Skip to content

Talos implementation#1

Merged
devantler merged 4 commits into
mainfrom
feature/talos-implementation
Jan 1, 2024
Merged

Talos implementation#1
devantler merged 4 commits into
mainfrom
feature/talos-implementation

Conversation

@devantler

Copy link
Copy Markdown
Contributor

No description provided.

@devantler devantler self-assigned this Dec 31, 2023
@devantler devantler marked this pull request as ready for review January 1, 2024 16:17
@devantler devantler merged commit 108d280 into main Jan 1, 2024
@devantler devantler deleted the feature/talos-implementation branch January 8, 2024 20:56
Copilot AI added a commit that referenced this pull request Feb 24, 2026
- Remove unused `id`, `timestamp`, `isQueued` fields from pendingPrompt
- Add addToPromptHistory for queued prompts (Up/Down arrow recall)
- Replace emoji with ASCII indicators ([S], [Q]) in pending prompts
- Add session recreation via switchModel when queued prompt model differs
- Process pending prompts after abort and error events
- Remove redundant negative check and fix G115 gosec in calculateWrapWidth
- Add queue position numbers ([QUEUED #1], [QUEUED #2])

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>
devantler added a commit that referenced this pull request Feb 24, 2026
* Initial plan

* fix(chat): apply review feedback for prompt queuing and steering

- Remove unused `id`, `timestamp`, `isQueued` fields from pendingPrompt
- Add addToPromptHistory for queued prompts (Up/Down arrow recall)
- Replace emoji with ASCII indicators ([S], [Q]) in pending prompts
- Add session recreation via switchModel when queued prompt model differs
- Process pending prompts after abort and error events
- Remove redundant negative check and fix G115 gosec in calculateWrapWidth
- Add queue position numbers ([QUEUED #1], [QUEUED #2])

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix(chat): clear stale error before model switch in processNextPendingPrompt

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>
devantler added a commit that referenced this pull request Mar 3, 2026
* feat(chat): add prompt queuing and steering support

Implements issue #2240 - Add support for steering and queuing prompts in ksail chat.

**Key Features:**
- Ctrl+Q to queue prompts for FIFO processing after current task
- Ctrl+S to add steering prompts that inject guidance ASAP
- Visual indicators showing pending prompts with mode badges
- State preservation: each prompt captures mode, model, and settings at send time
- Auto-processing: queued prompts execute automatically when session becomes idle
- Footer shows pending prompt count

**Implementation Details:**
- Added pendingPrompt type to capture prompt state
- Added queuedPrompts and steeringPrompts slices to Model
- Modified tryFinalizeResponse() to auto-process pending prompts
- Added renderPendingPrompts() to show visual queue in viewport
- Updated keymaps and help text for new shortcuts
- Steering prompts processed before queued (priority)

**Acceptance Criteria (Partial):**
✅ Multiple prompts with visual indicators
✅ Steering prompts processed ASAP
✅ Queued prompts in FIFO order
✅ Visual distinction between types
✅ Mode/settings attached to prompts
✅ Auto-processing implemented

**Future Work:**
- Prompt deletion (Del/Backspace key handler)
- Prompt selection/navigation
- Model switching for queued prompts
- Enhanced visual feedback

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: resolve build errors and wire up delete for chat steering/queuing prompts (#2418)

* Initial plan

* fix: resolve build errors and lint issues in chat steering/queuing implementation

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix: suppress G115 gosec false positive in calculateWrapWidth (#2451)

* Initial plan

* fix: suppress G115 gosec false positive in calculateWrapWidth

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: apply golangci-lint fixes

* fix: resolve G115 gosec lint error in calculateWrapWidth (#2470)

* Initial plan

* fix: resolve golangci-lint G115 gosec issue in viewport.go

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix(chat): resolve G115 gosec integer overflow in calculateWrapWidth (#2475)

* Initial plan

* fix: guard against negative int before uint conversion in calculateWrapWidth

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix(chat): apply review feedback for prompt queuing and steering (#2480)

