feat: end-to-end script CRUD + Rhai execution

Brings the MVP feature set online: upload a Rhai script, get an HTTP
endpoint that runs it sandboxed in-process, list/update/delete it, and
have invalid sources rejected at upload time. Verified live through
Caddy with a full lifecycle (`create → list → get → execute → update
→ delete`) plus error paths (syntax error, duplicate name, deleted).

Layout — every concern lands behind the trait seam its layer owns, so
cluster-mode in v1.3+ is a swap of two impls, not a rewrite:

  * shared::ScriptValidator — manager calls into validation without
    a hard dep on executor-core; executor-core impls the trait on
    `Engine`. Pinned in shared so neither crate has to know about
    the other.

  * executor-core::Engine — real Rhai engine: sandbox limits (max
    operations / string size / map size / call depth), disabled
    `print`, blocked `import` (DummyModuleResolver), `log::trace
    /info/warn/error` registered as a static module with shared
    log-capture buffer (no `log::debug` because `debug` is a Rhai
    reserved keyword — `log::trace` covers the same need).

      - `ctx` is pushed as a Scope constant exposing
        execution_id, script_id, script_name, request_id,
        invocation_type, request.{path,headers,body}.

      - Response convention: a Map with `statusCode` is the
        structured shape (`{statusCode, headers?, body}`); any
        other return value is a 200 with the value as the body.

      - Engine::execute is now synchronous (pure compute); the
        async wrapper + wall-clock timeout live in
        LocalExecutorClient, which spawns_blocking and applies a
        300s hard ceiling regardless of per-script config.

      - 10 unit tests cover validate, exec, structured response,
        ctx exposure, log capture, op-budget enforcement, runtime
        errors, blocked imports, JSON round-tripping.

  * manager-core::repo — full sqlx CRUD over the `scripts` table,
    with proper unique-violation handling for duplicate names.
    Embedded migrations via `sqlx::migrate!` (one initial
    `0001_init.sql` for pgcrypto + scripts + execution_logs).

  * manager-core::api — `admin_router` mounts `/scripts` and
    `/scripts/{id}`. Create + Update validate source through the
    injected `ScriptValidator` before persistence. Returns proper
    422/409/404 status codes via `ApiError::IntoResponse`.

  * orchestrator-core::api — `data_plane_router` mounts
    `/execute/{id}`: resolves the script through `ScriptResolver`,
    constructs the `ExecRequest` from headers+body, awaits
    `ExecutorClient::execute(..., timeout)`, translates the
    `ExecResponse` to an axum `Response` with header passthrough.
    Maps `ExecError` variants to 422/504/502/507.

  * picloud all-in-one — opens the pool, runs migrations, builds
    one engine, nests both routers under `/api/admin` and `/api`,
    enables structured JSON tracing and graceful shutdown on
    SIGTERM. Single `PostgresScriptRepository` Arc is shared by
    the admin router (writes) and the resolver (reads).

Other changes:
  * Workspace axum bump 0.7 → 0.8 for the `{id}` path syntax
    matching the route definitions.
  * Workspace clippy: allow `needless_pass_by_value` and
    `boxed_local` to keep API ergonomics over pedantic noise.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

crates/picloud/src/main.rs

@@ -1,35 +1,97 @@
-//! PiCloud all-in-one binary — runs manager + orchestrator + executor in
-//! one process. This is the only binary built for MVP. The split binaries
-//! (`picloud-manager`, `picloud-orchestrator`, `picloud-executor`) exist
-//! to enforce the crate boundaries and will be fleshed out in v1.3+
-//! when cluster mode is built.
+//! PiCloud all-in-one binary — manager + orchestrator + executor in
+//! one process. The only binary built for MVP.
+//!
+//! On startup it opens the Postgres pool, runs migrations, builds the
+//! Rhai engine, then nests both core routers behind a single Axum
+//! listener:
+//!
+//!   /api/admin/*        → manager-core (script CRUD)
+//!   /api/execute/{id}   → orchestrator-core (data plane)
+//!   /healthz            → liveness probe
+//!
+//! Cluster-mode (v1.3+) keeps this layout — splits each nested router
+//! into its own binary, swaps `LocalExecutorClient` for the remote one,
+//! and points Caddy at the new upstreams.
+
+use std::net::SocketAddr;
+use std::sync::Arc;
+use std::time::Duration;
 
 use axum::{routing::get, Router};
-use std::net::SocketAddr;
+use picloud_executor_core::{Engine, Limits};
+use picloud_manager_core::{
+    admin_router, migrations, AdminState, PostgresScriptRepository, RepoResolver,
+};
+use picloud_orchestrator_core::{data_plane_router, DataPlaneState, LocalExecutorClient};
+use picloud_shared::ScriptValidator;
+use sqlx::postgres::PgPoolOptions;
+use sqlx::PgPool;
+use tower_http::trace::TraceLayer;
 use tracing_subscriber::EnvFilter;
 
