feat: persist execution logs + dashboard detail view + integration tests

Three threads landing together because they share a public surface (the new execution_log shape) and verifying any one in isolation would mean re-doing the work later. == (A) execution log persistence == * shared::ExecutionLog + ExecutionStatus carry the audit-trail shape that flows from the orchestrator through the sink and back out via the manager's logs endpoint. * shared::ExecutionLogSink trait — abstraction the orchestrator writes through. In single-process MVP mode the manager's Postgres-backed impl is plugged in directly; in cluster mode (v1.3+) the orchestrator's impl will post over HTTP to the manager. Trait lives in `shared` so neither *-core crate has to know about the other. * manager-core::PostgresExecutionLogSink writes to the execution_logs table (already in the initial migration); PostgresExecutionLogRepository reads them back, paginated. AdminState now carries both a script repo and a log repo, so `admin_router` exposes `GET /scripts/{id}/logs?limit=&offset=` capped at 200 rows per page to keep the dashboard responsive. * orchestrator-core::DataPlaneState gains `log_sink`. The execute handler builds an ExecutionLog on every outcome — success, error, timeout, budget-exceeded — and awaits the sink. Sink failures are logged at warn and DO NOT mask the user-facing result, since "we couldn't write the audit row" is a separate concern from "the script ran". * picloud binary refactored into a lib (`build_app(pool)` is the seam) + thin bin shell. Same Postgres pool backs the script repo, the log repo, and the sink — no double pool. == (B) dashboard == * Typed API client extended with `scripts.logs(id, opts)`, `scripts.update/remove`, and `execute(id, body, headers)`. Plain `fetch` wrapper now surfaces server-side error messages via a typed ApiError so the UI can render them. * `/` — create-script form now actually creates; on success the list reloads. List entries link to detail. * `/scripts/[id]` — new detail route: source editor with save (calls update, version bumps); Test invoke panel that sends arbitrary JSON body + headers to /api/execute and shows the response; Recent executions panel reading from /logs with expandable per-row request/response/script-log views. Delete button with confirm. SPA-routed; Caddy serves `build/` with the same index.html fallback. == (C) integration tests == * crates/picloud/tests/api.rs — 14 sqlx::test cases driving `build_app` through an axum_test::TestServer against a fresh Postgres DB per test. Covers: health, full script CRUD, duplicate-name conflict, invalid-source rejection on both create and update, execute echoing the body, status+header passthrough, 404 on missing scripts, error-path executions landing in the audit log with the right status. * Tests are `#[ignore]` by default so plain `cargo test --workspace` stays green without infrastructure. Opt-in via: `docker compose up -d postgres && \ DATABASE_URL=postgres://picloud:picloud@127.0.0.1:15432/picloud \ cargo test -p picloud --test api -- --include-ignored` Verified live through Caddy on :8000: three logged invocations land in the logs endpoint with the right structured `data` on each `log::info`/`log::warn`, error-path executions are still captured with status=error, dashboard list + SPA detail route both reachable. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-23 00:16:32 +02:00
parent 4f044e7b81
commit 777f4af628
18 changed files with 1750 additions and 178 deletions
--- a/crates/manager-core/src/api.rs
+++ b/crates/manager-core/src/api.rs
@@ -11,23 +11,27 @@ use axum::{
    routing::get,
    Json, Router,
 };
-use picloud_shared::{Script, ScriptId, ScriptValidator, ValidationError};
+use picloud_shared::{ExecutionLog, Script, ScriptId, ScriptValidator, ValidationError};
 use serde::Deserialize;

-use crate::repo::{NewScript, ScriptPatch, ScriptRepository, ScriptRepositoryError};
+use crate::repo::{
+    ExecutionLogRepository, NewScript, ScriptPatch, ScriptRepository, ScriptRepositoryError,
+};

 /// State shared by control-plane handlers. Separates concerns so the
 /// manager can validate at upload time without depending on the
 /// concrete executor-core types.
-pub struct AdminState<R> {
+pub struct AdminState<R, L> {
    pub repo: Arc<R>,
+    pub logs: Arc<L>,
    pub validator: Arc<dyn ScriptValidator>,
 }

