circus

Author	SHA1	Message	Date
NotAShelf	f812ca50b3	chore: bump dependencies; add clippy config Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I7e4d1b531e6d9f1fa824707a95fb3f2e6a6a6964	2026-02-28 12:18:22 +03:00
NotAShelf	0ca92f2710	treewide: address all clippy lints Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I5cf55cc4cb558c3f9f764c71224e87176a6a6964	2026-02-28 12:18:21 +03:00
NotAShelf	967d51e867	docs: finalize REST API status in comparison doc Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I438e2416b03104a71c935752c34f81ad6a6a6964	2026-02-28 12:18:20 +03:00
NotAShelf	6f5ad09748	chore: format formatter files with toml formatter Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I857fd75519bfca8221670598d0ff9d9e6a6a6964	2026-02-28 12:18:19 +03:00
NotAShelf	21446c6dcb	fc-queue-runner: implement persistent notification retry queue with exponential backoff Adds a `notification_tasks` table and a background worker to (hopefully reliably) deliver webhooks, git status updates, and e-mail notifications with automatic retry on transient failures. This was one of the critical gaps, finally done. Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I794967c66958658c4d8aed40793d67f96a6a6964	2026-02-28 12:18:18 +03:00
NotAShelf	3807293eb7	chore: update security updates in example config Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I2b2eee2f6f8b2e939d0c080fb37f0bb76a6a6964	2026-02-28 12:18:17 +03:00
NotAShelf	d0ffa5d9e5	fc-server: implent proper rate limiting with token bucket algorithm; fix `rate_limit_rps` Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I68237ff6216337eba1afa8e8606d545b6a6a6964	2026-02-28 12:18:16 +03:00
NotAShelf	754f5afb6d	flake: bump inputs Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I0b44f21e9fb8a087904a64448c358cdd6a6a6964	2026-02-28 12:18:15 +03:00
NotAShelf	d541b7ebbf	nix: simplify tests Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I02126573ee9573fd7a1e5a12e42dd02d6a6a6964	2026-02-28 12:18:14 +03:00
NotAShelf	e7425e0abf	fc-common: consolidate database migrations; simplify Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ia808d76241cec6e8760d87443bb0dc976a6a6964	2026-02-28 12:18:13 +03:00
NotAShelf	757feae90d	nix: specify dialect for sql-formatter Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I9063b87884055a4dc430c62929d70b676a6a6964	2026-02-28 12:18:12 +03:00
NotAShelf	170de90c7e	nix: bump inputs; add sql-format to formatter Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I2f5630aa3fd32023cd74eb10fc3ba2e66a6a6964	2026-02-28 12:18:11 +03:00
NotAShelf	9dde82d46f	nix: add tests for channel tarballs and gc pinning Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ifb9d95d5206b7b1cf23fa3d5aaf9d0db6a6a6964	2026-02-28 12:18:10 +03:00
NotAShelf	78ad3d2039	chore: bump deps Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I0d54123dae616791c8bff4e224acc12e6a6a6964	2026-02-28 12:18:09 +03:00
NotAShelf	bc075941dd	nix: add `keepNr` option to NixOS module Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ic7cca953d1e6a23cfed2d1b4e9d51bc76a6a6964	2026-02-28 12:18:08 +03:00
NotAShelf	23a4a8e348	fc-common: format Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I946272ee6563f5bca0844c5a25ba08f66a6a6964	2026-02-28 12:18:07 +03:00
NotAShelf	015360ffcf	fc-queue-runner: integrate GC pinning and machine health tracking `gc_loop` queries pinned build IDs before cleanup. `try_remote_build` calls `record_success`/`record_failure` per builder. Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ia8e20ead3c83b78d787dba518c382f9a6a6a6964	2026-02-28 12:18:06 +03:00
NotAShelf	5410fdc044	fc-server: add keep flag toggle and `nixexprs.tar.xz` channel endpoint Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I3411f76548f8061e835631a7928f899d6a6a6964	2026-02-28 12:18:05 +03:00
