core/cli
8
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions 1
cli/pkg
History
Snider cf63e0d2f7 Secure SSH, fix CI auto-merge, and resolve merge conflicts 
This commit addresses the OWASP security audit by enforcing strict host key
verification and resolves persistent CI issues.

Security Changes:
- Replaced StrictHostKeyChecking=accept-new with yes in pkg/container and devops.
- Removed insecure host key verification from pkg/ansible.
- Implemented synchronous host key discovery using ssh-keyscan during VM boot.
- Updated Boot lifecycle to wait for host key verification.
- Handled missing known_hosts file in pkg/ansible.
- Refactored hardcoded SSH port to DefaultSSHPort constant.

CI and Maintenance:
- Fixed auto-merge.yml by inlining the script and adding repository context
  to 'gh' command, resolving the "not a git repository" error in CI.
- Resolved merge conflicts in .github/workflows/auto-merge.yml with dev branch.
- Added pkg/ansible/ssh_test.go for SSH client verification.
- Fixed formatting in pkg/io/local/client.go to pass QA checks.
2026-02-05 03:40:28 +00:00
..
agentic feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
ai feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
ansible Secure SSH commands and fix auto-merge CI failure 2026-02-05 03:26:50 +00:00
build Migrate pkg/build to io.Medium abstraction (#287) 2026-02-04 17:59:10 +00:00
cache chore(io): migrate pkg/cache to Medium abstraction (#288) 2026-02-04 15:15:46 +00:00
cli Migrate pkg/repos to Medium abstraction (#291) 2026-02-04 18:03:54 +00:00
collect feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
config feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
container Remove StrictHostKeyChecking=no and implement proper host key verification 2026-02-04 18:23:29 +00:00
crypt feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
deploy feat: wire release command, add tar.xz support, unified installers (#277) 2026-02-04 00:49:57 +00:00
devops Remove StrictHostKeyChecking=no and implement proper host key verification 2026-02-04 18:23:29 +00:00
errors feat(errors): Unify errors and logging (#180) 2026-02-02 06:48:40 +00:00
framework refactor(core): decompose Core into serviceManager + messageBus (#282) 2026-02-04 13:40:16 +00:00
git feat: git command, build improvements, and go fmt git-aware (#74) 2026-02-01 10:48:44 +00:00
gitea Secure SSH, fix CI auto-merge, and resolve merge conflicts 2026-02-05 03:40:28 +00:00
help feat: Batch implementation of Gemini issues (#176) 2026-02-02 04:20:18 +00:00
i18n feat: wire release command, add tar.xz support, unified installers (#277) 2026-02-04 00:49:57 +00:00
io Remove StrictHostKeyChecking=no and implement proper host key verification 2026-02-04 18:29:32 +00:00
log feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
mcp feat(io): Migrate pkg/mcp to use Medium abstraction (#289) 2026-02-04 15:02:47 +00:00
plugin feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
process feat: infrastructure packages and lint cleanup (#281) 2026-02-04 11:34:43 +00:00
rag style: fix gofmt formatting across all affected files (#279) 2026-02-04 01:27:01 +00:00
release Migrate pkg/build to io.Medium abstraction (#287) 2026-02-04 17:59:10 +00:00
repos Migrate pkg/repos to Medium abstraction (#291) 2026-02-04 18:03:54 +00:00
unifi Secure SSH, fix CI auto-merge, and resolve merge conflicts 2026-02-05 03:40:28 +00:00