feat: end-to-end script CRUD + Rhai execution

Brings the MVP feature set online: upload a Rhai script, get an HTTP
endpoint that runs it sandboxed in-process, list/update/delete it, and
have invalid sources rejected at upload time. Verified live through
Caddy with a full lifecycle (`create → list → get → execute → update
→ delete`) plus error paths (syntax error, duplicate name, deleted).

Layout — every concern lands behind the trait seam its layer owns, so
cluster-mode in v1.3+ is a swap of two impls, not a rewrite:

  * shared::ScriptValidator — manager calls into validation without
    a hard dep on executor-core; executor-core impls the trait on
    `Engine`. Pinned in shared so neither crate has to know about
    the other.

  * executor-core::Engine — real Rhai engine: sandbox limits (max
    operations / string size / map size / call depth), disabled
    `print`, blocked `import` (DummyModuleResolver), `log::trace
    /info/warn/error` registered as a static module with shared
    log-capture buffer (no `log::debug` because `debug` is a Rhai
    reserved keyword — `log::trace` covers the same need).

      - `ctx` is pushed as a Scope constant exposing
        execution_id, script_id, script_name, request_id,
        invocation_type, request.{path,headers,body}.

      - Response convention: a Map with `statusCode` is the
        structured shape (`{statusCode, headers?, body}`); any
        other return value is a 200 with the value as the body.

      - Engine::execute is now synchronous (pure compute); the
        async wrapper + wall-clock timeout live in
        LocalExecutorClient, which spawns_blocking and applies a
        300s hard ceiling regardless of per-script config.

      - 10 unit tests cover validate, exec, structured response,
        ctx exposure, log capture, op-budget enforcement, runtime
        errors, blocked imports, JSON round-tripping.

  * manager-core::repo — full sqlx CRUD over the `scripts` table,
    with proper unique-violation handling for duplicate names.
    Embedded migrations via `sqlx::migrate!` (one initial
    `0001_init.sql` for pgcrypto + scripts + execution_logs).

  * manager-core::api — `admin_router` mounts `/scripts` and
    `/scripts/{id}`. Create + Update validate source through the
    injected `ScriptValidator` before persistence. Returns proper
    422/409/404 status codes via `ApiError::IntoResponse`.

  * orchestrator-core::api — `data_plane_router` mounts
    `/execute/{id}`: resolves the script through `ScriptResolver`,
    constructs the `ExecRequest` from headers+body, awaits
    `ExecutorClient::execute(..., timeout)`, translates the
    `ExecResponse` to an axum `Response` with header passthrough.
    Maps `ExecError` variants to 422/504/502/507.

  * picloud all-in-one — opens the pool, runs migrations, builds
    one engine, nests both routers under `/api/admin` and `/api`,
    enables structured JSON tracing and graceful shutdown on
    SIGTERM. Single `PostgresScriptRepository` Arc is shared by
    the admin router (writes) and the resolver (reads).

Other changes:
  * Workspace axum bump 0.7 → 0.8 for the `{id}` path syntax
    matching the route definitions.
  * Workspace clippy: allow `needless_pass_by_value` and
    `boxed_local` to keep API ergonomics over pedantic noise.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