NotAShelf	5b472a2f57	fc-common: add GC pinning and machine health infrastructure Migration 017 adds `builds.keep`, `jobsets.keep_nr`, and health tracking columns to `remote_builders`. Repo layer implements `set_keep`, `list_pinned_ids`, `record_failure` with exponential backoff, `record_success`, and `find_for_system` filtering of disabled builders. GC root cleanup now skips pinned builds. Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ibba121de3dc42f71204e3a8f5776aa8b6a6a6964	2026-02-28 12:18:04 +03:00
NotAShelf	25699e5e97	queue-runner: make fair-share assertion unconditional Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: If983d379a5a369c547dff61b57f3a9a36a6a6964	2026-02-28 12:18:03 +03:00
NotAShelf	3716a34972	fc-queue-runner: plumb `worker_count` into fair-share scheduling Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I1f7f295bd7c2cbf46b64b22a3417ccc06a6a6964	2026-02-28 12:18:02 +03:00
NotAShelf	4100ac54c2	fc-common: implement deficit-based fair-share scheduling in `list_pending` Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ic1345cfdf712aa6ee6f0eeae45b3e62b6a6a6964	2026-02-28 12:17:51 +03:00
NotAShelf	8cfc4c30ca	docs: fix incorrect mermaid render Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ia0a9aaa5a2e83e5d9ba2cbdce6922c926a6a6964	2026-02-16 23:42:47 +03:00
NotAShelf	0590b6c720	fc-queue-runner: add per-build cancellation tests Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: If9c4840d87615ab0d6cf81281583aa096a6a6964	2026-02-16 23:42:46 +03:00
NotAShelf	f8586a7f3c	fc-queue-runner: implement per-build cancellation via `CancellationToken` Adds an `ActiveBuild` registry (DashMap of `<Uuid, CancellationToken>`) to `WorkerPool` and get `dispatch()` to create a per-build token to race `run_build` against it via Tokio's `select!`. The `cancel_checker_loop` then polls the DB every N seconds (currently 2) for builds cancelled while running, and triggers their tokens. Existing `kill_on_drop(true) on `nix build` processes handles subprocess cleanup when the future is dropped. Thank you past me for your insight. Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ic8af58e92972c7d5d104d9c717e9217d6a6a6964	2026-02-16 23:42:45 +03:00
NotAShelf	d401177902	fc-common: add `get_cancelled_among` query for cancel-checker polling Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Iabc5fc932c8d7f1d19a80a27965524136a6a6964	2026-02-16 23:42:44 +03:00
NotAShelf	0d7d090950	nix/demo-vm: remove useless MOTD Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ib80e6f2a568d7bfe7d7e7efc92f56f966a6a6964	2026-02-16 23:42:43 +03:00
NotAShelf	9efba1bbc7	fc-queue-runner: integrate failed paths cache in build dispatch Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I418f007368916de1320dd56f425a5d8f6a6a6964	2026-02-16 23:42:42 +03:00
NotAShelf	65a6fd853d	fc-common: add failed paths cache infrastructure Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I35f9bfb044160151cf73c43ed9ada3476a6a6964	2026-02-16 23:42:41 +03:00
NotAShelf	4c56b192f0	fc-common: fix `BuildStatus` sqlx rename to snake_case Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I00434e0156b3dc1dfd26699e4b103bd46a6a6964	2026-02-16 23:42:40 +03:00
NotAShelf	235c9834b7	fc-evaulator: allow fail-fast behaviour Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I1da41766f1c499347279c41f2316f4376a6a6964	2026-02-16 23:42:39 +03:00
NotAShelf	49638d5d14	fc-queue-runner: use LISTEN/NOTIFY for reactive wakeups Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I3b6f0f5eff05caf7a04a9da7de8b558f6a6a6964	2026-02-16 23:42:38 +03:00
NotAShelf	edaf4313e9	fc-evaluator: use LISTEN/NOTIFY for reactive wakeups Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ibee7506a9a5ffa008c41fae8e9758db66a6a6964	2026-02-16 23:42:37 +03:00
NotAShelf	e274389d12	fc-common: add PostgreSQL LISTEN/NOTIFY infrastructure Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Iffdb2fa758825e8c5d5791bf4fb15c8e6a6a6964	2026-02-16 23:42:36 +03:00