-impl<R> Clone for AdminState<R> {
+impl<R, L> Clone for AdminState<R, L> {
    fn clone(&self) -> Self {
        Self {
            repo: self.repo.clone(),
+            logs: self.logs.clone(),
            validator: self.validator.clone(),
        }
    }
@@ -35,15 +39,23 @@ impl<R> Clone for AdminState<R> {

 /// Build the admin router. The caller (binary) chooses where to mount
 /// it (typically `Router::new().nest("/api/admin", admin_router(state))`).
-pub fn admin_router<R: ScriptRepository + 'static>(state: AdminState<R>) -> Router {
+pub fn admin_router<R, L>(state: AdminState<R, L>) -> Router
+where
+    R: ScriptRepository + 'static,
+    L: ExecutionLogRepository + 'static,
+{
    Router::new()
-        .route("/scripts", get(list_scripts::<R>).post(create_script::<R>))
+        .route(
+            "/scripts",
+            get(list_scripts::<R, L>).post(create_script::<R, L>),
+        )
        .route(
            "/scripts/{id}",
-            get(get_script::<R>)
-                .put(update_script::<R>)
-                .delete(delete_script::<R>),
+            get(get_script::<R, L>)
+                .put(update_script::<R, L>)
+                .delete(delete_script::<R, L>),
        )
+        .route("/scripts/{id}/logs", get(list_logs::<R, L>))
        .with_state(state)
 }

@@ -85,14 +97,14 @@ where
 // Handlers
 // ----------------------------------------------------------------------------

-async fn list_scripts<R: ScriptRepository>(
-    State(state): State<AdminState<R>>,
+async fn list_scripts<R: ScriptRepository, L: ExecutionLogRepository>(
+    State(state): State<AdminState<R, L>>,
 ) -> Result<Json<Vec<Script>>, ApiError> {
    Ok(Json(state.repo.list().await?))
 }

-async fn get_script<R: ScriptRepository>(
-    State(state): State<AdminState<R>>,
+async fn get_script<R: ScriptRepository, L: ExecutionLogRepository>(
+    State(state): State<AdminState<R, L>>,
    Path(id): Path<ScriptId>,
 ) -> Result<Json<Script>, ApiError> {
    state
@@ -103,8 +115,8 @@ async fn get_script<R: ScriptRepository>(
        .ok_or(ApiError::NotFound(id))
 }

-async fn create_script<R: ScriptRepository>(
-    State(state): State<AdminState<R>>,
+async fn create_script<R: ScriptRepository, L: ExecutionLogRepository>(
+    State(state): State<AdminState<R, L>>,
    Json(input): Json<CreateScriptRequest>,
 ) -> Result<(StatusCode, Json<Script>), ApiError> {
    state.validator.validate(&input.source)?;
@@ -121,8 +133,8 @@ async fn create_script<R: ScriptRepository>(
    Ok((StatusCode::CREATED, Json(created)))
 }

-async fn update_script<R: ScriptRepository>(
-    State(state): State<AdminState<R>>,
+async fn update_script<R: ScriptRepository, L: ExecutionLogRepository>(
+    State(state): State<AdminState<R, L>>,
    Path(id): Path<ScriptId>,
    Json(input): Json<UpdateScriptRequest>,
 ) -> Result<Json<Script>, ApiError> {
@@ -145,14 +157,39 @@ async fn update_script<R: ScriptRepository>(
    Ok(Json(updated))
 }

-async fn delete_script<R: ScriptRepository>(
-    State(state): State<AdminState<R>>,
+async fn delete_script<R: ScriptRepository, L: ExecutionLogRepository>(
+    State(state): State<AdminState<R, L>>,
    Path(id): Path<ScriptId>,
 ) -> Result<StatusCode, ApiError> {
    state.repo.delete(id).await?;
    Ok(StatusCode::NO_CONTENT)
 }