* Initial plan

* fix(chat): apply review feedback for prompt queuing and steering

- Remove unused `id`, `timestamp`, `isQueued` fields from pendingPrompt
- Add addToPromptHistory for queued prompts (Up/Down arrow recall)
- Replace emoji with ASCII indicators ([S], [Q]) in pending prompts
- Add session recreation via switchModel when queued prompt model differs
- Process pending prompts after abort and error events
- Remove redundant negative check and fix G115 gosec in calculateWrapWidth
- Add queue position numbers ([QUEUED #1], [QUEUED #2])

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix(chat): clear stale error before model switch in processNextPendingPrompt

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: apply golangci-lint fixes

* fix: address review feedback for prompt queuing and steering (#2492)

* Initial plan

* fix: address all 9 review comments for prompt queuing and steering

- Add waitForEvent() to tea.Batch in processNextPendingPrompt
- Fix deleteLastPendingPrompt docstring to match actual behavior
- Capture sessionConfig.Model (user-selected) instead of currentModel (server-resolved)
- Stop auto-processing pending prompts on streaming errors
- Always set reasoning effort from captured state, even when empty
- Add dedicated pendingSteering/pendingQueued styles instead of reusing message styles
- Peek prompt before removing from queue; only pop on successful setup
- Add peekNextPendingPrompt and getSelectedModel helper methods
- Add comprehensive unit tests for queue/steering behavior

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* refactor: replace custom containsSubstring with strings.Contains

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix(chat): align abort with error handling and recreate session for reasoning effort changes (#2497)

* Initial plan

* fix(chat): align abort behavior with stream errors and recreate session for reasoning effort changes

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix(chat): address review feedback on prompt queue helpers (#2498)

* Initial plan

* fix(chat): address review feedback - fix doc comments and refactor pop to drop helper

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* feat(chat): enhance Copilot CLI integration and improve authentication flow

Signed-off-by: Nikolai Emil Damm <nikolaiemildamm@icloud.com>

* feat(chat): refactor chat modes and tool permissions

- Removed chatModeRef from non-TUI mode, simplifying tool wrapping.
- Consolidated tool permission checks, enforcing path sandboxing.
- Eliminated ask mode, focusing on agent and plan modes.
- Updated key bindings and help text for clarity.
- Introduced exit confirmation modal for unsent input.
- Enhanced test coverage for queueing and steering prompts during streaming.
- Added skills-lock.json for managing dependencies.

Signed-off-by: Nikolai Emil Damm <nikolaiemildamm@icloud.com>

* feat(chat): add support for alt+enter to insert a newline in the chat textarea

Signed-off-by: Nikolai Emil Damm <nikolaiemildamm@icloud.com>

* fix: resolve gosec warnings for password fields and improve command execution safety

Signed-off-by: Nikolai Emil Damm <nikolaiemildamm@icloud.com>

* fix: address review feedback for prompt queuing and steering (#2650)

* Initial plan

* fix: address review feedback from #pullrequestreview-3873094481

- Handle RPC error in handleToggleMode instead of discarding with _, _
- Fix pendingPrompt.chatMode comment: "agent/plan/ask" -> "agent/plan"
- Rename shadowed variables in processNextPendingPrompt
- Track insertion order for deleteLastPendingPrompt across both lists
- Add executable bit check in resolveCopilotCLIPath
- Extract findCopilotInSDKCache helper to reduce cyclomatic complexity
- Update test comment explaining zero-value session safety
- Fix all golangci-lint issues

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: finalize review feedback changes

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* merge: resolve conflicts with main branch (#2652)

* Initial plan

* merge: resolve conflicts with main branch

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* merge: sync with main branch (#2656)

* Initial plan

* merge: resolve conflicts with main branch

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: update generated reference docs

* fix: apply review feedback for prompt queuing and chat TUI (#2660)

* Initial plan

* fix: apply review feedback from #pullrequestreview-3873347423

- Remove unused `_ uint` param from renderPendingPrompts
- Remove unnecessary make([]pendingPrompt, 0) allocations
- Refactor switchModel/switchReasoningEffort to return explicit error
- Fix pendingprompt_test.go to re-assert streaming state before Enter
- Fix fmt.Errorf with two %w verbs (use %v for secondary error)
- Fix features.mdx docs: two modes (Agent/Plan), not three
- Fix gosec rule ID G704 → G107 in registry_health.go
- Restore NewLine key binding in keymap.go for help display
- Fix ToggleMode help text: "agent/plan" not "agent/plan/ask"
- Fix all golangci-lint issues (noinlineerr, inamedparam, unparam)