crates/executor-core/tests/engine.rs

@@ -0,0 +1,157 @@
+use std::collections::BTreeMap;
+
+use picloud_executor_core::{Engine, ExecError, ExecRequest, InvocationType, Limits, LogLevel};
+use picloud_shared::{ExecutionId, RequestId, ScriptId};
+use serde_json::json;
+
+fn req(body: serde_json::Value) -> ExecRequest {
+    ExecRequest {
+        execution_id: ExecutionId::new(),
+        request_id: RequestId::new(),
+        script_id: ScriptId::new(),
+        script_name: "test".into(),
+        invocation_type: InvocationType::Http,
+        path: "/test".into(),
+        headers: BTreeMap::new(),
+        body,
+    }
+}
+
+fn engine() -> Engine {
+    Engine::new(Limits::default())
+}
+
+#[test]
+fn validate_accepts_well_formed_script() {
+    engine()
+        .validate("let x = 1; #{ statusCode: 200, body: x }")
+        .expect("valid script should validate");
+}
+
+#[test]
+fn validate_rejects_syntax_errors() {
+    let err = engine()
+        .validate("this is not rhai @@@")
+        .expect_err("invalid script should not validate");
+    assert!(matches!(err, ExecError::Parse(_)));
+}
+
+#[test]
+fn returns_unwrapped_value_as_200_body() {
+    let resp = engine()
+        .execute("42", req(json!(null)))
+        .expect("should execute");
+    assert_eq!(resp.status_code, 200);
+    assert_eq!(resp.body, json!(42));
+    assert!(resp.headers.is_empty());
+}
+
+#[test]
+fn returns_structured_response_when_status_code_present() {
+    let src = r#"
+        #{ statusCode: 201,
+           headers: #{ "x-test": "hello" },
+           body: #{ ok: true, msg: "created" } }
+    "#;
+    let resp = engine().execute(src, req(json!(null))).unwrap();
+    assert_eq!(resp.status_code, 201);
+    assert_eq!(
+        resp.headers.get("x-test").map(String::as_str),
+        Some("hello")
+    );
+    assert_eq!(resp.body, json!({ "ok": true, "msg": "created" }));
+}
+
+#[test]
+fn ctx_exposes_request_data() {
+    let src = r"
+        #{ statusCode: 200,
+           body: #{
+             path: ctx.request.path,
+             name: ctx.script_name,
+             amount: ctx.request.body.amount
+           } }
+    ";
+    let r = ExecRequest {
+        path: "/payments".into(),
+        body: json!({ "amount": 1234 }),
+        script_name: "payments".into(),
+        ..req(json!(null))
+    };
+    let resp = engine().execute(src, r).unwrap();
+    assert_eq!(
+        resp.body,
+        json!({ "path": "/payments", "name": "payments", "amount": 1234 })
+    );
+}
+
+#[test]
+fn captures_log_calls() {
+    let src = r#"
+        log::info("starting");
+        log::warn("watch out", #{ count: 3 });
+        log::error("oops");
+        log::trace("deep diagnostic");
+        42
+    "#;
+    let resp = engine().execute(src, req(json!(null))).unwrap();
+    assert_eq!(resp.logs.len(), 4);
+
+    let levels: Vec<_> = resp.logs.iter().map(|l| l.level).collect();
+    assert_eq!(
+        levels,
+        vec![
+            LogLevel::Info,
+            LogLevel::Warn,
+            LogLevel::Error,
+            LogLevel::Trace
+        ]
+    );
+    assert_eq!(resp.logs[0].message, "starting");
+    assert_eq!(resp.logs[1].data, Some(json!({ "count": 3 })));
+}
+
+#[test]
+fn enforces_operation_budget() {
+    let limits = Limits {
+        max_operations: 1_000,
+        ..Limits::default()
+    };
+    let engine = Engine::new(limits);
+    // 10_000 iterations vastly exceeds 1_000 ops.
+    let src = r"let n = 0; for i in 0..10000 { n += 1; } n";
+    let err = engine
+        .execute(src, req(json!(null)))
+        .expect_err("should exceed budget");
+    assert!(matches!(err, ExecError::OperationBudgetExceeded));
+}
+
+#[test]
+fn runtime_error_is_mapped_to_runtime_variant() {
+    let err = engine()
+        .execute("1 / 0", req(json!(null)))
+        .expect_err("division by zero should error");
+    assert!(matches!(err, ExecError::Runtime(_)));
+}
+
+#[test]
+fn module_import_is_blocked() {
+    let err = engine()
+        .execute(r#"import "evil" as e; 1"#, req(json!(null)))
+        .expect_err("imports should be blocked");
+    // Module-not-found is reported as a runtime error via DummyModuleResolver.
+    assert!(matches!(err, ExecError::Runtime(_) | ExecError::Parse(_)));
+}
+
+#[test]
+fn body_passes_through_nested_json_round_trip() {
+    let src = "#{ statusCode: 200, body: ctx.request.body }";
+    let body = json!({
+        "deep": {
+            "list": [1, "two", 3.5, null, true, { "k": "v" }],
+            "count": 6
+        }
+    });
+    let resp = engine().execute(src, req(body.clone())).unwrap();
+    assert_eq!(resp.body, body);
+}