farhoodlabs/trebuchet
8
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases Wiki Activity

feat: add K8s API server, orchestrator abstraction, and CI pipeline

Browse Source 
- Add apps/api/ — Hono REST API server for managing pentest scans via K8s Jobs
  - POST/GET /api/scans, GET /api/scans/:id, cancel, report endpoints
  - Bearer token auth, Temporal client integration, K8s Job builder
  - Dockerfile, Kustomize manifests (Deployment, Service, RBAC)
- Add CLI orchestrator abstraction (docker.ts → Orchestrator interface)
  - DockerOrchestrator and K8sOrchestrator implementations
  - Backend detection via SHANNON_BACKEND env var or --backend flag
- Add CI workflow: type-check + lint on PR, build+push both images on main
- Switch all workflows to self-hosted runners (runners-farhoodliquor)
- Add shannon-api image build to release and release-beta workflows
- Add root infra/kustomization.yaml as Flux entry point
- Export PipelineProgress from @shannon/worker/pipeline

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Chris Farhood
2026-04-19 13:08:51 -04:00
parent 54c92e8142
commit 1bbdd7acba
36 changed files with 2635 additions and 414 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/cli/src/orchestrator.ts
+46
View File
@@ -0,0 +1,46 @@
/**
* Orchestrator interface — abstraction over container orchestration backends.
*
* Docker and Kubernetes implement this interface so the CLI commands
* can swap backends without changing their logic.
*/
export interface WorkerOptions {
version: string;
url: string;
repo: { hostPath: string; containerPath: string };
workspacesDir: string;
taskQueue: string;
containerName: string;
envFlags: string[];
config?: { hostPath: string; containerPath: string };
credentials?: string;
promptsDir?: string;
outputDir?: string;
workspace: string;
pipelineTesting?: boolean;
}
/** Handle to a running worker, returned by Orchestrator.spawnWorker(). */
export interface WorkerHandle {
onError(cb: (err: Error) => void): void;
kill(): void;
}
/** Container orchestration backend. */
export interface Orchestrator {
ensureInfra(useRouter: boolean): Promise<void>;
ensureImage(version: string): void;
spawnWorker(opts: WorkerOptions): WorkerHandle;
stopWorkers(): void;
stopInfra(clean: boolean): void;
listRunningWorkers(): string;
isTemporalReady(): boolean;
getWorkerImage(version: string): string;
/**
* Run a one-shot ephemeral container and inherit stdio.
* Used by commands like `workspaces` that need to run worker-side scripts.
*/
runEphemeral(image: string, args: string[], mounts: string[]): void;
}