Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
75 commits
Select commit Hold shift + click to select a range
8e67da6
DS-5676: Added skills for api, browser and mcp monitors
Gary-Darnell May 28, 2026
3f1ba91
DS-5676: Updated skills and added skills into the binary
Gary-Darnell May 28, 2026
3b5f88b
DS-5676: Added more detail for monitor creation, got passed issue of …
Gary-Darnell May 29, 2026
7eccf08
DS-5676: Caught error in project show skill
Gary-Darnell May 29, 2026
46417bb
DS-5672: Add quality check workflow for PRs
rujames Jun 3, 2026
d7fe844
DS-5672: Fix/tidy existing unit tests
rujames Jun 3, 2026
1d5715e
Merge pull request #7 from APImetrics/DS-5672-set-up-ci-build-and-tes…
rujames Jun 3, 2026
5f543ae
Fix skill command syntax and update result polling
Gary-Darnell Jun 4, 2026
a96a758
DS-5672: Add release workflow with GitHub publish
rujames Jun 4, 2026
52b9843
DS-5672: Publish to GCS
rujames Jun 4, 2026
e0e565d
Add Apple signing to release flow
ndenny Jun 4, 2026
7a1b13c
Improve macOS signing workflow: boolean inputs, keychain/path fixes, …
ndenny Jun 4, 2026
1f031e1
Switch mac signing job to artifact handoff instead of rerunning full …
ndenny Jun 4, 2026
0511599
Address latest PR workflow review comments
ndenny Jun 4, 2026
eb933a2
Fix snapshot guards and draft->finalize release flow
ndenny Jun 4, 2026
1829c80
Address PR review: notarization, dispatch guard, step outputs, remove…
ndenny Jun 5, 2026
7c89df3
Skip cert import during snapshot runs
ndenny Jun 5, 2026
fbd63c3
Address code review: job guard, secret env var, mktemp leak
ndenny Jun 5, 2026
409c881
Clean up redundant snapshot guards and input interpolation
ndenny Jun 5, 2026
dcb35f0
Defer GCS upload until after macOS signing (Option B)
ndenny Jun 5, 2026
281d982
Add pre-flight check for GCP credentials on tag releases
ndenny Jun 5, 2026
89affda
DS-5672: Harden release workflow and add Homebrew tap
ndenny Jun 5, 2026
4b2300e
DS-5672: Fix Homebrew publish — token and execution path
ndenny Jun 5, 2026
3a8c63d
DS-5672: Replace HOMEBREW_TAP_GITHUB_TOKEN PAT with GitHub App token
ndenny Jun 5, 2026
1c2c631
DS-5672: Add RELEASING.md with infrastructure setup guide
ndenny Jun 5, 2026
82c6db6
DS-5672: Fix goreleaser command in Publish Homebrew formula step
Copilot Jun 5, 2026
8cd9b31
DS-5672: Fix goreleaser skip flags, add setup-gcloud, clarify PEM secret
ndenny Jun 5, 2026
a10d44a
DS-5672: Fix YAML syntax error in artifacts.json patch step
ndenny Jun 5, 2026
d92f1f9
Merge pull request #10 from APImetrics/DS-5672-release-workflow-harde…
ndenny Jun 5, 2026
6926703
DS-5672: Remove unused WIF auth from Linux job; make release creation…
ndenny Jun 5, 2026
13c0ae2
DS-5672: Fix Homebrew publish; remove dead goreleaser blobs/brews config
ndenny Jun 5, 2026
5abf68a
DS-5672: Fix stale comments and add defensive homebrew skip for snapshot
ndenny Jun 5, 2026
191d8de
DS-5672: Address code review issues in macOS signing step
ndenny Jun 5, 2026
4a1137a
DS-5672: Address code review issues in macOS signing step
ndenny Jun 5, 2026
be98544
DS-5672: Exclude darwin archives from Linux job GitHub release upload
ndenny Jun 5, 2026
95ab544
Update macOS signing workflow to use production workload identity sec…
ndenny Jun 5, 2026
07e26cf
Add WinGet publishing to release workflow
ndenny Jun 5, 2026
f7cd642
DS-5672: Fix winget step idempotency and add first-run comment
ndenny Jun 5, 2026
4ee222a
Update docs per Code Review
ndenny Jun 6, 2026
af9f909
DS-5672: Guard winget job against draft releases; clarify PAT docs
ndenny Jun 6, 2026
62e9a74
DS-5672: Use GCS URLs for Homebrew and WinGet artifacts
ndenny Jun 6, 2026
f1c0149
DS-5672: Upload Linux/Windows artifacts to GCS regardless of Apple si…
ndenny Jun 6, 2026
14cdbce
DS-5672: Fix gh release view missing --repo in winget job
ndenny Jun 6, 2026
b8e3a70
DS-5672: Fix winget job — switch to Windows runner, download exe dire…
ndenny Jun 6, 2026
1f56d53
DS-5672: Fix set -e in release check; defer checksums.txt to signed u…
ndenny Jun 6, 2026
4defe65
Merge pull request #11 from APImetrics/add-winget-publishing
ndenny Jun 6, 2026
21afd77
Merge pull request #6 from APImetrics/DS-5676-add-an-apimetrics-skill…
Gary-Darnell Jun 9, 2026
d0b4850
Update winget package publisher name
ndenny Jun 10, 2026
3f17ac7
DS-5707: Replace README.md with relevant usage instructions
rujames Jun 10, 2026
803d2fc
Merge pull request #12 from APImetrics/DS-5707-replace-restish-readme
rujames Jun 10, 2026
fde971a
Merge pull request #9 from APImetrics/add-apple-signing-to-release-flow
ndenny Jun 10, 2026
375956c
Add welcome message
ndenny Jun 11, 2026
91e2108
Add configuration files for production and QC environments; update ma…
ndenny Jun 12, 2026
afe05a4
Formatting
ndenny Jun 12, 2026
b6ef104
Formatting
ndenny Jun 12, 2026
73094ef
Switch to QC CLI Auth0 client
ndenny Jun 12, 2026
ad6be21
Add dev build for testing locally
ndenny Jun 12, 2026
d1df249
Add styling to auth pages
ndenny Jun 12, 2026
61f141d
Restrict prod releases to main or main-* branches
ndenny Jun 12, 2026
393849a
Fix go vet: redundant newline in Fprintln banner
ndenny Jun 12, 2026
f06c1aa
Move goreleaser configs out of gitignored dist/
ndenny Jun 12, 2026
33b322d
Gate browser prompt on stdin being a TTY
ndenny Jun 12, 2026
3a000bc
Escape OAuth error params and harden release branch check
ndenny Jun 12, 2026
cfbd5d9
Build QC artifacts on snapshot dispatch and attach them
ndenny Jun 12, 2026
d0e78f6
Upload QC snapshot assets individually
ndenny Jun 12, 2026
5d2cb78
Sign macOS builds in snapshot mode and upload them as assets
ndenny Jun 12, 2026
6a158ac
Make develop builds sign-only (no notarization)
ndenny Jun 12, 2026
20e3e93
Merge pull request #13 from APImetrics/add-welcome-message
ndenny Jun 15, 2026
bd5247b
Merge pull request #14 from APImetrics/add-prod-build
ndenny Jun 15, 2026
2c56067
Use github release assets instead of GCS
ndenny Jul 6, 2026
e300115
Potential fix for pull request finding
ndenny Jul 6, 2026
31d7d85
Merge pull request #15 from APImetrics/change-build-to-use-github-rel…
ndenny Jul 7, 2026
032e1e2
Enhance README with documentation and attribution
ndenny Jul 9, 2026
c5746ee
Add install docs and support info
ndenny Jul 9, 2026
9697405
Merge pull request #17 from APImetrics/ndenny-patch-1
ndenny Jul 10, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
173 changes: 173 additions & 0 deletions .github/workflows/develop.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,173 @@
name: Develop Build

