The dropdown was empty because it fetched from /api/models/curated
(small DB subset) filtered to enabled-only. Switch to /api/models
which queries all providers live and returns 300+ available models.
- Object store is now a tab ("Object Browser") alongside "Buckets"
- Buckets tab: create and delete buckets
- New directory creation via NEW DIR button
- DOWNLOAD and DELETE buttons are now full words with borders and
spacing between them to prevent misclicks
- Bucket selector dropdown when multiple buckets exist
- All API routes accept optional bucket query param
Replace the xterm/PTY-based chat tab with a direct-to-API streaming chat
UI that calls provider APIs (Anthropic, OpenAI) with SSE streaming and
inline tool execution.
- Extract 18 shared tools from MCP server into chat-tools.ts registry
(knowledge, task, agent, model, web, shell, filesystem tools)
- Add streaming adapters for Anthropic and OpenAI APIs (raw fetch, no SDK)
- Add POST /api/chat SSE route with tool-use loop (max 10 rounds)
- Rewrite chat-tab.tsx as message-based UI with model selector,
streaming text, and collapsible tool call blocks
- Refactor mcp-server.ts to consume shared tool registry
Lightweight Next.js app for browsing, uploading, and downloading
artifacts from the cluster-local Garage S3 bucket. Uses the harness
design system. Features:
- File/folder browser with breadcrumb navigation
- Drag-and-drop upload
- Download and delete
- Ingress at platform.coreworlds.io (internal-only)
Also adds platform-dash to CI/deploy workflows.
Download from garage.platform.svc:3902 (web gateway) instead of
GitHub releases. Eliminates external network dependency during builds.
Verified download works from inside DinD-spawned containers.
Cluster-local object store for build artifacts (CLI binaries etc.)
so Docker builds don't depend on flaky external downloads.
- Single-node Garage v1.0.1 StatefulSet (LMDB, replication=1)
- Metadata on longhorn-nvme (1Gi), data on longhorn HDD (20Gi)
- S3 API at garage.platform.svc:3900
- External ingress at s3.coreworlds.io (internal-only)
- SealedSecret for admin token and RPC secret
Piping curl directly to tar fails in CI when the download is chunked,
causing "not found in archive". Download to a temp file first.
Verified on linux/amd64.
The opencode.ai install script fails in CI (TLS errors, missing $SHELL).
Download the pre-built musl binary directly from GitHub releases instead.
Verified locally on linux/amd64 with PTY spawn.
The opencode installer script requires $SHELL to be set, which Alpine's
sh in Docker doesn't provide. This caused the install to download the
binary but fail before placing it, silently swallowed by the || fallback.
Also hardcode the known install path and fail the build if it's missing.
Add "gitea" to local RepoResult provider type (was missing from UI
interface despite being returned by repo-search). Copy opencode binary
instead of symlinking — symlink through /root/ is inaccessible to the
nextjs user due to directory permissions.
- GITEA_URL was pointing to gitea.platform.svc but the Helm chart
names the HTTP service gitea-helm-http.platform.svc
- Add Gitea badge (GT, green) to repo search results UI
- Update placeholder and credential hint to mention Gitea
- Rewrite internal service URLs to external gitea.coreworlds.io in
search results so agents can clone from outside the cluster
- Add error logging to diagnose search failures
The opencode curl installer puts the binary in /root/.local/bin which
isn't on PATH for the nextjs user. Add a symlink to /usr/local/bin
after install. Also ensure /usr/local/bin is always in the PATH
passed to spawned agent processes.
The localhost check using host header and x-forwarded-for was unreliable
in the standalone Next.js server which may inject forwarded headers
internally. Replace with a per-process random token shared between the
PTY server and the API route via env var.
In K8s, HOSTNAME is set to the pod name, so the server only listened
on that interface. The PTY server's loopback fetch to 127.0.0.1 was
connection-refused. Always bind to 0.0.0.0 so loopback works.
The standalone next package is trimmed and doesn't include webpack.
