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
- Bump AGENTS.md watermarks to HEAD (c363ee0#623 (all deps now closed, ready for planner decomposition), comment #758 (needs human Forgejo admin action to unblock ops repo writes)
2026-04-16 02:15:38 +00:00
Claude
fbb246c626
fix: [nomad-prep] P4 — scaffold lib/hvault.sh (HashiCorp Vault helper module) ( #799 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/pr/secret-scan Pipeline was successful
ci/woodpecker/pr/smoke-init Pipeline was successful
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 21:15:44 +00:00
Claude
2465841b84
fix: [nomad-prep] P8 — spot-check lib/mirrors.sh against empty Forgejo target ( #796 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 20:22:11 +00:00
Claude
9dbc43ab23
fix: [nomad-prep] P3 — add load_secret() abstraction to lib/env.sh ( #793 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline failed
ci/woodpecker/pr/smoke-init Pipeline failed
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 19:15:50 +00:00
a87dcdf40b
Merge pull request 'chore: gardener housekeeping' ( #805 ) from chore/gardener-20260415-1816 into main
ci/woodpecker/push/ci Pipeline was successful
2026-04-15 18:23:21 +00:00
Claude
0937707fe5
chore: gardener housekeeping 2026-04-15
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-15 18:16:44 +00:00
Claude
e9a018db5c
fix: [nomad-prep] P0 — rename lib/vault.sh + vault/ to action-vault namespace ( #792 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 18:16:32 +00:00
Claude
539862679d
chore: gardener housekeeping 2026-04-15
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-15 10:07:41 +00:00
Claude
fd9ba028bc
chore: gardener housekeeping 2026-04-15
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-15 08:06:14 +00:00
Claude
0b4905af3d
chore: gardener housekeeping 2026-04-15
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-15 04:08:04 +00:00
Claude
32420c619d
chore: gardener housekeeping 2026-04-15
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-15 03:00:40 +00:00
Claude
5733a10858
chore: gardener housekeeping 2026-04-14
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-14 22:54:30 +00:00
Claude
de8243b93f
chore: gardener housekeeping 2026-04-14
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-14 20:24:38 +00:00
Claude
05bc926906
chore: gardener housekeeping 2026-04-13
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/pr/smoke-init Pipeline was successful
ci/woodpecker/push/ci Pipeline was successful
2026-04-13 11:36:50 +00:00
Claude
246ed9050d
chore: gardener housekeeping 2026-04-12
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-12 06:28:02 +00:00
Claude
0c4f00a86c
chore: gardener housekeeping 2026-04-12
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-12 05:19:57 +00:00
Claude
aeda17a601
chore: gardener housekeeping 2026-04-12
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-12 04:08:10 +00:00
Claude
0bc027a25a
chore: gardener housekeeping 2026-04-12
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-12 02:43:22 +00:00
Claude
30e19f71e2
fix: vision( #623 ): Forgejo OAuth gate for disinto-chat ( #708 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/pr/smoke-init Pipeline was successful
Gate /chat/* behind Forgejo OAuth2 authorization-code flow.
- Extract generic _create_forgejo_oauth_app() helper in lib/ci-setup.sh;
Woodpecker OAuth becomes a thin wrapper, chat gets its own app.
- bin/disinto init now creates TWO OAuth apps (woodpecker-ci + disinto-chat)
and writes CHAT_OAUTH_CLIENT_ID / CHAT_OAUTH_CLIENT_SECRET to .env.
- docker/chat/server.py: new routes /chat/login (→ Forgejo authorize),
/chat/oauth/callback (code→token exchange, user allowlist check, session
cookie). All other /chat/* routes require a valid session or redirect to
/chat/login. Session store is in-memory with 24h TTL.
- lib/generators.sh: pass FORGE_URL, CHAT_OAUTH_CLIENT_ID,
CHAT_OAUTH_CLIENT_SECRET, EDGE_TUNNEL_FQDN, DISINTO_CHAT_ALLOWED_USERS
to the chat container environment.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-12 01:52:16 +00:00
Claude
a8bf40d100
chore: gardener housekeeping 2026-04-12
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-12 01:16:08 +00:00
Claude
0cd20e8eea
chore: gardener housekeeping 2026-04-11
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-11 23:43:09 +00:00
Claude
9acd0a2bc4
chore: gardener housekeeping 2026-04-11
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-11 22:28:49 +00:00
Claude
eb3327d2c9
chore: gardener housekeeping 2026-04-11
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-11 20:45:04 +00:00
Claude
3f66defae9
docs: update lib/AGENTS.md for env.sh preconditions and load-project.sh container path changes ( #674 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/pr/smoke-init Pipeline was successful
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 13:39:18 +00:00
41f0210abf
docs: document Claude Code OAuth concurrency model and external flock rationale ( #637 )
...
ci/woodpecker/push/ci Pipeline was successful
## Summary
Adds `docs/CLAUDE-AUTH-CONCURRENCY.md` documenting why the external `flock` on `${HOME}/.claude/session.lock` in `lib/agent-sdk.sh` is load-bearing rather than belt-and-suspenders, and provides a decision matrix for adding new containers that run Claude Code.
