Benjamin_Boenisch/breakpilot-core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add DevSecOps tools, Woodpecker proxy, Vault persistent storage, pitch-deck annex slides
All checks were successful
CI / test-bqas (push) Successful in 32s
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-consent (push) Successful in 46s
Details
CI / test-python-voice (push) Successful in 38s
Details

Browse Source 
- Install Gitleaks, Trivy, Grype, Syft, Semgrep, Bandit in backend-core Dockerfile
- Add Woodpecker SQLite proxy API (fallback without API token)
- Mount woodpecker_data volume read-only to backend-core
- Add backend proxy fallback in admin-core Woodpecker route
- Add Vault file-based persistent storage (config.hcl, init-vault.sh)
- Auto-init, unseal and root-token persistence for Vault
- Add 6 pitch-deck annex slides (Assumptions, Architecture, GTM, Regulatory, Engineering, AI Pipeline)
- Dynamic margin/amortization KPIs in BusinessModelSlide
- Market sources modal with citations in MarketSlide
- Redesign nginx landing page to 3-column layout (Lehrer/Compliance/Core)
- Extend MkDocs nav with Services and SDK documentation sections
- Add SDK Protection architecture doc

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Benjamin Boenisch
2026-02-17 15:42:43 +01:00
parent eb43b40dd0
commit b7d21daa24
31 changed files with 3323 additions and 299 deletions
Download Patch File Download Diff File Expand all files Collapse all files

