Phase 1: config loading, database migrations, audit log
- internal/config: TOML config with env overrides (MCR_ prefix), required field validation, same-filesystem check, defaults - internal/db: SQLite via modernc.org/sqlite, WAL mode, 2 migrations (core registry tables + policy/audit), foreign key cascades - internal/db: audit log write/list with filtering and pagination - deploy/examples/mcr.toml: annotated example configuration - .golangci.yaml: disable fieldalignment (readability over micro-opt) - checkpoint skill copied from mcias Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
108
PROGRESS.md
108
PROGRESS.md
@@ -6,11 +6,13 @@ See `PROJECT_PLAN.md` for the implementation roadmap and
|
||||
|
||||
## Current State
|
||||
|
||||
**Phase:** Pre-implementation
|
||||
**Phase:** 1 complete, ready for Batch A (Phase 2 + Phase 3)
|
||||
**Last updated:** 2026-03-19
|
||||
|
||||
### Completed
|
||||
|
||||
- Phase 0: Project scaffolding (all 4 steps)
|
||||
- Phase 1: Configuration & database (all 3 steps)
|
||||
- `ARCHITECTURE.md` — Full design specification (18 sections)
|
||||
- `CLAUDE.md` — AI development guidance
|
||||
- `PROJECT_PLAN.md` — Implementation plan (14 phases, 40+ steps)
|
||||
@@ -18,14 +20,112 @@ See `PROJECT_PLAN.md` for the implementation roadmap and
|
||||
|
||||
### Next Steps
|
||||
|
||||
1. Begin Phase 0: Project scaffolding (Step 0.1: Go module and directory
|
||||
structure)
|
||||
2. After Phase 0 passes `make all`, proceed to Phase 1
|
||||
1. Begin Batch A: Phase 2 (blob storage) and Phase 3 (MCIAS auth)
|
||||
in parallel — these are independent
|
||||
2. After both complete, proceed to Phase 4 (policy engine)
|
||||
|
||||
---
|
||||
|
||||
## Log
|
||||
|
||||
### 2026-03-19 — Phase 1: Configuration & database
|
||||
|
||||
**Task:** Implement TOML config loading with env overrides and validation,
|
||||
SQLite database with migrations, and audit log helpers.
|
||||
|
||||
**Changes:**
|
||||
|
||||
Step 1.1 — `internal/config/`:
|
||||
- `config.go`: `Config` struct matching ARCHITECTURE.md §10 (all 6 TOML
|
||||
sections: server, database, storage, mcias, web, log)
|
||||
- Parsed with `go-toml/v2`; env overrides via `MCR_` prefix using
|
||||
reflection-based struct walker
|
||||
- Startup validation: 6 required fields checked (listen_addr, tls_cert,
|
||||
tls_key, database.path, storage.layers_path, mcias.server_url)
|
||||
- Same-filesystem check for layers_path/uploads_path via device ID
|
||||
comparison (walks to nearest existing parent if path doesn't exist yet)
|
||||
- Default values: read_timeout=30s, write_timeout=0, idle_timeout=120s,
|
||||
shutdown_timeout=60s, uploads_path derived from layers_path, log.level=info
|
||||
- `device_linux.go`: Linux-specific `extractDeviceID` using `syscall.Stat_t`
|
||||
- `deploy/examples/mcr.toml`: annotated example config
|
||||
|
||||
Step 1.2 — `internal/db/`:
|
||||
- `db.go`: `Open(path)` creates/opens SQLite via `modernc.org/sqlite`,
|
||||
sets pragmas (WAL, foreign_keys, busy_timeout=5000), chmod 0600
|
||||
- `migrate.go`: migration framework with `schema_migrations` tracking table;
|
||||
`Migrate()` applies pending migrations in transactions; `SchemaVersion()`
|
||||
reports current version
|
||||
- Migration 000001: `repositories`, `manifests`, `tags`, `blobs`,
|
||||
`manifest_blobs`, `uploads` — all tables, constraints, and indexes per
|
||||
ARCHITECTURE.md §8
|
||||
- Migration 000002: `policy_rules`, `audit_log` — tables and indexes per §8
|
||||
|
||||
Step 1.3 — `internal/db/`:
|
||||