Pure docs change. No code touched.
## Why
The factory runs N+1 concurrent Claude Code processes across containers (`disinto-agents` plus every transient container spawned by `docker/edge/dispatcher.sh`), all sharing `~/.claude` via bind mount. The historical "agents losing auth, frequent re-logins" issue that motivated the original `session.lock` flock is the OAuth refresh race — and the flock is the only thing currently protecting against it.
A reasonable assumption when looking at Claude Code is that its internal `proper-lockfile.lock(claudeDir)` (in `src/utils/auth.ts:1491` of the leaked TS source) handles the refresh race, making the external flock redundant. **It does not**, in our specific bind-mount layout. Empirically verified:
- `proper-lockfile` defaults to `<target>.lock` as a sibling file when no `lockfilePath` is given
- For `claudeDir = /home/agent/.claude`, the lock lands at `/home/agent/.claude.lock`
- `/home/agent/` is **not** bind-mounted in our setup — it is the container's local overlay filesystem
- Each container creates its own private `.claude.lock`, none shared
- Cross-container OAuth refresh race is therefore unprotected by Claude Code's internal lock
The external flock works because the lock file path `${HOME}/.claude/session.lock` is **inside** the bind-mounted directory, so all containers see the same inode.
This came up during design discussion of the chat container in #623 , where the temptation was to mount the existing `~/.claude` and skip the external flock for interactive responsiveness. The doc captures the analysis so future implementers don't take that shortcut.
## Changes
- New file: `docs/CLAUDE-AUTH-CONCURRENCY.md` (~135 lines): rationale, empirical evidence, decision matrix for new containers, pointer to the upstream fix
- `lib/AGENTS.md`: one-line **Concurrency** addendum to the `lib/agent-sdk.sh` row pointing at the new doc
## Test plan
- [ ] Markdown renders correctly in Forgejo
- [ ] Relative link from `lib/AGENTS.md` to `docs/CLAUDE-AUTH-CONCURRENCY.md` resolves (`../docs/CLAUDE-AUTH-CONCURRENCY.md`)
- [ ] Code references in the doc still match the current state of `lib/agent-sdk.sh:139,144` and `docker/agents/entrypoint.sh:119-125`
## Refs
- #623 — chat container, the issue this analysis was driven by; #623 has a comment with the same analysis pointing back here once merged
Co-authored-by: Claude <noreply@anthropic.com>
Reviewed-on: #637
Co-authored-by: dev-bot <dev-bot@disinto.local>
Co-committed-by: dev-bot <dev-bot@disinto.local>
2026-04-10 18:01:18 +00:00
Claude
f0c3c773ff
fix: tech-debt: sweep cron-isms from code comments, helpers, lib, and public site copy ( #548 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/pr/smoke-init Pipeline was successful
- Rename acquire_cron_lock → acquire_run_lock in lib/formula-session.sh
and all five *-run.sh call sites
- Update all *-run.sh file headers: "Cron wrapper" → "Polling-loop wrapper"
- Rewrite docs/updating-factory.md: replace crontab check with pgrep,
replace "Crontab empty after restart" section with polling-loop equivalent
- Update docs/EVAL-MCP-SERVER.md to reflect polling-loop reality
- Update lib/guard.sh, lib/AGENTS.md, lib/ci-setup.sh comments
- Update formulas/*.toml comments (cron → polling loop)
- Update dev/dev-poll.sh usage comment
- Update tests/smoke-init.sh to handle compose vs bare-metal scheduling
- Update .woodpecker/agent-smoke.sh comments
- Update site HTML: architecture.html, quickstart.html, index.html
- Clarify _install_cron_impl is bare-metal only (compose uses polling loop)
- Keep site/collect-engagement.sh and site/collect-metrics.sh cron refs
(genuinely cron-driven on the website host, separate from factory loop)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 08:54:11 +00:00
Claude
46a87c5798
fix: correct lib/AGENTS.md — Forgejo image tag 11.0, OPS_REPO_ROOT variable name
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-09 14:33:40 +00:00
Claude
6971371e27
chore: gardener housekeeping 2026-04-09
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-09 14:24:52 +00:00
Claude
7c688bc196
chore: gardener housekeeping 2026-04-09
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-09 06:02:34 +00:00
Claude
faaaeb0a1f
chore: gardener housekeeping 2026-04-09
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-09 00:05:31 +00:00
Claude
93efc6e435
fix: correct migrate_ops_repo caller in lib/AGENTS.md
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-08 18:13:08 +00:00
Claude
887bc7bbea
chore: gardener housekeeping 2026-04-08
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline failed
2026-04-08 18:02:36 +00:00
Claude
d341acee2a
fix: correct ops-setup.sh evidence subdirs in lib/AGENTS.md