on:
push:
branches:
- develop

permissions:
contents: read

jobs:
build:
name: Build QC artifacts
runs-on: ubuntu-latest
timeout-minutes: 60

steps:
- name: Check out repository
uses: actions/checkout@v5
with:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v6
with:
go-version-file: go.mod
cache: true

- name: Run GoReleaser (all platforms, unsigned)
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
docker run --rm \
-v "${PWD}:/workspace" \
-w /workspace \
-e GITHUB_TOKEN \
ghcr.io/goreleaser/goreleaser-cross:v1.25-v2.12.7 \
release --snapshot --config .goreleaser/config-qc.yaml --clean --parallelism 2

- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: qc-artifacts-${{ github.run_number }}
if-no-files-found: error
path: |
dist/*.tar.gz
dist/*.zip
dist/checksums.txt
dist/artifacts.json
dist/metadata.json

sign-macos:
name: Sign macOS artifacts
runs-on: macos-latest
needs: build
timeout-minutes: 30

steps:
- name: Check out repository
uses: actions/checkout@v5

- name: Check for Apple signing secrets
id: secrets_check
env:
APPLE_CERT_P12: ${{ secrets.APPLE_CERT_P12 }}
run: |
if [ -n "$APPLE_CERT_P12" ]; then
echo "has_signing_cert=true" >> "$GITHUB_OUTPUT"
else
echo "has_signing_cert=false" >> "$GITHUB_OUTPUT"
echo "::warning::APPLE_CERT_P12 not configured — skipping Apple code signing."
fi