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix: address review feedback for chat TUI prompt queuing (#2663)

* Initial plan

* fix: address PR review feedback for chat TUI prompt queuing

- Change Ctrl+D to Ctrl+X for delete pending prompt (avoid Unix EOF conflict)
- Fix runCopilotAuthLogin to use 'auth login' subcommand instead of 'login'
- Improve error handling in selectModel and selectReasoningEffort (check errors explicitly)
- Fix test fragility in TestMultipleQueuedPrompts_ShowNumbered (re-assert streaming state)
- Update help text to clarify delete behavior (last added prompt)
- Fix all golangci-lint issues (noinlineerr, nestif, inamedparam)

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix: resolve jscpd, golangci-lint, and lychee issues (#2664)

* Initial plan

* fix: resolve jscpd, golangci-lint, and lychee issues

- Extract modalContentStyles helper to eliminate jscpd duplicate between
  permission.go and render.go
- Add //nolint:gosec comments for false positive G304/G703 warnings in
  backup.go and restore.go (paths are already validated)
- Remove broken links to deleted go-performance-optimization.md in
  BENCHMARKS.md files
- Remove 404 links to private copilot-sdk repo paths in SKILL.md

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: Apply megalinter fixes

* fix: correct gosec rule IDs, chat TUI review feedback, and stricter Copilot CLI resolution (#2671)

* Initial plan

* fix: address review feedback - gosec rule IDs, dead code, help overlay, tests

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* Initial plan (#2679)

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>

* fix: address review comments on prompt queuing and Copilot CLI resolution (#2683)

* Initial plan

* fix: address PR review comments from #pullrequestreview-3877060560

- Add session.RPC.Mode.Set() in processNextPendingPrompt to enforce
  server-side mode when restoring mode from queued prompts
- Handle .exe suffix in isCopilotBinaryName for platform-specific
  binaries like copilot-windows-amd64.exe
- Restore API documentation comment on Password field alongside
  nolint directive in docker/registry.go
- Add //nolint:gochecknoglobals header to chat/export_test.go for
  convention consistency

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix: address review comments for chat TUI prompt queuing (#2686)

* Initial plan

* fix: address review comments - dead code, export convention, comment accuracy, early return on mode set failure

- model_picker.go: Remove dead code in selectModel() - switchModel handles picker dismissal
- reasoning_picker.go: Same dead code cleanup in selectReasoningEffort()
- export_test.go: Convert SetStreaming method to var alias following codebase convention
- pendingprompt_test.go: Update all test call sites to use ExportSetStreaming
- chat.go: Fix misleading comment - says 'two dashes' but code checks for 'one dash'
- streamhandlers.go: Return early when Mode.Set RPC fails to prevent executing prompt in wrong mode
- registry.go: Fix line length issue from nolint comment

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* refactor: extract applyMode helper to eliminate duplicate mode-setting code (#2690)

* Initial plan

* refactor: extract applyMode helper to eliminate jscpd clone

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: Apply megalinter fixes

* fix: address review comments on prompt queuing - docs, test robustness, lint (#2694)

* Initial plan

* fix: address review comments - improve docs, test robustness, lint compliance

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* Initial plan (#2696)

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>

* fix(chat): suppress gosec G115 false positive in calculateWrapWidth (#2700)

* Initial plan

* fix: suppress gosec G115 false positive in calculateWrapWidth

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: apply golangci-lint fixes

* fix(chat): flexible binary matching, pending prompt exit warning, lint fixes (#2702)

* Initial plan

* fix: address review feedback - flexible binary matching, pending prompt exit warning, lint fixes

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix(chat): defer chatMode mutation until after all setup steps succeed (#2705)

* Initial plan

* fix(chat): defer chatMode mutation until after all setup steps succeed

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix: suppress G115 gosec false positive in calculateWrapWidth (#2711)