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-08 12:22:13 +00:00
Claude
fe1ef3d5ef
chore: gardener housekeeping 2026-04-08
2026-04-08 12:22:13 +00:00
Claude
514de48f58
chore: gardener housekeeping 2026-04-07
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-07 18:05:41 +00:00
Claude
6d0eaf2687
chore: gardener housekeeping 2026-04-07
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-07 12:04:45 +00:00
Claude
4aa824c203
chore: gardener housekeeping 2026-04-07
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-07 06:01:36 +00:00
Claude
b7bba15037
chore: gardener housekeeping 2026-04-07
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-07 00:05:33 +00:00
Claude
b21408e668
chore: gardener housekeeping 2026-04-06
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-06 18:06:28 +00:00
Claude
b1695d8329
chore: gardener housekeeping 2026-04-06
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-06 12:05:35 +00:00
Agent
7ad1c63de3
fix: chore: remove dead tmux-based session code (agent-session.sh, phase-handler.sh) ( #262 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
- Delete lib/agent-session.sh (entirely dead file with no active callers)
- Delete dev/phase-handler.sh (entirely dead file with no active callers)
- Update lib/formula-session.sh to remove tmux-based functions:
- Removed: start_formula_session, run_formula_and_monitor, formula_phase_callback,
write_compact_context, remove_formula_worktree, cleanup_stale_crashed_worktrees
- Kept utility functions: acquire_cron_lock, check_memory, load_formula,
profile_write_journal, formula_prepare_profile_context, build_graph_section, etc.
- Update dev/phase-test.sh to inline read_phase() function (no longer sources agent-session.sh)
- Update documentation: AGENTS.md, lib/AGENTS.md, dev/AGENTS.md, .woodpecker/agent-smoke.sh,
docs/PHASE-PROTOCOL.md, lib/pr-lifecycle.sh
- All 38 phase tests pass
2026-04-05 22:25:53 +00:00
Claude
3351bf06f0
chore: gardener housekeeping 2026-04-05
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-05 18:04:54 +00:00
Claude
3950c7fb8f
chore: gardener housekeeping 2026-04-05
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-04-05 13:40:45 +00:00
Agent
a2d5d71c04
fix: feat: CI log access — disinto ci-logs + dev-agent CI failure context ( #136 )
ci/woodpecker/pr/ci Pipeline was successful
ci/woodpecker/push/ci Pipeline was successful
2026-04-02 08:20:21 +00:00
Agent
657b8aff36
fix: feat: lib/vault.sh — helper for agents to create vault PRs on ops repo ( #75 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-03-31 21:33:16 +00:00
Agent
aad21dc084
fix: chore: tear down old vault scripts — prepare for PR-based vault ( #73 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-03-31 20:38:05 +00:00
Agent
dc545a817b
fix: chore(26a): delete action-agent.sh, action-poll.sh, and action/AGENTS.md ( #65 )
...
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
- Delete action/ directory and all its contents
- Remove action-bot from bin/disinto bot token mapping and collaborator lists
- Remove FORGE_ACTION_TOKEN from lib/env.sh and .env.example
- Remove action-bot from FORGE_BOT_USERNAMES in lib/env.sh and .env.example
- Update .woodpecker/agent-smoke.sh to remove action script checks
- Update AGENTS.md: remove action agent from description and table
- Update lib/AGENTS.md: remove action-agent references from sourced by columns
- Update docs/PHASE-PROTOCOL.md: remove action-agent reference
- Update docs/AGENT-DESIGN.md: remove action-agent from agent table
- Update planner/AGENTS.md: update action formula execution reference
- Update README.md: update formula-driven execution reference
Part of #26 — retire action-agent system.
2026-03-31 19:42:25 +00:00
Agent
4bcd2c275b
fix: refactor: rename vault-runner → runner and vault-run → run ( #43 )
ci/woodpecker/push/ci Pipeline was successful
ci/woodpecker/pr/ci Pipeline was successful
2026-03-29 12:43:18 +00:00
openhands
c5c24cda67
fix: Extract lib/worktree.sh — create, recover, cleanup ( #797 )
...
Extract reusable worktree management into lib/worktree.sh:
- worktree_create: git worktree add + checkout + submodules
- worktree_recover: detect existing worktree, reuse or recreate
- worktree_cleanup: remove worktree + clear Claude Code project cache
- worktree_cleanup_stale: scan /tmp for orphaned worktrees, skip preserved
- worktree_preserve: mark worktree for debugging (skip stale cleanup)
Update callers:
- dev-agent.sh: use worktree_create/worktree_recover/worktree_cleanup
- action-agent.sh: use worktree_cleanup/worktree_preserve
- formula-session.sh: delegate cleanup_stale_crashed_worktrees, use worktree_preserve
- All formula agents source lib/worktree.sh
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 19:06:31 +00:00
