Daily BuilderResearch, Roadmap and Plan

[github-actions[bot]]

Repository Overview

KSail v5.56.0 — A Go single-binary Kubernetes SDK supporting 4 distributions (Vanilla/Kind, K3s/K3d, Talos, VCluster) and 3 providers (Docker, Hetzner, Omni). Embeds kubectl, helm, kind, k3d, vcluster, flux, and argocd as Go libraries. Docker is the only required external dependency.

As of March 13, 2026:

• 📊 Open Issues: 6 (3 new feature/chore items, 1 next, 2 blocked)
• 📋 Open PRs: 2 ([docs] reduce loadbalancer.mdx bloat by 27% #3024 docs reduction, ci: add Talos × Omni cases to system tests #2547 Talos × Omni CI — needs rebase)
• ✅ Recent wins (v5.56.0): ksail workload watch, --ttl ephemeral clusters, Flux distribution images in mirror cache warming, three-step cluster stability check, golangci-lint + jscpd Copilot hooks
• 🚀 Active agentic workflows: Daily Code Quality, Daily Docs, Daily Workflow Maintenance, Daily Plan all running and healthy

---

🔴 High-Priority Bugs

None currently — the previous npm audit vulnerability issue has been resolved. CI is green.

---

🚀 High-Impact Roadmap Features

1. Add MCP Write-Operation Tools — cluster_update, workload_apply, cipher_encrypt/decrypt (#3029)

Source: Issue #3029 (created by Daily Plan today); Weekly Research March 13 "Now" priority
Impact: MCP read-only tools already live; adding write operations unlocks autonomous agentic cluster management — a unique competitive advantage over all competitors. VS Code, JetBrains, and Zed all now have first-class MCP client support.
Approach: Locate current MCP tool registrations in pkg/svc/mcp/, add handlers for cluster_update, workload_apply, cipher_encrypt, cipher_decrypt. Follow argsKey constant convention.
Effort: Small–Medium (3–6 hours)
Files: pkg/svc/mcp/, pkg/toolgen/

2. CI Integration Guide for Ephemeral Clusters (--ttl) (#3027)

Source: Issue #3027 (created by Daily Plan today); Weekly Research March 13 "Now" priority
Impact: --ttl shipped in v5.56.0 but has no adoption-driving documentation. Highest-ROI docs investment given the feature is live. Ephemeral environments are now standard CI practice.
Approach: Author docs/src/content/docs/guides/ci-cd-ephemeral-clusters.mdx with GitHub Actions pattern using ksail cluster create --ttl 1h, kubeconfig forwarding, cleanup on failure, and minimal end-to-end workflow YAML.
Effort: Small (1–2 hours)
Files: docs/src/content/docs/guides/ci-cd-ephemeral-clusters.mdx, docs/astro.config.mjs (sidebar)

3. Selective Kustomization Reconcile in workload watch (#3028)

Source: Issue #3028 (created by Daily Plan today); Weekly Research March 13 "Now" priority
Impact: workload watch currently triggers a full k8s/ reconcile on any file change. In large repos with many Kustomization overlays, this creates unnecessary reconcile cycles. Smarter watch = faster developer feedback.
Approach: Map changed file paths to their containing Kustomization directory; trigger flux reconcile kustomization (name) for only the affected subtree; fall back to full reconcile for ambiguous changes.
Effort: Medium (4–6 hours)
Files: pkg/cli/cmd/workload/watch.go (or the watch lifecycle path), pkg/client/flux/

4. Talos × Omni CI System Tests (#2810 / PR #2547)

Source: Issue #2810 (March 5); Weekly Research March 13 "Now" priority; PR #2547 exists but needs rebase
Impact: Only provider with zero CI system test coverage. Enterprise evaluators who hit undiscovered Omni bugs will churn. PR #2547 is code-complete but diverged ~7 commits from main.
Approach: Rebase PR #2547 onto current main, verify secrets (OMNI_SERVICE_ACCOUNT_KEY, OMNI_ENDPOINT) are configured in the repo, merge.
Effort: Small (1–2 hours for rebase)
Files: .github/workflows/ci.yaml, .github/actions/ksail-system-test/action.yaml

---

🔧 Backlog Improvements

5. Test Coverage — pkg/cli/cmd/workload/gen/ (from Daily Code Quality #3004)

Source: Daily Code Quality discussion #3004
Impact: 19 source files in resource generators; only gen_test.go and helm_release_test.go exist. All resource generators (namespace, deployment, service, configmap, secret, role, etc.) are entirely untested.
Approach: Table-driven tests per generator following the kyverno pattern: helm.NewMockInterface(t), t.Parallel(), require.NoError.
Effort: Medium (3–5 hours)

6. Refactor pkg/client/kubectl/client.go (682 lines, 46 functions) (from Daily Code Quality #3004)

Source: Daily Code Quality discussion #3004
Impact: Largest file with the most functions in pkg/client/. Clear groupings (CRUD, diagnostic, watch) map directly to 3–4 smaller files. High discoverability and maintainability impact.
Effort: Medium (2–4 hours, mostly mechanical)

7. CI Improvements (from Daily Workflow Maintenance #3022)

Source: Daily Workflow Maintenance discussion #3022
Priority sub-items:

