marcoallegretti/karapace
1
0
Fork 0
mirror of https://github.com/marcoallegretti/karapace.git synced 2026-03-26 21:43:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
59 commits 2 branches 0 tags 746 KiB
Commit graph

59 commits

This branch
This branch
All branches
Author SHA1 Message Date
Marco Allegretti
1416b0fc99 feat: karapace-cli — 23 commands, thin dispatcher, progress indicators 
- 23 commands, each in its own module under commands/
- Thin main.rs dispatcher with clap subcommand routing
- Progress spinners (indicatif) and colored state output (console)
- Environment resolution by env_id, short_id, name, or prefix
- Structured JSON output (--json) on all query commands
- --verbose/-v for debug, --trace for trace-level logging
- KARAPACE_LOG env var for fine-grained log control
- Exit codes: 0 success, 1 failure, 2 manifest error, 3 store error
- Prerequisite check before runtime operations
- Shell completions (bash/zsh/fish/elvish/powershell) and man page generation
 2026-02-22 18:37:54 +01:00
Marco Allegretti
4a90300807 feat: karapace-tui — interactive terminal UI for environment management 
- ratatui + crossterm based TUI
- List/Detail/Help views with vim-style keybindings (j/k, g/G, Enter, q)
- Search/filter (/), sort cycling (s/S)
- Freeze, archive, rename actions from UI
- Destroy with confirmation dialog
- Color-coded environment states
 2026-02-22 18:37:39 +01:00
Marco Allegretti
23ac53ba4d feat: karapace-server — reference remote server implementing protocol v1 
- tiny_http-based HTTP server for blob storage and registry
- Dual URL routing: /blobs/Kind/key and /kind_plural/key
- Blob CRUD: PUT, GET, HEAD, list by kind
- Registry: GET/PUT for name@tag references
- TestServer helper for integration testing
- 7 HTTP E2E tests: roundtrip, push/pull, concurrent clients, restart persistence
 2026-02-22 18:37:27 +01:00
Marco Allegretti
11034ee27a feat: karapace-remote — remote content-addressable store, push/pull, registry 
- RemoteBackend trait: put/get/has blob, registry operations
- HTTP backend (ureq): blob transfer with X-Karapace-Protocol header
- Push/pull transfer with blake3 integrity verification on pull
- JSON registry for name@tag references
- RemoteConfig: persistent server URL configuration
- Auth token support via Bearer header
- Header-capturing mock server for protocol verification tests
 2026-02-22 18:37:14 +01:00
Marco Allegretti
f535020600 feat: karapace-core — engine orchestration, lifecycle state machine, drift control 
- Engine: init → resolve → lock → build → enter/exec → freeze → archive → destroy
- Cached store_root_str avoiding repeated to_string_lossy() allocations
- WAL-protected build, enter, exec, destroy, commit, restore, GC operations
- Overlay drift detection: diff/commit/export via upper_dir scanning
- Deterministic snapshot commit with composite identity hashing
- Atomic restore via staging directory swap
- StoreLock: compile-time enforcement via type parameter on gc()
- Signal handler: SIGINT/SIGTERM graceful shutdown with AtomicBool
- Push/pull delegation to karapace-remote backend
- Crash recovery: stale .running marker cleanup on Engine::new()
- Integration tests, E2E tests, crash injection tests, ENOSPC simulation
- Criterion benchmarks: build, rebuild, commit, restore, GC, verify
 2026-02-22 18:37:02 +01:00
Marco Allegretti
8493831222 feat: karapace-runtime — namespace/OCI/mock backends, sandbox, host integration 
- RuntimeBackend trait: resolve, build, enter, exec, destroy, status
- Namespace backend: unshare + fuse-overlayfs + chroot (unprivileged)
- OCI backend: crun/runc/youki support
- Mock backend: deterministic test backend with configurable resolution
- Image downloading from images.linuxcontainers.org with blake3 verification
- Sandbox script generation with POSIX shell-quote injection prevention
- Host integration: Wayland, X11, PipeWire, PulseAudio, D-Bus, GPU, audio, SSH agent
- Desktop app export as .desktop files on the host
- SecurityPolicy: mount whitelist, device policy, env var allow/deny, resource limits
- Prerequisite detection with distro-specific install instructions
- OSC 777 terminal markers for container-aware terminals
 2026-02-22 18:36:46 +01:00
Marco Allegretti
4de311ebc7 feat: karapace-store — content-addressable object store, layers, metadata, WAL 
- ObjectStore: blake3-addressed objects, atomic writes (NamedTempFile + persist)
- Integrity verification on every read (hash comparison without String allocation)
- LayerStore: layer manifests with Base/Dependency/Policy/Snapshot kinds
- MetadataStore: environment state machine, naming, ref-counting, blake3 checksum
- GarbageCollector: signal-cancellable orphan cleanup, protects live references
- WriteAheadLog: crash recovery with typed rollback steps (RemoveDir/RemoveFile/ResetState)
- StoreLayout: #[inline] path accessors, store format v2 versioning
- Store migration: v1→v2 with atomic version file rewrite
- Deterministic tar packing/unpacking (sorted entries, zero timestamps, uid/gid 0)
- fsync_dir() for POSIX-portable rename durability
 2026-02-22 18:36:31 +01:00
Marco Allegretti
cdd13755a0 feat: karapace-schema — manifest v1, normalization, identity hashing, lock file v2 
- TOML manifest parsing with strict schema validation (deny_unknown_fields)
- Deterministic normalization: sorted packages, deduplication, canonical JSON
- Two-phase identity: preliminary (from manifest) and canonical (from lock)
- Lock file v2: resolved packages with pinned versions, base image content digest
- Dual lock verification: integrity (hash) and manifest intent (drift detection)
- Built-in presets: dev, dev-rust, dev-python, gui-app, gaming, minimal
- Blake3 256-bit hashing throughout
 2026-02-22 18:36:15 +01:00
Marco Allegretti
78d40c0d0a chore: project skeleton — workspace root, license (EUPL-1.2), deny config 
- Cargo workspace with 9 crates
- EUPL-1.2 license
- cargo-deny configuration for license/advisory auditing
- .gitignore for target/, docu_dev/, editor files
 2026-02-22 18:36:03 +01:00