implemented federation

2026-05-12 20:55:13 +02:00
parent e360f3697e
commit ab94775162
13 changed files with 874 additions and 30 deletions
@@ -4,7 +4,7 @@

 ForgeBucket is a self-hosted, federated developer operations platform. Where other Git platforms show you a list of files, ForgeBucket surfaces deployments, pipeline health, environment drift, and operational context directly alongside your code. Repositories are runtime systems. The dashboard is a command center.

-**Status:** Active development. Phase 3E (observability) complete. Phase 3F (federation handlers) is next.
+**Status:** Active development. Phase 3F (ActivityPub federation) complete. Phase 4 (AI diagnostics + signed artifacts) is next.

 ---

@@ -101,9 +101,16 @@ ForgeBucket is a self-hosted, federated developer operations platform. Where oth
 ### Federation
 | Feature | Status |
 |---------|--------|
-| ActivityPub actor model | Done (data layer) |
-| Federation handlers / inbox / outbox | Planned (Phase 3F) |
-| Cross-instance pull requests | Planned (Phase 3F) |
+| ActivityPub actor model | Done |
+| WebFinger (`/.well-known/webfinger`) | Done |
+| Actor documents (`/users/{username}`) | Done |
+| Inbox (receive + HTTP signature verify) | Done |
+| Outbox (OrderedCollection, paginated) | Done |
+| Followers / Following collections | Done |
+| HTTP signatures (draft-cavage-http-signatures) | Done |
+| Follow / Accept auto-accept flow | Done |
+| RSA-2048 key pair lazy generation | Done |
+| Cross-instance pull requests (ForgeFed) | Planned (Phase 4) |

 ---

@@ -148,7 +155,7 @@ ForgeBucket
 ├── Workspace Service    (multi-tenant namespaces — internal/api/handlers/workspace.go)
 ├── Event Bus            (NATS core, NoOp fallback — internal/events/)
 ├── Audit Log            (every mutating request — internal/api/middleware/audit.go)
-├── Federation Layer     (ActivityPub actors — internal/domain/federation/)  ← Phase 3F stub
+├── Federation Layer     (ActivityPub inbox/outbox, HTTP signatures — internal/domain/federation/)
 ├── Database             (PostgreSQL + XORM — internal/models/)
 └── Web Frontend         (React 18 + TypeScript, //go:embed — web/)
 ```
@@ -176,7 +183,7 @@ Logger → RealIP → Recoverer → Metrics → CORS → CSRF → SessionAuth
 | YAML parsing | `gopkg.in/yaml.v3` (workflow definitions) |
 | Code editing | CodeMirror |
 | Container | Docker Compose (dev) |
-| Federation | ActivityPub / ForgeFed (data layer only) |
+| Federation | ActivityPub / ForgeFed (WebFinger, actor, inbox/outbox, HTTP signatures) |

 ---

@@ -242,8 +249,8 @@ ForgeBucket has its own design language — intentionally distinct from GitHub a
 | Phase 3C | Workspaces + secret management hierarchy (Global → Workspace → Repo → Env) | Done |
 | Phase 3D | GitOps controller + drift detection + auto-sync | Done |
 | Phase 3E | Observability (Prometheus `/metrics`, structured `/health`, repo health API) | Done |
-| Phase 3F | Federation handlers (ActivityPub inbox/outbox, cross-instance PRs) | Next |
-| Phase 4 | AI diagnostics, signed artifacts, OCI registry, secret/dep scanning | Planned |
+| Phase 3F | Federation handlers (ActivityPub WebFinger, actor, inbox/outbox, HTTP signatures) | Done |
+| Phase 4 | AI diagnostics, signed artifacts, OCI registry, secret/dep scanning | Next |

 ---