Commit Graph

67 Commits

Author SHA1 Message Date
root f27c910c93 Configure public site ingress 2026-06-13 14:36:58 +08:00
root a44ed21967 feat(tenant): add brand publish-records list and harden enterprise site management
- Add GET /api/tenant/publish-records: brand-scoped paginated list that merges
  in-flight (queued/publishing) records ahead of history (success/failed/cancelled),
  enriched with article title and latest desktop task id; wire up
  service/handler/router/swagger/router_test
- Rework PublishManagementView to consume publish-records instead of desktop
  publish tasks; add publishRecordsApi + shared-types
  (ListPublishRecordsParams, PublishRecordListResponse)
- Enterprise site Update: distinguish explicit null from missing PATCH fields via
  EnterpriseSitePatchString, dedup site_url before write, verify RowsAffected,
  and map unique-constraint violations to a clear conflict
- MediaView: enterprise site edit/delete flows with favicon fallback handling
- Localize enterprise site / PBootCMS error messages to Chinese across the
  backend and the admin-web error map, plus legacy raw-message translation
- deploy: gate migration-coupled service rollouts behind RUN_MIGRATIONS unless
  ALLOW_SKIP_MIGRATIONS_FOR_APP_ROLLOUT=true; handle empty SERVICES safely

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-08 11:40:46 +08:00
root 316e2a34aa Revert "feat(workflows): update registry host to 192.168.100.49 across multiple CI/CD files"
Deployment Config CI / Deployment Config (push) Successful in 14s
Frontend CI / Frontend (push) Successful in 1m57s
Backend CI / Backend (push) Successful in 41m0s
This reverts commit 855e061244.
2026-06-02 23:25:19 +08:00
root 855e061244 feat(workflows): update registry host to 192.168.100.49 across multiple CI/CD files
Deployment Config CI / Deployment Config (push) Successful in 8m5s
Frontend CI / Frontend (push) Failing after 22m8s
Backend CI / Backend (push) Failing after 22m8s
2026-06-02 22:26:28 +08:00
root 85bb373a8b feat(tenant): update retrieval configuration with increased recall limit and rerank top N values
Deployment Config CI / Deployment Config (push) Successful in 1m51s
Backend CI / Backend (push) Successful in 17m3s
2026-06-01 15:49:14 +08:00
root 76df672133 feat: add chunked desktop client release uploads
Deployment Config CI / Deployment Config (push) Successful in 28s
Frontend CI / Frontend (push) Successful in 2m12s
Backend CI / Backend (push) Successful in 14m44s
2026-06-01 01:31:54 +08:00
root c5da0cf507 feat(deploy): enhance deployment scripts with locking mechanism and metadata tracking
Deployment Config CI / Deployment Config (push) Successful in 16s
2026-06-01 00:49:19 +08:00
root 0059212d68 feat(deploy): add production deployment workflow and image deployment script
Deployment Config CI / Deployment Config (push) Successful in 20s
2026-05-31 19:48:20 +08:00
root de9c52be6d feat(nginx): configure client max body size and update timeouts for API proxy
Deployment Config CI / Deployment Config (push) Successful in 15s
Frontend CI / Frontend (push) Successful in 2m16s
feat(clipboard): implement copyTextToClipboard utility function
feat(desktop): add upload timeout for desktop client release API
feat(k3s): add nginx config and update kustomization for ops-web
2026-05-31 15:01:14 +08:00
root bdad050a8b feat(desktop): add type declaration for @brand-logo alias in brand-logo.d.ts
Deployment Config CI / Deployment Config (push) Successful in 12s
Desktop Client Build / Publish Client Artifacts to NAS (push) Successful in 30s
Desktop Client Build / Resolve Build Metadata (push) Successful in 26s
Desktop Client Build / Build Desktop Client (push) Successful in 22m8s
2026-05-31 13:38:37 +08:00
root 10d630db63 feat(ingress): configure TLS with Let's Encrypt for production and staging environments
Deployment Config CI / Deployment Config (push) Successful in 19s
2026-05-31 11:19:03 +08:00
root 430a83e8dd feat(deploy): update ingress rules and add media supply configuration
Deployment Config CI / Deployment Config (push) Successful in 12s
2026-05-31 11:14:06 +08:00
root 78fb9c42e2 docs(k3s): note CONCURRENTLY index verification and SMZDM cover preflight
Document how to confirm the new dedup/lookup indexes finished as valid
(no INVALID leftovers from interrupted CREATE INDEX CONCURRENTLY), and how
to find/abort SMZDM publish tasks queued without a cover before rolling
out the smzdm cover-required check.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-26 18:43:50 +08:00
root 7d8e82c69f feat(ops): add object storage management and site-mapping CSV import/export
Ship the Ops backstage 对象存储 page (browse / upload / move / delete /
folder ops) backed by a new object-storage service + handler, with the
shared storage client extended with List/Stat/Copy/Usage/DownloadURL so
both MinIO and Aliyun providers cover the new surface. Add
ForcePathStyle to the object-storage config and treat r2/s3/custom_s3
as external providers so Cloudflare R2 and other S3-compatibles can
share the MinIO client path without spinning up the bundled MinIO.