NotAShelf	541cd7832f	treewide: replace `BuildStatus::Completed` with `BuildStatus::Succeeded` Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I965dfaca211f9fde527a84a54ae972576a6a6964	2026-02-16 23:42:21 +03:00
NotAShelf	f6fcf49aa7	tests: replace `BuildStatus::Completed` with `BuildStatus::Succeeded` Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ia12f816c203d6ce51485788d0414894f6a6a6964	2026-02-16 13:02:27 +03:00
NotAShelf	7378d618b1	fc-server: update web UI to display extended build statuses Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I8cf767e7ed34153eedf6d1fd56a6c2016a6a6964	2026-02-16 13:02:26 +03:00
NotAShelf	85970e249c	fc-common: extend `BuildStatusFilter` with all status variants Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I58c8ebbe937035c2398af4eea0eaa3cf6a6a6964	2026-02-16 13:02:25 +03:00
NotAShelf	5b7648220c	fc-common: update notifications to handle all `BuildStatus` variants Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I99db557ae204f3a4ffec6be70386ecc16a6a6964	2026-02-16 13:02:24 +03:00
NotAShelf	5f09a46d29	fc-queue-runner: map exit codes to extended `BuildStatus` variants Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ibaa4de9e2c789931df8c67a53528829a6a6a6964	2026-02-16 13:02:23 +03:00
NotAShelf	f4772036ce	fc-common: add database migration for extended build status codes Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I0c13eda985d634e63189ba6907e488ae6a6a6964	2026-02-16 13:02:22 +03:00
NotAShelf	2b763833d4	fc-common: add extended `BuildStatus` enum with new status code Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: If00cae8b2f7d4a7ad2d64bfe70a5c4186a6a6964	2026-02-16 13:02:21 +03:00
NotAShelf	2a404e685b	nix: allow `file://` and other insecure schemes in VM tests Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I8ad4f8e9cf0990a036cff252d8dd38f96a6a6964	2026-02-16 00:08:24 +03:00
NotAShelf	a5768d46eb	fc-common: allow configuring url schemes to allow for testing Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I99912d7c45f1a4664d4823ddd793b5af6a6a6964	2026-02-16 00:08:23 +03:00
NotAShelf	861eda231f	Merge pull request 'treewide: general clenaup' (#1 ) from notashelf/push-tuktqzqlkzxp into main Reviewed-on: https://git.notashelf.dev/NotAShelf/fc/pulls/1	2026-02-15 23:40:37 +03:00
NotAShelf	b745550011	various: tiny cleanup Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I312766a6178be3898b51c2863f502bb06a6a6964	2026-02-15 23:37:53 +03:00
NotAShelf	f7081317ee	various: reuse HTTP client; eliminate intermediate string allocations; add tests Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I18b89e1aae78a400a89c9d89423ce1da6a6a6964	2026-02-15 23:37:52 +03:00
NotAShelf	38ed7faee2	various: replace silent error discards with logged warnings Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I465d760b5330980270b64b4a89abc09f6a6a6964	2026-02-15 23:37:51 +03:00
NotAShelf	9bbc1754d9	fc-server: session cleanup; conditional Secure cookie; `kill_on_drop` on NAR processes Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Ie7b9002bbdc0ad91bb041f89979881956a6a6964	2026-02-15 23:37:50 +03:00
NotAShelf	aa4ebf2f5b	various: harden input validation; add SSRF protection; fix default API key role Default API key role was "admin", which was something that I forgot to fix during testing. We change it to "read-only". Additionally repository URLs now reject `file://` scheme (another testing artifact) localhost, private IP ranges, and cloud metadata endpoints. Nix expressions reject path traversal (`..`) and absolute paths. Validation is called at the evaluator endtrypoint before command construction. Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: I35729c6aa9ec4ff8d1ea19bd57ea93646a6a6964	2026-02-15 23:37:49 +03:00

1 2 3

142 commits