wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity
1,094 Commits 194 Branches 2 Tags
3ed52b0424d75b626510bc975031c9e9505fa6dc
Commit Graph

10 Commits

Author SHA1 Message Date
OG T
34f0228d92 fix(executor): K8s ClusterIP 10.43.0.1 不可達 — 加 K8S_API_SERVER_URL 覆蓋 + migration job
All checks were successful
CD Pipeline / build-and-deploy (push) Successful in 12m0s
Details 
問題: in-cluster config 讀到 10.43.0.1:443,但 K3s Pod 內 iptables/kube-proxy
      沒把流量導到實際 API server,導致 Connection refused,批准後 kubectl 永遠失敗

修復:
- executor.py: load_incluster_config() 後讀 K8S_API_SERVER_URL env 覆蓋 host
- 04-configmap.yaml: 設 K8S_API_SERVER_URL=https://192.168.0.120:6443
- migrate-sprint5r-telegram-message-id.yaml: approval_records 新增兩欄 migration job

E2E 驗證: kubectl rollout restart deployment/awoooi-worker success=True 

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-09 19:10:27 +08:00
OG T
8e2d7c3706 feat(api): Phase 18.2 FailureWatcher 失敗自動修復閉環
All checks were successful
E2E Health Check / e2e-health (push) Successful in 17s
Details 
2026-03-31 Claude Code (統帥批准)

新增:
- IFailureWatcher Protocol (interfaces.py)
- FailureWatcherService 失敗監聽服務
  - AI 分析失敗原因 (規則引擎 + LLM 深度分析)
  - 風險等級評估 (LOW/MEDIUM/CRITICAL)
  - LOW 風險自動修復 (Phase 18.3 實際執行)
  - MEDIUM/CRITICAL 推送 Telegram 請求授權

整合:
- executor._write_audit_log() 失敗時觸發 FailureWatcher
- 失敗分類寫入 AuditLog.failure_classification
- 自動修復結果寫入 AuditLog.auto_repair_result

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-31 12:01:56 +08:00
OG T
749b8bc554 fix(api): 修復時區 import 排序與未使用變數 lint 錯誤 
- 修正 import 順序 (standard → third-party → local)
- 修復 datetime/timedelta 未定義錯誤
- 移除未使用的 imports

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-25 09:26:58 +08:00
OG T
2a2dac865a feat(api): 統一使用台北時區 UTC+8 (禁止 UTC) 
- 新增 src/utils/timezone.py 時區工具函式
- 修改 11 個後端檔案,全部改用 now_taipei()
- 更新 HARD_RULES.md 加入時區鐵律章節
- 更新 Skills 02/04 加入時區禁令

🔴 HARD RULE: 禁止 datetime.utcnow() / datetime.now(UTC)
 正確做法: from src.utils.timezone import now_taipei

Memory: feedback_timezone_taipei.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-25 09:08:34 +08:00
OG T
4f1c8ae473 fix(ci): Resolve Python and TypeScript lint errors 
- Fix 35 Python ruff errors (B904, F841, E722, E741, B007, B008)
- Add eslint config for lewooogo-core package
- Update pyproject.toml to new ruff lint config format
- Relax frontend eslint rules to warnings for unused vars
- Allow console.* for debugging (TODO: unified logger)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-24 09:20:56 +08:00
OG T
6f049877fc fix(lint): ruff auto-fix + lewooogo-core src 加入 git 
- Python: ruff --fix 修復 280 個 lint 錯誤
- lewooogo-core: src/ 目錄未追蹤,導致 CI eslint 失敗

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-23 23:51:37 +08:00
OG T
7478dc0254 feat(phase6-9): Complete modular architecture and Agent Teams 
Phase 6.4 - Modular Architecture:
- Add lewooogo-brain adapters for LLM providers
- Add lewooogo-data dual memory (Redis + PostgreSQL)
- Implement consensus engine for multi-agent decisions
- Add incident memory service for historical context

Phase 9 - Agent Teams (Claude Agent SDK):
- Add base agent class with Claude Sonnet 4 integration
- Implement action planner, blast radius, and security agents
- Add agent API endpoints and proposal workflow
- Integrate ADR-009 OpenClaw Agent Teams architecture

DevOps & CI/CD:
- Add GitHub Actions CI/CD workflows (ci.yaml, cd.yaml)
- Add pre-commit hooks and secrets baseline
- Add docker-compose for local development
- Update Kubernetes network policies

Frontend Improvements:
- Add auto-healing error boundary component
- Update i18n messages for agent features
- Enhance dual-state incident card with execution feedback

Documentation:
- Add 7 ADRs covering MCP, design system, architecture decisions
- Update ARCHITECTURE_MEMORY.md with modular design
- Add GLOBAL_RULES.md and SOUL.md for project identity

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-23 18:40:36 +08:00
OG T
6eccb45757 fix(api): Use in-cluster K8s config for executor in K8s pods 
- Try load_incluster_config() first (for pods running in K8s)
- Fallback to kubeconfig file (for local development)
- Fixes "K8s connection not available" error in production

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-23 14:45:58 +08:00
OG T
eee4ab9b36 feat(api): Phase 6.6 implement k8s execution engine with subprocess 
ActionExecutor enhancements:
- Add execute_kubectl_command() using asyncio.create_subprocess_shell
- Security: Only kubectl commands allowed, forbidden patterns blocked
- Shadow Mode: Simulate execution without actual kubectl calls
- Capture stdout/stderr with PIPE, handle timeout gracefully

New execute_approved_proposal() function:
- Background task entry point for approved proposals
- Read approval from Redis/DB, verify status='approved'
- Extract kubectl_command from metadata
- Execute via execute_kubectl_command()
- Update status to 'executed' or 'failed' with execution_log

Security guardrails:
- Forbid delete namespace/ns, rm -rf, drop database
- Forbid batch deletion patterns
- 60 second default timeout

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-23 12:46:47 +08:00
OG T
196d269b92 feat: add all application source code 
- apps/api: FastAPI backend with Dockerfile
- apps/web: Next.js frontend with Dockerfile
- apps/sensor: Signal collection agent
- packages: shared packages

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-03-22 18:57:44 +08:00