dave/storkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 8 Wiki Activity
2,401 Commits 1 Branch 8 Tags
efdb0c58143b4bef02a8c763f81e5df8a3d7e59b
Commit Graph

2401 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dave
9dc7c21b05 storkit: create 363_story_mcp_tool_for_whatsup_story_triage 2026-03-21 21:29:42 +00:00
Dave
76369de391 storkit: create 362_story_bot_whatsup_command_shows_in_progress_work_summary 2026-03-21 21:26:02 +00:00
Dave
b747cc0fab storkit: create 362_story_bot_whatsup_command_shows_in_progress_work_summary 2026-03-21 21:25:36 +00:00
Dave
f74a0425a9 storkit: create 362_story_bot_whatsup_command_shows_in_progress_work_summary 2026-03-21 21:22:52 +00:00
Dave
b0b21765d9 storkit: create 362_story_bot_whatsup_command_shows_in_progress_work_summary 2026-03-21 21:22:16 +00:00
Timmy
9075bc1a84 Fix tmpfs ownership so storkit user can write to home dir 
The tmpfs at /home/storkit defaulted to root ownership (mode=755),
so Claude Code couldn't write ~/.claude.json or ~/.cache/. Set
uid=999,gid=999 to match the storkit user.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-21 21:19:16 +00:00
Timmy
9f873dc839 Fix Claude Code hanging in hardened container 
Claude Code writes to ~/.claude.json, ~/.cache/, and ~/.npm/ which
failed silently on the read-only root filesystem. Add tmpfs at
/home/storkit so the home dir is writable (the claude-state volume
overlays on top for persistent .claude/ data).

Also fix .dockerignore: use **/target/ to match nested target dirs,
add .storkit/logs/ and **/node_modules/ to prevent multi-GB build
context transfers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-21 21:16:24 +00:00
Dave
3774c3dca7 storkit: done 359_story_harden_docker_setup_for_security 2026-03-21 20:57:07 +00:00
Timmy
cd095f9a99 Fix rebuild_and_restart in Docker by using cargo output path 
Use the known cargo build output path instead of current_exe() when
re-execing after a rebuild. In Docker, the running binary lives at
/usr/local/bin/storkit (read-only) while cargo writes the new binary
to /app/target/release/storkit (a writable volume), so current_exe()
would just restart the old binary.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-21 20:42:38 +00:00
Timmy
fe0f560b58 Harden Docker container security 
Run as non-root user (fixes Claude Code refusing bypassPermissions as
root, which caused all agent spawns to exit instantly with no session).
Add read-only root filesystem, drop all capabilities, set
no-new-privileges, bind port to localhost only, and require
GIT_USER_NAME/GIT_USER_EMAIL env vars at startup.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-21 20:33:50 +00:00
Timmy
0416bf343c storkit: delete 57_story_live_test_gate_updates 2026-03-21 20:23:45 +00:00
Timmy
c3e4f85903 storkit: done 329_spike_evaluate_docker_orbstack_for_agent_isolation_and_resource_limiting 2026-03-21 20:22:02 +00:00
Timmy
52d9d0f9ce storkit: done 329_spike_evaluate_docker_orbstack_for_agent_isolation_and_resource_limiting 2026-03-21 20:20:41 +00:00
Timmy
996ba82682 storkit: create 329_spike_evaluate_docker_orbstack_for_agent_isolation_and_resource_limiting 2026-03-21 20:19:56 +00:00
Timmy
1f4152c894 storkit: create 361_story_remove_deprecated_manual_qa_front_matter_field 2026-03-21 19:59:52 +00:00
Timmy
02b481ee4c storkit: create 359_story_harden_docker_setup_for_security 2026-03-21 19:48:44 +00:00
Timmy
9c339c118f storkit: create 359_story_harden_docker_setup_for_security 2026-03-21 19:45:26 +00:00
Timmy
4790aac286 storkit: create 359_story_harden_docker_setup_for_security and 360_story_run_storkit_container_under_gvisor_runsc_runtime 2026-03-21 19:43:48 +00:00
Dave
b2d92d6059 storkit: accept 90_story_fetch_real_context_window_size_from_anthropic_models_api 2026-03-21 15:58:15 +00:00
