From 22f405f995aa8f647f75b4cc99a484749b8b9964 Mon Sep 17 00:00:00 2001 From: Dan Date: Sun, 4 Jan 2026 17:09:56 -0800 Subject: [PATCH] Add dev tools checks to smoke test (bun, zig) --- .beads/issues.jsonl | 2 +- scripts/smoke-test.sh | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/.beads/issues.jsonl b/.beads/issues.jsonl index 0875b65..84f1e5d 100644 --- a/.beads/issues.jsonl +++ b/.beads/issues.jsonl @@ -45,7 +45,7 @@ {"id":"ops-jrz1-bhk","title":"Add disk quotas for user workspaces","description":"User could fill host disk via /var/lib/vscode/\u003cuser\u003e/. Add per-directory quotas or monitoring/alerting on disk usage.","status":"closed","priority":3,"issue_type":"task","created_at":"2025-12-05T15:32:41.199417226-08:00","updated_at":"2025-12-28T00:05:44.7635372-05:00","closed_at":"2025-12-28T00:05:44.7635372-05:00","close_reason":"Parent epic cancelled - browser-based dev approach abandoned","dependencies":[{"issue_id":"ops-jrz1-bhk","depends_on_id":"ops-jrz1-3so","type":"parent-child","created_at":"2025-12-05T17:05:47.309592029-08:00","created_by":"daemon","metadata":"{}"}]} {"id":"ops-jrz1-blh","title":"mautrix-slack edit panic persists in v25.11","description":"mautrix-slack panic on rapid message edits (race condition)\n\n**Root cause**: Edit event arrives before original message is stored in DB. ConvertEdit accesses nil metadata.\n\n**Location**: handleslack.go:575 - has TODO comment: 'this can panic?'\n\n**Reproduction**: Edit a Slack message within ~1 second of sending\n\n**Upstream status**: \n- v25.11 is latest (we're on it)\n- Known to devs (TODO in code)\n- No open issue filed yet\n\n**Stack trace**:\ngo.mau.fi/mautrix-slack/pkg/connector.(*SlackMessage).ConvertEdit\n handleslack.go:575\nmaunium.net/go/mautrix/bridgev2.(*Portal).handleRemoteEdit\n portal.go:2838","status":"closed","priority":2,"issue_type":"bug","created_at":"2025-12-05T19:40:33.255395189-08:00","updated_at":"2025-12-28T00:06:14.637057055-05:00","closed_at":"2025-12-28T00:06:14.637057055-05:00","close_reason":"Duplicate of ops-jrz1-f15 which has fix ready","comments":[{"id":2,"issue_id":"ops-jrz1-blh","author":"dan","text":"Confirmed panic exists in nixpkgs-unstable from 2025-12-02. Fix will be addressed via platform upgrade (see ops-jrz1-00e).","created_at":"2025-12-08T23:54:57Z"}]} {"id":"ops-jrz1-bom","title":"Consolidate repeated attribute keys in configuration.nix","description":"statix W20: networking and environment keys are repeated across the file. Consolidate into single blocks for readability.","status":"open","priority":4,"issue_type":"task","created_at":"2026-01-03T17:35:57.496164613-08:00","created_by":"dan","updated_at":"2026-01-03T17:35:57.496164613-08:00"} -{"id":"ops-jrz1-c0i","title":"Investigate intermittent DNS/connectivity issues","description":"SSH connections timing out intermittently. May be DNS resolution or network instability. Investigate: (1) DNS resolver config, (2) Network interface stability, (3) Firewall rules interaction, (4) VPS provider network issues.","status":"open","priority":2,"issue_type":"bug","created_at":"2026-01-04T16:43:45.330599724-08:00","created_by":"dan","updated_at":"2026-01-04T16:43:45.330599724-08:00"} +{"id":"ops-jrz1-c0i","title":"Investigate intermittent DNS/connectivity issues","description":"SSH connections timing out intermittently. May be DNS resolution or network instability. Investigate: (1) DNS resolver config, (2) Network interface stability, (3) Firewall rules interaction, (4) VPS provider network issues.","status":"closed","priority":2,"issue_type":"bug","created_at":"2026-01-04T16:43:45.330599724-08:00","created_by":"dan","updated_at":"2026-01-04T16:56:24.821706332-08:00","closed_at":"2026-01-04T16:56:24.821706332-08:00","close_reason":"DNS healthy: 3-7ms resolution, 0% packet loss, interface stable. Timeout was transient."} {"id":"ops-jrz1-cmv","title":"Add egress rate limiting (iptables)","description":"Hard limit outbound connections per user to prevent mass exfil/scanning.\n\n## Config\n```nix\nnetworking.firewall.extraCommands = ''\n # Rate limit new outbound connections for regular users (uid 1000+)\n iptables -A OUTPUT -m state --state NEW -m owner --uid-owner 1000:65534 \\\n -m limit --limit 30/min --limit-burst 60 -j ACCEPT\n iptables -A OUTPUT -m state --state NEW -m owner --uid-owner 1000:65534 \\\n -j LOG --log-prefix \"EGRESS-LIMIT: \"\n iptables -A OUTPUT -m state --state NEW -m owner --uid-owner 1000:65534 \\\n -j REJECT\n'';\n```\n\n## Behavior\n- 30 new connections/min sustained, burst of 60\n- Over limit: logged and rejected\n- Doesn't affect established connections\n\n## Testing\n- `for i in {1..100}; do curl -s ifconfig.me \u0026 done`\n- Should see EGRESS-LIMIT in journal after ~60","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-02T20:16:32.276607792-08:00","created_by":"dan","updated_at":"2026-01-02T21:12:35.5888406-08:00","closed_at":"2026-01-02T21:12:35.5888406-08:00","close_reason":"Closed"} {"id":"ops-jrz1-cpm","title":"Add admin alerting when killswitch fires","description":"Killswitch only logs to journald. Consider external notification (email, Matrix message, webhook) when users are terminated.","status":"open","priority":4,"issue_type":"task","created_at":"2026-01-03T08:40:26.416998752-08:00","created_by":"dan","updated_at":"2026-01-03T08:40:26.416998752-08:00"} {"id":"ops-jrz1-d38","title":"Add tmux to system packages","description":"Add tmux for session persistence. Users can run bots in tmux, disconnect, reconnect.","status":"closed","priority":2,"issue_type":"task","created_at":"2026-01-02T15:13:58.514256583-08:00","created_by":"dan","updated_at":"2026-01-02T17:25:59.102158299-08:00","closed_at":"2026-01-02T17:25:59.102158299-08:00","close_reason":"Closed"} diff --git a/scripts/smoke-test.sh b/scripts/smoke-test.sh index 5d8a373..5a74dbe 100755 --- a/scripts/smoke-test.sh +++ b/scripts/smoke-test.sh @@ -181,6 +181,28 @@ else fi echo "" +# Dev tools +echo "── Dev Tools ──" +if run "which bun >/dev/null 2>&1"; then + pass "bun is installed" +else + fail "bun not found" +fi + +if run "which zig >/dev/null 2>&1"; then + pass "zig is installed" +else + fail "zig not found" +fi + +# Test bun can install packages (as root for smoke test) +if run "bun install -g is-odd >/dev/null 2>&1 && bun remove -g is-odd >/dev/null 2>&1"; then + pass "bun install works" +else + fail "bun install failed" +fi +echo "" + # Summary echo "================================" echo " Results"