<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Enable testifylint to enforce testify best practices. We fix all
violations by using require.NoError/require.Error instead of assert for
error checks. This is the correct pattern since there's no point
continuing a test after an error assertion fails.

This is a linter enabled in a couple of different projects (gateway-api
comes immediate to mind).

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind cleanup

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

The deployments API had mixed identity models (name/version vs ID),
outdated update semantics, and duplicated client/server code paths. This
refactor aligns deployments on a single provider-based, ID-first model
and removes legacy flows.


# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind breaking_change
/kind cleanup
/kind design

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
refactor deployment apis to provider+id-based model
```

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

- finish rename config -> env
- call deployment adapters from within registry service
- add extraroutes

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

# Changelog
/kind cleanup
/kind design

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Prepare for enabling an MQ for this repository. Add the requisite event
triggers to the GHA workflows.


# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind cleanup

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

Signed-off-by: timflannagan <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Previously, the "Add Skill" dialog always required a Docker image and
always sent a Docker package payload, even when a GitHub repository was
provided.

Now we allow either source, require at least one, and only send Docker
package metadata when an image is provided.

Fixes #250.

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind fix

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
Fixed an issue in the UI skill publishing flow where a Docker image was incorrectly required even when publishing from a public GitHub repository. The form now accepts either a GitHub repository URL or a Docker image.
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

---------

Signed-off-by: timflannagan <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Originally I had preemptively decided on returning 404s instead of
actual auth errors to prevent resource leakage. I'm walking back on this
decision for a few reasons now:
1. This is very confusing UX when someone can view a resource, and when
they try to modify it, they get 404s.
- Similar to this, if I can view a resource now and in the future can't
(due to authz), it would be confusing to see a 404 as I would believe
the resource no longer exists, instead of the real issue: lack of
permissions.

Actually, that's just one reason, but still important.

While the leakage prevention makes sense in public registries where any
non-authenticated user can peruse, we currently do not have authn
implemented that would warrant this precaution.

If we ever truly need or want resource leak protection, we can later
expand on this (e.g. adding an AppOption to prevent resource existence
leakage and checking it to decide on the API's return). In the meantime,
we should keep this simple and straightforward.

# Change Type

```
/kind fix
```

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
Return proper API responses due to auth issues (4XX).
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

---------

Signed-off-by: Fabian Gonzalez <[email protected]>
Signed-off-by: Fabian Gonzalez <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Setting up structured logging, namely json-based logging, to give us a
standard on how to log (instead of our current mix of `log.` and
`slog.`) plus make querying debugging easier by having a queriable(?)
standard for logs.

We already have an **AGENTS.md** that bring up using `slog`, so moving
to using that throughout the services will also lessen any agentic
confusion to avoid any "file says to use `slog`, but wait I see `log`
used".

Resolves #101 

## Example

Below is the logs from docker + an example of better json querying
instead of needing to do find searches / grepping.

```sh
docker logs agentregistry-server
```
```
2026-03-05T22:40:15.775900636Z {"time":"2026-03-05T22:40:15.775801928Z","level":"INFO","msg":"using public authz provider"}
2026-03-05T22:40:15.784088969Z {"time":"2026-03-05T22:40:15.783974594Z","level":"INFO","msg":"No pending migrations"}
2026-03-05T22:40:15.784103094Z {"time":"2026-03-05T22:40:15.784005678Z","level":"INFO","msg":"starting agentregistry","version":"v0.0.0-32fa010","commit":"32fa010"}
2026-03-05T22:40:15.784263053Z {"time":"2026-03-05T22:40:15.784178969Z","level":"INFO","msg":"reconciling existing deployments at startup"}
2026-03-05T22:40:15.784817719Z {"time":"2026-03-05T22:40:15.784770469Z","level":"WARN","msg":"failed to reconcile deployments at startup","error":"failed to get deployments: failed to get deployments from DB: failed to query deployments: ERROR: column d.id does not exist (SQLSTATE 42703)"}
2026-03-05T22:40:15.784822678Z {"time":"2026-03-05T22:40:15.784790303Z","level":"WARN","msg":"server will continue starting, but deployments may not be in sync"}
2026-03-05T22:40:15.784824678Z {"time":"2026-03-05T22:40:15.784798969Z","level":"INFO","msg":"UI handler initialized; web interface will be available"}
2026-03-05T22:40:15.788176178Z {"time":"2026-03-05T22:40:15.788063386Z","level":"INFO","msg":"HTTP server starting","address":":8080"}
2026-03-05T22:40:15.788189719Z {"time":"2026-03-05T22:40:15.788085678Z","level":"INFO","msg":"web UI available","url":"http://localhost:8080/"}
2026-03-05T22:40:15.788191261Z {"time":"2026-03-05T22:40:15.788088386Z","level":"INFO","msg":"API documentation available","url":"http://localhost:8080/docs"}
```

