mirror of
https://github.com/ruvnet/RuView
synced 2026-06-17 11:33:19 +00:00
rUv
df617145d6
* feat(ADR-262 P3): live RuField surface — RuView sensing speaks RuField on /api/field + /ws/field Wire the P1 `wifi-densepose-rufield` bridge into the live `wifi-densepose-sensing-server` so the governed sensing cycle emits real signed RuField `FieldEvent`s on two additive endpoints. - Cargo: add the `wifi-densepose-rufield` path dep (the single coupling point, ADR-262 §5.4 — no new RuView-internal coupling). - New `src/rufield_surface.rs` (kept out of the 8k-line main.rs): `FieldSurface` holds a dedicated ed25519 `Signer` + a bounded ring of recent events + the `/ws/field` broadcast topic; `GET /api/field` and `GET /ws/field` handlers; a standalone `router()` for isolated testing. - Signer (defers the P2 key decision, ADR-262 §8 Q1): a STANDALONE dev/sensing key from `WDP_RUFIELD_SIGNING_SEED`, else a deterministic dev default with a logged WARN. Reusing the `cog-ha-matter` Ed25519 key is the deferred P2 call — P3 does not pre-empt it. - Tap: at the ESP32 governed-trust cycle (`main.rs` ~5886 observe_cycle / ~5938 SensingUpdate build), `emit_rufield_event` joins the cycle's features/classification/signal_field with the engine's effective_class/demoted trust state into a `SensingSnapshot` and surfaces it via the bridge. Existing endpoints (`/ws/sensing` etc.) are unchanged — purely additive. - Privacy egress: `network_egress_allowed` is fail-closed for an unattended live surface — only P1/P2 leave the box; P0 raw and P3/P4/P5 (identity/biometric/aggregate) are held edge-local. A `Derived` cycle maps to P4/P5 and never surfaces. - No-phantom: `emit` drops no-presence cycles (no fabricated events). Gates (tests/rufield_surface_test.rs, tower::oneshot, 4/0): well-formed signed event (WifiCsi, P2 not P1, is_fusable, real timestamp); empty cycle → no phantom; Derived trust never surfaces; mixed stream surfaces only egress-safe events. Honesty (ADR-262 §0/§6): real plumbing on a live endpoint, NOT accuracy. Single-link CSI with its existing caveats (no validated room-coordinate accuracy); dedicated dev signing key pending the P2 ownership decision; no accuracy claim. Co-Authored-By: claude-flow <ruv@ruv.net> * docs(ADR-262 P3): mark P1+P3 implemented; document /api/field + /ws/field; CHANGELOG - ADR-262 Status → "P1 + P3 implemented"; add a P3 implementation-status block (tap site, endpoints, dedicated dev signer deferring the §8 Q1 key decision, fail-closed egress, gates). Keep the honesty framing: real plumbing on a live endpoint, not accuracy. - CHANGELOG [Unreleased]: add the ADR-262 P3 entry. - user-guide: add `/api/field` to the REST table + a "RuField surface (ADR-262 P3)" section covering `/api/field` + `/ws/field`, the fail-closed P1/P2-only egress, the WDP_RUFIELD_SIGNING_SEED dev key, and the no-accuracy honesty note. Co-Authored-By: claude-flow <ruv@ruv.net> * ci: checkout submodules everywhere + Dockerfile copies vendor/rufield Making wifi-densepose-rufield (ADR-262 bridge) a v2 workspace member means EVERY cargo-on-workspace context must have the vendor/rufield submodule present (cargo loads all member manifests). P1 only fixed the rust-tests job; this adds `submodules: recursive` to all workflow checkouts that run cargo (mqtt-integration was failing on the missing submodule manifest), and makes Dockerfile.rust COPY vendor/rufield/ to /vendor/rufield (matches the bridge's ../../../vendor/rufield path-dep under the collapsed Docker layout). update-submodules.yml left alone (it manages submodules itself). Co-Authored-By: claude-flow <ruv@ruv.net> --------- Co-authored-by: ruv <ruvnet@gmail.com>