191
admin-core/app/api/admin/infrastructure/woodpecker/route.ts
View File

@@ -3,6 +3,7 @@ import { NextRequest, NextResponse } from 'next/server'
// Woodpecker API configuration
const WOODPECKER_URL = process.env.WOODPECKER_URL || 'http://woodpecker-server:8000'
const WOODPECKER_TOKEN = process.env.WOODPECKER_TOKEN || ''
const BACKEND_URL = process.env.BACKEND_URL || 'http://backend-core:8000'
export interface PipelineStep {
name: string
@@ -25,6 +26,7 @@ export interface Pipeline {
finished: number
steps: PipelineStep[]
errors?: string[]
repo_name?: string
}
export interface WoodpeckerStatusResponse {
@@ -34,82 +36,129 @@ export interface WoodpeckerStatusResponse {
error?: string
}
export async function GET(request: NextRequest) {
const searchParams = request.nextUrl.searchParams
const repoId = searchParams.get('repo') || '1'
const limit = parseInt(searchParams.get('limit') || '10')
async function fetchFromBackendProxy(repoId: string, limit: number): Promise<WoodpeckerStatusResponse> {
// Use backend-core proxy that reads Woodpecker sqlite DB directly
const url = `${BACKEND_URL}/api/v1/woodpecker/pipelines?repo=${repoId}&limit=${limit}`
const response = await fetch(url, { cache: 'no-store' })
try {
// Fetch pipelines from Woodpecker API
const response = await fetch(
`${WOODPECKER_URL}/api/repos/${repoId}/pipelines?per_page=${limit}`,
{
headers: {
'Authorization': `Bearer ${WOODPECKER_TOKEN}`,
'Content-Type': 'application/json',
},
cache: 'no-store',
}
)
if (!response.ok) {
return NextResponse.json({
status: 'offline',
pipelines: [],
lastUpdate: new Date().toISOString(),
error: `Woodpecker API nicht erreichbar (${response.status})`
} as WoodpeckerStatusResponse)
if (!response.ok) {
return {
status: 'offline',
pipelines: [],
lastUpdate: new Date().toISOString(),
error: `Backend Woodpecker Proxy Fehler (${response.status})`
}
}
const rawPipelines = await response.json()
const data = await response.json()
return {
status: data.status || 'online',
pipelines: (data.pipelines || []).map((p: any) => ({
id: p.id,
number: p.number,
status: p.status,
event: p.event,
branch: p.branch || 'main',
commit: p.commit || '',
message: p.message || '',
author: p.author || '',
created: p.created,
started: p.started,
finished: p.finished,
repo_name: p.repo_name,
steps: (p.steps || []).map((s: any) => ({
name: s.name,
state: s.state,
exit_code: s.exit_code || 0,
error: s.error
})),
})),
lastUpdate: data.lastUpdate || new Date().toISOString(),
}
}
// Transform pipelines to our format
const pipelines: Pipeline[] = rawPipelines.map((p: any) => {
// Extract errors from workflows/steps
const errors: string[] = []
const steps: PipelineStep[] = []
async function fetchFromWoodpeckerAPI(repoId: string, limit: number): Promise<WoodpeckerStatusResponse> {
const response = await fetch(
`${WOODPECKER_URL}/api/repos/${repoId}/pipelines?per_page=${limit}`,
{
headers: {
'Authorization': `Bearer ${WOODPECKER_TOKEN}`,
'Content-Type': 'application/json',
},
cache: 'no-store',
}
)
if (p.workflows) {
for (const workflow of p.workflows) {
if (workflow.children) {
for (const child of workflow.children) {
steps.push({
name: child.name,
state: child.state,
exit_code: child.exit_code,
error: child.error
})
if (child.state === 'failure' && child.error) {
errors.push(`${child.name}: ${child.error}`)
}
if (!response.ok) {
return {
status: 'offline',
pipelines: [],
lastUpdate: new Date().toISOString(),
error: `Woodpecker API nicht erreichbar (${response.status})`
}
}
const rawPipelines = await response.json()
const pipelines: Pipeline[] = rawPipelines.map((p: any) => {
const errors: string[] = []
const steps: PipelineStep[] = []
if (p.workflows) {
for (const workflow of p.workflows) {
if (workflow.children) {
for (const child of workflow.children) {
steps.push({
name: child.name,
state: child.state,
exit_code: child.exit_code,
error: child.error
})
if (child.state === 'failure' && child.error) {
errors.push(`${child.name}: ${child.error}`)
}
}
}
}
}
return {
id: p.id,
number: p.number,
status: p.status,
event: p.event,
branch: p.branch,
commit: p.commit?.substring(0, 7) || '',
message: p.message || '',
author: p.author,
created: p.created,
started: p.started,
finished: p.finished,
steps,
errors: errors.length > 0 ? errors : undefined
}
})
return {
id: p.id,
number: p.number,
status: p.status,
event: p.event,
branch: p.branch,
commit: p.commit?.substring(0, 7) || '',
message: p.message || '',
author: p.author,
created: p.created,
started: p.started,
finished: p.finished,
steps,
errors: errors.length > 0 ? errors : undefined
}
})
return NextResponse.json({
status: 'online',
pipelines,
lastUpdate: new Date().toISOString()
} as WoodpeckerStatusResponse)
return {
status: 'online',
pipelines,
lastUpdate: new Date().toISOString()
}
}
export async function GET(request: NextRequest) {
const searchParams = request.nextUrl.searchParams
const repoId = searchParams.get('repo') || '0'
const limit = parseInt(searchParams.get('limit') || '10')
try {
// If WOODPECKER_TOKEN is set, use the Woodpecker API directly
// Otherwise, use the backend proxy that reads the sqlite DB
if (WOODPECKER_TOKEN) {
return NextResponse.json(await fetchFromWoodpeckerAPI(repoId, limit))
} else {
return NextResponse.json(await fetchFromBackendProxy(repoId, limit))
}
} catch (error) {
console.error('Woodpecker API error:', error)
return NextResponse.json({
@@ -127,6 +176,13 @@ export async function POST(request: NextRequest) {
const body = await request.json()
const { repoId = '1', branch = 'main' } = body
if (!WOODPECKER_TOKEN) {
return NextResponse.json(
{ error: 'WOODPECKER_TOKEN nicht konfiguriert - Pipeline-Start nicht moeglich' },
{ status: 503 }
)
}
const response = await fetch(
`${WOODPECKER_URL}/api/repos/${repoId}/pipelines`,
{
@@ -178,6 +234,13 @@ export async function PUT(request: NextRequest) {
)
}
if (!WOODPECKER_TOKEN) {
return NextResponse.json(
{ error: 'WOODPECKER_TOKEN nicht konfiguriert' },
{ status: 503 }
)
}
const response = await fetch(
`${WOODPECKER_URL}/api/repos/${repoId}/pipelines/${pipelineNumber}/logs/${stepId}`,
{