- name: Import Apple certificate
if: ${{ steps.secrets_check.outputs.has_signing_cert == 'true' }}
env:
APPLE_CERT_P12: ${{ secrets.APPLE_CERT_P12 }}
APPLE_CERT_PASSWORD: ${{ secrets.APPLE_CERT_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
set -e
for var_name in APPLE_CERT_PASSWORD KEYCHAIN_PASSWORD; do
if [ -z "${!var_name}" ]; then
echo "::error::$var_name is required when APPLE_CERT_P12 is configured."
exit 1
fi
done

printf '%s' "$APPLE_CERT_P12" | base64 -D > cert.p12

KEYCHAIN_PATH="$RUNNER_TEMP/build.keychain-db"
security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH"
security import cert.p12 -k "$KEYCHAIN_PATH" -P "$APPLE_CERT_PASSWORD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
security list-keychains -d user -s "$KEYCHAIN_PATH" $(security list-keychains -d user | tr -d '"' | xargs)

- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: qc-artifacts-${{ github.run_number }}
path: dist

- name: Sign macOS artifacts
if: ${{ steps.secrets_check.outputs.has_signing_cert == 'true' }}
env:
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
KEYCHAIN_PATH: ${{ runner.temp }}/build.keychain-db
run: |
set -e
if [ -z "$APPLE_SIGNING_IDENTITY" ]; then
echo "::error::APPLE_SIGNING_IDENTITY is required for signing."
exit 1
fi
if [ ! -f dist/checksums.txt ]; then
echo "::error::dist/checksums.txt not found."
exit 1
fi

for archive in dist/*-darwin-*.tar.gz; do
[ -f "$archive" ] || continue
tmpdir="$(mktemp -d)"
orig_members=$(tar -tzf "$archive")
tar -xzf "$archive" -C "$tmpdir"

while IFS= read -r -d '' bin; do
codesign --force --options runtime --timestamp \
--keychain "$KEYCHAIN_PATH" \
--sign "$APPLE_SIGNING_IDENTITY" "$bin"
codesign --verify --deep --strict "$bin"
done < <(find "$tmpdir" -type f -perm -111 -print0)

# shellcheck disable=SC2086
tar -czf "${archive}.signed" -C "$tmpdir" $orig_members
mv "${archive}.signed" "$archive"
rm -rf "$tmpdir"

filename="$(basename "$archive")"
sha="$(shasum -a 256 "$archive" | awk '{print $1}')"
grep -v " $filename\$" dist/checksums.txt > dist/checksums.new || true
printf "%s %s\n" "$sha" "$filename" >> dist/checksums.new
mv dist/checksums.new dist/checksums.txt

PATCH_NAME="$filename" PATCH_SHA="$sha" python3 << 'PYEOF'
import json, os
data = json.load(open('dist/artifacts.json'))
name = os.environ['PATCH_NAME']
checksum = os.environ['PATCH_SHA']
for a in data:
if a.get('name') == name:
a.setdefault('extra', {})['Checksum'] = 'sha256:' + checksum
with open('dist/artifacts.json', 'w') as f:
json.dump(data, f, indent=2)
PYEOF
done

- name: Upload signed macOS artifacts
if: ${{ steps.secrets_check.outputs.has_signing_cert == 'true' }}
uses: actions/upload-artifact@v4
with:
name: qc-artifacts-macos-signed-${{ github.run_number }}
if-no-files-found: error
path: |
dist/*-darwin-amd64.tar.gz
dist/*-darwin-arm64.tar.gz
dist/checksums.txt

- name: Clean up keychain and cert
if: always()
run: |
security delete-keychain "$RUNNER_TEMP/build.keychain-db" 2>/dev/null || true
rm -f cert.p12
32 changes: 32 additions & 0 deletions .github/workflows/quality.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Quality Checks

on: pull_request

permissions:
contents: read
issues: read
checks: write
pull-requests: write

jobs:
test:
name: Verify build and run unit tests
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v5

- name: Set up Go
uses: actions/setup-go@v6
with:
go-version-file: go.mod
cache: true

- name: Download modules
run: go mod download

- name: Verify build
run: go build

- name: Run tests
run: go test ./...
Loading
Loading