stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
Files
bd2529502ec5794d8f1f4bb6a3ec55b139e350b5
git.stella-ops.org/ops/devops/console/README.md
StellaOps Bot bd2529502e
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Details
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
feat: Implement Wine CSP HTTP provider for GOST cryptographic operations 
- Added WineCspHttpProvider class to interface with Wine-hosted CryptoPro CSP.
- Implemented ICryptoProvider, ICryptoProviderDiagnostics, and IDisposable interfaces.
- Introduced WineCspHttpSigner and WineCspHttpHasher for signing and hashing operations.
- Created WineCspProviderOptions for configuration settings including service URL and key options.
- Developed CryptoProGostSigningService to handle GOST signing operations and key management.
- Implemented HTTP service for the Wine CSP with endpoints for signing, verification, and hashing.
- Added Swagger documentation for API endpoints.
- Included health checks and error handling for service availability.
- Established DTOs for request and response models in the service.
2025-12-07 14:02:42 +02:00

2.3 KiB
Raw Blame History

Console CI runner (offline-friendly)

Status: baseline runner spec + CI skeleton; use to unblock DEVOPS-CONSOLE-23-001. Workloads remain manual-trigger until console team confirms budgets.

Runner profile

  • OS: Ubuntu 22.04 LTS (x86_64) with Docker available for Playwright deps if needed.
  • Node: 20.x (LTS). Enable corepack; prefer npm (default) to avoid extra downloads.
  • Caches:
    • npm: ~/.npm keyed by src/Web/package-lock.json hash.
    • Playwright: ~/.cache/ms-playwright pre-seeded with Chromium so npm test -- --browsers=ChromeHeadless can run offline. Seed once using npx playwright install chromium on a connected runner, then snapshot the directory into the runner image.
    • Angular build cache: optional ~/.cache/angular if using angular.json cache; safe to keep.
  • Artifacts retention: keep lint/test/build outputs 14 days; limit to 500 MB per run (coverage + dist + test reports). Artifacts path: artifacts/ (dist, coverage, junit/trx if produced).

Pipeline steps (expected)

  1. Checkout
  2. Node 20 setup with npm cache restore (package-lock at src/Web/package-lock.json).
  3. Install: npm ci --prefer-offline --no-audit --progress=false in src/Web.
  4. Lint: npm run lint -- --no-progress.
  5. Unit: npm test -- --watch=false --browsers=ChromeHeadless --no-progress (headless Chromium from pre-seeded cache).
  6. Build: npm run build -- --configuration=production --progress=false.
  7. Artifact collect: dist/, coverage/, any test-results/**.

Offline/airgap notes

  • Do not hit external registries during CI; rely on pre-seeded npm mirror or cached tarballs. Runner image should contain npm cache prime. If mirror is used, set NPM_CONFIG_REGISTRY=https://registry.npmjs.org equivalent mirror URL inside the runner; default pipeline does not hard-code it.
  • Playwright browsers must be pre-baked; the workflow will not download them.

Seeding Playwright cache (one-time per runner image)

ops/devops/console/seed_playwright.sh
# then bake ~/.cache/ms-playwright into the runner image or mount it on the agent

How to run

  • Manual trigger only (workflow_dispatch) via .gitea/workflows/console-ci.yml.
  • Before enabling PR triggers, verify runner image has npm and Playwright caches; otherwise keep manual until console team approves budgets.