+#[derive(Debug, Deserialize)]
+pub struct LogsQuery {
+    #[serde(default = "default_limit")]
+    pub limit: i64,
+    #[serde(default)]
+    pub offset: i64,
+}
+
+const fn default_limit() -> i64 {
+    50
+}
+
+async fn list_logs<R: ScriptRepository, L: ExecutionLogRepository>(
+    State(state): State<AdminState<R, L>>,
+    Path(id): Path<ScriptId>,
+    axum::extract::Query(q): axum::extract::Query<LogsQuery>,
+) -> Result<Json<Vec<ExecutionLog>>, ApiError> {
+    // Cap to keep the dashboard responsive; the data plane writes are
+    // unbounded over time so a paged read is the only sane default.
+    let limit = q.limit.clamp(1, 200);
+    let offset = q.offset.max(0);
+    let logs = state.logs.list_for_script(id, limit, offset).await?;
+    Ok(Json(logs))
+}
+
 // ----------------------------------------------------------------------------
 // Errors
 // ----------------------------------------------------------------------------
--- a/crates/manager-core/src/lib.rs
+++ b/crates/manager-core/src/lib.rs
@@ -5,12 +5,14 @@
 //! manager will publish change events.

 pub mod api;
+pub mod log_sink;
 pub mod migrations;
 pub mod repo;
 pub mod scheduler;

 pub use api::{admin_router, AdminState};
+pub use log_sink::PostgresExecutionLogSink;
 pub use repo::{
-    NewScript, PostgresScriptRepository, RepoResolver, ScriptPatch, ScriptRepository,
-    ScriptRepositoryError,
+    ExecutionLogRepository, NewScript, PostgresExecutionLogRepository, PostgresScriptRepository,
+    RepoResolver, ScriptPatch, ScriptRepository, ScriptRepositoryError,
 };
--- a/crates/manager-core/src/log_sink.rs
+++ b/crates/manager-core/src/log_sink.rs
@@ -0,0 +1,57 @@
+use async_trait::async_trait;
+use picloud_shared::{ExecutionLog, ExecutionLogSink, LogSinkError};
+use sqlx::PgPool;
+
+/// Persists `ExecutionLog` rows to the `execution_logs` table.
+///
+/// In cluster mode this impl lives in the manager and is reachable
+/// from orchestrator nodes via an HTTP wrapper; in single-process MVP
+/// mode the orchestrator's `DataPlaneState` holds it directly.
+pub struct PostgresExecutionLogSink {
+    pool: PgPool,
+}
+
+impl PostgresExecutionLogSink {
+    #[must_use]
+    pub fn new(pool: PgPool) -> Self {
+        Self { pool }
+    }
+}
+
+#[async_trait]
+impl ExecutionLogSink for PostgresExecutionLogSink {
+    async fn record(&self, log: ExecutionLog) -> Result<(), LogSinkError> {
+        let headers = serde_json::to_value(&log.request_headers)
+            .map_err(|e| LogSinkError::Backend(format!("encode headers: {e}")))?;
+        let response_code = log.response_code.map(i32::from);
+        let duration_ms = i32::try_from(log.duration_ms).unwrap_or(i32::MAX);
+
+        sqlx::query(
+            "INSERT INTO execution_logs ( \
+                id, script_id, request_id, \
+                request_path, request_headers, request_body, \
+                response_code, response_body, \
+                logs, duration_ms, status, created_at \
+             ) VALUES ( \
+                $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12 \
+             )",
+        )
+        .bind(log.id)
+        .bind(log.script_id.into_inner())
+        .bind(log.request_id.into_inner())
+        .bind(&log.request_path)
+        .bind(headers)
+        .bind(&log.request_body)
+        .bind(response_code)
+        .bind(&log.response_body)
+        .bind(&log.script_logs)
+        .bind(duration_ms)
+        .bind(log.status.as_str())
+        .bind(log.created_at)
+        .execute(&self.pool)
+        .await
+        .map_err(|e| LogSinkError::Backend(e.to_string()))?;
+
+        Ok(())
+    }
+}
--- a/crates/manager-core/src/repo.rs
+++ b/crates/manager-core/src/repo.rs
@@ -1,6 +1,8 @@
+use std::collections::BTreeMap;
+
 use async_trait::async_trait;
 use picloud_orchestrator_core::{ResolverError, ScriptResolver};
-use picloud_shared::{Script, ScriptId};
+use picloud_shared::{ExecutionLog, ExecutionStatus, RequestId, Script, ScriptId};
 use sqlx::PgPool;

