Release v0.4.0

Highlights:

• Persistent Agents — a third Task tier of long-lived, message-driven agents
  with a stable inter-agent HTTP API and three pod lifecycle modes
• Sidebar nav reorganized into Run (Tasks · Jobs · Reviews · Issues · Scheduled)
  and Live (Agents · Sessions); the /tasks hub-with-tabs is gone
• User-facing names finalised: Repo Tasks → Tasks, Standalone Tasks → Jobs,
  PR Reviews → Reviews, Persistent Agents → Agents, Templates → Prompts
• Issues and Reviews promoted to top-level nav items with their own routes;
  Issues now fans out across multiple ticket providers
• Workspace member management UI (invite/list/remove by email)
• Agent-aware review configuration — pick the review agent type per repo
• Skills marketplace — install skills from any git URL with agent-typed scoping
• Persisted session chat history and rich markdown rendering in the log viewer
• Examples directory with two runnable Persistent Agent setups (Forge,
  Mars Mission Control)

See CHANGELOG.md for the full list of changes.

Highlights

• External PR auto-review as a first-class primitive — chat + one-click merge for PRs on external repos
• Google Vertex AI authentication mode for Claude Code (#478)
• Workload identity support for agent pods, plus repo pod lifecycle fixes (#486)
• User-scoped secrets keep identity tokens out of the pod env (#474)
• Resume stopped agents by sending a chat message (#488)
• Multi-repo + multi-tracker ticket integration (#489)
• Dynamic per-provider model & options picker with refresh (#493)
• PR reviews folded into the Tasks page on shared primitives (#494, #485, #487)
• GKE & Gateway Helm deployment enhancements (#461)

Added

• External PR auto-review with chat + one-click merge, lifted into its own primitive alongside task-generated reviews
• Google Vertex AI authentication mode — route Claude through GCP Vertex AI using CLAUDE_VERTEX_PROJECT_ID / CLAUDE_VERTEX_REGION and an optional encrypted service-account key, with workload-identity fallback (#478)
• Workload identity support for agent pods (#486)
• User-scoped secrets (#474); secrets injected into pod env for setup commands (#471); OAuth refresh widget on /secrets
• Resume stopped agents on chat message (#488)
• Multi-repo + multi-tracker ticket integration setup redesign (#489)
• Dynamic per-provider model & options picker with refresh button (#493)
• Updated Gemini model options with new preview models (#490)
• GKE & Gateway deployment enhancements in the Helm chart (#461)
• Diagnostic logging for raw error detection in agent adapters (#467)

Changed

• PR reviews folded into the Tasks page; sidebar duplicate removed; task and PR-review detail views now share primitives (#494, #485)
• Repo settings page — split external PR review out and tabified agent settings (#487)
• Standalone Tasks pipeline stats bar restored on the overview page
• Opus model option bumped from 4.6 to 4.7 (#491)

Fixed

• Reconciler: guard PR-reactive actions (auto-merge, complete-on-merge, review launch) to coding tasks only (#480)
• Reviews: stop writing external PR URLs to pr_review task rows (#481)
• Secrets: downgrade scope='user' to 'global' when auth is disabled
• API: derive Claude/Codex/Gemini mode from secret names on public /setup/status (#477)
• Auth: add OIDC routes to public auth routes (#479)
• Helm: restore chown capabilities in postgres init containers (#482); postgres volume permissions + decouple isSetUp from runtime health (#472)
• Images: change agent user UID from 1000 to 1001 (#466)
• Gemini agent: settings validation, parser crash, and exit-code inference (#463)
• Correct sub-hour timezone drift in getETDate (#462)

Full Changelog: v0.3.1...v0.3.2

Patch release fixing ticket sync with GitHub App authentication.

Fixed

• Ticket sync: fall back to the configured GitHub App (or GITHUB_TOKEN PAT) when a GitHub ticket provider has no inline token or provider-specific secret. Previously sync hard-failed with "GitHub provider requires token, owner, and repo in config" even when a GitHub App was fully configured (#458, PR #460).

Full changelog: v0.3.0...v0.3.1

Thanks to @rnethi25 for the clear report and diagnosis.

Highlights

Added

• Pooled standalone-task pods — runs within a workflow now share pods, scaling out to workflows.maxPodInstances replicas each hosting up to workflows.maxAgentsPerPod concurrent runs (mirrors repo pod scaling). Runs track assigned pods via workflow_runs.pod_id with last_pod_id for retry affinity, and pool selection follows preferred → least-loaded → scale-up → overflow. Fixes a leak where a burst of triggers would spawn one pod per run even though only a few ran at once.

Changed

• Reconciliation control plane is now authoritative — the K8s-style reconciler (shadow mode in 0.2.0) now owns PR-driven transitions, auto-merge, complete-on-merge, fail-on-close, auto-resume, review launch, stall detection, pod-death detection, and control intent (cancel/retry/resume/restart) for both Repo Tasks and Standalone Tasks.
• Shared auth banner, state badge, and metadata card across task pages for a consistent UX.

Fixed

• Reconciler: clear stale finishedAt when retrying a standalone run.
• Reconciler: use unique jobIds for executor enqueues to prevent BullMQ dedup collisions.
• Agent adapters: include cache_read and cache_creation tokens in input totals (#457).
• API: trigger auth banner when the usage endpoint detects an expired OAuth token (#455).
• API: detect Claude auth failures mid-run in standalone task runs and override nominally-successful exit codes.

Docs

• Document the unified reconciler and the Repo vs Standalone Task model.