```sh
docker logs agentregistry-server | jq 'select(.level == "WARN")'
```
```json
{
  "time": "2026-03-05T22:40:15.784770469Z",
  "level": "WARN",
  "msg": "failed to reconcile deployments at startup",
  "error": "failed to get deployments: failed to get deployments from DB: failed to query deployments: ERROR: column d.id does not exist (SQLSTATE 42703)"                                                                                                                              
}
{
  "time": "2026-03-05T22:40:15.784790303Z",
  "level": "WARN",
  "msg": "server will continue starting, but deployments may not be in sync"
}
```

# Change Type

```
/kind cleanup
```

# Changelog

```release-note
Use structured logs (JSON) for running services.
```

# Additional Notes

---------

Signed-off-by: Fabian Gonzalez <[email protected]>
Signed-off-by: Fabian Gonzalez <[email protected]>

…#123)

Fixes agentregistry-dev#121

Signed-off-by: Peter Jausovec <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes agentregistry-dev#123`
-->

Enable testifylint to enforce testify best practices. We fix all
violations by using require.NoError/require.Error instead of assert for
error checks. This is the correct pattern since there's no point
continuing a test after an error assertion fails.

This is a linter enabled in a couple of different projects (gateway-api
comes immediate to mind).

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind cleanup

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

…y-dev#209)

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes agentregistry-dev#123`
-->

The deployments API had mixed identity models (name/version vs ID),
outdated update semantics, and duplicated client/server code paths. This
refactor aligns deployments on a single provider-based, ID-first model
and removes legacy flows.


# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind breaking_change
/kind cleanup
/kind design

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
refactor deployment apis to provider+id-based model
```

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

- finish rename config -> env
- call deployment adapters from within registry service
- add extraroutes

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes agentregistry-dev#123`
-->

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

# Changelog
/kind cleanup
/kind design

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes agentregistry-dev#123`
-->

Prepare for enabling an MQ for this repository. Add the requisite event
triggers to the GHA workflows.


# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind cleanup

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

Signed-off-by: timflannagan <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes agentregistry-dev#123`
-->

Previously, the "Add Skill" dialog always required a Docker image and
always sent a Docker package payload, even when a GitHub repository was
provided.

Now we allow either source, require at least one, and only send Docker
package metadata when an image is provided.

Fixes agentregistry-dev#250.

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind fix

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
Fixed an issue in the UI skill publishing flow where a Docker image was incorrectly required even when publishing from a public GitHub repository. The form now accepts either a GitHub repository URL or a Docker image.
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

---------

Signed-off-by: timflannagan <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes agentregistry-dev#123`
-->

Originally I had preemptively decided on returning 404s instead of
actual auth errors to prevent resource leakage. I'm walking back on this
decision for a few reasons now:
1. This is very confusing UX when someone can view a resource, and when
they try to modify it, they get 404s.
- Similar to this, if I can view a resource now and in the future can't
(due to authz), it would be confusing to see a 404 as I would believe
the resource no longer exists, instead of the real issue: lack of
permissions.

Actually, that's just one reason, but still important.

While the leakage prevention makes sense in public registries where any
non-authenticated user can peruse, we currently do not have authn
implemented that would warrant this precaution.

If we ever truly need or want resource leak protection, we can later
expand on this (e.g. adding an AppOption to prevent resource existence
leakage and checking it to decide on the API's return). In the meantime,
we should keep this simple and straightforward.

# Change Type

```
/kind fix
```

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
Return proper API responses due to auth issues (4XX).
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

---------

Signed-off-by: Fabian Gonzalez <[email protected]>
Signed-off-by: Fabian Gonzalez <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes agentregistry-dev#123`
-->

Setting up structured logging, namely json-based logging, to give us a
standard on how to log (instead of our current mix of `log.` and
`slog.`) plus make querying debugging easier by having a queriable(?)
standard for logs.

We already have an **AGENTS.md** that bring up using `slog`, so moving
to using that throughout the services will also lessen any agentic
confusion to avoid any "file says to use `slog`, but wait I see `log`
used".

