Skip to content

Dev#189

Open
vsilent wants to merge 78 commits into
mainfrom
dev
Open

Dev#189
vsilent wants to merge 78 commits into
mainfrom
dev

Conversation

@vsilent

@vsilent vsilent commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator

No description provided.

robotizeit and others added 30 commits June 1, 2026 14:13
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 1. parse_compose_host_port() — parses both string (127.0.0.1:3000:80) and mapping ({published: 3000}) compose port entries
 2. collect_compose_host_port_services() — reads the compose file and returns all (host_port, service_name) pairs
 3. get_own_compose_running_ports() — runs docker compose ps --format {{.Ports}} to discover ports currently held by this project's own containers (to avoid false positives on redeploys)
 4. check_local_host_port_conflicts() — TCP-binds each declared port; if a bind fails AND the port isn't owned by the project's own containers, it's flagged as a real conflict
 5. LocalDeploy::deploy() — calls the check before docker compose up; if conflicts are found, it returns a clear error like:
 Host port conflict detected before deploy:
   • port 3000 (service 'status-panel-web') is already allocated on this host — find the owner with: lsof -nP -iTCP:3000 -sTCP:LISTEN
 Stop the conflicting process or change the port in stacker.yml, then retry.
…red for stripe_connect, constant-time Stripe signature verification, rating duplicate race condition fixed, template rating upsert is now atomic, public rating summary no longer mutates DB, public vendor endpoint now uses slug-only lookup
…ured as the correct Install Service-compatible mapping. install.inputs section to the stacker.yml
robotizeit and others added 30 commits June 23, 2026 15:17
The mock payout provider hands out https://mock.payouts.local/... URLs
that are clearly not real destinations. Until now, when
STACKER_PAYOUT_PROVIDER was unset on a prod box, the default silently
fell back to mock — so the misconfig only surfaced when a creator
clicked "Become a creator" and landed on a non-existent host.

Now init_payout_provider:
- Detects production via STACKER_ENV/APP_ENV/NODE_ENV (same vars
  MarketplaceAssetSettings already honours).
- Refuses to start with the mock provider in production, returning an
  error that names the env vars to set.
- Emits tracing::warn! on startup whenever mock is active in non-prod,
  so engineers see at a glance that no real money will move.
- Emits tracing::info! when stripe_connect initialises so the active
  provider is auditable from the boot log.

Tests cover: mock rejected in prod, empty provider treated as mock and
rejected in prod, mock allowed outside prod, stripe_connect initialises
in prod. Decision logic is extracted into init_payout_provider_inner
which takes is_production as a parameter so tests don't need to mutate
global env vars.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Added client_cert/client_key fields to VaultSettings
- Updated both vault clients to pass Identity to reqwest
- docker-compose.dev.yml: added VAULT_CLIENT_CERT/KEY env vars
Update DEFAULT_VAULT_URL to :8443 for mTLS
…ompose_host_port returns None for the port, and check_local_host_port_conflicts finds no host ports to validate. This avoids the race condition on TcpListener::bind and the CI port 80 conflict entirely
… are now replaced with case-insensitive regex matching directly on content. Test still passes
…/policy rejections, error taxonomy, marketplace trust, pipe cap
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants