Conversation
…ture
- startup.rs: register mine_handler before detail_handler (/{slug}) so the
literal path /mine is not swallowed by the wildcard route
- creator.rs: use Option<ReqData<User>> so anonymous requests that slip
through Casbin (via /:slug wildcard policy) return 403 instead of 500
- dockerhub_service.rs: add 3s timeout to Redis ConnectionManager::new so
integration tests don't hang indefinitely when Redis is unreachable
- tests/common/mod.rs: fix mock_auth_server to actually await the Server
future so the mock OAuth endpoint is reachable during tests
- tests/marketplace_mine.rs: new HTTP integration test suite for
GET /api/templates/mine (empty list, user-scoped results, no-auth 403)
Root cause of the production 404: the response body {"message":"Not Found"}
is not Stacker's format — it originates from an external reverse proxy or an
outdated binary at https://stacker.try.direct. The route is correctly
registered in Stacker and the Casbin policies are present in migrations.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
postgresql 18
docker/build-push-action@v6 changed the default build context from '.' to the GitHub repo URL. For pull requests this resolves to refs/pull/N/merge which Docker's external buildx cannot fetch, causing: 'repository does not contain ref refs/pull/N/merge' Explicitly setting context: . uses the locally extracted artifact files. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ns. Replace DeployFailed{target: Cloud, ...} with MarketplaceFailed(String)
The cicd-linux-docker job builds with context: . from the extracted app.tar.gz, but access_control.conf.dist was missing from the archive. The Dockerfile COPYs this file in the production stage, causing the build to fail. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The Docker builder stage needs the full source tree (Cargo.toml, src/, .sqlx/, docker/local/ etc). Replace artifact download with a direct checkout using the correct ref for both push and PR events. Also stop pushing Docker images on PRs (push: false for pull_request events) to avoid overwriting :latest with unreviewed code. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…e submit subcommand
- Add my_reviews_handler: GET /api/templates/{id}/reviews
Accessible to authenticated users (group_user). Verifies the requesting
user owns the template before returning review history. Fixes 403 error
from marketplace logs which was wrongly calling the admin-only endpoint
/api/admin/templates/{id}.
- Migration: Casbin policy for group_user on /api/templates/:id/reviews GET
- Update CLI marketplace_reviews() to call the new user endpoint
/api/templates/{id}/reviews instead of /api/admin/templates/{id}
- Add 'stacker marketplace submit' subcommand so submission is discoverable
under 'stacker marketplace --help' (delegates to existing SubmitCommand)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add #[cfg(test)] mod tests blocks to 8 model files: - project.rs: validate/sanitize project names, Project methods, error display - command.rs: status/priority enums, builder pattern, status transitions, serde - project_app.rs: defaults, enabled, env_map, vault sync, versioning - cloud.rs: mask_string, Display masking, new/default, serialization - agent.rs: Agent online/offline lifecycle, AuditLog builder pattern - server.rs: defaults, validation, Server->ServerWithProvider conversion - deployment.rs: new, default, serialization - client.rs: Debug masking, default Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add #[cfg(test)] mod tests blocks to 8 files: - src/forms/project/docker_image.rs: Display trait, serialization - src/forms/project/port.rs: validation, TryInto, serialization - src/forms/project/network.rs: defaults, Into NetworkSettings - src/forms/server.rs: form<->model conversions, roundtrip - src/forms/rating/add.rs: Into Rating, serde_valid validation - src/helpers/compressor.rs: brotli compression behavior - src/helpers/cloud/security.rs: b64 encode/decode, AES encrypt/decrypt - src/models/ratecategory.rs: Into String, all variants, default Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: vsilent <42473+vsilent@users.noreply.github.com> Agent-Logs-Url: https://github.com/trydirect/stacker/sessions/07304b5d-2754-4f90-b791-562493cc6454
Co-authored-by: vsilent <42473+vsilent@users.noreply.github.com> Agent-Logs-Url: https://github.com/trydirect/stacker/sessions/07304b5d-2754-4f90-b791-562493cc6454
Copilot/analyze test coverage
…t in artifact - Replace actions/checkout@v6 with @v4 (v6 does not exist) - Replace actions/upload-artifact@v6 with @v4 (v6 does not exist) - Replace actions/cache@v5 with @v4 (v5 does not exist) - Also copy access_control.conf.dist into the app artifact zip so alternative build paths that use the artifact also have the file The invalid action versions caused checkout to silently fail, leaving access_control.conf.dist absent from the Docker build context. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Tests that set/remove SECURITY_KEY were racing when cargo test ran with multiple threads (default in CI). Added a static Mutex<()> and a shared TEST_KEY constant so all env-mutating tests acquire the lock before touching the environment. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The compose endpoint only had a Casbin policy for admin_service (JWT), but OAuth-based access from User Service authenticates as 'root' which inherits group_admin. This caused 403 when fetching marketplace template compose snapshots, leaving stack_definition NULL and blocking deployments. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
mine_handlerbeforedetail_handler(/{slug}) instartup.rsso/api/templates/mineis no longer swallowed by the wildcard routemine_handlernow returns 403 explicitly for anonymous requests (instead of 500)CliError::MarketplaceFailedreplacesDeployFailedin all marketplace CLI methods — removes the misleading 'Deployment to cloud failed' message for non-deployment operationscontext: .to build-push step so PR builds don't fail with 'refs/pull/N/merge' errortests/marketplace_mine.rswith 3 HTTP integration tests; fixed mock auth server and Redis timeout in test helpersCo-authored-by: Copilot 223556219+Copilot@users.noreply.github.com