lhumina_code/hero_services
23
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages 1 Wiki Activity Actions

fix: ports, Makefile, tests, secrets, and dependency cleanup #17

Closed
mik-tf wants to merge 18 commits from development_mik into development
pull from: development_mik
merge into: lhumina_code:development
Conversation 1 Commits 18 Files changed 38 +2930 -472
mik-tf commented 2026-02-19 03:01:58 +00:00
Owner
Copy link

Summary

Comprehensive build system and CI overhaul: fix build_lib argument bugs, align CI pipeline to use Makefile as single source of truth, and add three-tier local CI reproduction (test-all, ci-local, ci-docker).

Changes

Build fixes

  • Fix build releasebuild in Makefile build target (CI blocker — "release" went into features arg)
  • Fix build debugbuild "$ALL_FEATURES" "" debug in installdev target
  • Fix all clippy warnings (collapsible_if, map_or, unsafe fn bodies, dead_code)
  • Run cargo fmt on pre-existing formatting issues
  • Switch Cargo.toml git deps from SSH to HTTPS (per hero_coderoot convention)

CI pipeline alignment

  • test-all.sh now calls make targets (fmt-check, lint, check, test, build) — not raw cargo
  • CI workflow (build.yaml) simplified to single make test-all step
  • ci-local.sh calls make test-all with CARGO_NET_GIT_FETCH_WITH_CLI=true

Three-tier local CI (new)

  • make test-all — quick offline checks (~80% fidelity)
  • make ci-local — no workspace config overrides, CI env vars (~95% fidelity)
  • make ci-docker — same Docker image as CI, deps.txt patching (~100% fidelity)

Infrastructure

  • New scripts/ci-docker.sh — Docker orchestrator with SSH/cargo mounts
  • New scripts/ci-patch-deps.sh — cross-repo deps.txt patching for feature branches
  • Replace local path dep with git dep for herolib_os
  • Add missing Makefile targets (lint, fmt-check, ship-binary, build-package, ci-docker)
  • Replace simplified build_lib.sh with canonical version
  • Add 19 unit tests and smoke test framework
  • Remove hardcoded secrets, add ${VAR:-default} env substitution

Testing

  • 19/19 unit tests pass
  • make ci-local passes → remote CI passes (confirmed)
  • make ci-docker passes inside Docker container

Closes #16

Consolidated from #14 into development_mik branch (includes latest development merged in).

## Summary Comprehensive build system and CI overhaul: fix build_lib argument bugs, align CI pipeline to use Makefile as single source of truth, and add three-tier local CI reproduction (test-all, ci-local, ci-docker). ## Changes ### Build fixes - Fix `build release` → `build` in Makefile build target (CI blocker — "release" went into features arg) - Fix `build debug` → `build "$ALL_FEATURES" "" debug` in installdev target - Fix all clippy warnings (collapsible_if, map_or, unsafe fn bodies, dead_code) - Run cargo fmt on pre-existing formatting issues - Switch Cargo.toml git deps from SSH to HTTPS (per hero_coderoot convention) ### CI pipeline alignment - test-all.sh now calls `make` targets (fmt-check, lint, check, test, build) — not raw cargo - CI workflow (build.yaml) simplified to single `make test-all` step - ci-local.sh calls `make test-all` with `CARGO_NET_GIT_FETCH_WITH_CLI=true` ### Three-tier local CI (new) - `make test-all` — quick offline checks (~80% fidelity) - `make ci-local` — no workspace config overrides, CI env vars (~95% fidelity) - `make ci-docker` — same Docker image as CI, deps.txt patching (~100% fidelity) ### Infrastructure - New `scripts/ci-docker.sh` — Docker orchestrator with SSH/cargo mounts - New `scripts/ci-patch-deps.sh` — cross-repo deps.txt patching for feature branches - Replace local path dep with git dep for herolib_os - Add missing Makefile targets (lint, fmt-check, ship-binary, build-package, ci-docker) - Replace simplified build_lib.sh with canonical version - Add 19 unit tests and smoke test framework - Remove hardcoded secrets, add ${VAR:-default} env substitution ## Testing - 19/19 unit tests pass - `make ci-local` passes → remote CI passes (confirmed) - `make ci-docker` passes inside Docker container Closes #16 --- Consolidated from #14 into `development_mik` branch (includes latest `development` merged in).
fix: standardize hero_os port to 8880 (88xx frontend convention)
Some checks failed
Build and Test / build (pull_request) Failing after 4m42s
Details
346ca12b28 
- Replace hero_wasmos references with hero_os
- Align all port references to 8880 (was 3388/8201)
- hero_wasmos is archived, hero_os is the active frontend
fix: add hero_launcher port 3394 and explicit listen address
Some checks failed
Build and Test / build (pull_request) Failing after 4m31s
Details
2ceffeb04b
fix: add redis auth and docker runtime to hero_launcher service config
Some checks failed
Build and Test / build (pull_request) Failing after 3m45s
Details
023ee8c3ed 
- Fix stale ports across docs, tests, examples, CI, Dockerfile, Makefile
- Replace 6666→3378 (hero_redis), 7365→3387 (hero_forge), 8080→3390
  (hero_supervisor), 6379→3378 (hero_redis), 3030→N/A (removed)
- Add hero_launcher (3394) to DEFAULT_CONFIGS in config.rs
- Rewrite buildenv.sh with all correct port assignments
- Update SERVICE_ARCHITECTURE.md with complete service table
- Fix CI workflow docker-run port mappings
- Fix Dockerfile EXPOSE ports