Also add CSV import/export + template download to the site-domain
mappings page, raise gin MaxMultipartMemory to 8 MiB for the new
multipart endpoints, register Ops swagger routes, and extend the
descriptions-parity test to cover the ops router.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-26 01:19:01 +08:00
root 52997e36fe fix(content-gen): strip URLs and site-list sections from generated content
Forbid URLs/domains/markdown links across prompt rules (runtime, platform
templates, outline/imitation/title flows) and rename "官网" placeholder to
"官网信息" with explicit instructions that links are background only.
Add sanitizeGeneratedArticleMarkdown to strip URLs, HTML images, and
"网站列表/官网列表" labels from LLM output, wired into article, prompt-rule,
template, and outline generation. Drop the site_list outline section seed
and filter blocked outline keys in the wizard so stored drafts cannot
resurrect it.
2026-05-24 22:19:43 +08:00
root 9f9e4f8e19 feat(object-storage): switch from Aliyun to MinIO for object storage configuration
Deployment Config CI / Deployment Config (push) Successful in 10s
2026-05-20 17:05:23 +08:00
root 6359a2ddd3 feat(workbench): implement workbench window management and navigation state
Deployment Config CI / Deployment Config (push) Successful in 24s
Desktop Client Build / Resolve Build Metadata (push) Successful in 39s
Frontend CI / Frontend (push) Successful in 3m3s
Backend CI / Backend (push) Successful in 16m18s
Desktop Client Build / Build Desktop Client (push) Successful in 24m1s
Desktop Client Build / Publish Client Artifacts to NAS (push) Successful in 35s
2026-05-20 15:44:26 +08:00
root 98f73c5bea feat(objectstorage): add Aliyun OSS support and auto-detect provider in deploy workflows
Introduces Aliyun OSS as an alternative to MinIO; deploy scripts and CI
workflows now read object_storage.provider from config and conditionally
include or skip MinIO resources in both Docker Compose and k3s paths.
Also adds ops scheduler domain and its migration tables.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-05-20 10:25:02 +08:00
root 00eb514efc feat(imitation): simplify form fields and make brand_name required
Deployment Config CI / Deployment Config (push) Successful in 25s
Frontend CI / Frontend (push) Successful in 2m51s
Backend CI / Backend (push) Successful in 14m47s
Remove industry, target_audience, content_goal, tone, and length_goal from the imitation form; brand_name is now mandatory with autocomplete from brand library, keywords are pre-populated from the selected brand's search keywords, and output length is hardcoded to ~2000 characters in the prompt.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-05-20 02:16:45 +08:00
root c89cad6643 feat(keywords): rename brand-question terminology to search-keyword + add entity exclusion
- Rename UI/prompt labels: "品牌主问题" → "优化关键词", "搜索问题" → "搜索词"
- Add brand/competitor entity exclusion filter in question expansion (AI distill path)
- Refactor combination question text normalization, remove manual question-mark appending
- Update prompts to emphasize commercial-intent search queries over editorial phrasing
- Sync prompt changes across server/configs, deploy, and k3s configs
- Update i18n, frontend views (BrandQuestionCreate, TemplateWizard), and test fixtures

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
2026-05-20 01:27:14 +08:00
root 01dbb9c8d3 fix(styles): increase z-index for message and notification components
Deployment Config CI / Deployment Config (push) Successful in 13s
Frontend CI / Frontend (push) Successful in 3m38s
2026-05-14 13:16:47 +08:00
root b939cfa2fa feat(auth): support per-deploy login password key override
Deployment Config CI / Deployment Config (push) Successful in 27s
Backend CI / Backend (push) Successful in 15m4s
Multi-replica deployments need every Pod/container to share one RSA private key, otherwise public keys handed to the browser may not match the key that decrypts the resulting ciphertext. Introduce a `*.local.yaml` override layer that ops-config and tenant-config both load on top of the base config, ship example overrides plus compose/k3s wiring, and tolerate PEM bodies that arrive folded or escaped from Secrets.