 #[tokio::main]
 async fn main() -> anyhow::Result<()> {
-    tracing_subscriber::fmt()
-        .with_env_filter(EnvFilter::try_from_default_env().unwrap_or_else(|_| "info".into()))
-        .json()
-        .init();
-
-    let app = Router::new()
-        .route("/healthz", get(healthz))
-        .route("/", get(root));
+    init_tracing();
 
     let addr: SocketAddr = std::env::var("PICLOUD_BIND")
         .unwrap_or_else(|_| "0.0.0.0:8080".into())
         .parse()?;
+    let database_url =
+        std::env::var("DATABASE_URL").map_err(|_| anyhow::anyhow!("DATABASE_URL is required"))?;
+
+    let pool = init_db(&database_url).await?;
+    migrations::run(&pool).await?;
+    tracing::info!("migrations applied");
+
+    let app = build_app(pool);
 
     let listener = tokio::net::TcpListener::bind(addr).await?;
     tracing::info!(%addr, "picloud all-in-one listening");
-    axum::serve(listener, app).await?;
+    axum::serve(listener, app)
+        .with_graceful_shutdown(shutdown_signal())
+        .await?;
 
     Ok(())
 }
 
+fn init_tracing() {
+    tracing_subscriber::fmt()
+        .with_env_filter(EnvFilter::try_from_default_env().unwrap_or_else(|_| "info".into()))
+        .json()
+        .init();
+}
+
+async fn init_db(url: &str) -> anyhow::Result<PgPool> {
+    let pool = PgPoolOptions::new()
+        .max_connections(10)
+        .acquire_timeout(Duration::from_secs(5))
+        .connect(url)
+        .await?;
+    Ok(pool)
+}
+
+fn build_app(pool: PgPool) -> Router {
+    // Core services. The `Arc`s let the routers and any background
+    // tasks share the same instances cheaply.
+    let engine = Arc::new(Engine::new(Limits::default()));
+    let repo = Arc::new(PostgresScriptRepository::new(pool));
+    let resolver = Arc::new(RepoResolver::new(PostgresScriptRepoHandle(repo.clone())));
+    let executor = Arc::new(LocalExecutorClient::new(engine.clone()));
+
+    let admin = AdminState {
+        repo: Arc::new(PostgresScriptRepoHandle(repo)),
+        validator: engine as Arc<dyn ScriptValidator>,
+    };
+    let data_plane = DataPlaneState { executor, resolver };
+
+    Router::new()
+        .route("/healthz", get(healthz))
+        .route("/", get(root))
+        .nest("/api/admin", admin_router(admin))
+        .nest("/api", data_plane_router(data_plane))
+        .layer(TraceLayer::new_for_http())
+}
+
 async fn healthz() -> &'static str {
     "ok"
 }
@@ -37,3 +99,66 @@ async fn healthz() -> &'static str {
 async fn root() -> &'static str {
     "picloud — see /api/admin/* (manager) and /api/execute/* (orchestrator)"
 }
+
+async fn shutdown_signal() {
+    let ctrl_c = async {
+        let _ = tokio::signal::ctrl_c().await;
+    };
+    #[cfg(unix)]
+    let terminate = async {
+        if let Ok(mut s) = tokio::signal::unix::signal(tokio::signal::unix::SignalKind::terminate())
+        {
+            s.recv().await;
+        }
+    };
+    #[cfg(not(unix))]
+    let terminate = std::future::pending::<()>();
+
+    tokio::select! {
+        () = ctrl_c => tracing::info!("ctrl-c received, draining"),
+        () = terminate => tracing::info!("SIGTERM received, draining"),
+    }
+}
+
+// ----------------------------------------------------------------------------
+// Bridge: PostgresScriptRepository is constructed once and shared via
+// Arc; `RepoResolver` wants ownership of an impl of `ScriptRepository`.
+// We pass a thin wrapper that delegates to the Arc'd repo, so a single
+// connection pool backs both the admin router and the resolver.
+// ----------------------------------------------------------------------------
+
+struct PostgresScriptRepoHandle(Arc<PostgresScriptRepository>);
+
+#[async_trait::async_trait]
+impl picloud_manager_core::ScriptRepository for PostgresScriptRepoHandle {
+    async fn get(
+        &self,
+        id: picloud_shared::ScriptId,
+    ) -> Result<Option<picloud_shared::Script>, picloud_manager_core::ScriptRepositoryError> {
+        self.0.get(id).await
+    }
+    async fn list(
+        &self,
+    ) -> Result<Vec<picloud_shared::Script>, picloud_manager_core::ScriptRepositoryError> {
+        self.0.list().await
+    }
+    async fn create(
+        &self,
+        input: picloud_manager_core::NewScript,
+    ) -> Result<picloud_shared::Script, picloud_manager_core::ScriptRepositoryError> {
+        self.0.create(input).await
+    }
+    async fn update(
+        &self,
+        id: picloud_shared::ScriptId,
+        patch: picloud_manager_core::ScriptPatch,
+    ) -> Result<picloud_shared::Script, picloud_manager_core::ScriptRepositoryError> {
+        self.0.update(id, patch).await
+    }
+    async fn delete(
+        &self,
+        id: picloud_shared::ScriptId,
+    ) -> Result<(), picloud_manager_core::ScriptRepositoryError> {
+        self.0.delete(id).await
+    }
+}