80dfc15319
* feat: add release workflow to build and push container images to GHCR
Triggers on GitHub Release publish. Builds three container images
(consentos-api, consentos-scanner, consentos-admin-ui) and pushes
them to ghcr.io/consentos/ tagged with the semver release version
(e.g. v1.0.0, 1.0), plus ``latest``.
Release flow:
1. Merge PRs to master.
2. Tag: ``git tag v1.0.0 && git push origin v1.0.0``
3. Create a GitHub Release from the tag.
4. Workflow fires, images land on GHCR.
5. Deploy by pointing Helm values or docker-compose at the tag.
Uses ``docker/metadata-action`` for tag derivation and
``docker/build-push-action`` for the builds. Auth uses the
default ``GITHUB_TOKEN`` with ``packages: write`` — no extra
secrets needed.
The admin-ui image uses the repo root as the build context (same
as ``docker-compose.prod.yml``) so the Dockerfile can pull in
``apps/banner/`` alongside ``apps/admin-ui/`` and bundle the
banner output at the nginx root.
* chore: auto-graduate changelog on release + CI path filters
CI workflow (``ci.yml``):
- Uses ``dorny/paths-filter`` to detect which apps changed. Each
job group (api, scanner, banner, admin-ui) now has an
``if: needs.changes.outputs.<app> == 'true'`` guard so it only
runs when files under its ``apps/<app>/`` directory were
modified. A docs-only or infra-only PR no longer triggers the
full lint + test + build matrix.
22 lines
1.2 KiB
Markdown
22 lines
1.2 KiB
Markdown
# Changelog
|
|
|
|
All notable changes to this project will be documented in this file.
|
|
|
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
|
|
## [0.1.0] - 2026-03-18
|
|
|
|
Initial public release of ConsentOS.
|
|
|
|
### Added
|
|
|
|
- **API:** FastAPI backend with JWT authentication, org/site CRUD, consent recording, analytics, and compliance checking
|
|
- **Banner:** Lightweight consent banner script (~2KB loader + ~25KB bundle) with Shadow DOM isolation, auto-blocking, IAB TCF v2.2, and Google Consent Mode v2
|
|
- **Scanner:** Playwright-based cookie crawler with auto-categorisation and dark pattern detection
|
|
- **Admin UI:** React dashboard with site management, cookie manager, banner builder, compliance checker, and analytics
|
|
- **Known cookies:** Seeded from the [Open Cookie Database](https://github.com/jkwakman/Open-Cookie-Database) (2,200+ patterns)
|
|
- **Compliance:** Rule-based engine covering GDPR, CNIL, CCPA/CPRA, ePrivacy, and LGPD
|
|
- **Infrastructure:** Docker Compose (dev/test/prod), Helm chart, Ansible playbooks
|
|
- **CI:** GitHub Actions pipeline with linting, testing, type checking, and bundle size checks
|