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
hero_redis's embedded admin UI (--web-port 2759) scans the current
working directory for template files. When launched by zinit under
hero_zero's directory, it finds hero_zero's admin UI templates which
are incompatible, causing a parse error and immediate exit.

Adding --web-port 0 disables the web UI, fixing the crash. The admin
UI can be re-enabled once hero_redis properly embeds its templates.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add standard targets: help, version, status, installdev, test-all, all
- Move config variables to top (VERSION, BINARY_NAME, INSTALL_DIR, etc.)
- Use self-documenting help with grep pattern
- Merge check and clippy into single fmt target
- Add scripts/test-all.sh for CI-equivalent local validation
- Organize sections per skill template
- Fix run target description (was misleading "from releases")

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
refactor: extract Makefile logic into scripts per makefile_helper skill
Some checks failed
Build and Test / build (pull_request) Failing after 18s
Details
76da43af35 
Makefile targets must be 1-2 commands max with no inline scripting.

- dev target (4 lines) → scripts/dev.sh
- install target (3 lines) → scripts/install.sh
- installdev now 2 lines (build + install.sh)
- fmt split into 2 separate lines (was chained with &&)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fix: use registry image for hero_launcher Docker runtime
Some checks failed
Build and Test / build (pull_request) Failing after 17s
Details
bf08c0d335 
Point hero_launcher at forge.ourworld.tf/lhumina_code/hero_zero:latest
so container creation doesn't fail looking for a local-only image.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fix: keep process alive when admin UI is disabled
Some checks failed
Build and Test / build (pull_request) Failing after 33s
Details
497a587685 
When --admin-port 0 is passed, hero_zero now blocks on ctrl_c/SIGTERM
instead of exiting. This keeps zinit child services running inside
Docker containers where the admin UI port may conflict with the host.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Merge branch 'development' into development_hero_suite_fix
Some checks failed
Build and Test / build (pull_request) Failing after 2s
Details
029fe97736
fix: remove hardcoded secrets, add ${VAR:-default} env substitution
Some checks failed
Build and Test / build (pull_request) Failing after 3s
Details
b5284483fd 
- Add resolve_env_vars() to config.rs: resolves ${VAR} and ${VAR:-default}
  placeholders from process environment when writing zinit configs
- hero_shrimp.toml: replace real API keys (Telegram, OpenRouter, Sambanova,
  Groq) with ${VAR} placeholders — keys flow from user env at runtime
- hero_redis.toml: encryption-key and admin-secret now use
  ${HERO_REDIS_ENCRYPTION_KEY:-dev-encryption-key} syntax
- hero_supervisor.toml: admin-secret uses ${HERO_SUPERVISOR_ADMIN_SECRET:-dev-admin-secret}
- hero_launcher.toml: redis URL uses ${HERO_REDIS_ADMIN_SECRET:-dev-admin-secret}
- .env.example: document all secret env vars

Follows env_secrets skill pattern: users source ~/hero/cfg/env/* before
running hero_zero, secrets flow through to service configs. Dev defaults
ensure zero-config local development still works.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
feat: add comprehensive test suite — unit tests, smoke tests, Makefile targets
Some checks failed
Build and Test / build (pull_request) Failing after 3s
Details
bce6b03b66 
- 19 unit tests for config.rs (env substitution, TOML parsing, secrets audit)
- Suite-wide smoke tests (28 checks across 16 services via curl)
- Fixed `cargo test --lib` → `cargo test` (binary target, not library)
- Added `make smoke-test` target for integration testing
- hero_runner correctly skipped (gRPC worker, no HTTP port)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The 311-line version was missing build_binaries, publish_binaries,
setup_linux_toolchain and other functions called by the release CI
workflows (build-linux.yaml, build-macos.yaml). Tag-triggered release
builds would fail. Now using the full 1882-line canonical version.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
feat: add missing Makefile targets (lint, fmt-check, ship-binary, build-package)
Some checks failed
Build and Test / build (pull_request) Failing after 4s
Details
c2004b819f 
Adds targets required by the check skill:
- fmt: apply formatting (was previously fmt-check only)
- fmt-check: check formatting without modifying (CI use)
- lint: run clippy with -D warnings
- ship-binary: tag and push to trigger CI build/publish
- build-package: run local Forgejo Actions build workflow
Also fixed cargo_env wrapper on check/test targets.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fix: replace local path dep with git dep for herolib_os
Some checks failed
Build and Test / build (pull_request) Failing after 1m40s
Details
622a526fc7 
Local path = "../hero_lib/..." breaks CI and other developers. Use the
standard git dep pointing to branch = "development" instead. Local
overrides belong in workspace-root .cargo/config.toml.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fix: build_lib argument bugs, clippy warnings, CI/test-all alignment
All checks were successful
Build and Test / build (pull_request) Successful in 2m10s
Details
bf1d6389fc 
- Fix `build release` → `build` in Makefile and test-all.sh (CI blocker:
  "release" was passed as features arg, not profile)
- Fix `build debug` → `build "$ALL_FEATURES" "" debug` in installdev
- Align test-all.sh to use make targets instead of raw cargo commands
- Add ci-local target for workspace-aware CI reproduction
- Simplify CI workflow to single `make test-all` step
- Fix all clippy warnings (collapsible_if, unsafe blocks, map_or, etc.)
- Run cargo fmt across codebase