Dave
71887af2d3 storkit: accept 358_story_remove_makefile_and_make_script_release_the_single_entry_point_for_releases 2026-03-21 15:55:15 +00:00
Dave
5db9965962 storkit: done 358_story_remove_makefile_and_make_script_release_the_single_entry_point_for_releases 2026-03-21 12:04:11 +00:00
Dave
e109e1ba5c storkit: merge 358_story_remove_makefile_and_make_script_release_the_single_entry_point_for_releases 2026-03-21 12:04:08 +00:00
Dave
3554594d8d storkit: done 90_story_fetch_real_context_window_size_from_anthropic_models_api 2026-03-21 12:01:24 +00:00
Dave
a6c8cf0daf storkit: merge 90_story_fetch_real_context_window_size_from_anthropic_models_api 2026-03-21 12:01:21 +00:00
Dave
30a56d03e5 storkit: create 358_story_remove_makefile_and_make_script_release_the_single_entry_point_for_releases 2026-03-21 11:55:13 +00:00
Dave
4734bd943f Fixing release 2026-03-21 11:52:18 +00:00
Dave
a1dd88579b storkit: accept 344_story_chatgpt_agent_backend_via_openai_api 2026-03-21 03:40:23 +00:00
Dave
759a289894 storkit: done 344_story_chatgpt_agent_backend_via_openai_api 2026-03-20 23:52:24 +00:00
Dave
be3b5b0b60 storkit: merge 344_story_chatgpt_agent_backend_via_openai_api 2026-03-20 23:52:21 +00:00
Dave
fbf391684a storkit: create 344_story_chatgpt_agent_backend_via_openai_api 2026-03-20 23:39:34 +00:00
Dave
65546a42b7 storkit: accept 343_refactor_abstract_agent_runtime_to_support_non_claude_code_backends 2026-03-20 22:58:45 +00:00
Dave
4e014d45c3 storkit: accept 345_story_gemini_agent_backend_via_google_ai_api 2026-03-20 22:54:45 +00:00
Dave
4f39de437f storkit: done 345_story_gemini_agent_backend_via_google_ai_api 2026-03-20 22:53:44 +00:00
Dave
79ee6eb0dc storkit: merge 345_story_gemini_agent_backend_via_google_ai_api 2026-03-20 22:53:41 +00:00
Dave
c930c537bc storkit: accept 357_story_bot_assign_command_to_pre_assign_a_model_to_a_story 2026-03-20 22:41:00 +00:00
Dave
f129a38704 storkit: done 343_refactor_abstract_agent_runtime_to_support_non_claude_code_backends 2026-03-20 22:07:52 +00:00
Dave
4344081b54 storkit: merge 343_refactor_abstract_agent_runtime_to_support_non_claude_code_backends 2026-03-20 22:07:49 +00:00
Dave
52c5344ce5 storkit: accept 350_story_mcp_tool_for_code_definitions_lookup 2026-03-20 19:30:08 +00:00
Dave
35bd196790 storkit: accept 356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy 2026-03-20 19:09:02 +00:00
Dave
65c8dc19d6 storkit: create 329_spike_evaluate_docker_orbstack_for_agent_isolation_and_resource_limiting 2026-03-20 19:05:18 +00:00
Dave
645a141d2d storkit: create 343_refactor_abstract_agent_runtime_to_support_non_claude_code_backends 2026-03-20 18:57:52 +00:00
Dave
11d1980920 storkit: done 357_story_bot_assign_command_to_pre_assign_a_model_to_a_story 2026-03-20 18:51:48 +00:00
Dave
83879cfa9e storkit: merge 357_story_bot_assign_command_to_pre_assign_a_model_to_a_story 2026-03-20 18:51:45 +00:00
Dave
972d8f3c12 storkit: create 357_story_bot_assign_command_to_pre_assign_a_model_to_a_story 2026-03-20 18:40:31 +00:00
Dave
4b1167025c storkit: accept 355_story_bot_rebuild_command_to_trigger_server_rebuild_and_restart 2026-03-20 16:24:54 +00:00
Dave
23eb752e3b storkit: accept 354_story_make_help_command_output_alphabetical 2026-03-20 16:22:53 +00:00
Dave
7aa1d0e322 storkit: done 356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy 2026-03-20 16:04:49 +00:00
Dave
a6dcd48da9 storkit: merge 356_story_start_command_should_say_queued_not_error_when_all_coders_are_busy 2026-03-20 16:04:45 +00:00
Dave
87958b0a2a storkit: done 354_story_make_help_command_output_alphabetical 2026-03-20 15:39:35 +00:00
Dave
ea061d868d storkit: merge 354_story_make_help_command_output_alphabetical 2026-03-20 15:39:32 +00:00