 #[derive(Debug, thiserror::Error)]
@@ -217,3 +219,102 @@ impl<R: ScriptRepository> ScriptResolver for RepoResolver<R> {
            .map_err(|e| ResolverError::Backend(e.to_string()))
    }
 }
+
+// ----------------------------------------------------------------------------
+// Execution log repository (read side)
+// ----------------------------------------------------------------------------
+
+/// Read-side access to the `execution_logs` table. Writes go through
+/// `PostgresExecutionLogSink` so the read and write paths can diverge
+/// in cluster mode without disturbing this trait.
+#[async_trait]
+pub trait ExecutionLogRepository: Send + Sync {
+    async fn list_for_script(
+        &self,
+        script_id: ScriptId,
+        limit: i64,
+        offset: i64,
+    ) -> Result<Vec<ExecutionLog>, ScriptRepositoryError>;
+}
+
+pub struct PostgresExecutionLogRepository {
+    pool: PgPool,
+}
+
+impl PostgresExecutionLogRepository {
+    #[must_use]
+    pub fn new(pool: PgPool) -> Self {
+        Self { pool }
+    }
+}
+
+#[async_trait]
+impl ExecutionLogRepository for PostgresExecutionLogRepository {
+    async fn list_for_script(
+        &self,
+        script_id: ScriptId,
+        limit: i64,
+        offset: i64,
+    ) -> Result<Vec<ExecutionLog>, ScriptRepositoryError> {
+        let rows = sqlx::query_as::<_, ExecutionLogRow>(
+            "SELECT id, script_id, request_id, \
+                    request_path, request_headers, request_body, \
+                    response_code, response_body, \
+                    logs, duration_ms, status, created_at \
+             FROM execution_logs \
+             WHERE script_id = $1 \
+             ORDER BY created_at DESC \
+             LIMIT $2 OFFSET $3",
+        )
+        .bind(script_id.into_inner())
+        .bind(limit)
+        .bind(offset)
+        .fetch_all(&self.pool)
+        .await?;
+
+        Ok(rows.into_iter().map(Into::into).collect())
+    }
+}
+
+#[derive(sqlx::FromRow)]
+struct ExecutionLogRow {
+    id: uuid::Uuid,
+    script_id: uuid::Uuid,
+    request_id: uuid::Uuid,
+    request_path: Option<String>,
+    request_headers: serde_json::Value,
+    request_body: Option<serde_json::Value>,
+    response_code: Option<i32>,
+    response_body: Option<serde_json::Value>,
+    logs: serde_json::Value,
+    duration_ms: i32,
+    status: String,
+    created_at: chrono::DateTime<chrono::Utc>,
+}
+
+impl From<ExecutionLogRow> for ExecutionLog {
+    fn from(r: ExecutionLogRow) -> Self {
+        let headers: BTreeMap<String, String> =
+            serde_json::from_value(r.request_headers).unwrap_or_default();
+        let status = match r.status.as_str() {
+            "success" => ExecutionStatus::Success,
+            "timeout" => ExecutionStatus::Timeout,
+            "budget_exceeded" => ExecutionStatus::BudgetExceeded,
+            _ => ExecutionStatus::Error,
+        };
+        Self {
+            id: r.id,
+            script_id: r.script_id.into(),
+            request_id: RequestId::from(r.request_id),
+            request_path: r.request_path.unwrap_or_default(),
+            request_headers: headers,
+            request_body: r.request_body.unwrap_or(serde_json::Value::Null),
+            response_code: r.response_code.and_then(|c| u16::try_from(c).ok()),
+            response_body: r.response_body,
+            script_logs: r.logs,
+            duration_ms: u64::try_from(r.duration_ms).unwrap_or(0),
+            status,
+            created_at: r.created_at,
+        }
+    }
+}