• Add paths filter to test-pages.yaml — eliminates unnecessary runner minutes on code-only PRs
• Pin actions/delete-package-versions@v5 to SHA in maintenance.yaml — closes supply-chain security gap
• Add timeout-minutes to test-pages.yaml and publish-pages.yaml
  Effort: Small (30 min each)

8. Companion Tool Documentation — DevSpace, Telepresence, mirrord

Source: Weekly Research March 13 (new this week: DevSpace 4,929 ⭐, Telepresence 7,149 ⭐ identified as KSail companions)
Impact: Captures users coming from hot-reload and traffic-mirroring tools. Complements existing KSail inner-loop story.
Effort: Medium (2–3 hours)

---

🗑️ Stale/Closeable Items

9. Blocked Upstream Items (monitor only)

• chore: evaluate filing upstream issue for VCluster D-Bus race condition #2261 chore: evaluate filing upstream issue for VCluster D-Bus race — Workaround in place via recoverFromDBusError. Actionable item: file the upstream loft-sh/vcluster issue to get the debt resolved.
• chore: remove loft-sh/log fork when upstream updates tablewriter to v1.x #2246 chore: remove loft-sh/log fork — Blocked on external upstream PR to loft-sh/log. Monitor only; no code change possible until upstream merges.

---

Priority Order for Implementation

Priority	Item	Effort	Impact
1	CI integration guide for --ttl ephemeral clusters (#3027)	Small	High (adoption, SEO, CI use-case)
2	Add MCP write-operation tools (#3029)	Small–Medium	High (AI-native, unique differentiator)
3	Selective Kustomization reconcile in watch (#3028)	Medium	High (DX improvement)
4	CI path filter for test-pages.yaml + SHA pin maintenance.yaml (#3022)	Small	Medium (CI efficiency, security)
5	Rebase + merge Talos × Omni CI PR #2547 (#2810)	Small	Medium (credibility, CI coverage)
6	Test coverage: pkg/cli/cmd/workload/gen/ (#3004)	Medium	Medium (code quality)
7	Refactor pkg/client/kubectl/client.go (#3004)	Medium	Medium (maintainability)
8	Companion tool documentation (DevSpace, Telepresence)	Medium	Medium (discoverability)
9	File upstream VCluster D-Bus issue (#2261)	Small	Low (tech debt reduction)

---

How to Control this Workflow

You can add comments to this discussion to provide feedback or adjustments to the plan. Available commands:

gh aw disable daily-builder --repo devantler-tech/ksail
gh aw enable daily-builder --repo devantler-tech/ksail
gh aw run daily-builder --repo devantler-tech/ksail --repeat (number-of-repeats)
gh aw logs daily-builder --repo devantler-tech/ksail

---

What Happens Next

The next time this workflow runs, it will begin implementing items from the plan based on priority:

1. High-impact feature → CI integration guide for --ttl ephemeral clusters ([chore]: add CI/CD integration guide for ephemeral clusters with --ttl #3027) — small effort, high adoption value
2. High-impact feature → MCP write-operation tools ([feature]: add MCP write-operation tools (cluster update, workload apply, cipher encrypt/decrypt) #3029) — unlocks AI-native autonomous workflows
3. Backlog → Selective Kustomization reconcile in watch ([feature]: selective Kustomization reconcile in workload watch #3028), CI improvements (Daily Workflow MaintenanceResearch and Plan #3022), test coverage
4. Stale → File upstream VCluster D-Bus issue (chore: evaluate filing upstream issue for VCluster D-Bus race condition #2261)

If running in "repeat" mode, the workflow will automatically run again to continue working on items. Humans can review this research and add comments to adjust priorities before the workflow continues.

AI generated by Daily Builder · history

• expires on Mar 20, 2026, 10:34 AM UTC

[github-actions[bot]]

---

Note

The pull request was not created — a fallback review issue was created instead due to protected file changes: #3080

Worked on CI workflow hardening (plan priority #4 from Daily Workflow Maintenance #3022): added docs/** path filter to test-pages.yaml, SHA-pinned actions/delete-package-versions in maintenance.yaml, and added timeout-minutes to test-pages.yaml, publish-pages.yaml, and benchmark-regression.yaml. Draft PR created: ci: harden workflow security and reliability.

Generated by Daily Builder · ◷

[github-actions[bot]]

Worked on dedicated mirrord companion guide (#3108): created docs/src/content/docs/guides/mirrord.mdx with full quickstart, mirror vs. steal mode comparison, IDE integration, and tips — added to sidebar and cross-linked from companion-tools.mdx. Draft PR created: docs: add dedicated KSail + mirrord companion guide.

Generated by Daily Builder · ◷

Warning

⚠️ Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• proxy.golang.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "proxy.golang.org"

See Network Configuration for more information.

[github-actions[bot]]

Worked on real cluster profile templates (#3107): added ArgoCD, Mesh, and Observability profiles to ksail cluster init --profile, wiring profile-implied defaults (CNI=Cilium for Mesh, GitOpsEngine=ArgoCD+CertManager=Enabled for ArgoCD, MetricsServer+CertManager=Enabled for Observability) with cobra Flags().Changed() override detection, updated JSON schema, and fully documented all profiles. Draft PR created: feat: add ArgoCD, Mesh, and Observability cluster profile templates.

Generated by Daily Builder · ◷

Warning

⚠️ Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• proxy.golang.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "proxy.golang.org"

See Network Configuration for more information.