Full changelog: v0.2.0...v0.3.0

Highlights

• Unified Task model — single polymorphic /api/tasks HTTP resource covering Repo Tasks, Repo Task blueprints, and Standalone Tasks
• Standalone Tasks (Agent Workflows) — agent runs with no repo checkout, {{PARAM}} prompt templates, four trigger types (manual / schedule / webhook / ticket), isolated pod execution, WebSocket log streaming, auto-retry, clone, visual editors, search and filters
• Connections — external service integrations via MCP with built-in providers (Notion, GitHub, Slack, Linear, PostgreSQL, Sentry, Filesystem) plus custom MCP servers and HTTP APIs
• Reconciliation control plane (shadow mode) — K8s-style reconciler for task and pod state
• StatefulSets for repo pods, Jobs for workflow pods
• Generic OIDC OAuth provider — self-hosted SSO
• OpenTelemetry + Fastify HTTP metrics
• OpenAPI spec + Swagger UI at /docs — Zod type-provider migration across all routes
• Workspace-level audit log and activity feed
• Outbound webhooks on workflow run events
• Multi-arch image publishing — amd64 + arm64 for all service and agent images
• OpenClaw agent runtime; OpenCode custom OpenAI-compatible endpoints
• Planning mode and message bar improvements

Added

• Ticket trigger UI and ticket-provider auth failure handling with auto-disable
• Stale Claude OAuth token detection before 401s
• nodeSelector and tolerations for api, web, optio, postgres, redis, and agent pods
• OPTIO_ALLOW_PRIVATE_URLS — SSRF-check bypass for private network integrations
• Expanded dashboard analytics — performance, agents, and failure insights

Changed

• Overview panel redesign — reordered sections, side-by-side recent tasks and pods, responsive grid
• Replaced connections modal with inline form
• Renamed "Workflows" to "Agent Workflows" in UI; docs consolidate Schedules + Workflows into unified Tasks
• Removed redundant templates and schedules — superseded by agent workflows

Removed

• Top Failures and Performance dashboard panels
• "N tasks failed today" dashboard banner

Fixed

• Classify agent auth failures as run failures rather than global failures
• Escalate repo tasks to needs_attention when the agent completes without opening a PR
• Prevent false task failures when agent creates a PR but exits non-zero
• Detect and clean up zombie workflow_runs with terminated pods
• Six K8s infra bugs blocking standalone/scheduled runs and repo pods
• Pod securityContext and explicit UID for PVC permissions on GKE
• Re-read task state before orphan reconciliation transitions
• Persist workflow run logs and publish to per-run channel
• Treat empty-string env vars as missing in parseInt parsing
• Health check passes when ClusterRole is not deployed
• Record GitHub 401s to auth_events; dismiss and clear stale auth-failure banners
• Replace Drizzle migrate() with hash-based runner; add missing 0046 migration entry to Drizzle journal

See CHANGELOG.md for the full list.

First tagged release of Optio — workflow orchestration for AI coding agents. Think CI/CD, but the build step is an AI agent.

Highlights

Core orchestration

• Pod-per-repo architecture with git worktrees so multiple tasks run concurrently in a single long-lived pod
• Multi-pod scaling: maxPodInstances × maxAgentsPerPod with least-loaded scheduling and same-pod retry affinity
• Task lifecycle state machine, priority queue, bulk retry/cancel, dependencies, subtasks, and workflow templates
• Per-repo shared persistent cache directories (npm, pip, cargo, etc.) backed by PVCs

Agents

• Claude Code, OpenAI Codex, GitHub Copilot, Google Gemini CLI, and OpenCode (experimental) adapters
• Auto-triggered code review agent on CI pass / PR open, with auto-resume on "changes requested"
• Mid-task messaging / interject, stalled-task detection via activity heartbeats
• Structured NDJSON log parsing with live WebSocket streaming

Integrations

• Ticket sync: GitHub Issues, Linear, Jira, Notion
• PR watcher: CI/review status, auto-merge, auto-fail on close
• Webhooks, schedules, Slack notifications, MCP servers, custom skills
• optio CLI — terminal-first client for the API

Web UI

• Next.js 15 dashboard with live log streaming, cost analytics, interactive sessions (terminal + chat)
• Multi-provider OAuth (GitHub, Google, GitLab) and workspace multi-tenancy
• Browser push notifications for task lifecycle events

Security & operations

• AES-256-GCM secret encryption with algorithm-version tagging for crypto-agility
• TLS + auth for in-cluster Postgres and Redis; post-quantum TLS support (Kubernetes 1.33+)
• Ed25519 Envoy sidecar CA, constant-time session comparison, SSRF validation, rate-limited auth endpoints
• Read-only root filesystems, Zod-validated request bodies, sliding-window session expiry
• OpenTelemetry export for traces, metrics, and logs

Deployment

• Helm chart published to GHCR as an OCI artifact (oci://ghcr.io/jonwiggins/optio)
• Service and agent images published to GHCR; default values work on any cluster out of the box
• Namespace-only RBAC mode for clusters without ClusterRole permissions

Images

All published to ghcr.io/jonwiggins:

• optio-api:0.1.0, optio-web:0.1.0, optio-optio:0.1.0
• optio-agent-base:0.1.0 + optio-agent-{node,python,go,rust,full}:0.1.0
• Helm chart: oci://ghcr.io/jonwiggins/optio:0.1.0

Install

```bash
helm install optio oci://ghcr.io/jonwiggins/optio --version 0.1.0 \
-n optio --create-namespace \
--set encryption.key=$(openssl rand -hex 32)
```

See helm/optio/values.yaml for the full configuration reference.