Refresh RC7 packet after release-gate fixes
Some checks failed
Build and Test / Secret Scan (push) Has been cancelled
Build and Test / Frontend & Backend (push) Has been cancelled

This commit is contained in:
rcourtman 2026-06-28 03:30:31 +01:00
parent d796928969
commit 2900e41b2d
4 changed files with 77 additions and 29 deletions

View file

@ -4,11 +4,11 @@
- From tag: `v6.0.0-rc.6`
- From commit: `c25e95cb2b071551df95c8add62773905ba0628b`
- To validation-risk commit: `fc10de9b5477613316473267b72b05b6b2b7aaff`
- Git range: `v6.0.0-rc.6..fc10de9b5477613316473267b72b05b6b2b7aaff`
- Commit count: `975`
- Date span in the range: `2026-05-27` through `2026-06-27`
- Changed scope: `1997` files, `239625` insertions, `47030` deletions
- To validation-risk commit: `d796928969b0b557ef5ed2d48e0e6f5e5a197df3`
- Git range: `v6.0.0-rc.6..d796928969b0b557ef5ed2d48e0e6f5e5a197df3`
- Commit count: `979`
- Date span in the range: `2026-05-27` through `2026-06-28`
- Changed scope: `2003` files, `239767` insertions, `47168` deletions
The final release workflow dispatch may use a later metadata-only packet
refresh commit. That refresh is not counted as a new validation-risk commit
@ -38,8 +38,33 @@ included commits surface deterministic capacity forecasts as finding signals,
query capacity forecast history through the metrics target ID, and sanitize
Patrol runtime failures in history.
No public issue comment, retitle, closure, release publication, or customer
message was made as part of this packet update.
The final RC7 release attempt exposed three release-gate issues after that
packet refresh:
1. GitHub CI runners with real `/sys/block` devices could make the hostagent
SMART no-device test observe a real disk instead of the forced no-device
fallback.
2. Alert manager tests could leave asynchronous active-alert/history saves
writing into `t.TempDir()` while Go test cleanup removed the directory.
3. The published `install.sh` end-to-end smoke on a minimal Debian systemd
container failed with `ssh-keygen is required to verify signed Pulse release
assets` because the root installer did not bootstrap `openssh-client` before
signed archive verification.
The corrective commits harden the hostagent no-device proof, track alert save
workers during shutdown, and make the root installer install `ca-certificates`
and `openssh-client` alongside `curl` and `wget` while treating `jq` as the
only optional install-time helper. The Pulse repository `WORKFLOW_PAT` Actions
secret was also refreshed on 2026-06-28 after the downstream private Pro
publication job failed to dispatch the existing `rcourtman/pulse-enterprise`
`Build Pro Release` workflow with the previous token.
No public issue comment, retitle, closure, or customer message was made as part
of this packet update. A failed `v6.0.0-rc.7` release workflow had already
published the earlier draft assets before the downstream install smoke and
private Pro handoff failures surfaced; final publication must therefore replace
that failed public release state with assets built from the refreshed branch
head.
## Verification
@ -57,6 +82,9 @@ message was made as part of this packet update.
RC7 Docker-default correction
- Release packet head refresh:
- validation-risk commit
`fc10de9b5477613316473267b72b05b6b2b7aaff`
- `975` commits from `v6.0.0-rc.6`
- `1997` files changed, `239625` insertions, `47030` deletions
`d796928969b0b557ef5ed2d48e0e6f5e5a197df3`
- `979` commits from `v6.0.0-rc.6`
- `2003` files changed, `239767` insertions, `47168` deletions
- Final installability proof:
- `go test ./scripts/installtests -run 'TestRootInstallScript(ArchiveSupportContract|InstallsSignatureVerificationDependencies)|TestInstallShSmokeWorkflowPresent|TestCreateReleasePublishesPrivateProRuntime' -count=1`
- `python3 scripts/release_control/contract_audit.py --check`

View file

@ -38,7 +38,8 @@ prerelease before any stable v6 promotion:
- Platform surfaces kept the v5-shaped navigation, but gained substantial
table, drawer, filter, and action consistency work.
- The release and install pipeline has newer branch-policy, workflow-pin,
installer, update, and proof hardening than the shipped RC6 packet.
installer, update, and proof hardening than the shipped RC6 packet, including
fresh-host dependency bootstrap for signed server-installer verification.
## What changed since `rc.6`
@ -111,6 +112,8 @@ Notable release-readiness changes since RC6 include:
- patched Go toolchain wiring for v6 release builds
- release dry-run and promotion policy guardrail updates
- release asset validation and installer smoke improvements
- root server installer bootstrap of `ca-certificates` and `openssh-client`
before signed release archive verification
- audit log, webhook, tenant, token, and bootstrap handling fixes
### Monitoring and correctness fixes
@ -131,18 +134,20 @@ refresh may be the workflow dispatch head; the validation range below is the
code-backed release-risk range.
- `v6.0.0-rc.6`: `c25e95cb2b071551df95c8add62773905ba0628b`
- validation-risk commit: `fc10de9b5477613316473267b72b05b6b2b7aaff`
- range: `v6.0.0-rc.6..fc10de9b5477613316473267b72b05b6b2b7aaff`
- commit count: `975`
- changed scope: `1997` files, `239625` insertions, `47030` deletions
- validation-risk commit: `d796928969b0b557ef5ed2d48e0e6f5e5a197df3`
- range: `v6.0.0-rc.6..d796928969b0b557ef5ed2d48e0e6f5e5a197df3`
- commit count: `979`
- changed scope: `2003` files, `239767` insertions, `47168` deletions
The final validation-risk commits add deterministic capacity-forecast finding
signals, correct capacity-history lookup to use the metrics target ID, and
sanitize Patrol runtime failures in history. The earlier RC7 installability
correction also remains in scope: repo-root Docker Compose and
`scripts/install-docker.sh` default to `6.0.0-rc.7`, while the stable promotion
guard stays version-aware so future `6.0.0` promotion still rejects stale
prerelease Docker defaults.
sanitize Patrol runtime failures in history. The release-validation fixes after
that head harden hostagent no-device CI proof, alert shutdown/save lifecycle
proof, and the published server installer smoke: repo-root Docker Compose and
`scripts/install-docker.sh` default to `6.0.0-rc.7`, the stable promotion guard
stays version-aware so future `6.0.0` promotion still rejects stale prerelease
Docker defaults, and fresh Debian/Ubuntu/Proxmox installs bootstrap
`openssh-client` before signature verification.
## Retest plan
@ -160,8 +165,9 @@ prerelease Docker defaults.
discoveries.
7. Walk Proxmox, Docker, Kubernetes, TrueNAS, vSphere, Machines, Alerts, Patrol,
and Settings in-browser with real or representative data.
8. Re-test release assets, checksums, signatures, installer scripts, Docker
images, Helm smoke, and preview demo routing before publishing broadly.
8. Re-test release assets, checksums, signatures, installer scripts on a fresh
minimal Debian/Ubuntu-style host, Docker images, Helm smoke, and preview
demo routing before publishing broadly.
9. Re-test provider MSP and Cloud control-plane flows only against the governed
staging or proof environments.
10. Verify self-hosted commercial posture: no monitored-system cap on current