The custom server.js was using next() which triggers config loading
that requires webpack. Fix by extracting the standalone config at
build time and setting __NEXT_PRIVATE_STANDALONE_CONFIG before
requiring next, matching what the generated standalone server does.
server.js requires 'next', which the standalone output places at
apps/harness/node_modules/next. Running server.js from the repo root
meant Node couldn't resolve it. Move server.js and pty-server.js into
apps/harness/ so module resolution finds the standalone node_modules.
The Dockerfile check in the while-read loop used `[ -f ... ] && echo`,
which exits non-zero for packages without Dockerfiles. With bash's
pipefail, this killed the entire step. Also remove unused GitHub
workflow copies since CI runs on Gitea only.
Turbo's change detection includes shared packages like @homelab/db,
which don't have Dockerfiles. Filter to only apps with a Dockerfile
to prevent 'path not found' errors during docker build.
Webhook endpoint at /api/webhooks/gitea receives Gitea status events,
matches them against configurable event triggers with conditions
(event type, repo glob, state, context), renders task templates with
{{variable}} substitution, and creates harness tasks automatically.
Includes circuit breaker: after N consecutive task failures from the
same trigger (default 3), the trigger auto-disables. Re-enable
manually via PATCH /api/event-triggers/:id.
New tables: harness_event_triggers (rules + circuit breaker state),
harness_event_log (audit trail + dedup via X-Gitea-Delivery).
@modelcontextprotocol/server-git is not published to npm (it's a
Python package). Agents already have git installed and can use it
directly, so the MCP wrapper is unnecessary.
golang:1.26-alpine uses GOPATH=/go (not /root/go), so the binary was
installed to /go/bin/gitea-mcp but the COPY looked at /root/go/bin/.
Set GOBIN=/usr/local/bin for a deterministic install location.
Also adds harness MCP server bundle to the image.
Wire 5 MCP servers into Claude Code agents spawned by the harness:
- Gitea MCP for repo/issue/PR management on self-hosted Gitea
- Kubernetes MCP with read-only RBAC for cluster inspection
- Postgres MCP with read-only user for database queries
- Filesystem and Git MCP scoped to task worktrees
Generates .claude/settings.json in each worktree before agent spawn.
Gracefully skips for Codex/OpenCode runtimes (no MCP support).
Also fixes node-pty build failure by using local Node.js headers
instead of downloading from unofficial-builds.nodejs.org (ECONNRESET).
Move Field component out of NewTaskTab to prevent React from
remounting input wrappers on every keystroke. Same root cause as
the ProjectsTab DetailView fix.
DetailView was defined as a component inside ProjectsTab's render,
causing React to unmount/remount it on every keystroke. Replace with
inline JSX so the input element identity stays stable across renders.
Browser-based interactive terminal sessions with agent CLIs via
WebSocket + node-pty. Supports full TUI rendering (colors, cursor,
ctrl-c) through xterm.js in the browser.
Architecture: xterm.js ←WebSocket→ pty-server.js ←PTY→ agent CLI
- Extract shared buildAgentEnv() from executor into agent-env.ts
- Add internal /api/agents/[id]/env endpoint for PTY server
- Add pty-server.js (WebSocket + node-pty, max 3 sessions, 2hr cleanup)
- Add custom server.js wrapping Next.js with WebSocket upgrade
- Add ChatTab component with agent selector and terminal
- Wire CHAT tab into dashboard nav and render
- Configure serverExternalPackages for node-pty
- Update Dockerfile with build tools and custom server
- Bump k8s memory limit 1Gi → 2Gi for PTY sessions
Next.js standalone output nests server.js under apps/harness/ when
built from a pnpm workspace. Preserve the directory structure and
update CMD to point to the correct server.js path.
Support Gitea alongside GitHub/GitLab for repo search, authenticated
cloning, and pull request creation via Gitea API. Tasks can specify
gitProvider and gitBaseUrl in their spec (defaults to github for
backwards compat). Auto-discovers GITEA_TOKEN from env on boot.