Resolves agentregistry-dev#101 

## Example

Below is the logs from docker + an example of better json querying
instead of needing to do find searches / grepping.

```sh
docker logs agentregistry-server
```
```
2026-03-05T22:40:15.775900636Z {"time":"2026-03-05T22:40:15.775801928Z","level":"INFO","msg":"using public authz provider"}
2026-03-05T22:40:15.784088969Z {"time":"2026-03-05T22:40:15.783974594Z","level":"INFO","msg":"No pending migrations"}
2026-03-05T22:40:15.784103094Z {"time":"2026-03-05T22:40:15.784005678Z","level":"INFO","msg":"starting agentregistry","version":"v0.0.0-32fa010","commit":"32fa010"}
2026-03-05T22:40:15.784263053Z {"time":"2026-03-05T22:40:15.784178969Z","level":"INFO","msg":"reconciling existing deployments at startup"}
2026-03-05T22:40:15.784817719Z {"time":"2026-03-05T22:40:15.784770469Z","level":"WARN","msg":"failed to reconcile deployments at startup","error":"failed to get deployments: failed to get deployments from DB: failed to query deployments: ERROR: column d.id does not exist (SQLSTATE 42703)"}
2026-03-05T22:40:15.784822678Z {"time":"2026-03-05T22:40:15.784790303Z","level":"WARN","msg":"server will continue starting, but deployments may not be in sync"}
2026-03-05T22:40:15.784824678Z {"time":"2026-03-05T22:40:15.784798969Z","level":"INFO","msg":"UI handler initialized; web interface will be available"}
2026-03-05T22:40:15.788176178Z {"time":"2026-03-05T22:40:15.788063386Z","level":"INFO","msg":"HTTP server starting","address":":8080"}
2026-03-05T22:40:15.788189719Z {"time":"2026-03-05T22:40:15.788085678Z","level":"INFO","msg":"web UI available","url":"http://localhost:8080/"}
2026-03-05T22:40:15.788191261Z {"time":"2026-03-05T22:40:15.788088386Z","level":"INFO","msg":"API documentation available","url":"http://localhost:8080/docs"}
```

```sh
docker logs agentregistry-server | jq 'select(.level == "WARN")'
```
```json
{
  "time": "2026-03-05T22:40:15.784770469Z",
  "level": "WARN",
  "msg": "failed to reconcile deployments at startup",
  "error": "failed to get deployments: failed to get deployments from DB: failed to query deployments: ERROR: column d.id does not exist (SQLSTATE 42703)"                                                                                                                              
}
{
  "time": "2026-03-05T22:40:15.784790303Z",
  "level": "WARN",
  "msg": "server will continue starting, but deployments may not be in sync"
}
```

# Change Type

```
/kind cleanup
```

# Changelog

```release-note
Use structured logs (JSON) for running services.
```

# Additional Notes

---------

Signed-off-by: Fabian Gonzalez <[email protected]>
Signed-off-by: Fabian Gonzalez <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Teach make help to discover documented targets from the Makefile instead
of maintaining a separate echoed list.

This keeps the output close to the implementation and avoids help text
drift over time.

Fixes #313 

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind cleanup

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

When Docker commands fail, only stdout was captured, making it difficult
to diagnose build and deployment failures. Docker typically writes error
details to stderr.

The `Executor.Run` method in `docker.go` now uses
`io.MultiWriter(os.Stderr, &stderrBuf)` to both display stderr in real
time and capture it for inclusion in the returned error message when the
command fails.

To reduce log pollution, outputs are now backed by `--verbose` flag.
Following a similar approach to the agentregistry-runtime, we print to
both stderr + buffer error when verbose is enabled, else we simply
output the buffer-captured error with the returned error message.

Fixes #193

## Validation

```sh
# init a skill
go run cmd/cli/main.go skill init test
```

Non-verbose output would only log the captured docker error
```sh
# invalid build without verbose logging
go run cmd/cli/main.go skill build test --image 'invalid!!tag'
```
```output
Building skill "hello-world-template" as Docker image: invalid!!tag
Error: build failed for skill "hello-world-template": docker build failed: exit status 1
ERROR: failed to build: invalid tag "invalid!!tag": invalid reference format
exit status 1
```

Verbose output will log std logs, the stderr, and final captured docker
error (which technically leads to duplicated from stderr + captured err
returned)
```sh
# invalid skill with verbose logging
go run cmd/cli/main.go skill build test --image 'invalid!!tag' --verbose
```
```output
Building skill "hello-world-template" as Docker image: invalid!!tag
Running: docker build -t invalid!!tag -f /var/folders/zy/pkk0_2ys5yx8y1syxw5xjxhh0000gn/T/skill-dockerfile-654053150 /Users/fabiangonz98/go/src/github.com/solo-io/agentregistry/test
Working directory: /Users/fabiangonz98/go/src/github.com/solo-io/agentregistry/test
ERROR: failed to build: invalid tag "invalid!!tag": invalid reference format
Error: build failed for skill "hello-world-template": docker build failed: exit status 1
ERROR: failed to build: invalid tag "invalid!!tag": invalid reference format
exit status 1
```