- `audit.go`: `WriteAuditEvent(eventType, actorID, repository, digest, ip,
|
||||
details)` with JSON-serialized details map; `ListAuditEvents(AuditFilter)`
|
||||
with filtering by event_type, actor_id, repository, time range, and
|
||||
offset/limit pagination (default 50, descending by event_time)
|
||||
- `AuditFilter` struct with all filter fields
|
||||
- `AuditEvent` struct with JSON tags for API serialization
|
||||
|
||||
Lint fix:
|
||||
- `.golangci.yaml`: disabled `fieldalignment` analyzer in govet (micro-
|
||||
optimization that hurts struct readability; not a security/correctness
|
||||
concern)
|
||||
|
||||
**Verification:**
|
||||
- `make all` passes: vet clean, lint 0 issues, 20 tests passing
|
||||
(7 config + 13 db/audit), all 3 binaries built
|
||||
- Config tests: valid load, defaults applied, uploads_path default,
|
||||
5 missing-required-field cases, env override (string + duration),
|
||||
same-filesystem check
|
||||
- DB tests: open+migrate, idempotent migrate, 9 tables verified,
|
||||
foreign key enforcement, tag cascade on manifest delete,
|
||||
manifest_blobs cascade (blob row preserved), WAL mode verified
|
||||
- Audit tests: write+list, filter by type, filter by actor, filter by
|
||||
repository, pagination (3 pages), null fields handled
|
||||
|
||||
---
|
||||
|
||||
### 2026-03-19 — Phase 0: Project scaffolding
|
||||
|
||||
**Task:** Set up Go module, build system, linter config, and binary
|
||||
entry points with cobra subcommands.
|
||||
|
||||
**Changes:**
|
||||
- `go.mod`: module `git.wntrmute.dev/kyle/mcr`, Go 1.25, cobra dependency
|
||||
- Directory skeleton: `cmd/mcrsrv/`, `cmd/mcr-web/`, `cmd/mcrctl/`,
|
||||
`internal/`, `proto/mcr/v1/`, `gen/mcr/v1/`, `web/templates/`,
|
||||
`web/static/`, `deploy/docker/`, `deploy/examples/`, `deploy/scripts/`,
|
||||
`deploy/systemd/`, `docs/`
|
||||
- `.gitignore`: binaries, `srv/`, `*.db*`, IDE/OS files
|
||||
- `Makefile`: standard targets (`all`, `build`, `test`, `vet`, `lint`,
|
||||
`proto`, `proto-lint`, `clean`, `docker`, `devserver`); `all` runs
|
||||
`vet → lint → test → mcrsrv mcr-web mcrctl`; `CGO_ENABLED=0` on binary
|
||||
builds; version injection via `-X main.version`
|
||||
- `.golangci.yaml`: golangci-lint v2 config matching mc-proxy conventions;
|
||||
linters: errcheck, govet, ineffassign, unused, errorlint, gosec,
|
||||
staticcheck, revive; formatters: gofmt, goimports; gosec G101 excluded
|
||||
in test files
|
||||
- `buf.yaml`: protobuf linting (STANDARD) and breaking change detection (FILE)
|
||||
- `cmd/mcrsrv/main.go`: root command with `server`, `init`, `snapshot`
|
||||
subcommands (stubs returning "not implemented")
|
||||
- `cmd/mcr-web/main.go`: root command with `server` subcommand (stub)
|
||||
- `cmd/mcrctl/main.go`: root command with `status`, `repo` (list/delete),
|
||||
`gc` (trigger/status), `policy` (list/create/update/delete),
|
||||
`audit` (tail), `snapshot` subcommands (stubs)
|
||||
- All binaries accept `--version` flag
|
||||
|
||||
**Verification:**
|
||||
- `make all` passes: vet clean, lint 0 issues, test (no test files),
|
||||
all three binaries built successfully
|
||||
- `./mcrsrv --version` → `mcrsrv version 3695581`
|
||||
- `./mcr-web --version` → `mcr-web version 3695581`
|
||||
- All stubs return "not implemented" error as expected
|
||||
- `make clean` removes binaries
|
||||
|
||||
---
|
||||
|
||||
### 2026-03-19 — Project planning
|
||||
|
||||
**Task:** Create design documents and implementation plan.
|
||||
|
||||
Reference in New Issue
Block a user