View file

@ -10,7 +10,10 @@ governed `v6.0.0-rc.7` prerelease exists._
platform-shaped top-level navigation restored in `rc.6`, but it carries a much
larger post-RC6 branch delta across Assistant, Patrol, availability checks,
platform-table consistency, provider MSP, commercial continuity, release
tooling, installers, security hardening, and monitoring correctness.
tooling, installers, security hardening, and monitoring correctness. The final
installability fix also keeps signed release verification working on minimal
fresh Debian/Ubuntu/Proxmox hosts by bootstrapping the package that provides
`ssh-keygen`.
The branch also contains earlier `v6.0.0` stable-promotion packet work. RC7
supersedes that operationally by keeping the next public v6 artifact on the
@ -23,10 +26,10 @@ validation-risk range. A later packet-only refresh may be the workflow dispatch
head; the validation range below is the code-backed release-risk range.
- `v6.0.0-rc.6`: `c25e95cb2b071551df95c8add62773905ba0628b`
- validation-risk commit: `fc10de9b5477613316473267b72b05b6b2b7aaff`
- range: `v6.0.0-rc.6..fc10de9b5477613316473267b72b05b6b2b7aaff`
- commit count: `975`
- changed scope: `1997` files, `239625` insertions, `47030` deletions
- validation-risk commit: `d796928969b0b557ef5ed2d48e0e6f5e5a197df3`
- range: `v6.0.0-rc.6..d796928969b0b557ef5ed2d48e0e6f5e5a197df3`
- commit count: `979`
- changed scope: `2003` files, `239767` insertions, `47168` deletions
Those commits are grouped here by operator-visible behavior and release risk
instead of listed one by one.
@ -111,6 +114,10 @@ instead of listed one by one.
- RC7 Docker install defaults now pin the governed `6.0.0-rc.7` image in both
the repo-root Compose sample and Docker bootstrap installer fallback, while
keeping stable-promotion proof guarded against leftover prerelease defaults.
- The root server installer now installs `ca-certificates` and
`openssh-client` before signed release archive verification, so fresh
supported hosts do not fail only because `ssh-keygen` was absent before Pulse
installation began.
- Installer scripts gained additional update resilience, Windows agent install
coverage, root install tests, uninstall sensor-proxy support, and bundled
agent installer fail-closed behavior.
@ -144,7 +151,8 @@ instead of listed one by one.
- Release dry run and draft release workflow on `pulse/v6-release`.
- Release assets, checksums, signatures, Docker image, Helm smoke, and preview
demo routing.
demo routing, including the published `install.sh` smoke on a minimal
Debian-style systemd container.
- Upgrade from v5 stable and from earlier RCs, especially `rc.2` trust-root
continuity.
- Patrol and Assistant with real alert/finding/resource context.

View file

@ -51,6 +51,9 @@ lets operators test the current branch head without treating it as stable v6.
Alerts, and Settings.
- Provider MSP, Cloud, commercial continuity, installer, update, and release
proof paths were hardened.
- Fresh supported Debian, Ubuntu, and Proxmox installs bootstrap the
`openssh-client` package before signed release archive verification, so
missing `ssh-keygen` on a minimal host should not block the server installer.
- Security and correctness fixes landed across outbound HTTP, webhooks, audit
logging, tenant boundaries, metrics, alerts, and unified resources.
@ -161,7 +164,8 @@ posting.
public self-hosted plans and no default trial pressure in normal self-hosted
surfaces.
13. Re-test install, update, Docker, Helm, preview demo, and release asset
workflows before broader retesting.
workflows before broader retesting, including the published `install.sh`
path on a minimal Debian-style host or container.
## Ask for these details
@ -186,6 +190,8 @@ When a user reports an `rc.7` problem, ask for:
Escalate without asking the user to keep experimenting when the report involves:
- failed install or failed upgrade with no recovery path
- `ssh-keygen is required to verify signed Pulse release assets` on a fresh
supported Debian, Ubuntu, or Proxmox server install
- stable install path unexpectedly landing on a v6 prerelease
- duplicate or missing agent identity after a v5-to-v6 upgrade
- hosted, checkout, magic-link, SSO, webhook, token, or tenant access granted