# Change Type

```
/kind fix
```

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
Include docker stderr in error messages for better debugging
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

---------

Signed-off-by: Fabian Gonzalez <[email protected]>
Co-authored-by: Claude Opus 4.6 <[email protected]>
Co-authored-by: Fabian Gonzalez <[email protected]>

…ge (#316)

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

We must always set the KAGENT_NAMESPACE, even when deploying to docker.
This PR also adds the agent URL to the /deployed page in the UI

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

# Change Type

```
/kind fix
```

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
add agent URL to the UI and fix the local docker deployment
```

<img width="938" height="307" alt="Screenshot 2026-03-11 at 3 11 37 PM"
src="https://github.com/user-attachments/assets/cdde6c3e-b952-4597-99e9-f120a37d2f1a"
/>

---------

Signed-off-by: Peter Jausovec <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Fixes #325. See issue description for reproducer. Manually tested
locally since we don't have the helm chart hooked up to CI yet.

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind fix

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

Signed-off-by: timflannagan <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

We keep non-semver version labels unchanged when formatting them for CLI
output.

Previously, the display helper always added a leading v, which turned
the latest sentinel into vlatest in publish and delete output.

Now, only semver values are normalized with a v prefix, while labels
like latest are shown as-is.

Fixes #227.

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind fix

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

---------

Signed-off-by: timflannagan <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

We stop treating failed or cancelled deployment rows as active
deployments and allow those rows to be removed without invoking platform
undeploy.

Previously, list and metadata surfaces counted any matching deployment
row, including failed and cancelled records. Deleting a failed
deployment also still tried to undeploy platform resources first, which
could fail even when nothing had been created.

Now, only deployed rows contribute to deployment status displays, and
failed or cancelled records are removed directly from the database
during delete.

Fixes #326.

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind fix

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

Signed-off-by: timflannagan <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

This updates the PR limiter workflow to pass exempt author associations
in the format the pinned action parses.

Previously, we passed a newline-separated YAML block. The action splits
this input on commas, so maintainers were still limited.

Now, we pass a comma-separated list.
MEMBER, OWNER, and COLLABORATOR are correctly exempted.

Fixes #387.

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind cleanup

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Fixes #388. Removes the --fix flag argument from the lint.yaml workflow.
See
https://github.com/agentregistry-dev/agentregistry/actions/runs/23316189823/job/67816197314?pr=389
which proves this fixes the issue. The secondary commit fixes the
linting violations via running `go run
github.com/golangci/golangci-lint/v2/cmd/[email protected] run --fix`
and committing the results.

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind cleanup

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

---------

Signed-off-by: timflannagan <[email protected]>
Co-authored-by: Peter Jausovec <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

Install kagent in Kind by upgrading the CRD and controller charts
directly instead of downloading and running the kagent CLI. This
provides more flexibility and removes a tool dependency.

We also need to strip the leading v from KAGENT_VERSION to align with
the chart versioning scheme, disable the extra kagent UI, tools, and
agents, and remove the obsolete installer script so there is only one
installation path to maintain.

Fixes #381 

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind cleanup

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

Signed-off-by: timflannagan <[email protected]>

<!--
Thanks for opening a PR! Please delete any sections that don't apply.
-->

# Description

<!--
A concise explanation of the change. You may include:
- **Motivation:** why this change is needed
- **What changed:** key implementation details
- **Related issues:** e.g., `Fixes #123`
-->

The root command's PersistentPreRunE hook previously auto-started
Docker containers (postgres + registry server) whenever the
registry URL targeted localhost:12121. This was a footgun for
users with existing registries, e.g. port-forwarding a Kubernetes
registry to localhost:12121 would risk silently spinning up a
separate local instance if the port-forward dropped.

We now follow the Docker CLI/daemon model where the CLI never
auto-starts infrastructure and fails fast if the registry is
unreachable. Daemon lifecycle is managed explicitly through
arctl daemon start, stop, and status subcommands. The stop
command accepts a --purge flag to also remove data volumes.

The client connectivity check is also simplified from 3 retries
with exponential backoff to a single ping, since the retries
only existed to compensate for the race between auto-starting
containers and the client connecting.

Fixes #307.

# Change Type

<!--
Select one or more of the following by including the corresponding
slash-command:
```
/kind breaking_change
/kind bump
/kind cleanup
/kind design
/kind deprecation
/kind documentation
/kind feature
/kind fix
/kind flake
/kind install
```
-->

/kind fix

# Changelog

<!--
Provide the exact line to appear in release notes for the chosen
changelog type.

If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
-->

```release-note
NONE
```

# Additional Notes

<!--
Any extra context or edge cases for reviewers.
-->

---------

Signed-off-by: timflannagan <[email protected]>