2026-05-14 11:54:40 +08:00
root 2bc192b3c7 fix(prompts): refine region output guidance for geographic terms
Deployment Config CI / Deployment Config (push) Successful in 27s
Desktop Client Build / Resolve Build Metadata (push) Successful in 40s
Frontend CI / Frontend (push) Successful in 4m3s
Backend CI / Backend (push) Successful in 16m31s
Desktop Client Build / Build Desktop Client (push) Successful in 26m53s
Desktop Client Build / Publish Client Artifacts to NAS (push) Successful in 53s
2026-05-14 11:16:23 +08:00
root ecf3ee1ef0 fix(ci): prune old registry package versions
Deployment Config CI / Deployment Config (push) Successful in 19s
Frontend CI / Frontend (push) Successful in 11m18s
Backend CI / Backend (push) Successful in 17m54s
2026-05-13 23:22:58 +08:00
root 34ef5873ca feat: load question expansion prompts from yaml
Deployment Config CI / Deployment Config (push) Successful in 27s
Backend CI / Backend (push) Successful in 16m5s
2026-05-13 20:24:51 +08:00
root 37b0b32327 feat(admin-brand): add question expansion service and related functionality
- Implemented QuestionExpansionService for generating and materializing questions based on combinations and AI distillation.
- Added question metadata classification logic to infer intent and layer of questions.
- Created API handlers for question expansion operations including combination preview, AI distillation, metadata classification, and materialization.
- Introduced database migrations to support new question-related fields and constraints in brand_questions and brand_keywords tables.
- Added caching mechanism for AI distillation results to improve performance.
- Defined JSON schemas for question distillation responses to ensure data integrity.
2026-05-12 21:53:36 +08:00
root c16a684add fix(browser-fetch): allow baidu source fallback
Deployment Config CI / Deployment Config (push) Successful in 1m35s
Backend CI / Backend (push) Successful in 17m20s
2026-05-11 14:30:58 +08:00
root 3d396e4ac8 fix(docker-compose): update healthcheck command syntax for service
Deployment Config CI / Deployment Config (push) Successful in 12s
2026-05-11 12:37:08 +08:00
root 7f08d92958 feat(browser-fetch): add lightpanda-backed fetch service and knowledge URL fallback
Adds a new browser-fetch microservice that wraps Lightpanda for rendering
JS-heavy pages, and wires it into the knowledge URL parser as a fallback
when the upstream link reader returns 403/429/5xx for an allow-listed
domain (e.g. zhuanlan.zhihu.com). Includes config/env plumbing, hot-reload
diff support, and full deploy assets (Dockerfile target, docker-compose,
k3s manifests, image-build/package scripts).
2026-05-11 11:11:21 +08:00
root 65e9b7e293 harden article generation reliability
Deployment Config CI / Deployment Config (push) Successful in 24s
Backend CI / Backend (push) Successful in 14m12s
2026-05-05 23:43:10 +08:00
root 3c912949e4 fix client IP handling behind proxies
Deployment Config CI / Deployment Config (push) Successful in 27s
Frontend CI / Frontend (push) Successful in 3m2s
Backend CI / Backend (push) Successful in 14m8s
2026-05-05 23:01:25 +08:00
root 745cdd79cf feat(compliance): add content compliance detection across tenant, ops, and clients
Implements the Revision 8/9 compliance design: tenant + ops backends, ops-web
content-safety pages, admin-web editor/publish gate integration, desktop publish
block surfacing, and supporting migrations / shared types / config plumbing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-05 20:48:14 +08:00
root 1c19bac8bc docs(deploy): document pgbouncer rollout
Deployment Config CI / Deployment Config (push) Successful in 24s
Backend CI / Backend (push) Successful in 14m49s
2026-05-03 15:04:17 +08:00
root cec7fa25e3 fix(config): harden database pool settings 2026-05-03 15:04:08 +08:00
root 774b907da8 feat(deploy): add pgbouncer poolers 2026-05-03 15:03:59 +08:00
root c1ef717d17 feat(cache,worker): overhaul cache layer and add generation task lease recovery
Deployment Config CI / Deployment Config (push) Successful in 24s
Backend CI / Backend (push) Successful in 14m33s
- shared/cache: add Options/L1/async/metrics/prefix decorators, multi-key ops, Redis pool tuning, and JSON readthrough metrics
- worker-generate: claim tasks via DB lease + heartbeat, requeue stale queued tasks, expire dead leases with refund/cache invalidation
- tenant: version article cache keys so worker recovery invalidations propagate cleanly
- shared/config: expand Redis (pool/timeouts/TLS) and Generation (lease/recovery) configs with defaults

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 02:02:39 +08:00
root cd5f038108 chore(k3s): set OPS_DEFAULT_ADMIN_PASSWORD in dev secrets template
Deployment Config CI / Deployment Config (push) Successful in 26s
