jfraeysd/fetch_ml
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
343 commits 1 branch 0 tags 38 MiB
Commit graph

5 commits

Author SHA1 Message Date
Jeremie Fraeys
7cd86fb88a
feat: add new API handlers, build scripts, and ADRs
Some checks failed
Build Pipeline / Sign HIPAA Config (push) Has been skipped
Details
Build Pipeline / Generate SLSA Provenance (push) Has been skipped
Details
Checkout test / test (push) Successful in 6s
Details
CI Pipeline / Test (ubuntu-latest on self-hosted) (push) Failing after 1s
Details
CI Pipeline / Dev Compose Smoke Test (push) Has been skipped
Details
CI Pipeline / Security Scan (push) Has been skipped
Details
CI Pipeline / Test Scripts (push) Has been skipped
Details
CI Pipeline / Test Native Libraries (push) Has been skipped
Details
CI Pipeline / Native Library Build Matrix (push) Has been skipped
Details
Contract Tests / Spec Drift Detection (push) Failing after 11s
Details
Contract Tests / API Contract Tests (push) Has been skipped
Details
Deploy API Docs / Build API Documentation (push) Failing after 5s
Details
Deploy API Docs / Deploy to GitHub Pages (push) Has been skipped
Details
Documentation / build-and-publish (push) Failing after 40s
Details
Test Matrix / test-native-vs-pure (cgo) (push) Failing after 14s
Details
Test Matrix / test-native-vs-pure (native) (push) Failing after 35s
Details
Test Matrix / test-native-vs-pure (pure) (push) Failing after 18s
Details
CI Pipeline / Trigger Build Workflow (push) Failing after 1s
Details
Build CLI with Embedded SQLite / build (arm64, aarch64-linux) (push) Has been cancelled
Details
Build CLI with Embedded SQLite / build (x86_64, x86_64-linux) (push) Has been cancelled
Details
Build CLI with Embedded SQLite / build-macos (arm64) (push) Has been cancelled
Details
Build CLI with Embedded SQLite / build-macos (x86_64) (push) Has been cancelled
Details
Security Scan / Security Analysis (push) Has been cancelled
Details
Security Scan / Native Library Security (push) Has been cancelled
Details
Verification & Maintenance / V.1 - Schema Drift Detection (push) Has been cancelled
Details
Verification & Maintenance / V.4 - Custom Go Vet Analyzers (push) Has been cancelled
Details
Verification & Maintenance / V.7 - Audit Chain Integrity (push) Has been cancelled
Details
Verification & Maintenance / V.6 - Extended Security Scanning (push) Has been cancelled
Details
Verification & Maintenance / V.10 - OpenSSF Scorecard (push) Has been cancelled
Details
Verification & Maintenance / Verification Summary (push) Has been cancelled
Details 
- Introduce audit, plugin, and scheduler API handlers
- Add spec_embed.go for OpenAPI spec embedding
- Create modular build scripts (cli, go, native, cross-platform)
- Add deployment cleanup and health-check utilities
- New ADRs: hot reload, audit store, SSE updates, RBAC, caching, offline mode, KMS regions, tenant offboarding
- Add KMS configuration schema and worker variants
- Include KMS benchmark tests
 2026-03-04 13:24:27 -05:00
Jeremie Fraeys
8a7e7695f4
config: consolidate and cleanup configuration files 
- Remove redundant config examples (distributed/, standalone/, examples/)
- Delete dev-local.yaml variants (use dev.yaml with env vars)
- Delete prod.yaml (use multi-user.yaml or homelab-secure.yaml)
- Clean up worker configs: remove docker.yaml, homelab-sandbox.yaml
- Update remaining configs with current best practices
- Simplify config schema and documentation
 2026-03-04 13:22:52 -05:00
Jeremie Fraeys
b3a0c78903
config: add Plugin GPU Quota, plugins, and audit logging to configs 
- Add Plugin GPU Quota config section to scheduler.yaml.example

- Add audit logging config to homelab-secure.yaml (HIPAA-compliant)

- Add Jupyter and vLLM plugin configs to all worker configs:

  - Security settings (passwords, trusted channels, blocked packages)

  - Resource limits (GPU, memory, CPU)

  - Model cache paths and quantization options for vLLM

- Disable plugins in HIPAA deployment mode for compliance

- Update deployments README with plugin services and GPU quotas
 2026-02-26 14:34:42 -05:00
Jeremie Fraeys
86f9ae5a7e
docs(config): reorganize configuration structure and add documentation 
Restructure configuration files for better organization:
- Add scheduler configuration examples (scheduler.yaml.example)
- Reorganize worker configs into subdirectories:
  - distributed/ - Multi-node cluster configurations
  - standalone/ - Single-node deployment configs
- Add environment-specific configs:
  - dev-local.yaml, docker-dev.yaml, docker-prod.yaml
  - homelab-secure.yaml, worker-prod.toml
- Add deployment configs for different security modes:
  - docker-standard.yaml, docker-hipaa.yaml, docker-dev.yaml

Add documentation:
- configs/README.md with configuration guidelines
- configs/SECURITY.md with security configuration best practices
 2026-02-26 12:04:11 -05:00
Jeremie Fraeys
4756348c48
feat: Worker sandboxing and security configuration 
Add security hardening features for worker execution:
- Worker config with sandboxing options (network_mode, read_only, secrets)
- Execution setup with security context propagation
- Podman container runtime security enhancements
- Security configuration management in config package
- Add homelab-sandbox.yaml example configuration

Supports running jobs in isolated, restricted environments.
 2026-02-18 21:27:59 -05:00