Dev

.githooks/pre-commit

@@ -0,0 +1,18 @@
+#!/bin/sh
+set -e
+
+echo "🐕 Stackdog pre-commit: running cargo fmt..."
+cargo fmt --all -- --check || {
+    echo "❌ cargo fmt failed. Run 'cargo fmt --all' to fix."
+    exit 1
+}
+
+echo "🐕 Stackdog pre-commit: running cargo clippy..."
+cargo clippy 2>&1
+CLIPPY_EXIT=$?
+if [ $CLIPPY_EXIT -ne 0 ]; then
+    echo "❌ cargo clippy failed to compile. Fix errors before committing."
+    exit 1
+fi
+
+echo "✅ Pre-commit checks passed."

.github/workflows/docker.yml

@@ -2,163 +2,94 @@ name: Docker CICD
 
 on:
   push:
-    branches:
-      - master
-      - testing
+    branches: [main, dev]
   pull_request:
-    branches:
-      - master
+    branches: [main, dev]
 
 jobs:
-  cicd-linux-docker:
-    name: Cargo and npm build
-    #runs-on: ubuntu-latest
-    runs-on: [self-hosted, linux]
+  build:
+    name: Build & Test
+    runs-on: ubuntu-latest
     steps:
-      - name: Checkout sources
-        uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 
-      - name: Install stable toolchain
-        uses: actions-rs/toolchain@v1
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
         with:
-          toolchain: stable
-          profile: minimal
-          override: true
           components: rustfmt, clippy
 
-      - name: Cache cargo registry
-        uses: actions/cache@v4
-        with:
-          path: ~/.cargo/registry
-          key: docker-registry-${{ hashFiles('**/Cargo.lock') }}
-          restore-keys: |
-            docker-registry-
-            docker-
-
-      - name: Cache cargo index
-        uses: actions/cache@v4
-        with:
-          path: ~/.cargo/git
-          key: docker-index-${{ hashFiles('**/Cargo.lock') }}
-          restore-keys: |
-            docker-index-
-            docker-
+      - name: Cache Rust dependencies
+        uses: Swatinem/rust-cache@v2
 
       - name: Generate Secret Key
-        run: |
-          head -c16 /dev/urandom > src/secret.key
+        run: head -c16 /dev/urandom > src/secret.key
 
-      - name: Cache cargo build
-        uses: actions/cache@v4
-        with:
-          path: target
-          key: docker-build-${{ hashFiles('**/Cargo.lock') }}
-          restore-keys: |
-            docker-build-
-            docker-
-
-      - name: Cargo check
-        uses: actions-rs/cargo@v1
-        with:
-          command: check
+      - name: Check
+        run: cargo check
 
-      - name: Cargo test
-        if: ${{ always() }}
-        uses: actions-rs/cargo@v1
-        with:
-          command: test
+      - name: Format check
+        run: cargo fmt --all -- --check
 
-      - name: Rustfmt
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-          override: true
-          components: rustfmt
-          command: fmt
-          args: --all -- --check
-
-      - name: Rustfmt
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-          override: true
-          components: clippy
-          command: clippy
-          args: -- -D warnings
-
-      - name: Run cargo build
-        uses: actions-rs/cargo@v1
-        with:
-          command: build
-          args: --release
+      - name: Clippy
+        run: cargo clippy -- -D warnings
+
+      - name: Test
+        run: cargo test
 
-      - name: npm install, build, and test
+      - name: Build release
+        run: cargo build --release
+
+      - name: Build frontend
         working-directory: ./web
         run: |
-          npm install
+          if [ -f package-lock.json ]; then
+            npm ci
+          else
+            npm install
+          fi
           npm run build
-      #   npm test
 
-      - name: Archive production artifacts
-        uses: actions/upload-artifact@v4
-        with:
-          name: dist-without-markdown
-          path: |
-            web/dist
-            !web/dist/**/*.md
-
-#      - name: Archive code coverage results
-#        uses: actions/upload-artifact@v4
-#        with:
-#          name: code-coverage-report
-#          path: output/test/code-coverage.html
-      - name: Display structure of downloaded files
-        run: ls -R web/dist
-
-      - name: Copy app files and zip
+      - name: Package app
         run: |
           mkdir -p app/stackdog/dist
-          cp target/release/stackdog app/stackdog
-          cp -a web/dist/. app/stackdog
+          cp target/release/stackdog app/stackdog/
+          cp -a web/dist/. app/stackdog/
           cp docker/prod/Dockerfile app/Dockerfile
-          cd app
-          touch .env
-          tar -czvf ../app.tar.gz .
-          cd ..
+          touch app/.env
+          tar -czf app.tar.gz -C app .
 
-      - name: Upload app archive for Docker job
+      - name: Upload build artifact
         uses: actions/upload-artifact@v4
         with:
-          name: artifact-linux-docker
+          name: app-archive
           path: app.tar.gz
+          retention-days: 1
 
-  cicd-docker:
-    name: CICD Docker
-    #runs-on: ubuntu-latest
-    runs-on: [self-hosted, linux]
-    needs: cicd-linux-docker
+  docker:
+    name: Docker Build & Push
+    runs-on: ubuntu-latest
+    needs: build
     steps:
-      - name: Download app archive
+      - name: Download build artifact
         uses: actions/download-artifact@v4
         with:
-          name: artifact-linux-docker
+          name: app-archive
 
-      - name: Extract app archive
-        run: tar -zxvf app.tar.gz
+      - name: Extract archive
+        run: tar -xzf app.tar.gz
 
-      - name: Display structure of downloaded files
-        run: ls -R
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
-      - name: Docker build and publish
+      - name: Build and push
         uses: docker/build-push-action@v6
         with:
+          context: .
           push: true
           tags: trydirect/stackdog:latest

.github/workflows/release.yml

@@ -18,9 +18,9 @@ jobs:
     strategy:
       matrix:
         include:
-          - target: x86_64-unknown-linux-gnu
+          - target: x86_64-unknown-linux-musl
             artifact: stackdog-linux-x86_64
-          - target: aarch64-unknown-linux-gnu
+          - target: aarch64-unknown-linux-musl
             artifact: stackdog-linux-aarch64
 
     steps:

Cargo.toml

@@ -48,7 +48,7 @@ r2d2 = "0.8"
 bollard = "0.16"
 
 # HTTP client (for LLM API)
-reqwest = { version = "0.12", features = ["json", "blocking"] }
+reqwest = { version = "0.12", default-features = false, features = ["json", "blocking", "rustls-tls"] }
 
 # Compression
 zstd = "0.13"

VERSION.md

@@ -1 +1 @@
-0.0.1
+0.2.0

docker/prod/Dockerfile

@@ -1,20 +1,17 @@
 # base image
-FROM debian:buster-slim
+FROM debian:bookworm-slim
 
-# create app directory
-RUN mkdir app
 WORKDIR /app
 
-# install libpq
-RUN apt-get update; \
-    apt-get install --no-install-recommends -y libpq-dev; \
+# install ca-certificates for HTTPS requests
+RUN apt-get update && \
+    apt-get install --no-install-recommends -y ca-certificates && \
     rm -rf /var/lib/apt/lists/*
 
 # copy binary and configuration files
 COPY ./stackdog .
 COPY ./.env .
-# expose port
+
 EXPOSE 5000
 
-# run the binary
 ENTRYPOINT ["/app/stackdog"]

ebpf/src/lib.rs

@@ -4,5 +4,5 @@
 
 #![no_std]
 
-pub mod syscalls;
 pub mod maps;
+pub mod syscalls;