* Initial plan

* fix: suppress G115 gosec false positive in calculateWrapWidth

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: apply golangci-lint fixes

* Update .agents/skills/astro/SKILL.md

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Nikolai Emil Damm <ned@devantler.tech>

* fix: address review feedback on error wrapping and isCopilotBinaryName docs (#2712)

* Initial plan

* fix: use %v instead of %w for login error wrapping and improve isCopilotBinaryName comment

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* fix: clarify isCopilotBinaryName comment examples

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

* chore: apply golangci-lint fixes

* fix: validate COPILOT_CLI_PATH, document cleanup idempotency, improve isCopilotBinaryName docs (#2717)

* Initial plan

* fix: address review feedback - validate COPILOT_CLI_PATH, document cleanup safety, improve comments

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Signed-off-by: Nikolai Emil Damm <ned@devantler.tech>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>
Co-authored-by: Nikolai Emil Damm <ned@devantler.tech>

* fix: applyMode state sync, handleToggleMode rollback, goreleaser env vars (#2719)

* Initial plan

* fix: address review feedback - applyMode sync, handleToggleMode revert, goreleaser env vars, fix all bloop lint issues

Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>

---------

Signed-off-by: Nikolai Emil Damm <nikolaiemildamm@icloud.com>
Signed-off-by: Nikolai Emil Damm <ned@devantler.tech>
Co-authored-by: Daily Progress <agentic-workflow@github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>
Co-authored-by: Nikolai Emil Damm <ned@devantler.tech>
Co-authored-by: Nikolai Emil Damm <nikolaiemildamm@icloud.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@github-actions

Copy link
Copy Markdown
Contributor

Daily Builder update — Implemented fix for pkg/fsutil/ReadFileSafe path prefix attack security bug (PR #3266). The strings.HasPrefix containment check was replaced with filepath.Rel to correctly enforce directory boundaries, preventing a sibling-directory prefix bypass.

Warning

⚠️ Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • proxy.golang.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "proxy.golang.org"

See Network Configuration for more information.

Note

🔒 Integrity filtering filtered 11 items

Integrity filtering activated and filtered the following items during workflow execution.
This happens when a tool call accesses a resource that does not meet the required integrity or secrecy level of the workflow.

Generated by Daily Builder ·

devantler pushed a commit that referenced this pull request Apr 7, 2026
- Canonicalize kubeconfig path with fsutil.EvalCanonicalPath (review #1)
- Use atomic write (temp file + rename) to prevent corruption (review #2)
- Fix misleading comment about Cobra PersistentPreRunE chaining (review #4)
- Extract NewSilentConfigManager to kubeconfig package to deduplicate
  config-loading boilerplate and fix jscpd lint failure
- Add table-driven tests for NewProviderFromOptions (review #5)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
github-merge-queue Bot pushed a commit that referenced this pull request Apr 7, 2026
* feat: auto-refresh expired Omni kubeconfig tokens

Omni kubeconfig service-account tokens had a hardcoded 24-hour TTL,
making clusters inaccessible after expiry with no refresh mechanism.

Changes:
- Increase default kubeconfig TTL from 24h to 30 days
- Make GetKubeconfig accept a TTL parameter for caller control
- Add centralized kubeconfighook package that transparently refreshes
  expired tokens before any CLI command runs
- Wire hook into root PersistentPreRunE (covers cluster, cipher, chat,
  mcp, tenant commands) and workload's wrapWithKubeconfigResolution
  (covers all workload commands)
- Extract NewProviderFromOptions to pkg/svc/provider/omni/factory.go
  for reuse by both the Talos factory and the kubeconfig hook

The hook parses the JWT exp claim from the kubeconfig token and only
contacts the Omni API when the token is expired or about to expire
(5-minute buffer). Non-Omni clusters add ~1ms overhead (config load
+ provider check).