Backend CI / Backend (push) Successful in 14m19s
Replace the "change-me-before-apply" placeholder with a usable dev
default so the manifest applies cleanly out of the box. Production
deployments should still override this via their own secret source.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 10:06:19 +08:00
root 3c07fd917d feat(k3s): add optional Kite dashboard addon
Apply with `kubectl apply -f deploy/k3s/addons/kite.yaml` to expose a
Kubernetes management dashboard on NodePort 30082. Documented as
optional and intranet-only since the official manifest binds
cluster-admin.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 10:06:12 +08:00
root f9cf2b7cb2 fix: add NodePort configuration for frontend and ops-web services in k3s deployment
Deployment Config CI / Deployment Config (push) Has been cancelled
2026-05-02 01:50:25 +08:00
root b2ed2a765b fix: remove optional secret key references for LLM and Siliconflow API keys in deployment configuration
Deployment Config CI / Deployment Config (push) Has been cancelled
2026-05-02 01:36:23 +08:00
root d4f5608718 fix: mark secret key references as optional in app deployments
Deployment Config CI / Deployment Config (push) Has been cancelled
2026-05-02 01:35:17 +08:00
root e0b6c1a9fa ci(deploy): publish images via Gitea Registry and verify on CD
CI workflows now own image publishing: backend-ci and frontend-ci push
service images to the Gitea Registry tagged with commit8. CD workflows
(nas-compose-deploy, nas-compose-service-deploy, offline-package, the
new nas-k3s-deploy) pull and verify those tags instead of rebuilding,
so deployments fail fast when CI hasn't produced the matching image.
The shared deploy/scripts/gitea-registry-images.sh helper drives both
the ensure (CI) and verify (CD) paths, and package.sh can now hydrate
its local images from the registry via SOURCE_IMAGE_REGISTRY.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 23:54:33 +08:00
root b71e14df66 fix(secrets): update JWT secrets and internal metrics token in secrets.yaml
Deployment Config CI / Deployment Config (push) Successful in 12s
2026-05-01 22:46:34 +08:00
root 4e9e877941 fix(config): update internal metrics token and adjust membership AI points and storage limits
Deployment Config CI / Deployment Config (push) Successful in 14s
2026-05-01 22:36:30 +08:00
root 11079ca90a fix(deploy): correct JWT_SECRET default value syntax in docker-compose.yaml
Deployment Config CI / Deployment Config (push) Successful in 2m37s
Backend CI / Backend (push) Failing after 8m57s
2026-05-01 21:34:54 +08:00
root 768ef1293c fix(deploy): update JWT_SECRET default value and remove unused API keys
Deployment Config CI / Deployment Config (push) Failing after 10s
2026-05-01 21:18:10 +08:00
root 162abdc97c chore(frontend): introduce prettier + eslint and prune unused code
Backend CI / Backend (push) Has been cancelled
Frontend CI / Frontend (push) Failing after 1m39s
- Add Prettier 3 with prettier-plugin-organize-imports (sorts/removes unused imports)
- Add ESLint 10 flat config with typescript-eslint + eslint-plugin-vue + eslint-config-prettier
- Add root scripts: format, format:check, lint, lint:fix
- Reformat 257 files across admin-web, ops-web, desktop-client, packages
- Remove unused locals/exports flagged by --noUnusedLocals/--noUnusedParameters
- Fix duplicate localTabLabel key, surrogate-pair regex u-flag, NBSP literal in regex
- Skip server/ (Go) and apps/browser-extension/ (deprecated per ADR)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 20:39:09 +08:00
root 21c7892ee4 chore(deploy): trim release retention and disable retrieval api key
Lower keep_releases default to 1 to reduce NAS disk usage, and clear
the bundled siliconflow retrieval api_key so deployments must supply
their own credentials.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 20:19:28 +08:00
root fb1351d82b feat(desktop-client): add afterPack hook to clean up unnecessary localization files and include certificate files for code signing
Deployment Config CI / Deployment Config (push) Successful in 23s
Frontend CI / Frontend (push) Successful in 2m25s
2026-05-01 16:32:12 +08:00
root 9c58fe2312 feat(server): add production-safe platform-template seed job
A fresh production environment only ran migrations, so the four built-in
platform templates were never inserted unless someone manually ran
dev-seed (which also writes broad demo data). Extract the platform
template upsert into a reusable repository.EnsurePlatformTemplates and
add a standalone cmd/seed-platform-templates that calls it. Bake the
binary into the migrate image and chain it after migrate up in both
docker-compose and the k3s migration job (mounting app config so the
binary can dial the right database).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 16:01:55 +08:00