ceballosiker · ceballosiker · May 20, 2026 · May 12, 2026 · May 12, 2026 · May 12, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,66 @@
+name: ci
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    name: test
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.25'
+          check-latest: true
+          cache: true
+      - run: go vet ./...
+      - run: go test -race -short ./...
+
+  lint:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.25'
+          cache: true
+      - uses: golangci/golangci-lint-action@v9
+        with:
+          # golangci-lint v1.x was built with Go 1.24 and refuses to analyze
+          # source targeting go 1.25 (which our go.mod pins). Pin a recent
+          # v2.x; the action's @v6/@v7/@v8 don't speak v2 config format.
+          version: v2.12.2
+          args: --timeout=5m
+
+  build-matrix:
+    name: build ${{ matrix.goos }}/${{ matrix.goarch }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        goos: [linux, darwin]
+        goarch: [amd64, arm64]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.25'
+          cache: true
+      - name: build exitnode
+        env:
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.goarch }}
+          CGO_ENABLED: '0'
+        run: go build -trimpath -o /dev/null ./cmd/exitnode
+      - name: build exitnode-mcp
+        env:
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.goarch }}
+          CGO_ENABLED: '0'
+        run: go build -trimpath -o /dev/null ./cmd/exitnode-mcp
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,26 @@
+name: release
+
+on:
+  push:
+    tags: ['v*']
+
+permissions:
+  contents: write
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '1.25'
+          cache: true
+      - uses: goreleaser/goreleaser-action@v6
+        with:
+          version: latest
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.gitignore b/.gitignore
@@ -30,3 +30,9 @@ go.work.sum
 # Editor/IDE
 # .idea/
 # .vscode/
+
+# Superpowers working artifacts (specs, plans, review notes) — never committed
+docs/superpowers/
+
+# Local Claude project guidance — never committed
+CLAUDE.md
diff --git a/.golangci.yml b/.golangci.yml
@@ -0,0 +1,29 @@
+version: "2"
+
+# Standard preset = errcheck, govet, ineffassign, staticcheck, unused.
+# Matches what golangci-lint v1 enabled implicitly. Add more linters
+# here only after the standard set is consistently green.
+linters:
+  default: standard
+  settings:
+    errcheck:
+      # Stdout-write errors are not meaningfully recoverable in this CLI;
+      # do not require every fmt.Fprint* / Fprintln / Fprintf call to be
+      # blank-assigned.
+      exclude-functions:
+        - fmt.Fprint
+        - fmt.Fprintf
+        - fmt.Fprintln
+  exclusions:
+    rules:
+      # Test files routinely defer Close() on stores/servers without checking
+      # the error — the goroutine is already torn down and the next test will
+      # surface any real problem.
+      - path: _test\.go
+        linters:
+          - errcheck
+
+formatters:
+  enable:
+    - gofmt
+    - goimports
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
@@ -0,0 +1,64 @@
+version: 2
+
+project_name: exitnode
+
+before:
+  hooks:
+    - go mod download
+
+builds:
+  - id: exitnode
+    main: ./cmd/exitnode
+    binary: exitnode
+    env:
+      - CGO_ENABLED=0
+    goos: [linux, darwin]
+    goarch: [amd64, arm64]
+    flags: [-trimpath]
+    ldflags:
+      - -s -w
+      - -X main.version={{.Version}}
+      - -X main.commit={{.Commit}}
+      - -X main.date={{.Date}}
+  - id: exitnode-mcp
+    main: ./cmd/exitnode-mcp
+    binary: exitnode-mcp
+    env:
+      - CGO_ENABLED=0
+    goos: [linux, darwin]
+    goarch: [amd64, arm64]
+    flags: [-trimpath]
+    ldflags:
+      - -s -w
+      - -X main.version={{.Version}}
+
+archives:
+  - id: default
+    formats: [tar.gz]
+    name_template: >-
+      {{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}
+    files:
+      - LICENSE
+      - README.md
+      - examples/config.toml
+      - examples/mcp.json
+      - scripts/install.sh
+
+checksum:
+  name_template: 'checksums.txt'
+  algorithm: sha256
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - '^docs:'
+      - '^test:'
+      - '^chore:'
+
+release:
+  github:
+    owner: ceballosiker
+    name: exit-node
+  draft: false
+  prerelease: auto
diff --git a/Makefile b/Makefile
@@ -0,0 +1,26 @@
+.PHONY: build test test-integration lint vet install clean
+
+GO ?= go
+
+build:
+	$(GO) build -o bin/exitnode ./cmd/exitnode
+	$(GO) build -o bin/exitnode-mcp ./cmd/exitnode-mcp
+
+test:
+	$(GO) test -race -short ./...
+
+test-integration:
+	EXITNODE_INTEGRATION=1 $(GO) test -race -tags integration ./...
+
+vet:
+	$(GO) vet ./...
+
+lint:
+	golangci-lint run
+
+install:
+	$(GO) install ./cmd/exitnode
+	$(GO) install ./cmd/exitnode-mcp
+
+clean:
+	rm -rf bin/