Closes #16

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Merge remote-tracking branch 'origin/development' into development_hero_suite_fix
All checks were successful
Build and Test / build (pull_request) Successful in 2m40s
Details
788f9c35d9 
# Conflicts:
#	Cargo.toml
feat: add ci-docker target and improve ci-local fidelity
All checks were successful
Build and Test / build (pull_request) Successful in 6m42s
Details
62801faf76 
Add three-tier local CI reproduction:
- make test-all: quick offline checks (fmt, clippy, test, build)
- make ci-local: same but without workspace config overrides (~95% CI fidelity)
- make ci-docker: runs inside the same Docker image as CI (~100% fidelity)

ci-docker.sh orchestrates Docker with SSH keys, cargo registry mounts,
and CARGO_NET_GIT_FETCH_WITH_CLI=true. ci-patch-deps.sh handles cross-repo
dependency patching on feature branches via .forgejo/deps.txt.

Also adds CARGO_NET_GIT_FETCH_WITH_CLI=true to ci-local.sh to match CI.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
timur commented 2026-02-20 09:53:23 +00:00
Owner
Copy link

Closing — valuable parts integrated into development

Reviewed all 17 commits. Rather than merging (17 conflicts), we cherry-picked and re-implemented the valuable parts.

Taken directly

  • Canonical build_lib.sh — cherry-picked 98a574fe97125d

Re-implemented with improvements

  • ${VAR:-default} env substitution (from b528448) — re-implemented as resolve_env_vars() in config.rs, replacing the __SECRET__ central whitelist. Each template now declares only the env vars it needs. → 941e629
  • Makefile standardization (from 62801fa, c2004b8, 76da43a) — rewritten to follow build_lib skill conventions with CARGO_ENV prefix, standard targets, and consolidated make profile PROFILE=<name>. → 941e629
  • Unit tests (from bce6b03) — rewritten for current architecture (14 tests covering resolve_env_vars, TOML parsing, feature management). → 941e629

Skipped

  • 260c628 (Redis web UI) — references deleted templates/ directory
  • dbb8aee, 622a526, 2304aac (herolib_os dep changes) — already resolved in development
  • bf08c0d, 84ce929, 2b634bd, f634145 (init/Docker) — superseded by current architecture
  • CI alignment commits (bf1d638, 788f9c3) — conflicts with current structure

All 44 tests pass on development. Branch can be deleted.

## Closing — valuable parts integrated into `development` Reviewed all 17 commits. Rather than merging (17 conflicts), we cherry-picked and re-implemented the valuable parts. ### Taken directly - **Canonical `build_lib.sh`** — cherry-picked `98a574f` → `e97125d` ### Re-implemented with improvements - **`${VAR:-default}` env substitution** (from `b528448`) — re-implemented as `resolve_env_vars()` in `config.rs`, replacing the `__SECRET__` central whitelist. Each template now declares only the env vars it needs. → `941e629` - **Makefile standardization** (from `62801fa`, `c2004b8`, `76da43a`) — rewritten to follow `build_lib` skill conventions with `CARGO_ENV` prefix, standard targets, and consolidated `make profile PROFILE=<name>`. → `941e629` - **Unit tests** (from `bce6b03`) — rewritten for current architecture (14 tests covering `resolve_env_vars`, TOML parsing, feature management). → `941e629` ### Skipped - `260c628` (Redis web UI) — references deleted `templates/` directory - `dbb8aee`, `622a526`, `2304aac` (herolib_os dep changes) — already resolved in development - `bf08c0d`, `84ce929`, `2b634bd`, `f634145` (init/Docker) — superseded by current architecture - CI alignment commits (`bf1d638`, `788f9c3`) — conflicts with current structure All 44 tests pass on `development`. Branch can be deleted.
timur closed this pull request 2026-02-20 09:55:24 +00:00
All checks were successful
Build and Test / build (pull_request) Successful in 6m42s
Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
lhumina_code/hero_services!17
No description provided.