Skip to content

feat(mdm): configurable install dir + persistent stderr logs#88

Merged
ashishkurmi merged 1 commit into
step-security:mainfrom
shubham-stepsecurity:sm/feat/add-support
May 21, 2026
Merged

feat(mdm): configurable install dir + persistent stderr logs#88
ashishkurmi merged 1 commit into
step-security:mainfrom
shubham-stepsecurity:sm/feat/add-support

Conversation

@shubham-stepsecurity
Copy link
Copy Markdown
Member

@shubham-stepsecurity shubham-stepsecurity commented May 19, 2026

What does this PR do?

Type of change

  • Bug fix
  • Enhancement
  • Documentation

Testing

  • Tested on macOS (version: ___)
  • Binary runs without errors: ./stepsecurity-dev-machine-guard --verbose
  • JSON output is valid: ./stepsecurity-dev-machine-guard --json | python3 -m json.tool
  • No secrets or credentials included
  • Lint passes: make lint
  • Tests pass: make test

Related Issues

github-advanced-security[bot]
github-advanced-security AI found potential problems May 19, 2026
View reviewed changes
Comment thread internal/progress/filelog/filelog.go Fixed
@shubham-stepsecurity shubham-stepsecurity changed the title feat(logging): add file-based stderr logging feat(mdm): configurable install dir + persistent stderr logs May 21, 2026
@varunsh-coder varunsh-coder requested a review from Copilot May 21, 2026 15:58
Copilot AI reviewed May 21, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR centralizes “agent install directory” resolution and adds persistent on-disk stderr logging (with rotation) so diagnostic logs survive runs where telemetry can’t be sent.

Changes:

  • Introduces internal/paths to resolve the base install directory from CLI/env/config with a legacy fallback.
  • Adds internal/progress/filelog to tee stderr to agent.error.log (and rotates agent.log / agent.error.log at startup).
  • Updates launchd/systemd/schtasks installers to bake STEPSECURITY_HOME so scheduled invocations use the same install directory.

Reviewed changes

Copilot reviewed 15 out of 15 changed files in this pull request and generated 6 comments.

Show a summary per file
File Description
internal/telemetry/logcapture.go Documents stderr-capture nesting behavior with the new file tee.
internal/systemd/systemd.go Uses paths.Home() for log dir and injects STEPSECURITY_HOME into the unit.
internal/schtasks/schtasks.go Uses paths.Home() and injects STEPSECURITY_HOME into the scheduled task command.
internal/schtasks/schtasks_test.go Updates tests for new schtasks argument shape and log dir resolution path.
internal/progress/filelog/filelog.go Implements stderr tee-to-file + best-effort rotation + eligibility checks.
internal/progress/filelog/filelog_test.go Adds unit tests for teeing, rotation, skip behavior, and idempotent Stop.
internal/paths/paths.go Adds install-dir resolution (CLI override/env/config/legacy).
internal/paths/paths_test.go Adds tests for precedence and override behavior.
internal/launchd/launchd.go Uses paths.Home() for LaunchAgent logs and injects STEPSECURITY_HOME into plist.
internal/config/config.go Adds install_dir persistence and legacy-dir helpers.
internal/config/config_test.go Adds JSON round-trip test for install_dir.
internal/cli/cli.go Adds --install-dir parsing (including explicit empty to disable file logging).
internal/cli/cli_test.go Adds coverage for --install-dir parsing and hooks acceptance.
internal/aiagents/cli/errlog.go Routes hook error log location through paths.Home().
cmd/stepsecurity-dev-machine-guard/main.go Installs filelog capture early, rotates logs, and warns about legacy leftovers.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread internal/config/config.go Outdated
Comment thread cmd/stepsecurity-dev-machine-guard/main.go Outdated
Comment thread internal/systemd/systemd.go
Comment thread internal/schtasks/schtasks.go
Comment thread internal/config/config_test.go
Comment thread internal/progress/filelog/filelog.go
@ashishkurmi ashishkurmi merged commit 91a1b2b into step-security:main May 21, 2026
11 checks passed
@ashishkurmi ashishkurmi mentioned this pull request May 21, 2026
Merged
8 tasks
ashishkurmi added a commit to ashishkurmi/dev-machine-guard that referenced this pull request May 21, 2026
@ashishkurmi @claude
chore(release): update to v1.11.3
72e9083 
Replaces the removed v1.11.2 release. v1.11.2 was pulled because it
did not support auto-update; v1.11.3 carries the same content plus
a Sigstore signing fix and the configurable install-dir / persistent
stderr-log support from step-security#88.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@ashishkurmi ashishkurmi ashishkurmi approved these changes

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@shubham-stepsecurity @github-advanced-security @ashishkurmi