secrets

Public Access

Author	SHA1	Message	Date
voson	ff9767ff95	chore(ci): 精简 publish-release job，移除多余 checkout Made-with: Cursor	2026-03-19 20:26:45 +08:00
voson	66b6417faa	feat: 开源准备与 upgrade URL 构建时配置 - upgrade: SECRETS_UPGRADE_URL 改为构建时优先（option_env!），CI 自动注入 - upgrade: 支持运行时回退（.env/export），添加 dotenvy 加载 .env - 泛化示例：IP/实例 ID/域名/密钥名改为示例值（10.0.0.1、example.com 等） - tasks.json: 文件 secret 测试改用 test-fixtures/example-key.pem - 文档更新：AGENTS.md、README.md Made-with: Cursor	2026-03-19 16:08:27 +08:00
voson	6ea9f0861b	chore: bump to 0.7.1, workflow/readme/init/upgrade updates, fix clippy needless_borrows Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 3s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 1m47s Details Secrets CLI - Build & Release / Build (macOS aarch64 + x86_64) (push) Successful in 48s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 1m2s Details Secrets CLI - Build & Release / 发布草稿 Release (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details Made-with: Cursor	2026-03-19 11:34:10 +08:00
voson	3973295d6a	chore(release): enforce version bump checks Fail fast when a release tag already exists, and add a local release-check script so version mistakes are caught before commit and publish. Made-with: Cursor	2026-03-19 11:17:23 +08:00
voson	baad623efe	feat(upgrade): SHA-256校验、Intel mac 交叉编译、全平台后发布 Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 2s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Has been cancelled Details Secrets CLI - Build & Release / Build (macOS aarch64 + x86_64) (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details Secrets CLI - Build & Release / 发布草稿 Release (push) Has been cancelled Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Has been cancelled Details - upgrade: 下载后校验 .sha256 摘要再安装 - workflow: ARM mac 同时产出 aarch64/x86_64 双架构，补全 Intel mac 产物 - workflow: 各平台上传主资产及 .sha256，Linux/macOS/Windows 全成功才发布 Release - upgrade: 补充 parse_tag_version、parse_checksum_file、extract_from_targz 单元测试 - docs: README/AGENTS 同步 upgrade 与平台说明 Made-with: Cursor	2026-03-19 11:06:10 +08:00
voson	140162f39a	ci(secrets): 飞书通知分散到各构建 job，放宽超时与构建条件 Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 2s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 29s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Successful in 45s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 1m18s Details Secrets CLI - Build & Release / 发布草稿 Release (push) Successful in 2s Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details - 各 build job 超时 10→15min，publish-release 2→5min - 移除 build-macos/build-windows 的 if 条件，默认全平台构建 - 删除独立 notify job，在各 build job 内增加飞书单 job 通知 - 汇总通知并入 publish-release，用 needs 取状态不再调 API - publish-release 增加 if: always() 与 checkout 步骤 Made-with: Cursor	2026-03-18 16:32:45 +08:00
voson	e6db23bd6d	fix(ci): 移除 probe-runners，用变量控制 build，解耦 notify Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 2s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 21s Details Secrets CLI - Build & Release / 通知 (push) Successful in 7s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Successful in 28s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 35s Details Secrets CLI - Build & Release / 发布草稿 Release (push) Successful in 0s Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details - 删除探测 Runner job（API 解析不可靠，且 always() 导致 job 被错误调度） - build-linux: 仅 needs version+check，默认执行 - build-macos: if vars.BUILD_MACOS != 'false'（默认开，runner 离线时设 false） - build-windows: if vars.BUILD_WINDOWS == 'true'（默认关，无 runner） - publish-release: 仅依赖 build-linux，避免被 macOS/Windows 阻塞 - notify: 仅 needs version+check + always()，失败也能发飞书；build 状态通过 API 查询 Made-with: Cursor	2026-03-18 16:04:16 +08:00
voson	c61c8292aa	fix: CI 无 DB 下 clippy 通过 + 失败时也发飞书通知 Some checks failed Secrets CLI - Build & Release / 探测 Runner (push) Successful in 1s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Has been skipped Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Has been skipped Details Secrets CLI - Build & Release / 版本 & Release (push) Successful in 2s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 34s Details Secrets CLI - Build & Release / 发布草稿 Release (push) Has been cancelled Details Secrets CLI - Build & Release / 通知 (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details - update.rs: sqlx::query! 改为 query/query_as，不依赖编译期 DB - workflow: build job 加 always() 且 check.result==success，失败时 notify 能执行 Made-with: Cursor	2026-03-18 15:50:10 +08:00
voson	c1d86bc96d	feat: add update command, bump to 0.2.0, doc version check Some checks failed Secrets CLI - Build & Release / 探测 Runner (push) Successful in 1s Details Secrets CLI - Build & Release / 版本 & Release (push) Successful in 3s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Failing after 21s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Has been skipped Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Has been skipped Details Secrets CLI - Build & Release / 发布草稿 Release (push) Has been cancelled Details Secrets CLI - Build & Release / 通知 (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details - add secrets update: incremental merge for tags/metadata/encrypted - AGENTS.md: 提交前检查增加版本号与 git tag 说明 - README/AGENTS: update 命令文档与示例 - Cargo.toml 0.1.0 -> 0.2.0 (secrets-0.1.0 已存在) Made-with: Cursor	2026-03-18 15:40:44 +08:00
