feat: versioning scheme — lockstep crates + four independent surfaces

Establish how versions are assigned, bumped, and checked across the five things that actually change for users: the product itself, the Rhai SDK, the HTTP API, the database schema, and the inter-service wire (reserved for cluster mode). Crates ship in lockstep — drift between picloud-shared and picloud-manager-core is fiction since they always release together — but surfaces are versioned and checked at their natural boundaries. * docs/versioning.md is the authoritative reference: what gets a version, the per-surface compatibility rules, how each surface bump cascades to the product version (loose pre-1.0, strict post-1.0), and the five enforcement mechanisms (lockstep at compile time, /version at runtime, golden SDK contract tests, migration replay, CI guardrail). * shared::version exposes four constants — PRODUCT_VERSION (from CARGO_PKG_VERSION), SDK_VERSION ("1.0"), API_VERSION (1), WIRE_VERSION (1). Scripts read SDK_VERSION as ctx.sdk_version and can feature-detect against it. * Workspace inheritance: `[workspace.package] version = "0.2.0"` is the single point of truth; every crate uses `version.workspace = true`. dashboard/package.json mirrors. * Routes move to /api/v1/* — both control plane (/api/v1/admin/*) and data plane (/api/v1/execute/{id}). Picloud composes them via a single `/api/v{API_VERSION}` nest, so the next major is a copy-paste-and-bump. Caddyfile (dev and prod) routes /api/v1/* to picloud and 404s any other /api/* so old clients fail loudly instead of getting the SPA shell. Dashboard client + integration tests updated. * /healthz remains a plain "ok" string (k8s probes); /version is the new JSON endpoint returning every surface version in one place — product, sdk, api, schema (from manager-core::migrations::latest_version), wire. * Reasonable bump rationale: API path changes are breaking by definition, so 0.1.0 → 0.2.0 (pre-1.0 license to bump minor on any breaking change). SDK starts at 1.0 because scripts depend on it more strictly than the product depends on its internals; we'd rather promise SDK stability early than pull the rug. Verified live: * /healthz → "ok" (plain text) * /version → {product:"0.2.0",sdk:"1.0",api:1,schema:1,wire:1} * /api/v1/admin/scripts → 200 * /api/admin/scripts → 404 with error JSON (sunset major) * Script can read ctx.sdk_version → "1.0" * All 14 integration tests pass against new paths * 11 executor-core unit tests pass (added one for sdk_version exposure with the major.minor format invariant) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 00:31:08 +02:00
parent 777f4af628
commit 0473d295af
23 changed files with 356 additions and 70 deletions
--- a/dashboard/package.json
+++ b/dashboard/package.json
@@ -1,6 +1,6 @@
 {
  "name": "picloud-dashboard",
-  "version": "0.1.0",
+  "version": "0.2.0",
  "private": true,
  "type": "module",
  "scripts": {
--- a/dashboard/src/lib/api.ts
+++ b/dashboard/src/lib/api.ts
@@ -1,7 +1,7 @@
 // Thin client for the PiCloud control-plane and data-plane APIs.
 //
-// The dashboard primarily targets `/api/admin/*` (manager). The
-// data-plane (`/api/execute/*`, orchestrator) is reachable through
+// The dashboard primarily targets `/api/v1/admin/*` (manager). The
+// data-plane (`/api/v1/execute/*`, orchestrator) is reachable through
 // the same Caddy upstream so the "Test invoke" panel can hit it
 // without any cross-origin gymnastics.

@@ -102,27 +102,27 @@ export const api = {
 	health: () => fetch('/healthz').then((r) => r.text()),

 	scripts: {
-		list: () => adminRequest<Script[]>('/api/admin/scripts'),
-		get: (id: string) => adminRequest<Script>(`/api/admin/scripts/${id}`),
+		list: () => adminRequest<Script[]>('/api/v1/admin/scripts'),
+		get: (id: string) => adminRequest<Script>(`/api/v1/admin/scripts/${id}`),
 		create: (input: CreateScriptInput) =>
-			adminRequest<Script>('/api/admin/scripts', {
+			adminRequest<Script>('/api/v1/admin/scripts', {
 				method: 'POST',
 				body: JSON.stringify(input)
 			}),
 		update: (id: string, input: UpdateScriptInput) =>
-			adminRequest<Script>(`/api/admin/scripts/${id}`, {
+			adminRequest<Script>(`/api/v1/admin/scripts/${id}`, {
 				method: 'PUT',
 				body: JSON.stringify(input)
 			}),
 		remove: (id: string) =>
-			adminRequest<null>(`/api/admin/scripts/${id}`, { method: 'DELETE' }),
+			adminRequest<null>(`/api/v1/admin/scripts/${id}`, { method: 'DELETE' }),
 		logs: (id: string, opts: { limit?: number; offset?: number } = {}) => {
 			const params = new URLSearchParams();
 			if (opts.limit !== undefined) params.set('limit', String(opts.limit));
 			if (opts.offset !== undefined) params.set('offset', String(opts.offset));
 			const qs = params.toString();
 			return adminRequest<ExecutionLog[]>(
-				`/api/admin/scripts/${id}/logs${qs ? `?${qs}` : ''}`
+				`/api/v1/admin/scripts/${id}/logs${qs ? `?${qs}` : ''}`
 			);
 		}
 	},
@@ -132,7 +132,7 @@ export const api = {
 		body: unknown,
 		extraHeaders?: Record<string, string>
 	): Promise<ExecutionResult> => {
-		const res = await fetch(`/api/execute/${id}`, {
+		const res = await fetch(`/api/v1/execute/${id}`, {
 			method: 'POST',
 			headers: { 'content-type': 'application/json', ...(extraHeaders ?? {}) },
 			body: body === undefined ? '{}' : JSON.stringify(body)