113 lines
3.9 KiB
YAML
113 lines
3.9 KiB
YAML
name: ADR-115 MQTT integration tests
|
|
|
|
# Runs the Mosquitto-broker-backed integration tests for ADR-115's MQTT
|
|
# publisher. These prove the publisher reaches a real broker, emits the
|
|
# expected HA-discovery topic shape, and honours --privacy-mode at the
|
|
# wire boundary (not just in unit-test logic).
|
|
#
|
|
# Default `cargo test --workspace` does not run these tests because they
|
|
# require a broker and pull rumqttc into the build. This workflow opts
|
|
# into both by setting --features mqtt and RUVIEW_RUN_INTEGRATION=1.
|
|
|
|
on:
|
|
pull_request:
|
|
paths:
|
|
- 'v2/crates/wifi-densepose-sensing-server/src/mqtt/**'
|
|
- 'v2/crates/wifi-densepose-sensing-server/tests/mqtt_integration.rs'
|
|
- 'v2/crates/wifi-densepose-sensing-server/Cargo.toml'
|
|
- '.github/workflows/mqtt-integration.yml'
|
|
push:
|
|
branches: [main]
|
|
paths:
|
|
- 'v2/crates/wifi-densepose-sensing-server/src/mqtt/**'
|
|
workflow_dispatch: {}
|
|
|
|
jobs:
|
|
mqtt-integration:
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 20
|
|
|
|
# NB: we don't use a `services:` mosquitto container here because the
|
|
# eclipse-mosquitto:2.x image rejects anonymous connections by default
|
|
# and GH Actions `services` doesn't easily support mounting a custom
|
|
# config file. We start mosquitto manually in a step below with an
|
|
# inline `allow_anonymous true` config.
|
|
|
|
env:
|
|
RUVIEW_RUN_INTEGRATION: "1"
|
|
RUVIEW_TEST_MQTT_PORT: "11883"
|
|
CARGO_TERM_COLOR: always
|
|
RUST_BACKTRACE: 1
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
submodules: recursive
|
|
|
|
- name: Install mosquitto + clients and start with allow_anonymous
|
|
run: |
|
|
sudo apt-get update -qq
|
|
sudo apt-get install -y mosquitto mosquitto-clients
|
|
sudo systemctl stop mosquitto || true
|
|
# Inline config: anon listener on 11883 only — no TLS, no auth,
|
|
# OK for CI because we test the wire shape, not security.
|
|
# Production deployments enable mTLS per ADR-115 §3.9.
|
|
cat > /tmp/mosquitto-ci.conf <<'EOF'
|
|
listener 11883
|
|
allow_anonymous true
|
|
persistence false
|
|
log_dest stdout
|
|
EOF
|
|
mosquitto -c /tmp/mosquitto-ci.conf -d
|
|
for i in {1..20}; do
|
|
if mosquitto_pub -h 127.0.0.1 -p 11883 -t healthcheck -m ok -q 0 2>/dev/null; then
|
|
echo "mosquitto reachable on 11883"; exit 0
|
|
fi
|
|
sleep 2
|
|
done
|
|
echo "mosquitto never became reachable" >&2
|
|
tail -50 /var/log/mosquitto/*.log 2>/dev/null || true
|
|
exit 1
|
|
|
|
- name: Install Rust toolchain
|
|
uses: dtolnay/rust-toolchain@stable
|
|
with:
|
|
toolchain: stable
|
|
|
|
- name: Cache cargo registry + build
|
|
uses: Swatinem/rust-cache@v2
|
|
with:
|
|
workspaces: v2 -> target
|
|
|
|
- name: Validate HA Blueprints
|
|
run: |
|
|
python -m pip install --quiet pyyaml
|
|
python scripts/validate-ha-blueprints.py
|
|
|
|
- name: Verify unit tests still pass under --features mqtt
|
|
working-directory: v2
|
|
# `cargo test` accepts a single TESTNAME filter, so we run the
|
|
# whole --lib suite here. That gives us the full 410-test green
|
|
# bar under --features mqtt (which is more reassuring than
|
|
# filtering anyway).
|
|
run: >-
|
|
cargo test -p wifi-densepose-sensing-server
|
|
--features mqtt --no-default-features
|
|
--lib
|
|
--no-fail-fast
|
|
|
|
- name: Run integration tests against mosquitto
|
|
working-directory: v2
|
|
run: >-
|
|
cargo test -p wifi-densepose-sensing-server
|
|
--features mqtt --no-default-features
|
|
--test mqtt_integration
|
|
--no-fail-fast
|
|
-- --test-threads=1 --nocapture
|
|
|
|
- name: Dump broker logs on failure
|
|
if: failure()
|
|
run: |
|
|
docker ps -a
|
|
docker logs $(docker ps -aqf "ancestor=eclipse-mosquitto:2.0.18") || true
|