voson	f87cf3fd20	fix: store RELEASE_TOKEN as raw value, not base64 Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 2s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 23s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Has been skipped Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Has been skipped Details Secrets CLI - Build & Release / 探测 Runner (push) Successful in 1s Details Secrets CLI - Build & Release / 通知 (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details Gitea Actions secrets API stores the data field as-is, base64 encoding caused CI to use the encoded string as the token, resulting in 401. Made-with: Cursor	2026-03-18 15:27:05 +08:00
voson	1aef267bbd	ci: fix runner probe curl error and re-sync RELEASE_TOKEN Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 2s Details Secrets CLI - Build & Release / 探测 Runner (push) Successful in 1s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 23s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Successful in 20s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 27s Details Secrets CLI - Build & Release / 通知 (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details - Replace curl -fsS with HTTP status code check in probe-runners to avoid ugly 401 errors - Graceful fallback: API failure defaults to trying all platforms - RELEASE_TOKEN re-synced with correct PAT value Made-with: Cursor	2026-03-18 15:18:03 +08:00
voson	2ad1abe846	ci: fix release 401 handling and notify based on actual results Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 2s Details Secrets CLI - Build & Release / 探测 Runner (push) Successful in 1s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 22s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Successful in 18s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 27s Details Secrets CLI - Build & Release / 通知 (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details - Replace curl -fsS with HTTP status code checking to avoid hard failures on 401/404 - Release creation failure no longer blocks the entire workflow, just skips asset upload - Notification now depends on all jobs and reports actual success/failure per platform Made-with: Cursor	2026-03-18 15:04:07 +08:00
voson	010001a4f4	ci: fix version parsing and release backfill Some checks failed Secrets CLI - Build & Release / 通知 (push) Successful in 2s Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details Secrets CLI - Build & Release / 版本 & Release (push) Failing after 1s Details Secrets CLI - Build & Release / 探测 Runner (push) Successful in 0s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 21s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Has been skipped Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Has been skipped Details Avoid failing the version step when there is no previous tag, and keep creating a release when the tag already exists but the release page is missing. Made-with: Cursor	2026-03-18 15:00:10 +08:00
voson	a3a92e073f	ci: Release 正文仅保留变更日志，使用说明见 README Made-with: Cursor	2026-03-18 14:55:31 +08:00
voson	3d00b65f55	Revert "ci: decouple notify from build to avoid blocking release" This reverts commit `1acc2537b3`.	2026-03-18 14:43:45 +08:00
voson	1acc2537b3	ci: decouple notify from build to avoid blocking release Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 1s Details Secrets CLI - Build & Release / 通知 (push) Successful in 2s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 23s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Successful in 20s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 28s Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details Make notification fire independently of matrix builds so stalled runners do not block release publishing. Made-with: Cursor	2026-03-18 14:41:59 +08:00
voson	9a562be4e4	ci: reduce check job timeout to 1 minute for efficiency Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 1s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 24s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Successful in 15s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 26s Details Secrets CLI - Build & Release / 通知 (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details	2026-03-18 14:36:14 +08:00
voson	3203984fb4	ci: 优化 workflow，拆分 check job，预创建 Release，超时 10m Some checks failed Secrets CLI - Build & Release / 版本 & Release (push) Successful in 1s Details Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 2m20s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Successful in 53s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 2m48s Details Secrets CLI - Build & Release / 通知 (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details - 新增 check job：fmt/clippy/test 仅在 Linux 跑一次 - version job 预创建 Release，消除多 job 竞态 - build job 只编译+上传，加 --locked - 超时从 30m 改为 10m - AGENTS.md 补充提交前检查规范 Made-with: Cursor	2026-03-18 14:30:54 +08:00
voson	102e394914	feat: secrets CLI MVP — add/search/delete with PostgreSQL JSONB Some checks failed Secrets CLI - Build & Release / 检查版本 (push) Successful in 2s Details Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Failing after 41s Details Secrets CLI - Build & Release / Build (aarch64-apple-darwin) (push) Failing after 55s Details Secrets CLI - Build & Release / 发送通知 (push) Has been cancelled Details Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled Details - Single `secrets` table with namespace/kind/name/tags/metadata/encrypted - Auto-migrate on startup using uuidv7() primary keys and GIN indexes - CLI commands: add (upsert, @file support), search (full-text + tags), delete - Multi-platform Gitea Actions: debian (x86_64-musl), darwin-arm64, windows - continue-on-error + timeout-minutes=30 for offline runner tolerance - VS Code tasks.json for local build/test/seed - AGENTS.md for AI context Made-with: Cursor	2026-03-18 14:10:45 +08:00

19 Commits