1f78937dd2
Inbound email: a provider POSTs a normalized JSON message to
POST /api/v1/email-inbound/{app_id}/{trigger_id}; the public receiver
verifies the optional HMAC signature, builds a TriggerEvent::Email, and
enqueues an outbox row the dispatcher delivers like any async trigger.
Handlers see ctx.event.email = #{from,to,cc,subject,text,html,
received_at,message_id}.
- migration 0024: widen triggers.kind + outbox.source_kind CHECKs to
'email'; new email_trigger_details table.
- TriggerKind::Email, TriggerDetails::Email{has_inbound_secret},
OutboxSourceKind::Email, TriggerEvent::Email; dispatcher routes the
email row via the generic resolve_trigger path.
- Admin POST /apps/{id}/triggers/email (validate_trigger_target; module
+ cross-app rejection). inbound_secret is stored ENCRYPTED via the
master key (deviation from the brief's plaintext default; decrypted
per inbound request — see HANDBACK §7).
- Dashboard: email trigger form on the Triggers tab + webhook URL +
expected-payload help.
- 8 DB-gated e2e tests (202/401/404/422/cross-app/handler-fire) +
receiver unit tests (HMAC verify, secret round-trip, payload parse).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
PiCloud Dashboard
SvelteKit SPA for the PiCloud control plane.
Stack
- SvelteKit 2 with
adapter-static(SPA fallback) - Svelte 5 (runes)
- TypeScript
- Vite
Scripts
npm install
npm run dev # vite dev server on :5173, proxies /api → PICLOUD_API
npm run build # static SPA bundle into ./build/
npm run check # svelte-check
npm run lint
npm run format
By default npm run dev proxies /api/* and /healthz to
http://127.0.0.1:18080. Override with PICLOUD_API=http://host:port npm run dev.
How it fits in
In production Caddy serves the contents of ./build/ as static files and
falls back to index.html for client-side routing. The dashboard only
talks to the control plane (/api/admin/* on the manager); data-plane
invocations go through /api/execute/* on the orchestrator and are not
issued from the dashboard directly during MVP.