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: address review feedback for kubeconfighook

- Canonicalize kubeconfig path with fsutil.EvalCanonicalPath (review #1)
- Use atomic write (temp file + rename) to prevent corruption (review #2)
- Fix misleading comment about Cobra PersistentPreRunE chaining (review #4)
- Extract NewSilentConfigManager to kubeconfig package to deduplicate
  config-loading boilerplate and fix jscpd lint failure
- Add table-driven tests for NewProviderFromOptions (review #5)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: resolve golangci-lint and jscpd violations

- Replace magic numbers with named constants (kubeconfigFileMode,
  jwtMinParts, jwtMaxParts)
- Replace inline error handling with plain assignments (noinlineerr)
- Rename short variable 'ok' to descriptive names (varnamelen)
- Move tests to external package kubeconfighook_test (testpackage)
- Split test functions to stay under funlen limit of 60 lines
- Use require.ErrorIs instead of assert.ErrorIs (testifylint)
- Wrap error from NewProviderFromOptions in talos factory (wrapcheck)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* refactor: inline loadConfigSilently to eliminate jscpd duplicate

The separate loadConfigSilently function was flagged by jscpd as a
copy-paste duplicate of the structurally identical loadConfig function
in pkg/cli/lifecycle/simple.go. Inline its body into
MaybeRefreshOmniKubeconfig so the surrounding context makes the code
structurally distinct.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: address review feedback on JWT validation and test determinism

- Require exactly 3 JWT segments (header.payload.signature) instead of
  a minimum of 2, preventing non-JWT tokens with a dot from being
  mistakenly parsed for expiry.
- Move DefaultEnvVarNames subtest to a non-parallel top-level function
  with t.Setenv to clear OMNI_ENDPOINT/OMNI_SERVICE_ACCOUNT_KEY, making
  it deterministic regardless of ambient environment.
- Reorder workload hook to refresh Omni kubeconfig before resolving the
  path, so path resolution picks up the freshly written kubeconfig.
- Add TwoSegmentToken edge-case test to verify 2-segment tokens are
  not treated as JWTs.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: handle Windows rename failure in atomicWriteFile

On Windows, os.Rename may fail when the destination file already
exists. Mirror the existing retry pattern from
pkg/cli/cmd/cluster/cluster.go: if Rename fails and the target
exists, remove the target and retry once.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: resolve cyclop, tparallel, and unparam lint violations

- Extract resolveOmniKubeconfigPath to reduce MaybeRefreshOmniKubeconfig
  cyclomatic complexity from 11 to 5.
- Remove t.Parallel from CustomEnvVarNames subtest since sibling
  subtest uses t.Setenv (incompatible with parallel parent).
- Hardcode contextName in writeKubeconfig test helper since all callers
  passed the same value.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: enforce exact 3-segment JWT check and detect short writes

- Use strings.Split instead of SplitN and check len(parts) != 3 to
  reject tokens with more than 3 dot-separated segments.
- Check byte count from tmp.Write to detect short writes and prevent
  truncated kubeconfig files.
- Add FourSegmentToken regression test.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: use static error for short write and fix paralleltest lint

- Wrap errShortWrite sentinel error instead of dynamic fmt.Errorf
  to satisfy err113.
- Split EnvVarTakesPrecedenceOverConfig into a separate non-parallel
  test function so TestNewProviderFromOptions_EnvVarResolution can
  call t.Parallel (satisfies paralleltest linter).

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* chore: apply golangci-lint fixes

* fix: guard rename-retry fallback to Windows only

Narrow the remove-and-retry path in atomicWriteFile to
runtime.GOOS == "windows" so that Unix rename failures (which
indicate a real problem) never delete a previously valid kubeconfig.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: skip kubeconfig refresh when --kubeconfig is explicitly set

When the user passes --kubeconfig explicitly, they are managing the
kubeconfig themselves. Skip the auto-refresh hook in this case to
avoid refreshing/writing a different file than the command uses.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: extract isKubeconfigFlagExplicit to reduce cyclop complexity

Move the --kubeconfig flag check into a dedicated helper to bring
resolveOmniKubeconfigPath cyclomatic complexity from 11 to 8.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* fix: use cmd.Flag to detect inherited --kubeconfig flag

cmd.Flag() checks both local and inherited flags, while
cmd.Flags().Lookup() only checks local. This ensures the
auto-refresh hook correctly detects --kubeconfig set on a
parent command.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: devantler <26203420+devantler@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant